Skip to Content

DM3Z
Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

Aug 12, 2013

M3AAWG was formed almost ten years ago over concerns that email, one of the Internet’s two “killer apps” at the time, might collapse due to out-of-control volumes of spam. Fortunately today, even with vastly more spam bombarding the networks, our operator members report they’re now able to stop about 90 percent of abusive messages before they reach users’ inboxes, per our email metrics reporting program.

From this real-world perspective, it has become clear that one of the most effective tools in the ongoing fight against spam and malware has been the voluntary adoption of the proven methodologies outlined in industry best practices.  The Internet community’s greatest resource in confronting online threats has always been the dedicated, unsung heroes who successfully battle spammers and other cybercriminals as part of their daily jobs then come together in associations like M3AAWG to share and distribute their knowledge in these documents and white papers.  Like many industry organizations, we have worked hard to foster a trusted, vetted environment suitable for sharing timely threat information and have developed a process to distill industry experience on what works and what...

Public Policy, spam
Jul 12, 2013

Concerned about malware and spam in India, one of the fasting growing online markets in the world?  Do you have connections with Internet companies in the region or are you associated with an Internet company in India? 

We invite you and your colleagues to the latest Indian Anti-Abuse Working Meeting on August 4 in Mumbai, India, hosted by M3AAWG with sponsorship from Afilias.  This is the second in a (hopefully) long series of working meetings where we at M3AAWG plan to engage closely with our counterparts in the Indian messaging, ISP, data center, cellular carrier and email marketer industries.

The upcoming M3AAWG meeting will be held back-to-back with SANOG (www.sanog.org), the largest ISP network operations conference in the South Asian region.  We have an agenda that is being actively developed and includes speakers such as:

·   Animesh Bansriyar, Cloudmark Security Architect, presenting on mobile anti-abuse mitigation...

May 19, 2013

Over the past few years, and particularly these past six months, there’s been an uptick in abused systems and abusive clients taking up residence on systems in hosting and data centers. To expedite a community effort in remediating some of these attacks, we have launched a new M3AAWG Hosting SIG with these initial activities:

  • Developing best practices: Hosting companies have a different business model that demands specific types of approaches, and it is critical to bring together people with expertise and up-to-date experience in the hosting business. We plan to review historical documents as a potential starting point for the discussion on a new set of best practices developed with the full participation of the sector’s stakeholders.
  • Working sessions at upcoming M3AAWG meetings:  We are organizing some Birds of a Feather lunch meetings during the M3AAWG General Meeting this June in Vienna and at our October meeting in Montreal.  We invite interested parties to join us as we begin discussions on the best practices document and in defining future needs. 

We are approaching this important work in true M3AAWG collaborative...

May 07, 2013

Since the public launch of the DMARC specification in January 2012 (http://www.dmarc.org), DMARC has become a highly requested topic for discussion and training at M3AAWG meetings. With the benefit of several Round Table and main session tracks at our meetings in San Francisco and Berlin, along with numerous presentations at other industry forums, DMARC experts Michael Adkins and Paul Midgen brought their accumulated experience to the 26th M3AAWG conference in Baltimore in October 2012. 

Their training seminar is a now available as a video series on the M3AAWG website and covers:

  • What is DMARC?
  • Is DMARC right for my domain/users/usage?
  • How do I implement DMARC?

There are sections of the seminar that address the needs of receivers, and others that focus on what senders need to know. The session also covers the reporting aspect of DMARC, which is a key element to allow implementers to gain the insights necessary to safely consider any receiver-actionable levels in the DMARC spectrum.

The two-and-a-half hour training session has been broken up into more manageable lengths for web viewing.  You can find the videos at:...

Training
Oct 17, 2012

The idea of informing network owners’ abuse departments about malicious incidents is not new, but still a very effective and the most inexpensive way of letting people in charge know that there is something wrong in their own network (http://www.ietf.org/rfc/rfc2142.txt).  Actually, it is one of the best methods to help enforce security on the Internet in a self-regulating way.  The industry has propagated data sharing and global reporting of spam and other network incidents for years, yet has often been struggling due to the inability of finding the responsible points of contact in the RIR’s (Regional Internet Registry’s) WHOIS.

For example, the automatic and manual discovery of an abuse contact for a RIPE registered number resource is not really an easy task these days. The logic you need to parse through all the related WHOIS objects is sometimes more than inconvenient. There are too many possible places where an abuse contact can be published. It can be an IRT Object (Incident Response Team) or maybe an abuse-mailbox attribute in an IRT Object, or in any other object or even in a remark field in any given object. Since one resource can have more than one object, it happens that you get more...

Abuse Reporting, RIPE, WHOIS
Oct 16, 2012

We have a saying in M3AAWG:  What goes on at M3AAWG, stays in M3AAWG.  Anyone who has attended one of our meetings knows that we work hard to create an environment of respect and confidentiality.  We see our organization as a forum where the anti-abuse industry can come together to address both current and evolving issues in a candid, productive dialogue. 

Yet, much of what we do in M3AAWG is also publicly accessible.  We make our technological expertise widely available to the industry in the commentary we provide on government and public policy initiatives. We partner and participate in other industry organizations, such as the U.S. FCC’s CSRIC, where many of our members were deeply involved in creating the first voluntary code for ISPs, the Anti-Bot Code of Conduct for Internet Service Providers (ABCs for ISPs). We contribute to global best practices and support anti-abuse efforts worldwide, such as a major presentation on bot issues M3AAWG Chairman Michael O’Reirdan made to the Organisation for Economic Co-operative Development (OECD) in 2011, with a second...

M3AAWG, MAAWG
Syndicate content