Home Messaging

Below are the M3AAWG published materials related to our messaging anti-abuse work. There is also a Messaging video playlist on our YouTube channel at www.youtube.com/maawg and there are a few selected videos on our website in the Training Videos and Keynotes Videos sections under the Meetings menu tab.

Best Practices

PDF
February 20, 2017

M3AAWG Multifactor Authentication Recommendations

While passwords are the default solution for securing users' accounts today, they have many shortcomings and most can be easily cracked.  M3AAWG believes the time has come for providers to require multifactor authentication, instead of simple passwords, to enhance protection of services with a history or substantial risk of account compromise. 

PDF
August 12, 2016

M3AAWG Best Current Practices For Building and Operating a Spamtrap, Ver. 1.2.0

Updated in August 2016 as Version 1.2.0, this document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control.

PDF
July 14, 2016

Using Generic Top Level Domain Registration Information (WHOIS Data) in Anti-Abuse Operations

WHOIS information plays a key role in determining where to report instances of abuse involving domain names. This paper explains some of the important WHOIS elements used to fight spam, phishing, malware distribution and other threats.

PDF
June 15, 2016

M3AAWG Introduction to Traffic Analysis

M3AAWG outlines the key characteristics of traffic analysis attacks, discusses potential ways to avoid them, and considers the advantages and disadvantages of deploying preventative measures.

PDF
February 07, 2016

M3AAWG Best Practices for Unicode Abuse Prevention

With the advent of International Domain Names, Internationalized Top-Level Domains and Email Address Internationalization there will be an increase in the legitimate usage of Unicode characters and an increase in the potential for its abuse as well. This document provides best practices to curtail the potential Unicode abuse.

Pages

Public Policy Comments

September 06, 2011

MAAWG Comments to UK House of Commons Inquiry into Malware and Cyber-crime

MAAWG submitted a response in September 2011 to the Science and Technology Committee, UK House of Commons
The committee's inquiry covered a variety of questions related to malware and cyber-crime.

November 13, 2010

MAAWG Response to U.S. Department of Commerce’s Internet Policy Task Force on the Global Free Flow of Information on the Internet

MAAWG comments were submitted November 2010 in response to the DoC request.
The U.S. Department of Commerce’s Internet Policy Task Force requested comments on government policies that restrict Internet information flow, seeking to understand why these restrictions have been instituted; what, if any, impact they have, and how to address negative impacts. The DoC will publish a report contributing to the Administration’s domestic policy and international engagement on these issues.

October 27, 2010

MAAWG Comments on ICANN Study on the Prevalence of Domain Names Registered Using a Privacy or Proxy Registration Service

MAAWG comments were submitted October 2010 based on the ICANN request.
ICANN conducted an exploratory study in 2009 to assess an approximate percentage of domain names (through a statistical sampling plan) contained in the top 5 gTLD registries that used privacy or proxy registration services. The study indicated that at least 18% (and probably not much more than 20%) of the domain names contained in the top 5 gTLD registries used privacy or proxy registration services.

September 30, 2010

MAAWG Letter Regarding Canadian Fighting Internet and Wireless Spam Act (FISA)

The MAAWG letter supporting elements of FISA (see www2.parl.gc.ca/Sites/LOP/LEGISINFO/index.asp?Language=E&list=agenda) was submitted September 2010.
MAAWG submitted a letter supporting the global sharing of abuse-fighting information between law enforcement that is included in Canadian Bill C-28 establishing the federal Fighting Internet and Wireless Spam Act (“FISA”).

September 17, 2010

MAAWG Comments on National Broadband Plan Recommendation to Create a Cybersecurity Roadmap

MAAWG comments were submitted in response to U.S. Federal Communications Commission recommendations in September 2010.
The U.S. FCC’s Public Safety and Homeland Security Bureau (PSHSB) requested comment on the creation of a Cybersecurity Roadmap. The plan would identify vulnerabilities to communications networks or end-users and develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

Pages

M3AAWG Reports

DM3Z Blog

Updates and Commentary from the Messaging, Malware and Mobile Anti-Abuse Working Group

None at this time.

News

Articles About M3AAWG

PDF
September 22, 2016

News from Identifier Technology Health Indicators (ITHI)

https://www.icann.org/news/blog/news-from-identifier-technology-health-i...

. . ."First, ICANN will organize another ITHI workshop at the M3AAWG meeting in October in Paris."

PDF
June 08, 2016

EXPERTS TO FCC: CHANGE COURSE ON BROADBAND PRIVACY RULES INDUSTRY GROUPS AND EXPERTS AGREE: THE FCC MUST CHANGE COURSE ON BROADBAND PRIVACY

Fixed Wireless Internet Service Providers Association 

http://www.wispa.org/News/wispa_news_06-08-16_Experts_to_FCC

"A coalition of industry groups including WISPA, CTA, CTIA, and US Telecom today published a joint article in opposition to the FCC’s proposed new rules for broadband privacy protection . . . The Messaging, Malware and Mobile Anti-Abuse Working Group similarly warned that the rules as currently framed could inadvertently undermine cooperation and communication needed to secure the web from malware, viruses and hackers online. . . "

Pages

Subscribe to