Home Best Practices

These best practices and white papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.

PDF
December 01, 2014

TLS for Mail: M3AAWG Initial Recommendations

M3AAWG recommends three basic measures, including turning on opportunistic TLS, that messaging providers can implement relatively quickly to enhance the security and privacy of their users’ mail.

PDF
August 23, 2012

M3AAWG Network Address Translation Best Practices: The Implications of Large Scale NAT for Security Logging

Provides guidance for system operators, network designers, security professionals and Internet Service Providers about potential issues associated with Large Scale Network Address Translation systems. 

PDF
November 15, 2011

MAAWG Vetting Best Common Practices (BCP)

ESPs take on significant risk every time a new customer sends email. A bad client can undermine the sending reputation for the ESP’s other clients as well as inflict abuse at recipient domains. This paper reviews some vetting practices to avoid these problems.

PDF
June 08, 2010

MAAWG Overview of DNS Security - Port 53 Protection

This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint

HTML
July 01, 2009

M3AAWG Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks

Note:  This M3AAWG best practices paper has been replaced by RFC 6561 Remediation of Bots in ISP Networks, March 2012 from the IETF.

Pages