Globally-Developed MAAWG Best Practices for Dynamic Address Sharing, Email Forwarding Now Available; Aimed at Botnets, Improving User Experience

"MAAWG Methods for Sharing Dynamic IP Address Space Information with Others" resolves a concern heightened by the proliferation of botnets, which often use dynamic addresses to send spam. The paper describes four approaches to make these addresses more easily obtainable by mailbox providers and includes a discussion of the advantages and disadvantages of each.

The methods in the paper "MAAWG Recommendations: Email Forwarding Best Practices" will help ISPs distinguish legitimate consumers using a forwarding service from spammers. It outlines practices to improve cooperation between volume forwarders and network operators to avoid unintentionally blocking valid accounts because of abusive incoming mail.

Help Distinguish Legitimate from Potentially Criminal

The address sharing recommendations were developed to assist mailbox providers that do not accept email sent from dynamic IP addresses. While most consumers connect to the Web through modems using a dynamic address, their email is usually funneled through their ISP's mail server, which has a static (non-changing) IP address. But when a bot invades a consumer's computer, it often bypasses the ISP's mail server so that the resulting spam comes directly from the user's dynamic address. Identifying the ranges of network addresses that each ISP has assigned as dynamic addresses so that mailbox providers can identify and cut off botnet-induced spam, has been a complex and difficult process.

"There have been industry discussions about sharing dynamic IP addresses for years, and even some proposals, but this paper represents the first time a sizeable group of ISPs have come together to agree on how to do it. The recommendations are another necessary step toward helping mailbox providers eliminate spam originating from botnets before it hits users' inboxes," said J.D. Falk, MAAWG Board member and Return Path director of product management.

The forwarding best practices also provide technical recommendations to improve communications between sending and receiving entities. Many mailbox providers and institutions offer consumers either a permanent email address or a short-lived, temporary address set up so that messages are forwarded to consumers' underlying ISP account. Over time, these addresses may receive and forward a significant volume of junk mail, causing the user's ISP to conclude that the forwarding service is a spam source and block all incoming mail from that service. The MAAWG paper outlines steps forwarders can implement to improve deliverability and speed problem resolutions, such as separating sending and forwarding server functions. Practices for receivers include posting policies on the Web and recognizing IP space designated for forwarding.

Jordan Rosenwald, co-editor of the forwarding paper and Comcast manager of anti-abuse technologies, said, "Any address will attract some spam and incoming traffic from a forwarded account that has been in use for years can look like a deluge of spam, causing an ISP to block it. Spammers also are developing new ways to use forwarded email to their advantage, so the steps outlined in this paper will provide savings for both forwarders and receivers, but more importantly, can help protect consumers from being unnecessarily and unintentionally blocked."

Both papers are available at no cost from the MAAWG Web site, www.MAAWG.org. They were finalized at the MAAWG 13th General Meeting, which was attended by over 230 abuse and privacy professionals from ISPs, email providers and vendors representing 18 countries. The trade association's final meeting for 2008 will be Sept. 22-24 in Fort Lauderdale, Fl., and will include working sessions and expert speakers on a variety of topics including botnets and increasing worldwide anti-abuse cooperation.

About the Messaging Anti-Abuse Working Group (MAAWG)

The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging industry comes together to work against spam, viruses, denial-of-service attacks and other online exploitation. MAAWG (www.MAAWG.org) represents almost one billion mailboxes from some of the largest network operators worldwide. It is the only organization addressing messaging abuse holistically by systematically engaging all aspects of the problem, including technology, industry collaboration and public policy. MAAWG leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services. Headquartered in San Francisco, Calif., MAAWG is an open forum driven by market needs and supported by major network operators and messaging providers.

Media Contact: Linda Marcus, APR, 714-974-6356, lmarcus@astra.cc, Astra Communications

MAAWG Board of Directors: AOL; AT&T (NYSE: T); Bell Canada; Charter Communications (Nasdaq: CHTR); Cloudmark; Comcast (Nasdaq: CMCSA); Cox Communications; France Telecom (NYSE and Euronext: FTE); Goodmail Systems; Openwave Systems (Nasdaq: OPWV); Return Path, Inc. (Full-Member representative to the Board); Time Warner Cable; Verizon Communications; and Yahoo! Inc.

MAAWG Full Members: 1&1 Internet AG; AG Interactive; Bizanga LTD; BlueTie, Inc.; Eloqua Corporation; Google, Inc.; Internet Initiative Japan, (IIJ NASDAQ: IIJI); IronPort Systems; McAfee Inc.; MX Logic; Outblaze LTD; Return Path, Inc.; SPAMHAUS (The Spamhaus Project); Sprint; Sun Microsystems, Inc.; Symantec; and Telefonica SA.

A complete member list is available at http://www.maawg.org/about/roster.

SOURCE Messaging Anti-Abuse Working Group (MAAWG)