Skip to Content

MAAWG Published Documents

These best practices and white papers represent the cooperative efforts of MAAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. MAAWG best practices are updated as needed and new documents are added as they become available.

In this paper, M3AAWG identifies some IPv6 anti-spam issues, provides recommendations to reduce abuse and offers an initial list of requirements for further technical work to address concerns within the broader Internet technical community.
Addressing problems associated with compromised user accounts, this document discusses mitigation techniques and methods of identifying compromised accounts. It also includes recommendations to ensure the long-term security of accounts to prevent “re-compromise.”
Honeypots are a proven technology used for detecting and understanding online threats that also can be used to fight telephony spam. This document was written to facilitate and encourage telephony honeypot development, as well as the use and sharing of information about and from those honeypots. It includes an overview of the benefits of such honeypots and also provides details of the various options that exist for setting them up.
These industry best practices are intended to help mitigate the abuse of mobile messaging (i.e., SMS, MMS and RCS), including text messaging and connected services. The guidelines outlined here will assist service providers and vendors in maintaining practical levels of trust and security across an open, globally-interconnected messaging environment.
Nearly all email systems, including those of Email Sender Providers and network operators, at some point have delivery issues because their sending IPs or domains are on a blocklist. This document shares established procedures defining how to triage and respond to a blocklisting to assist in a timely and effective resolution.
Just as speaking a common language allows two people to communicate effectively, standards that define the format of abuse reports and the destination address for them increase the effectiveness of network owners in fighting abusive traffic.
Submitted to the U.S. State Department in January 2014, responding to its request for Stakeholder Input on the Role of Governments, International Telecommunication Union Council Working Group on Internetprelated Public Policy Issues.
To minimize the risk of active DKIM keys being compromised, they should be changed frequently. This document discusses why keys should be rotated, how frequently they should be rotated, and suggests the best common practices for doing so.
Submitted to ICANN in response to their misuse survey report.
This document is for spamtrap operators who generally use data generated from spamtraps for purposes such as research, evidence collection, infected machine mitigation or mail list leakage and list quality control