Anyone seeking to honor a groundbreaking contribution toward a better online world should submit a nomination for the 2014 M3AAWG J. D. Falk Award. Presented to people whose work on specific projects made the Internet a safer, more collaborative, more inclusive place, the J. D. Falk Award has recognized leaders and pioneers who saw elements of the online experience that needed improvement and took action to fix them. The nomination process is simple, open to anyone, and free of charge. To be considered for the October 2014 J. D. Falk Award, nominations must be completed by 5 September, 2014.
This year’s program marks the third presentation of the M3AAWG J. D. Falk Award. Past winners include Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham's Center for Information Assurance and Joint Forensics Research (2013), and FBI Supervisory Special Agent Thomas Grasso (2012). Warner is credited with developing a university lab project into one of the world’s preeminent training programs for cyber intelligence analysts. Grasso led the DNS Changer Working Group, assembling a partnership of industry, government and academic experts to organize a response to a global malware...
M3AAWG was formed almost ten years ago over concerns that email, one of the Internet’s two “killer apps” at the time, might collapse due to out-of-control volumes of spam. Fortunately today, even with vastly more spam bombarding the networks, our operator members report they’re now able to stop about 90 percent of abusive messages before they reach users’ inboxes, per our email metrics reporting program.
From this real-world perspective, it has become clear that one of the most effective tools in the ongoing fight against spam and malware has been the voluntary adoption of the proven methodologies outlined in industry best practices. The Internet community’s greatest resource in confronting online threats has always been the dedicated, unsung heroes who successfully battle spammers and other cybercriminals as part of their daily jobs then come together in associations like M3AAWG to share and distribute their knowledge in these documents and white papers. Like many industry organizations, we have worked hard to foster a trusted, vetted environment suitable for sharing timely threat information and have developed a process to distill industry experience on what works and what...
Concerned about malware and spam in India, one of the fasting growing online markets in the world? Do you have connections with Internet companies in the region or are you associated with an Internet company in India?
We invite you and your colleagues to the latest Indian Anti-Abuse Working Meeting on August 4 in Mumbai, India, hosted by M3AAWG with sponsorship from Afilias. This is the second in a (hopefully) long series of working meetings where we at M3AAWG plan to engage closely with our counterparts in the Indian messaging, ISP, data center, cellular carrier and email marketer industries.
The upcoming M3AAWG meeting will be held back-to-back with SANOG (www.sanog.org), the largest ISP network operations conference in the South Asian region. We have an agenda that is being actively developed and includes speakers such as:
· Animesh Bansriyar, Cloudmark Security Architect, presenting on mobile anti-abuse mitigation...
Over the past few years, and particularly these past six months, there’s been an uptick in abused systems and abusive clients taking up residence on systems in hosting and data centers. To expedite a community effort in remediating some of these attacks, we have launched a new M3AAWG Hosting SIG with these initial activities:
Developing best practices: Hosting companies have a different business model that demands specific types of approaches, and it is critical to bring together people with expertise and up-to-date experience in the hosting business. We plan to review historical documents as a potential starting point for the discussion on a new set of best practices developed with the full participation of the sector’s stakeholders.
Working sessions at upcoming M3AAWG meetings: We are organizing some Birds of a Feather lunch meetings during the M3AAWG General Meeting this June in Vienna and at our October meeting in Montreal. We invite interested parties to join us as we begin discussions on the best practices document and in defining future needs.
We are approaching this important work in true M3AAWG collaborative...
Since the public launch of the DMARC specification in January 2012 (http://www.dmarc.org), DMARC has become a highly requested topic for discussion and training at M3AAWG meetings. With the benefit of several Round Table and main session tracks at our meetings in San Francisco and Berlin, along with numerous presentations at other industry forums, DMARC experts Michael Adkins and Paul Midgen brought their accumulated experience to the 26th M3AAWG conference in Baltimore in October 2012.
Their training seminar is a now available as a video series on the M3AAWG website and covers:
What is DMARC?
Is DMARC right for my domain/users/usage?
How do I implement DMARC?
There are sections of the seminar that address the needs of receivers, and others that focus on what senders need to know. The session also covers the reporting aspect of DMARC, which is a key element to allow implementers to gain the insights necessary to safely consider any receiver-actionable levels in the DMARC spectrum.
The two-and-a-half hour training session has been broken up into more manageable lengths for web viewing. You can find the videos at:...
The idea of informing network owners’ abuse departments about malicious incidents is not new, but still a very effective and the most inexpensive way of letting people in charge know that there is something wrong in their own network (http://www.ietf.org/rfc/rfc2142.txt). Actually, it is one of the best methods to help enforce security on the Internet in a self-regulating way. The industry has propagated data sharing and global reporting of spam and other network incidents for years, yet has often been struggling due to the inability of finding the responsible points of contact in the RIR’s (Regional Internet Registry’s) WHOIS.
For example, the automatic and manual discovery of an abuse contact for a RIPE registered number resource is not really an easy task these days. The logic you need to parse through all the related WHOIS objects is sometimes more than inconvenient. There are too many possible places where an abuse contact can be published. It can be an IRT Object (Incident Response Team) or maybe an abuse-mailbox attribute in an IRT Object, or in any other object or even in a remark field in any given object. Since one resource can have more than one object, it happens that you get more...