All the M3AAWG Public Policy Comments are available fom the M3AAWG Public Policy page in this section.
These best practices and papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.
TLS for Mail: M3AAWG Initial Recommendations
M3AAWG recommends three basic measures, including turning on opportunistic TLS, that messaging providers can implement relatively quickly to enhance the security and privacy of their users’ mail.
M3AAWG Network Address Translation Best Practices: The Implications of Large Scale NAT for Security Logging
Provides guidance for system operators, network designers, security professionals and Internet Service Providers about potential issues associated with Large Scale Network Address Translation systems.
MAAWG Vetting Best Common Practices (BCP)
ESPs take on significant risk every time a new customer sends email. A bad client can undermine the sending reputation for the ESP’s other clients as well as inflict abuse at recipient domains. This paper reviews some vetting practices to avoid these problems.
MAAWG Overview of DNS Security - Port 53 Protection
This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint
M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks
Note: This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.