It appears that Michael Thomas <mike@mtcc.com> said:
I kind of get the impression that once you get to aggregates at the domain level like DKIM or SPF, addresses as a reputation vehicle don't much figure into decision making.
It definitely does, since there are plenty of IPs that send only malicious mail, or that shouldn't be sending mail at all. Every large mail system uses Spamhaus' IP lists as part of their filtering process. I hear that SPF is largely useless these days because most SPF records include IP ranges for many mail providers, and a lot of those providers do a poor job of keeping one customer from spoofing mail from another. DKIM is still quite useful. K. But what happens under the hood at
major mailbox providers is maddeningly opaque so who really knows? It would be nice if MAAWG published a best practices or something like that to outline what is actually happening in live deployments.
Unfortunately, spammers can read just as well as we can so it's not going to happen. R's, John