The Communications Security, Reliability and Interoperability Council (CSRIC) published a Anti-botnet code of conduct for ISPs. This is a purely voluntary code for U.S. ISPs that want to mitigate the botnet threat to follow. You can download a full copy of the final report from the MAAWG website. The FCC has published a fact sheet about the report on their own website.
We’re back from MAAWG, but somehow I’ve not managed to catch up with everything from last week enough to have time to get back into the swing of blogging. I do have lots and lots of things to say, just not quite enough hours in the day to get them down on paper.
It was great to meet so many blog readers. I really appreciate each and every one of you that introduced yourselves and told me you read the blog. Not many people comment, so I don’t have a good feel for the number of readers. Hearing from readers was great!
MAAWG itself seemed lower key than it has been in the past, but I really think the organization is getting good work done. I strongly recommend people who haven’t been before to visit. There’s lots of great information about messaging, filtering and abuse prevention. They even have a new name! M3AAWG. (Messaging, Malware and Mobile are the 3 Ms)
Next week is MAAWG and I’ll be there talking about delivery, blocking and all sorts of things. If you’re going, be sure to stop by the Choose Your Own Delivery Adventure. It should be lots of fun!
Also next week on Monday I’ll be a guest on the Only Influencers blog talk radio show discussing Delivery versus Marketing.
MAAWG has published a BCP for vetting new customers. This is the culmination of much work by a lot of people.
One of the best things about the document is the discussion of how spammers attempt to hide their identity. All too often I’ve been called in by ESPs to help them identify how a spammer got on their network and where their process failed. As filtering gets better at blocking spam, spammers are spending more and more time trying to steal good reputations to get their unwanted mail through.
Providers who follow these rules may still find themselves with spammers as customers, but the spammers will have to work harder to get on clean networks.