New M3AAWG Documents About Blocklists and Compromised User IDs

Posted by Christine Borgia on

Return Path is a Sponsor-level member of M3AAWG, the Messaging, Malware, and Mobile Anti-Abuse Working Group. As M3AAWG members, we are committed to collaborating with others in the industry to produce best practices documents to help organizations prevent network abuse. Recently, M3AAWG published two documents that we wanted to highlight.

The first document, “Help – I’m On A Blocklist”, is valuable to anyone who runs an email system, whether for email marketing, corporate mail, or consumers.

Nearly all email systems at some point have delivery issues because their sending IPs or domains are included on a blocklist. This includes Email Sender Providers and network operators. Depending on where mail is blocked, these listings can trigger a panic reaction inside the blocked company. Therefore, understanding the established procedures defining how to triage and respond to the situation is important to ensure a timely and effective resolution. This document specifically addresses delivery failures due to active blocks placed against a sender’s IP address or domain.

The second document, titled “M3AAWG Compromised User ID Best Practices”, will be of particular interest to our mailbox provider partners.

This M3AAWG best practices document is focused on addressing problems associated with compromised user accounts. In order to address the problem, it is important to define what a compromised user account is and how user accounts become compromised. This document discusses mitigation techniques and ways of identifying compromised accounts. Rounding out the document is a set of recommendations to ensure the long-term security of accounts to prevent “re-compromise.”

This document is intended for operations staff involved in the creation and management of end user accounts, as well as for abuse-desk personnel who deal with the repercussions of compromised end user accounts.

Special thanks to my colleagues at M3AAWG for the many hours they contributed to this work. We highly recommend utilizing these documents to manage a more secure email ecosystem.

For more information, email eig-blog at returnpath dot com.


Popular this Month

 Video in Email: Is It Right For Your Business? (Part 1)

Video in Email: Is It Right For Your Business? (Part 1)

Video in email is nothing new. Marketers have been using some form of video...

Read More

 [New Research] Are These Hidden Metrics Harming Your Deliverability?

[New Research] Are These Hidden Metrics Harming Your Deliverability?

Reaching the inbox is not as simple as hitting send. Once a message is...

Read More

 What Job Is Your Subscriber Hiring Your Email To Do?

What Job Is Your Subscriber Hiring Your Email To Do?

Over the last 16 years, I’ve worked as a product manager, run product...

Read More

Author Image

About Christine Borgia

As Senior Director of Data Support, Christine ensures that Return Path's employees, customers, and consumers are able to get the answers they need about our data and data sources. Prior to joining Return Path, Christine spent seven years fighting spam for AOL where she led a team of content filtering and IP reputation experts. Connect with her on Twitter @christineborgia or at linkedin.com/in/christineborgia.

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.