Home Best Practices

These best practices and papers represent the cooperative efforts of M3AAWG members to provide the industry with recommendations and background information to improve messaging security and protect users. M3AAWG best practices are updated as needed and new documents are added as they become available.

PDF
February 17, 2015

M3AAWG Sender Best Common Practices, Version 3.0

This document gives an overview of the current best common practices for sending commercial electronic messaging, focusing on the technical and practical policy aspects of these operations. The goal of these practices is to promote and enhance the transparency of senders maintaining legitimate messaging so that both individual recipients and mailbox providers are more easily able to distinguish legitimate messaging from messaging abuse.

PDF
December 01, 2014

TLS for Mail: M3AAWG Initial Recommendations

M3AAWG recommends three basic measures, including turning on opportunistic TLS, that messaging providers can implement relatively quickly to enhance the security and privacy of their users’ mail.

PDF
August 23, 2012

M3AAWG Network Address Translation Best Practices: The Implications of Large Scale NAT for Security Logging

Provides guidance for system operators, network designers, security professionals and Internet Service Providers about potential issues associated with Large Scale Network Address Translation systems. 

PDF
November 15, 2011

MAAWG Vetting Best Common Practices (BCP)

ESPs take on significant risk every time a new customer sends email. A bad client can undermine the sending reputation for the ESP’s other clients as well as inflict abuse at recipient domains. This paper reviews some vetting practices to avoid these problems.

PDF
June 08, 2010

MAAWG Overview of DNS Security - Port 53 Protection

This paper briefly discusses how an DNS attack works, the impact of this threat, proposes a solution and discusses the advantages and disadvantages from a technical, business and regulatory standpoint

Pages