Globally-Developed MAAWG Best Practices for Dynamic Address Sharing, Email Forwarding Now Available; Aimed at Botnets, Improving User Experience



    SAN FRANCISCO, June 25 /CNW/ -- Network operators and ISPs from around
the world have cooperated on two new best practice papers addressing technical
issues that will help block botnet-induced spam and improve the deliverability
of consumers' personal emails.  The recommendations for sharing IP address
space and for email forwarding were approved at a Messaging Anti-Abuse Working
Group (MAAWG) meeting in Heidelberg, Germany last week and are available
today.
    
    (Logo: http://www.newscom.com/cgi-bin/prnh/20070124/CLW180LOGO )
    
    "MAAWG Methods for Sharing Dynamic IP Address Space Information with
Others" resolves a concern heightened by the proliferation of botnets, which
often use dynamic addresses to send spam.  The paper describes four approaches
to make these addresses more easily obtainable by mailbox providers and
includes a discussion of the advantages and disadvantages of each.
    The methods in the paper "MAAWG Recommendations: Email Forwarding Best
Practices" will help ISPs distinguish legitimate consumers using a forwarding
service from spammers.  It outlines practices to improve cooperation between
volume forwarders and network operators to avoid unintentionally blocking
valid accounts because of abusive incoming mail.
    
    Help Distinguish Legitimate from Potentially Criminal
    
    The address sharing recommendations were developed to assist mailbox
providers that do not accept email sent from dynamic IP addresses.  While most
consumers connect to the Web through modems using a dynamic address, their
email is usually funneled through their ISP's mail server, which has a static
(non-changing) IP address.  But when a bot invades a consumer's computer, it
often bypasses the ISP's mail server so that the resulting spam comes directly
from the user's dynamic address. Identifying the ranges of network addresses
that each ISP has assigned as dynamic addresses so that mailbox providers can
identify and cut off botnet-induced spam, has been a complex and difficult
process.
    "There have been industry discussions about sharing dynamic IP addresses
for years, and even some proposals, but this paper represents the first time a
sizeable group of ISPs have come together to agree on how to do it.  The
recommendations are another necessary step toward helping mailbox providers
eliminate spam originating from botnets before it hits users' inboxes," said
J.D. Falk, MAAWG Board member and Return Path director of product management.
    The forwarding best practices also provide technical recommendations to
improve communications between sending and receiving entities.  Many mailbox
providers and institutions offer consumers either a permanent email address or
a short-lived, temporary address set up so that messages are forwarded to
consumers' underlying ISP account.  Over time, these addresses may receive and
forward a significant volume of junk mail, causing the user's ISP to conclude
that the forwarding service is a spam source and block all incoming mail from
that service.  The MAAWG paper outlines steps forwarders can implement to
improve deliverability and speed problem resolutions, such as separating
sending and forwarding server functions. Practices for receivers include
posting policies on the Web and recognizing IP space designated for
forwarding.
    Jordan Rosenwald, co-editor of the forwarding paper and Comcast manager
of anti-abuse technologies, said, "Any address will attract some spam and
incoming traffic from a forwarded account that has been in use for years can
look like a deluge of spam, causing an ISP to block it.  Spammers also are
developing new ways to use forwarded email to their advantage, so the steps
outlined in this paper will provide savings for both forwarders and receivers,
but more importantly, can help protect consumers from being unnecessarily and
unintentionally blocked."
    Both papers are available at no cost from the MAAWG Web site,
www.MAAWG.org.  They were finalized at the MAAWG 13th General Meeting, which
was attended by over 230 abuse and privacy professionals from ISPs, email
providers and vendors representing 18 countries.  The trade association's
final meeting for 2008 will be Sept. 22-24 in Fort Lauderdale, Fl., and will
include working sessions and expert speakers on a variety of topics including
botnets and increasing worldwide anti-abuse cooperation.
    
    About the Messaging Anti-Abuse Working Group (MAAWG)
    
    The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging
industry comes together to work against spam, viruses, denial-of-service
attacks and other online exploitation.  MAAWG (www.MAAWG.org) represents
almost one billion mailboxes from some of the largest network operators
worldwide.  It is the only organization addressing messaging abuse
holistically by systematically engaging all aspects of the problem, including
technology, industry collaboration and public policy.  MAAWG leverages the
depth and experience of its global membership to tackle abuse on existing
networks and new emerging services.  Headquartered in San Francisco, Calif.,
MAAWG is an open forum driven by market needs and supported by major network
operators and messaging providers.
    Media Contact: Linda Marcus, APR, 714-974-6356, lmarcus@astra.cc, Astra
Communications
    MAAWG Board of Directors: AOL; AT&T (NYSE:   T); Bell Canada; Charter
Communications (Nasdaq:   CHTR); Cloudmark; Comcast (Nasdaq:   CMCSA); Cox
Communications; France Telecom (NYSE and Euronext: FTE); Goodmail Systems;
Openwave Systems (Nasdaq:   OPWV); Return Path, Inc. (Full-Member representative
to the Board); Time Warner Cable; Verizon Communications; and Yahoo! Inc.
    MAAWG Full Members: 1&1 Internet AG; AG Interactive; Bizanga LTD;
BlueTie, Inc.; Eloqua Corporation; Google, Inc.; Internet Initiative Japan,
(IIJ NASDAQ:   IIJI); IronPort Systems; McAfee Inc.; MX Logic; Outblaze LTD;
Return Path, Inc.; SPAMHAUS (The Spamhaus Project); Sprint; Sun Microsystems,
Inc.; Symantec; and Telefonica SA.
    A complete member list is available at http://www.maawg.org/about/roster.




For further information:

For further information: Linda Marcus, APR, of Astra Communications 
+1-714-974-6356, lmarcus@astra.cc Web Site: http://www.maawg.org

Organization Profile

MESSAGING ANTI-ABUSE WORKING GROUP

More on this organization

MAAWG

More on this organization


Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

CNW Membership

Fill out a CNW membership form or contact us at 1 (877) 269-7890

Learn about CNW services

Request more information about CNW products and services or call us at 1 (877) 269-7890