Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

Email security professionals have long been worried about attackers abusing shared SPF authorization within a multitenant hosting service. When many customers share the same infrastructure, there are increased concerns about abuse. Just such an attack against members sharing the same sending servers led to a deep dive session on the topic at the recent M3AAWG 51 meeting. During the panel discussion, the security analysts who detected the attack explained what they found, and participants from the abused hosting service shared lessons learned with the broader community.


The views expressed in DM3Z are those of the individual authors and do not necessarily reflect M3AAWG policy.

Subscribe to SMTP