These best practices and white papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.
This document focuses on defining malicious domain names and provides a non-exhaustive list of possible actions that can be taken to address them.
M3AAWG Recommendations: Methods for Sharing Dynamic IP Address Space Information with Others-Updated May 2018 (2008)
Although M3AAWG recommends blocking outbound port 25 traffic as the best option for controlling the flow of unwanted email traffic from an ISP’s customer space, such blocks may not always be possible, either for the short or long term. This document offers some alternatives for these ISPs by describing methods they can use to share their dynamic space information with others and allow remote sites to reject inbound mail traffic from dynamic address space.
Updated in March 2018, this document addresses problems associated with compromised user accounts. It discusses mitigation techniques and methods of identifying compromised accounts, including recommendations to ensure the long-term security of accounts to prevent “re-compromise.”
Nearly all email systems, including those of Email Sender Providers and network operators, at some point have delivery issues because their sending IPs or domains are on a blocklist. This document shares established procedures defining how to triage and respond to a blocklisting to assist in a timely and effective resolution. Version 1.0.1 was updated in February 2018.
Over a thousand new generic Top-Level Domains (gTLDs) have been, or are in, the process of being created under ICANN’s new gTLD program. This paper is written for current Registry operators and for companies interested in applying for new gTLDs, and outlines the risks and some relatively simple recommendations that can help correct these problems.