Author: Severin Walker, M3AAWG Chairman

As we’re approaching M3AAWG’s milestone 50th General Meeting on October 12-15, we’ve invited members – both veterans and newcomers – to celebrate the journey of M3AAWG from its humble beginnings to becoming the largest anti-abuse consortium in the world. To capture all the characteristics and memories that make M3AAWG special, we’ve asked M3AAWG founding members, former and current chairpeople, and officers to share their perspectives. In this post, we’ll share highlights of our founding story from those who helped build the organization, including the organization's conception, growth, and where we are today.

We invite all of our members to share their thoughts with us. What are some of your favorite moments? What do you appreciate most about M3AAWG? How has M3AAWG shaped your work and your career? Let us know on social channels using #M3AAWG50 and feel free to tag our profile. We look forward to hearing your stories and continuing the celebration at our 50th General Meeting. 

M3AAWG’s Early Days
M3AAWG – just as it functions today – was the product of anti-abuse professionals coming together to address online abuse through knowledge sharing. While it’s easy to visualize this industry collaboration now, it was much harder 16 years ago before the organization was founded. 

In the early 2000s, it became clear that email service providers were facing a serious problem in spam. As problems persisted, a growing number of service providers were interested in establishing a forum to collaboratively address the global spamming issue. Immediately, it was clear that there was a serious issue in these meetings – none of the service providers could contribute without legal counsel; greatly limiting the information that could be shared due to antitrust concerns. While the meetings were limited, the idea behind them interested many within the anti-spam community and set in motion the founding of the Messaging Anti-Abuse Working Group. 

Starting an international organization that broke industry conventions was no small feat, but many understood the value that an open, collaborative environment could provide in addressing spam. That’s not to say collaboration wasn’t happening – industry insiders were constantly connecting through back-channels to share solutions and understand how they could better protect their own systems. But to do this is an open-forum, accessible to all, would greatly increase knowledge sharing and help to better protect the online ecosystem. 

Dennis Dayman, then Security and Legal Compliance Analyst at Verizon Online, and Sam Silberman, Software Architect at Openwave Systems, Inc., as well as several others, knew that it would take collective effort to jumpstart this initiative. At the rag-tag organization’s first meeting on a frigid Boston morning, a handful of professionals from Internet Service Providers (ISPs) came together to establish the DNA of MAAWG. 

“What’s interesting is that many of us hadn’t met in person before the first meeting. For all of us, it was an exciting opportunity to come together and discuss the work we were doing in these specialized – and often secretive – roles at our companies. Even in our small group, we recognized the value in having these meetings to safely share your experiences and insights to support our common goals, and help protect the internet as a resource for ourselves, our customers and the world as we knew it.” – Dennis Dayman

The group established the framework for the Board, set a budget, and workshopped how the organization would come together. Given that each attendee had a full time job, the question of management loomed, and while some figured the group was so small it wouldn’t need management, the group – thankfully – came to an agreement on an executive director: Jerry Upton.

“We wanted to create a place where industry professionals could come together to fight online abuse. It was clear that there was a need, and we had the professionals and support we needed to make it happen. That being said, we faced the challenge of not having the broad membership we needed to quickly scale our organization. So we set out to recruit members that we would embrace our vision and support our anti-abuse efforts.” – Jerry Upton

Upton led the organization’s launch at the first official meeting in Washington, D.C. in May 2004. The kickoff meeting saw the signing of MAAWG’s first five members and helped to answer a looming question: what do members need from the organization? Coming out of the meeting, the organization had a clear mission in providing value to its members, primarily focused on:

• Bringing together messaging industry professionals to work collaboratively to address messaging abuse. This would be the lifeblood of MAAWG – a place where professionals could shed their allegiances (and legal counsel) to build collective solutions to online abuse; with the promise that all information would remain privileged.
• Creating shared best practices, policies, and technical solutions that are broadly supported. The result of our work would set the course for the industry as a whole – through collective action and evangelism, our standards and best practices would support the industry in better protecting end-users.
• Working globally on initiatives in three areas: Collaboration, Technology, and Public Policy. By collaborating to build collective solutions to the largest challenges facing the technology industry, we knew we’d better be able to support regulators and shape informed, effective public policy.
• Focusing on successfully addressing the issues that are facing service providers and their customers. To increase the value we deliver to our members, while simultaneously fulfilling our commitment to protecting end-users, we knew our work had to focus on addressing the challenges service providers were facing in preventing abuse against end-users.
• Addressing messaging abuse, including but not limited to spam, denial-of-service attacks, virus attacks, and account takeovers. While the organization was founded around a need to address rampant spam abuse, other forms of online abuse persisted and threatened the privacy and security of end-users, and it was clear that we could have a great impact in shaping the prevention of all forms of online abuse.

MAAWG Becomes M3AAWG
As MAAWG continued to grow alongside the messaging industry, we knew that we provided a unique venue for the industry at-large. Messaging abuse was one of many challenges that our members faced, and as threats evolved we knew that we must evolve with them. In 2011, MAAWG, in an effort spearheaded by Chairman Michael O'Reirdan, expanded upon its messaging anti-abuse work to include malware and mobile, becoming the M3AAWG that you know today.

“MAAWG had an impact well beyond its size. In the organization’s early years, we helped to tame the flood of spam that email service providers (ESP) were facing, and provided guidance for regulators, legislators and ESPs to implement standards and develop policies that would help to better protect end-users online. As MAAWG grew from just addressing the issues of email spam to looking at the problems of malware and mobile messaging, we managed to bring together a coalition of partners all eager to address abuse across the Internet.” – Michael O’Reirdan

O'Reirdan made it clear that this was not a superficial effort to rebrand the organization and took immediate steps to accelerate M3AAWG’s cross-discipline collaboration to combat emerging threats and protect end-users. The reshaped organization got to work at the 24th General Meeting in San Francisco, launching exploratory sessions in the Senders Committee and Collaboration Committee around mobile and malware to identify specific issues and begin working towards solutions. Additionally, the Technical Committee hosted speaker sessions to go in-depth on bots, Android threats and other related topics.

“The expansion of MAAWG to M3AAWG was critical to the growth and success of the organization, and the Technical Committee played a central role in the transformation. At launch – and still today – committee chairs were responsible for both exploring and presenting the newest technologies and ideas to inform members on ways to detect and prevent online abuse. By facilitating presentations from academics and industry professionals, with no commercial pitches, we’ve led the charge in developing and sharing the latest industry best practices. Looking back, our commitment to non-promotional knowledge sharing has been central in attracting quality research and providing a differentiated experience for our members.” – Sam Silberman

These Committees continue this work in many different forms today, alongside others focused on Data and Identity Protection, Hosting, and Diversity and Inclusion, among other areas that are constantly facing new cybersecurity challenges. From having three committees in 2005, to now having 16 Special Interest Groups (SIGs) and Committees, M3AAWG has greatly expanded its anti-abuse initiatives to tackle a comprehensive list of security challenges that professionals across the online ecosystem are working to combat.

M3AAWG Today
M3AAWG has experienced tremendous growth since our founding and so has the broader online ecosystem. This is best highlighted in the evolution between the agendas of our First and 50th General Meetings. From one day of sessions including “Towards a World without Spam and Viruses” and “Sender Authentication: The Holy Grail?” in 2004, to now having three full days of sessions like Artificial Intelligence: Flaws, Faux Pas and Successes and Voting in the Age of COVID-19; we’ve greatly expanded our efforts to support our members in preventing online abuse and prepare for emerging threats and technologies. 

“Through the years, I’ve been energized by M3AAWG’s openness to explore “radical” ideas to combat emerging threats. Today, M3AAWG serves as the blueprint for collaboration amongst cybersecurity experts. No matter the protocol or attack vectors, engineers and analysts can always benefit from our existing work and our model of operation. As we look towards the future, the protection of professional, social, and educational platforms that have become integral to life around the globe will be a central focus of our work. By expanding our scope where needed, supporting the establishment and work of similar regional working groups, and facilitating industry collaboration, we’ll continue to deliver on our promise to build a better, safer online ecosystem for all.” – Severin Walker

From the first official meeting in which we signed our first five members, to now having over 265 member organizations across the globe, M3AAWG’s mission to build a safer online ecosystem through collaboration has resonated within the anti-abuse community and shaped today’s online experiences. 

While M3AAWG was founded in response to the problem of spam emails, we’ve evolved alongside the online ecosystem and are actively combatting online abuse in all its forms. Today, messaging reaches nearly every aspect of our daily lives, and M3AAWG’s work is as important as ever. With the growth of mobile phones and connected devices, messaging applications, social media, IoT, Quantum Encryption, among a plethora of other advancements, our work will continue so long as cybercrime threatens the privacy and security of end-users.

“I was fortunate enough to join M3AAWG in 2006 as the organization was gaining momentum and expanding its area of focus, with committees and SIGs being formed to address emerging challenges in online abuse. Professionals were drawn to M3AAWG for its collaborative culture, and were ready to roll up their sleeves and do work to better protect the online ecosystem. Today, M3AAWG is the premiere anti-abuse organization because of its collaborative work, and the continued dedication of our members to fight abuse in all its forms. M3AAWG is more than an organization – we’ve become a large family of like-minded people fighting for similar goals and I’m proud to be a part of such an amazing group of people.” – Amy Cadagin

While we surpass the 16 year mark and go beyond our 50th General Meeting, we’re proud that through it all, M3AAWG’s DNA has remained true to its focus on collaboration, technology and public policy. While nobody could have expected the organization to grow as large as we have when our founding members first met in an airport hotel in Boston, we’re honored to have been a part of online history and are excited to continue working with our members to build a better, safer online ecosystem for all.