Home DM3Z BLOG Messaging

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

Evangelizing Best Practices Around the Globe – Taking Operation Safety-Net on the Road

Submitted by M3AAWG on Nov 16, 2016

[Author’s note: As I write this in October, the second massive denial of service attack in two weeks threatening to take down significant sections of the internet has just ended. Could full implementation of Operation Safety-Net have prevented this?

Categories: 
Awards, best practices, botnets, encryption, global outreach, hosting best practices, Messaging, pervasive monitoring, Public Policy, Spam
Tags: 
best practices, Messaging, bots, malware, cybersecurity, spam

SMTP and Enhanced Security

Submitted by M3AAWG on Apr 04, 2016

Over the past few years, the Pervasive Monitoring SIG within M3AAWG has worked to educate members and the community at large about better practices for message encryption and data privacy.  Messaging abuse, such as Man-in-the-Middle attacks, continues to threaten end-users and make confidential personal and business data more accessible to cybercriminals. After the revelations made by various whistleblowers around the world, we now know that we’re being watched at an ever-increasing rate, and even if we believe we’re innocent, our privacy could be violated without just cause. read more

Categories: 
encryption, Messaging, new work, SMTP
Tags: 
Messaging, cybersecurity, encryption, new work

Protecting Against Pervasive Monitoring – The Journey Continues

Submitted by M3AAWG on Nov 06, 2015

Ongoing disclosures about the pervasive monitoring of email, voice and other network traffic remain an industry concern and major companies in the online ecosystem have been publicly identified as specific targets for non-consensual eavesdropping activity.  As a result, both the general public and various technical communities have a heightened interest in implementing measures that could protect operational security and customer privacy.

Categories: 
pervasive monitoring, Messaging, SMTP, encryption
Tags: 
Messaging, cybersecrity, encryption

M3AAWG Endorses "Keys Under Doormats" End-to-End Encryption Recommendations

Submitted by M3AAWG on Aug 07, 2015

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) supports the use of effective, end-to-end encryption. Mechanisms that intentionally compromise encryption put that effectiveness at risk. Therefore M3AAWG endorses the recommendations in the recent paper "Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications" written by 15 noted security experts.

Categories: 
encryption, Messaging, pervasive monitoring
Tags: 
encryption, cybersecurity, anti-abuse, Messaging, pervasive monitoring

New Pervasive Monitoring SIG Urges You to Turn on Opportunistic TLS Now

Submitted by M3AAWG on Dec 18, 2014

Over the past year or so, messaging security and encryption has been increasingly in the spotlight.   We now send and receive more data over the Internet than ever before, yet until recently, email messages have been typically transmitted in clear text. This lack of encryption allows any interested party with just a little know-how and some basic equipment to potentially intercept the content therein: they can read personal information, bills, social media notices, birthday invitations, promotional material and even access pictures of loved ones or other sensitive attachments.  

Categories: 
best practices, Messaging, pervasive monitoring

The Inside Story from Edward Snowden's Lavabit Email Service Operator, Ladar Levison

Submitted by M3AAWG on Aug 13, 2014

M3AAWG has a long history of featuring diverse keynotes as part of its members-only meetings, with speakers ranging from noted cybersecurity journalist Brian Krebs to General David B. Warner of the U.S. Air Force Space Command (AFSC) to Canadian Privacy Commissioner Jennifer Stoddart, among others.

Categories: 
Messaging, Public Policy

Hands-On with DMARC (Domain-based Message Authentication, Reporting & Conformance)

Submitted by Amy Cadagin on May 07, 2013

Since the public launch of the DMARC specification in January 2012 (http://www.dmarc.org), DMARC has become a highly requested topic for discussion and training at M3AAWG meetings.

Categories: 
Messaging, DMARC

The views expressed in DM3Z are those of the individual authors and do not necessarily reflect M3AAWG policy.

Subscribe to Messaging