The Communications Security, Reliability and Interoperability Council (CSRIC) published a Anti-botnet code of conduct for ISPs. This is a purely voluntary code for U.S. ISPs that want to mitigate the botnet threat to follow. You can download a full copy of the final report from the MAAWG website. The FCC has published a fact sheet about the report on their own website.
The US government is looking at telling ISPs how to deal with compromised customers and botnets.
They’re a bit late to the party, though. Most of the major commercial ISPs have been implementing significant botnet controls for many years now. Control involves a number of different techniques, but notification has been designed into the system from day 1.
MAAWG has published a BCP for vetting new customers. This is the culmination of much work by a lot of people.
One of the best things about the document is the discussion of how spammers attempt to hide their identity. All too often I’ve been called in by ESPs to help them identify how a spammer got on their network and where their process failed. As filtering gets better at blocking spam, spammers are spending more and more time trying to steal good reputations to get their unwanted mail through.
Providers who follow these rules may still find themselves with spammers as customers, but the spammers will have to work harder to get on clean networks.
We’re back from MAAWG, but somehow I’ve not managed to catch up with everything from last week enough to have time to get back into the swing of blogging. I do have lots and lots of things to say, just not quite enough hours in the day to get them down on paper.
It was great to meet so many blog readers. I really appreciate each and every one of you that introduced yourselves and told me you read the blog. Not many people comment, so I don’t have a good feel for the number of readers. Hearing from readers was great!
MAAWG itself seemed lower key than it has been in the past, but I really think the organization is getting good work done. I strongly recommend people who haven’t been before to visit. There’s lots of great information about messaging, filtering and abuse prevention. They even have a new name! M3AAWG. (Messaging, Malware and Mobile are the 3 Ms)