All the M3AAWG Public Policy Comments are available fom the M3AAWG Public Policy page in this section.
These best practices and papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.
This document is an update to our previous "Managing Port 25 for Residential or Dynamic IP Space - Benefits of Adoption and Risks of Inaction" document published in 2005.
Spammers and other abusers often use viruses and spyware as vehicles to assume control over large numbers of computers. By managing the sending of email from devices on their network, providers can reduce the costs of running their business, increase customer satisfaction, and reduce the level of internet abuse associated with their service.
This document describes the PSL, explains its current strengths and limitations, and outlines some possible future enhancements. Most importantly, though, the community must step up and help to make sure it continues to exist.
This document addresses the options available if you realize that you are a victim of a Ransomware attack. It explains how to consider risks and alternatives in resolving the recovery and supporting continuity for your business, and how to tackle those issues.
The Senders Committee has created this document in an effort to help Email Service Providers (ESPs) mitigate the consequences of hitting spam traps. The document provides details on what spam traps are, the impact they have on mailings, and includes suggestions on ways to use spam trap feedback to improve customers’ sending practices, thereby minimizing future spam trap hits. In this document, “customer” refers to the organization using the ESP to send emails.
This document provides a template for designing an enforcement process to use when an organization becomes aware of objectionable content being hosted on its network and determines that it requires a takedown. This objectionable content might fall under – but may not necessarily be limited to – the organization’s policies and applicable regulations.