Focusing on the urgent problems of identifying and removing botnets from end-users systems and preventing other online exploitation, the Messaging Anti-Abuse Working Group (MAAWG) initiated several new projects at its third meeting of the year. The new work represents important steps forward in cooperative industry efforts to protect end-users by addressing the safe mitigation of botnets, ISP migration to IPv6, detection and reporting of compromised hosts, Web messaging abuse and other outbound abuse. The progress of these projects and other ongoing work will be reviewed at the 15th MAAWG General Meeting on February 17-19 in San Francisco, Calif.
"Botnet mitigation is exceedingly important in protecting end users from abuse and in maintaining a trusted online environment. MAAWG is aggressively responding to this rapidly growing threat," said Michael O'Reirdan, MAAWG chairman.
"At the same time, we're also continuing our day-to-day block and tackle work on authentication, feedback loops, abuse reporting and other topics. They are all weapons in our armory," O'Reirdan said.
"Bots" and "zombies" are computers infected with malicious code spread via contaminated emails, instant messages or Web sites and installed without the user's permission. The bots often are coordinated into covert networks used to send spam, or "botnets" that can entail hundreds of thousands of unsuspecting computers. Users with polluted machines are generally unaware their systems are sending the abusive email, and among other threats, the malware might also capture users' sensitive information for use by identity thieves.
The new and ongoing work to address botnets and other abuse issues from the MAAWG meeting held Sept. 22-24 in Ft. Lauderdale, Fla. included the formation of:
-- A botnet mitigation subcommittee that will develop best practices to safely remove malware from unsuspecting users' computers
-- A subcommittee reviewing a novel method by which senders of solicited bulk email can detect that individual subscribers may have been infected by malware, and automatically report their suspicion to that subscriber's ISP
-- An IPv6 and botnets subcommittee researching how IPv6 will impact botnet detection
-- A migrating to IPv6 subcommittee developing best practices for upgrading a messaging infrastructure
-- New working groups formed to address security issues in Web messaging and other outbound abuse
-- In addition, domain registrars are invited to comment on the current Registrars best practices draft by contacting MAAWG through its Web site: www.MAAWG.org
MAAWG is the largest industry organization uniting ISPs, mailbox providers and vendors from around the world against online abuse. The three-day, multi-track February meeting will feature panels, keynote speakers and open discussions with public policy representatives on tackling the increasing volumes of toxic abuse that endanger users and the industry. Information on the meeting and on MAAWG is available at www.MAAWG.org.
About the Messaging Anti-Abuse Working Group (MAAWG)
The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging industry comes together to work against spam, viruses, denial-of-service attacks and other online exploitation. MAAWG (www.MAAWG.org) represents almost one billion mailboxes from some of the largest network operators worldwide. It is the only organization addressing messaging abuse holistically by systematically engaging all aspects of the problem, including technology, industry collaboration and public policy. MAAWG leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services. Headquartered in San Francisco, Calif., MAAWG is an open forum driven by market needs and supported by major network operators and messaging providers.
MAAWG Board of Directors: AOL; AT&T (NYSE: T); Bell Canada; Charter Communications (Nasdaq: CHTR); Cloudmark, Inc.; Comcast (Nasdaq: CMCSA); Cox Communications; France Telecom (NYSE and Euronext: FTE); Goodmail Systems; Openwave Systems (Nasdaq: OPWV); Return Path, Inc. (Full-Member representative to the Board); Time Warner Cable; Verizon Communications; and Yahoo! Inc.
MAAWG Full Members: 1&1 Internet AG; AG Interactive; Bizanga LTD; BlueTie, Inc.; Constant Contact; Eloqua Corporation; Experian CheetahMail; Google, Inc.; Internet Initiative Japan, (IIJ Nasdaq: IIJI); IronPort Systems; McAfee Inc.; MX Logic; Outblaze LTD; Return Path, Inc.; SPAMHAUS (The Spamhaus Project); Sprint; Sun Microsystems, Inc.; Symantec; and Telefonica SA.
A complete member list is available at http://www.maawg.org/about/roster.