>"The spam problem would [...] probably almost go away, [...] if DMARC was rolled out everywhere in order to verify if messages come from legitimate domains, it would be a major blow to spam distributors"
Except we can already deal with that type of spam using RBL and other methods. The majority of spam that remains is the worst kind- from businesses sending us endless marketing crap from legitimate domains, claiming we "opted in", which of course we did not. Every single place we interact with demands a verified Email address- for every account, for every transaction, for every service. And many companies happily spam us to death with it and even sell the information to other companies too.
The marketing companies take no responsibility, because they now increasingly use third-parties to deliver that crap. It used to be fairly easy- block marketing companies like Constant Contact and their ilk. But now they moved to some "too big to block" services- like Google, Microsoft, and Amazon's infrastructure.
There is more than one type of spam. There is no one magic solution. It is no different than caller ID- Even if we could force it to be 100% correct all the time, do you really think that will stop unsolicited calls? Nope.