June 26, 2008
ISPs from around the world have joined forces to kill spam: The Messaging Anti-Abuse Working Group (MAAWG), made up of ISPs, vendors, and anti-spam groups, this month agreed on methods to more easily identify botnet-driven spam and distinguish between legitimate forwarded email accounts and those used by spammers.
MAAWG has published two papers -- one outlining best practices for sharing dynamic IP address space among providers and another for ways to handle email forwarding.
"There have been industry discussions about sharing dynamic IP addresses for years, and even some proposals, but this paper represents the first time a sizeable group of ISPs have come together to agree on how to do it. The recommendations are another necessary step toward helping mailbox providers eliminate spam originating from botnets before it hits users' inboxes," said J.D. Falk, a member of the MAAWG Board member and director of product management for Return Path.
The IP address-sharing recommendations are aimed at making dynamic IP addresses more easily accessible to email service providers so they can better detect and shut down spam, which often uses dynamic IP addresses. The idea is to help them distinguish between valid email traffic and botnet-driven spam.
Email forwarding is another common botnet technique for moving spam. MAAWG also issued recommendations for helping ISPs separate spammers from legitimate users who deploy email forwarding services, and for avoiding inadvertently blocking legit accounts.
“Any address will attract some spam, and incoming traffic from a forwarded account that has been in use for years can look like a deluge of spam, causing an ISP to block it,” said Jordan Rosenwald, co-editor of the forwarding paper and Comcast manager of anti-abuse technologies. "Spammers also are developing new ways to use forwarded email to their advantage, so the steps outlined in this paper will provide savings for both forwarders and receivers, but more importantly, can help protect consumers from being unnecessarily and unintentionally blocked."
— Kelly Jackson Higgins, Senior Editor, Dark Reading
Read more about:2008
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware