Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:00 PM
Dark Reading
Dark Reading
Products and Releases

New M3AAWG Cloud Service Providers Best Practices Aim to Reduce End-User Threats

San Francisco, March 17, 2015 – Spamvertising, malware and other online threats could be significantly reduced by hosting companies following the necessary hygiene and security processes outlined in the new M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers released today.  Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users.

The new best practices  Implementing these recommendations can help hosting companies establish a stable operating environment and minimize additional customer support costs resulting from network operators frequently blocking the service for abusive activities, according to Michael Adkins, M3AAWG Chairman of the Board. 

“We took on this work at3AAWG because of the pivotal role hosting companies play in the ecosystem.  The same services that maintain domains and websites for legitimate customers are also needed by spammers, phishers and other miscreants to carry out their clandestine activities that defraud end-users, clog inboxes with junk mail or steal personal identity information. These best practices detail the current policies and technologies used by successful hosting and cloud service providers to weed out criminals and fix other common problems caused by well-intentioned but problematic customers that pose a threat to end users everywhere,” Adkins said.

The M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers are intended for the technical staff at both large organizations and smaller start-up hosting companies.  The document was developed by industry professionals who face these challenges every day and outlines reasonable steps that can be integrated into a company’s basic operations and policies, as explained in the video Improving Your Business with the M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers at www.youtube.com/maawg.

Christian Dawson, i2C chairman and co-founder, said, “As a group constructed of the organizations that build the Internet infrastructure, including the Web hosting services, we have the honor and responsibility to work together to make the Internet a safer place. We are thrilled to collaborate with M3AAWG on this important best practices initiative and focus on implementation within this community.”

Hosting Practices to Improve Business and Protect End-Users

The new best practices address both preventing abuse and what to do when a rogue customer is identified on the network.  For example, because Web hosting services often suffer from the negligent actions of their customers, the document recommends instituting effective vetting processes to verify the legitimacy of new clients before allowing them on the network.  It also advises that the company’s Terms and Conditions should require customers to keep current on all software updates, as older versions can be susceptible to malware attacks.

Among other recommended best practices, hosting companies should consider hardware-based intrusion detection systems (IDS) that help prepare for and deal with an attack, use software-based security scans and firewalls, and implement internal network telemetry reporting.  Feedback loops from network operators providing the hosting company with reports on abusive email sent from their servers can also help identify potential problems.  When a problem is found, the best practices outline processes for remediating a compromise, including when to suspend service or terminate a customer.  

The M3AAWG Hosting Special Interest Group was formed last year to develop these best practices, as explained in the video How the M3AAWG Hosting SIG Can Help You; Fighting Spam, Phishing, Malware and Emerging Threats. The SIG is continuing in its efforts to promote industry collaboration and develop the necessary processes to identify illegitimate hosting customers and respond to emerging issues.

Adkins said, “We are partnering with i2C on these best practices because they are aggressively working to address emerging anti-abuse issues in the cloud service provider area and to help these services improve their business model by reducing risk from abusive customers. Their support for this document reflects the hosting industry’s commitment to safe practices and to their role as reliable partners in the Internet ecosystem.”

The M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers (https://www.m3aawg.org/sites/maawg/files/news/M3AAWG_Hosting_Abuse_BCPs-2015-03.pdf) is available on both the M3AAWG website at www.m3aawg.org under Best Practices and from the i2C website at https://www.m3aawg.org/sites/maawg/files/news/M3AAWG_Hosting_Abuse_BCPs-2015-03.pdf.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078.
PUBLISHED: 2021-03-03
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078.