Hi all,
I wonder if this issue may be part of domainrep, as an intermediate 
step toward collaborative domain reputation tracking.  As concisely as 
I can, the issue is as follows:

   To modify usual opt-in mechanisms so as collect and share
   evidence about subscription requests.  This revised opt-in
   mechanism is to be standardized and applies equally well
   to mailing lists, newsletters, and bulk email of any kind.

The rationale should be self evident, especially considering that 
opt-in is mandatory in some countries --how can it ever be enforced if 
accuseds can only produce their own word?  More reasons below, 
including why opt-in may be relevant for domain reputation.

*message streams*
List Domain Signing Practices have been aired on the DKIM mailing 
list, hypothesizing possible relationships between the domain in 
List-Id or List-Post header fields and the d= tag.  Perhaps, that idea 
has to be revised, as newsletters don't often sport List-* fields.

I think we agree that it is fairly easy to mechanically identify 
whether a message belongs to a given message stream.  For opt-in 
purposes, we need a statement that identifies a given list with a 
specific message stream.

*why would MLMs change their behavior*?
This opt-in revision provides a receipt that a sender can use to 
respond to any charge of illicit sending, including abuse reports. 
Perhaps, this is more of a relief for newsletters than mailing lists 
proper.

By cooperating with target MTAs, mailing lists can provide a better 
user experience, e.g. by avoiding vacation messages, easier delivery 
to specific folders and whitelisting.

Reasons why subscribers or MLMs may want to keep subscription data as 
secret as possible may originate from fear of discrimination, or 
commercial competition concerns.  Divulging data to reputation 
trackers is not strictly necessary, in case such issues cannot be 
overcome.

*reputation as abidance*
A receipt --the evidence that a user opted in-- is a very interesting 
piece of data.  Adding them up results in the number of subscribers. 
Weighting that with the number of dubious deliveries can lead to 
determining a fairly good reputation measure, ranging 0 to 1 as 
Nathaniel said it should.

What is a dubious delivery (DD)?  Obviously, a delivery of a message 
that belongs to a list stream that the recipient hasn't subscribed to. 
  DDs can be detected by MDAs even with no human intervention:  That's 
what makes the resulting measure fairly good.  At 100% adoption it 
would be exact.

Note that a sender doesn't have to be scored 1.0 to be whitelisted.  A 
reasonable amount of "auto-subscriptions" can be tolerated, and users 
may be required to confirm them within a few DDs.

Bad guys can game such systems by creating huge sets of fake 
subscribers, so that real DDs always weight low in comparison. 
However, each ADMD can track its own partial view of reputation, and 
possibly exchange it with others in its network of trust, as already 
discussed on this list.  A rater can tell apart the good from the bad 
by monitoring automated feedback loops.

*conclusions*
Thus far, I've only spelled some requirements:  ADMD's mail servers 
should be involved in certifying a user's subscription.  We don't need 
a Global Mailing Lists Registry, but having some trusted raters would 
be a Good Thing (TM).

Implementation could be as simple as signing subscription requests and 
adding some CCs, or provide for a full blown subscription management 
protocol.

Would this fly?