These best practices and white papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.
Written in plain language by M3AAWG and the London Action Plan (LAP), Operation Safety-Net outlines the current and emerging threats faced by consumers, businesses and governments with recommended best practices to address these threats. For a brief overview of the document, see the brochure explaining the global depth and breadth of these best practices in the Supporting Documents section from the For the Industry menu tab.
System abuse drains time and revenue for hosting and cloud providers, who must maintain constant vigilance to make sure their systems are not compromised and ensure that their customers are vigilant. This document categorizes types of abuse, suggests appropriate responses and reviews practices for dealing with customers and complaints. It provides current best common practices in use with the hosting, DNS and domain registration provider communities.
These updated best practices outline the criteria for exit, entry, remediation and subscriber education when using a walled garden to remediate virus and bot infections in subscriber devices.
This document gives an overview of the current best common practices for sending commercial electronic messaging, focusing on the technical and practical policy aspects of these operations. The goal of these practices is to promote and enhance the transparency of senders maintaining legitimate messaging so that both individual recipients and mailbox providers are more easily able to distinguish legitimate messaging from messaging abuse.
M3AAWG recommends three basic measures, including turning on opportunistic TLS, that messaging providers can implement relatively quickly to enhance the security and privacy of their users’ mail.