It appears that Michael Thomas via NANOG <nanog@lists.nanog.org> said:
Email doesn't even have that. Thunderbird, which is what I use, has precisely *nothing* to say about DKIM/SPF/DMARC.
Well, yeah. As you surely know as well as anyone, if a message is authenticated that tells you nothing about whether it's mail you want or mail that's malicious. For that you need a reputation system that knows something about the domain that's authenticated. That seems a lot easier to do at delivery time and put the bad ones in the Junk folder, or don't deliver them at all.
Do you have any visibility into, say, MAAWG and why they don't take this up as a standards effort?
Honestly, they'd just laugh. It's not a new idea, and there is a great deal of experience that says asking users to make security decisions in the UI mostly adds confusion. On the other hand, if you use Thunderbird, I don't think it'd be very hard to write a plugin that looks at the Authentication-Results: header and adds locks or skulls and crossbones to the message display. Try it, tell us how you like it. You can start with this one: https://addons.thunderbird.net/en-US/thunderbird/addon/dkim-verifier/ R's, John