Home Messaging

Below are the M3AAWG published materials related to our messaging anti-abuse work. There is also a Messaging video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.

Best Practices

PDF
December 30, 2017

M3AAWG Recommendations for Senders Handling of Complaints

Email abuse rates can significantly affect a sender’s reputation and, consequently, its ability to deliver customers’ emails to the inbox. This paper explains some of the common processes senders can use to effectively manage and monitor email complaints and to help their customers, who are the list owners, develop healthy email practices that generate better results.
of email lists.

PDF
November 03, 2017

M3AAWG Recommendation on Web Form Signup Attacks

Many list web forms provoke an email confirmation to the subscriber's email address provided in the form but malicious entities are now using this feature to do bulk form submissions with forged addresses that flood the subscriber’s inbox. M3AAWG members collaborated across the industry to propose a header as an initial step that hosting and sending companies can implement to help protect against these attacks. The header allows receivers to identify floods of mail coming from sign-up forms that are bombarding victim mailboxes.

PDF
August 30, 2017

M3AAWG Best Practices for Managing SPF Records

This document covers best practices on how to properly construct and maintain an SPF record, common errors and some unintended consequences.  It is targeted at those with a basic understanding of the purpose and usage of SPF.

PDF
July 31, 2017

M3AAWG Best Practices for Implementing DKIM To Avoid Key Length Vulnerability, Revised July 2017

Due to disclosed vulnerabilities associated with the use of short DKIM keys, organizations should review their DKIM email authentication implementation based on these best practices updated in July 2017.  Also see a short video on this issue at the M3AAWG YouTube Channel (www.youtube.com/maawg).

PDF
March 31, 2017

M3AAWG Describes Costs Associated with Using Crypto

This document describes the budget and other costs associated with using cryptography to help make informed decisions when deploying encryption.

Pages

Public Policy Comments

January 26, 2018

Proposed Interim Models for Compliance with ICANN Agreements and Policies in Relation to the EU's GDPR

M3AAWG provided comments on the ICANN report.  The filed comments also are available on the ICANN website at https://www.icann.org/resources/pages/gdpr-legal-analysis-2017-11-17-en

August 30, 2017

M3AAWG Comments to FTC on CAN SPAM 2017

M3AAWG submitted these comments in response to the U.S. Federal Trade Commission's request for comments on 16 CFR Part 316 of the CAN-SPAM Rule.  The comments can be viewed on the FTC site at https://www.ftc.gov/policy/public-comments/2017/08/30/comment-87

August 27, 2017

M3AAWG Comments on Restoring Internet Freedom

M3AAWG responded to the Federal Communications Commission's May 2017 Notice of Proposed Rulemaking (“NPRM”) relating to net neturality that was titled Restoring Internet Freedom.  Our comments can also be found on the FCC site at https://www.fcc.gov/ecfs/filing/1082812398671.

 

August 27, 2017

M3AAWG Comments on Restoring Internet Freedom

M3AAWG responded to the Federal Communications Commission's May 2017 Notice of Proposed Rulemaking (“NPRM”) relating to net neturality that was titled Restoring Internet Freedom.  Our comments can also be found on the FCC site at https://www.fcc.gov/ecfs/filing/1082812398671.

 

Pages

M3AAWG Reports

M3AAWG Email Metrics Report

July 01, 2009

First and Second Quarter 2009

December 30, 2008

Third and Fourth Quarter 2008

June 30, 2008

Second Quarter 2008

March 31, 2008

First Quarter 2008

December 31, 2007

Third and Fourth Quarters 2007

Pages

DM3Z Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

M3AAWG has a long history of featuring diverse keynotes as part of its members-only meetings, with speakers ranging from noted cybersecurity journalist Brian Krebs to General David B. Warner of the U.S. Air Force Space Command (AFSC) to Canadian Privacy Commissioner Jennifer Stoddart, among others.

Categories: 

Since the public launch of the DMARC specification in January 2012 (http://www.dmarc.org), DMARC has become a highly requested topic for discussion and training at M3AAWG meetings.

Categories: 

Pages

News

Articles About M3AAWG

URL
November 13, 2017

Hackers Shut Down ProPublica’s Email For a Day. Here’s How to Stop Attacks Like That.

ProPublica's Julia Angwin augments her earlier "list bomb" article with information on what can be done to prevent these attacks. 

URL
November 09, 2017

How Journalists Fought Back Against Crippling Email Bombs

ProPublica journalist Julia Angwin describes how she and colleages were "list bombed" and talks about the growing problem, including a preventive strategy developed by M3AAWG.
 

Subscribe to Subscribe to News Releases