StopSpamAlliance.org

San Francisco, April 22, 2008 – The Messaging Anti-Abuse Working Group (MAAWG) has released version 2.0 of its Senders Best Communications Practices defining how volume email senders can improve the deliverability of legitimate e-newsletters and permission-based e-marketing. The recommendations, originally issued last year as one of the first collaborative efforts between network operators and volume senders worldwide, has been updated to address new forms of spam and to clarify permission options.

Available today at the MAAWG site www.MAAWG.org, the updated best practices include new guidelines to help legitimate email avoid being mistaken for image-based junk mail, which has become a popular spamming technique. List permission and opt-in recommendations have been amended to reflect current practices, and recommended user-unsubscribe processes are clarified, along with other updates to the document, according to Dennis Dayman, MAAWG senders committee co-chair and Eloqua Corp. chief privacy officer.

“The MAAWG senders best practices are intended to help protect users’ online experience by improving industry cooperation and communication. For example, in this update we advise e-marketers not to embed unsubscribe instructions in an image or icon, as many users’ systems will automatically block the message or not display the icon,” Dayman said.

Originally issued by MAAWG last year, the best practices were developed through the cooperative effort of the industry’s largest ISPs, network operators and vendors. The original practices also were endorsed by other trade associations, such as CAUCE (Coalition Against Unsolicited Commercial Email), an organization that represents Internet users and email recipients.

San Francisco, April 1, 2008 – Setting the stage for a better understanding of sender authentication as a technology to combat junk email, the Messaging Anti-Abuse Working Group (MAAWG) has released a new white paper describing the practice as a foundation for protecting legitimate Internet mail. “Trust in Email Begins with Authentication” provides an overview of the technology by focusing on the standardized mechanisms in general use today, Sender Policy Framework (SPF), Sender IDentification Framework (SenderID), and DomainKeys Identified Mail (DKIM).

“Authentication mechanisms can help distinguish legitimate email from spam.  When used as part of a multi-faceted anti-abuse program, it is an important tool to help protect business brands from forgery and phishing attacks,” said Dave Crocker, the MAAWG senior advisor who edited the paper and principal at Brandenburg InternetWorking.

Email authentication mechanisms are used to validate the identity of an email’s sender, stifling would-be spammers who often forge the “From” field in an email message to avoid detection.  The executive summary of the MAAWG paper provides an overview of how authentication can be used to protect email and is intended for general business managers.  The main body provides more detail on SPF, SenderID, and DKIM mechanisms and is intended for technical readers familiar with basic Internet mail service.

“Trust in Email Begins with Authentication” is available at no cost at the MAAWG Web site, www.MAAWG.org.

San Francisco, March 10, 2008 – Initiating a dialogue with ISPs on how to protect social sites from exploitation, Craig Newmark, founder of Craigslist, asked network operators to trust that users will voluntarily report abuse and to cooperate with sites in building a safe online environment at the Messaging Anti-Abuse Working Group (MAAWG) general meeting in San Francisco held Feb. 18-20. Over the course of the event, MAAWG committees completed a white paper on email authentication and updated best practices for volume email senders, both of which will be released to the industry within the next few weeks.

A new subcommittee formed at the meeting began work focusing on DNS abuse and port 53 management, and the event also featured panels and committee discussions on filtering, monitoring outbound traffic, and other topics, according to Jerry Upton, MAAWG executive director. The MAAWG 12th General Meeting, attended by 300 industry professionals from over 20 countries, was the first of three meetings the organization will have this year to advance the technology, public policy and collaborative work necessary to fight messaging abuse and spam.

The organization’s 2008 officers also were named at the meeting with Michael O’Reirdan, a distinguished engineer in national engineering and technical operations at Comcast, elected MAAWG chair. MAAWG vice-chairs for the year are Jonathan Curtis, sr. security architect, technology development at Bell Canada; and Charles Stiles, Goodmail Systems vice president of worldwide business development. Laurie Jill Wood, director of enterprise security at Charter Communications, continues as treasurer. All have been actively promoting cooperation among ISPs and vendors.

On the social networking panel, Newmark stressed the value of trusting users to report abuse of his or any other popular site, a theme reiterated by the other panelists from Google and Six Apart. At the same time, Newmark recognized the need for increased collaboration between ISPs and socially oriented sites to improve the experience for all users.

The social networking panel was one of more than 25 sessions and committee meetings organized during the event. The discussions between ISPs and social networking site operators will continue at the upcoming 13th MAAWG General Meeting, June 10-12 in Heidelberg, Germany, along with presentations on vital technical and public policy issues. More information is available at the MAAWG Web site, www.MAAWG.org.

San Francisco, Feb. 5, 2008 – The London Action Plan (LAP), an important coalition of public and private entities from 27 countries cooperating on international spam law enforcement, has invited the Messaging Anti-Abuse Working Group (MAAWG) to join the alliance. MAAWG is a global association of network operators, email providers and vendors, and will work to support LAP efforts to strengthen international cooperation in fighting spam and other online abuse.

“MAAWG is a key international venue for sharing and improving on the most effective techniques to combat online abuse, spam and fraud. MAAWG’s participation in the London Action Plan further advances the global cooperation between public agencies and private industry that is essential to protect consumers and commerce,” said Hugh Stevenson, Deputy Director for International Consumer Protection in the Office of International Affairs at the U.S. Federal Trade Commission, one of the agencies serving as LAP’s Secretariat.

LAP members cooperate on cross-border spam-related matters, as permitted within the laws of their respective countries. The effort grew out of a 2004 meeting to develop a cooperative program furthering the work of various international organizations addressing these issues, including the Organisation for Economic Cooperation and Development (OECD) and the OECD Spam Task Force, the International Telecommunications Union (ITU), the European Union (EU), the International Consumer Protection Enforcement Network (ICPEN), and the Asia-Pacific Economic Cooperation (APEC).

The newly appointed MAAWG Public Policy Chair, Susan Israel of Comcast, said, “Online abuse now flows seamlessly and consistently across borders everywhere. An important aspect of MAAWG is building the cooperative relationships between our members, who are private-sector industry leaders, and public agencies worldwide to better address these problems. Working with LAP is an important milestone in this effort.”

LAP and the European Union’s Contact Network of Spam Authorities co-located their most recent joint meeting in October 2007 in Washington, D.C. with the MAAWG 11th General Meeting. MAAWG will hold its next members-only meeting of about 300 industry professionals in San Francisco on Feb. 18-20. The meeting will feature both open discussion and expert presentations on abuse abatement, public policy issues, sender authentication, reputation management, and understanding the end-user experience. Details are available at www.MAAWG.org.

The ITU Regional Workshop on Frameworks for Cybersecurity and CIIP and related Cybersecurity Forensics Workshop, will be held in Doha, Qatar, 18-21 February 2008. The workshop is being hosted by ictQATAR and organized in collaboration with Q-CERT, the Qatar National Program for Information Security. More detailed information on the workshop can be found on the event website at www.itu.int/itu-d/cyb/events/2008/doha/. The workshop aims to identify the main challenges faced by countries in the region in developing frameworks for cybersecurity and CIIP, to consider best practices, share information on development activities being undertaken by ITU as well as other entities, and review the role of various actors in promoting a culture of cybersecurity.

The workshop, one in a series of regional events organized by ITU-D, is being held in response to ITU Plenipotentiary Resolution 130: Strengthening the role of ITU in building confidence and security in the use of information and communication technologies (Antalya, 2006) and the 2006 World Telecommunication Development Conference Doha Action Plan establishing ITU-D Study Group Question 22/1: Securing information and communication networks: Best practices for developing a culture of cybersecurity. See the workshop website for more details.

The U.S. Federal Trade Commission (FTC) recently released a staff report summarizing the findings of the FTC’s Spam Summit held in July 2007 and also announcing the results of an email harvesting and anti-spam filter study. The news release and copy of the text of the report can be found at < http://www.ftc.gov/opa/2007/12/spam.shtm>.

MAAWG will hold its 12th general meeting from February 18 -20, 2008 at the Intercontinental Mark Hopkins in San Francisco. Access is limited to members and invited guests.

San Francisco, Nov. 27, 2007 – A summary of the most effective abuse desk best practices from MAAWG service providers was compiled for general industry use at the latest Messaging Anti-Abuse Working Group members-only meeting. The three-day working conference also featured a keynote address from the U.S. Federal Trade Commission chairman, joint-working sessions with cooperating international anti-spam organizations, and progress on recommended email authentication practices.

The meeting held last month in Washington, D.C., brought together almost 250 MAAWG members and 70 participants from the LAP (London Action Plan) and CNSA (the EU Contact Network of Spam Authorities created by the European Commission) representing over 20 countries. Significant progress on collaborative and technical measures to combat online abuse globally was made during the 21 sessions held Oct. 8-10, including:

• A summary of the best abuse desk procedures was compiled from MAAWG member ISPs and email providers and is now available to the industry. The MAAWG Abuse Desk Common Practices provides insight into the processes that have proven most effective in educating customers, reducing email abuse problems, and developing knowledgeable abuse desk employees. It can be downloaded at the organization’s Web site www.MAAWG.org.

• Work continued on an email authentication white paper edited by David Crocker, MAAWG senior technical advisor and principal with Brandenburg InternetWorking. MAAWG sees authentication as an important technology to reduce spam and phishing emails. The paper will offer a basic introduction to email authentication for management staff and then discuss technical concepts and choices in more details for software developers and network engineers.

• A new subcommittee was created focusing on email forwarding issues to be chaired by Jay Opperman of Comcast. The group will create a best practices document which will include recommendations and guidelines for filtering, authentication and reputation policies to increase the quality of mail delivered to the end recipient.
• The MAAWG Technical Committee began work on defining reputation management terms. This is the first step in creating an industry-wide dialogue on generally accepted practices to measure senders’ reputations and improve deliverability of “false positive” emails. Mike Adkins of AOL, Pat Petersen of Ironport Systems, and Chris Roosenraad of Time Warner Cable also were elected MAAWG Technical Committee co-chairs.

FTC Chairman Deborah Platt Majoras announced in her Oct. 10 speech at the meeting the first law enforcement action in which the FTC employed the U.S. SAFE WEB Act to share information with foreign partners resulting in a temporary restraining order against the principals behind an international spamming enterprise that fraudulently marketed anti-aging and weight loss products. The LAP (www.londonactionplan.com) and CNSA with MAAWG and held special training and other conference sessions for their members.

The second quarter 2007 MAAWG Email Metrics Report was reviewed and has been released since the meeting. This quarterly report is compiled by ISP and email service provider members to help the industry understand the current volume of abusive email and spot trends. A training session on the new MAAWG Abuse Contact Database that allows members direct communications with each other to address reputation and abuse issues also was held at the meeting.

MAAWG has scheduled three meetings next year, with activities continuing in its technical, collaboration and public policy committees between the events. The 2008 February meeting in San Francisco, June meeting in Heidelberg, Germany, and September meeting in Miami, Florida, are open to members only. Information on the organization and future meetings is available at www.MAAWG.org.

San Francisco, Oct. 2, 2007 – Taking aim at the bot and zombie malware that turns unsuspecting users’ computers into dangerous spam and identity theft networks, MAAWG has issued the first best practices developed cooperatively by major Internet and email service providers for managing infected subscribers. The “MAAWG Best Practices for the Use of a Walled Garden” provides recommendations for directing customers to a safe online environment where downloadable self-remediation tools can help users remove the malicious code installed on their computers.

“The industry needs to define best practices to address this problem just as a public health department would define quarantine procedures for a biological infection that is affecting its citizens. These best practices are the first effort at unifying and educating ISPs and service providers on how to effectively confront this rapidly spreading malware,” said Scott Chasin, editor of the MAAWG walled garden recommendations and MX Logic, Inc. chief technology officer.

Wall gardens are closed online environments created by service providers where subscribers can safely disinfect their systems. When subscribers with infected computers try to access the Web, their browsers are automatically redirected to a protected environment provided by the ISP where the malicious code can be securely purged. The MAAWG best practices recommend these walled garden sites include downloadable tools that allow users to remove the malware themselves and that once the malicious code has been deleted subscribers’ Web access be easily restored. According to the best practices, end-user education should be a priority.

“Infected subscribers are facing a real menace but have no idea they have been compromised unless they notice their computers are running a little slow or the malware shows up in an anti-virus scan,” said Chasin.

Addresses Significant Source of Spam and Fraud

Currently, a large percentage of spam is sent through these ill-gotten networks. According to Richard Cox, the Chief Information Officer at the Spamhaus Project, a nonprofit that tracks malicious online activity and whose representative serves as a MAAWG senior advisor, “Every day — day in, day out — we see between 750,000 and 1.2 million new IP addresses, proxies and botnet zombies attempting to send spam. This does not mean they are all new infections, as infected PCs tend to move around the Internet IP address space of the users’ ISP.”

In a botnet, malware from various sources, such as a contaminated email or malicious code downloaded from a malignant Web site, is unknowingly installed on users’ computers. Once deployed, the “bot” or “zombie” machine is controlled by commands from a “bot master,” a person who uses the infected network to send spam or carry out fraudulent activities. The malicious code is often designed to run in background mode, so subscribers with polluted machines are usually unaware their systems are sending large quantities of spam.

The surreptitious networks can range from a thousand infected computers to hundreds of thousands and also can be used to launch Distributed Denial of Service (DDoS) attacks that prevent legitimate users from accessing a targeted Web site. Among other threats, the malware might also include a “key logger” to record users’ keystrokes and capture passwords or sensitive financial information that is forwarded to identity thieves.

Chasin said, “This is the first step and we’ll continue to drive peer-to-peer discussions on this issue. Service providers are becoming more sophisticated in their approach to botnets, and they realize the benefit to both themselves and the broader online community as they educate subscribers.”

The “MAAWG Best Practices for the Use of a Walled Garden” outlines criteria for entering and exiting closed safe environments, recommendations for convenient end-user self-remediation, and practices to make end-user education a primary focus. The document is available on the MAAWG Web site at www.MAAWG.org.

San Francisco, Oct. 24, 2007 – The Messaging Anti-Abuse Working Group, representing almost one billion mailboxes from some of the largest network operators worldwide, has launched the MAAWG Abuse Contact Database as a new online communications channel to improve industry cooperation among service providers, volume senders and email vendors. The database of email contacts provides MAAWG members direct access to the appropriate person at other MAAWG companies who can help resolve reputation, malware and other fraud or abuse related issues.

The new database will improve communications among a significant portion of the industry and will ultimately help provide better service to end-users. For example, a MAAWG-member Internet service provider can use the database to send an email alerting another operator of a covert spam attack and thus help reduce the volume of spam in the email stream. Before the database was available, industry professionals often spent considerable time researching the suitable contact at another company to address a specific issue, according to Charles Stiles, MAAWG Chairman.

The database is accessible only to MAAWG members and only includes contact information for MAAWG member companies. It has been structured so that the contact information remains hidden to protect members’ privacy and allows companies to define the contact issues relevant to their business.

“The MAAWG Abuse Contact Database represents the great strides being made by the industry in facilitating collaborative communication. This resource provides a win-win-win situation for mailers, mailbox providers and most importantly for consumers,” Stiles said.

The MAAWG Abuse Contact Database is available when members login into the private section of the MAAWG Web site at www.MAAWG.org. The site also includes other materials available only to members, including presentation archives from MAAWG meetings, access to MAAWG committees, working technical documents and other resources.