All the M3AAWG Public Policy Comments are available fom the M3AAWG Public Policy page in this section.
These best practices and papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.
M3AAWG Email Authentication Recommended Best Practices
This document recommends a set of best practices for authenticating email messages using the security protocols Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), Domain-based Message Authentication, Reporting & Conformance) DMARC and Authenticated Received Chain (ARC). (Another security protocol, SMTP authentication, meaning the presentation of credentials during the submission of a message by a Mail User Agent (MUA) or Mail Submission Agent (MSA) to a Mail Transfer Agent (MTA) serves a different purpose and is outside the scope of this document.)
M3AAWG Mobile Messaging Best Practices for Political Programs in the United States
The objectives of this document are to help maximize the successful delivery of wanted political text messages and minimize the incidence of unwanted and/or abusive political text messaging, while ensuring that the rights of all participants in political processes are respected. This document defines best practices that promote trust, transparency and collaboration among ecosystem providers.
M3AAWG Comments on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process
M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, appreciates this opportunity to comment on the Initial Report of the Temporary Specification for gTLD Registration Data Phase 2 Expedited Policy Development Process (https://gnso.icann.org/en/issues/epdp-phase-2-initial-07feb20-en.pdf).
M3AAWG Response for ICANN Security Stability and Resiliency Review Team (Two)
The Messaging, Malware, and Mobile Anti Abuse Working Group (M3AAWG) welcomes the opportunity to review the draft report from ICANN’s Security Stability and Resiliency Review Team (Two).
M3AAWG Sending Domains Best Common Practices
When preparing for bulk or transactional email sending, two items require special attention: outbound IP addresses, and the domain names to be used for these communications. For the latter, ESPs (Email Service Providers) go through this set-up process frequently and have to review the same readiness checklist each time. This process may involve individual client preferences and constraints, both legal and technical.