Below are the M3AAWG published materials related to our messaging anti-abuse work. There is also a Messaging video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.
Passwords are used virtually everywhere. This document provides password requirement recommendations for ISPs and other providers and briefly describes the risk model of using passwords to provide authorized or secure access to resources. It aims to improve end-user security by encouraging strong passwords.
While passwords are the default solution for securing users' accounts today, they have many shortcomings and most can be easily cracked. M3AAWG believes the time has come for providers to require multifactor authentication, instead of simple passwords, to enhance protection of services with a history or substantial risk of account compromise.
Updated in August 2016 as Version 1.2.0, this document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control.
WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.
M3AAWG outlines the key characteristics of traffic analysis attacks, discusses potential ways to avoid them, and considers the advantages and disadvantages of deploying preventative measures.
Public Policy Comments
Submitted to RIPE in August 2012
Response to RIPE’s proposal to introduce a new contact attribute named "abuse-c
Response to the final report from the ICANN WHOIS Policy Review Team
Submitted to U.S. Congress committees on the judiciary in December 2011
MAAWG outlined technical issues with S.968, Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, and H.R.3261, Stop Online Piracy Act, in a letter to the judiciary committees of the U.S. Senate and U.S. House of Representatives.
Submitted to ICANN in November 2011
Responses to ICANN on issues in the draft report covering the intrnationalization of domains can be read on the draft report comment site at http://forum.icann.org/lists/ird-draft-final-report/
MAAWG Comments on Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware
Submitted to NIST in November 2011- Responding to a Request for Information from the U.S. Department of Commerce (DoC) and U.S. Department of Homeland Security (DHS), the comments are also available on the NIST site.
MAAWG Evolves into M3 Tackling Messaging, Malware, Mobile; Breaking through “Silo” Thinking, Pushes Industry to Better Cooperation
MAAWG Hosts Joint European Meeting with LAP/EU CNSA; French Officials to Address Paris Summit on Spam and Malware
Articles About M3AAWG
ProPublica's Julia Angwin augments her earlier "list bomb" article with information on what can be done to prevent these attacks.
ProPublica journalist Julia Angwin describes how she and colleages were "list bombed" and talks about the growing problem, including a preventive strategy developed by M3AAWG.