The Messaging Anti-Abuse Working Group (MAAWG), which counts major ISPs and email security companies among its roster of members, will be used as an avenue for companies to share the results of testing emerging email standards, according to group director Jerry Upton.
Sender Policy Framework, Sender ID and Client SMTP Validation will be implemented and tested by members, and certain raw data will be shared with others, Upton said. Crypto-based specs including DomainKeys will also be tested.
Members discussed the practice of blocking traffic coming from Internet subscribers on port 25, the port used in SMTP email, as a means to prevent worms and spam being sent from compromised subscriber PCs.
There’s a consensus that it is a very useful thing to do. There’s a paper being put together on this, and we’ll see that moving forward fairly quickly, he said. The paper will also deal with notifying users in order to not disrupt legitimate usage, he said.
Several ISPs have already implemented this measure. As a rule of thumb, subscribers of residential cable or DSL services don’t have SMTP servers running on their PCs, unless that server was installed by a mass-mailing worm.
The port-blocking paper will be prepared separately to a broader best practices paper that is currently circulating among MAAWG members. That paper will be published when members have agreed upon its finer points.
The talks also attracted a representative of the Trusted Electronic Communications Forum, a group focused on phishing from the perspective mainly of its corporate victims. Membership includes many banks and e-commerce firms.
Upton said there was an effort to encourage greater cooperation between the two sides. If banks cooperated with operators on how to spot these things, they maybe could start cutting them off before they reach the users, he said.
Phishing attacks are the latest scourge of the Internet, spam that spoofs the look and feel of a legitimate company in order to trick the user into handing over sensitive information such as account numbers and passwords, which are then used in further fraud.
The three-day MAAWG meeting, held in Atlanta, attracted 150 participants, which Upton said was not bad given that it coincided with the presidential election. The next general meeting will be held March 1 through 3 next year.
