Home / Blogs

M3AAWG & i2Coalition Collaborate on Best Practices on Anti-Abuse in Hosting & Cloud Environments

I am excited to announce the recent release of the industry first Best Common Practices document for Cloud and Hosting providers for addressing abuse issues that was created by M3AAWG and the i2Coalition. M3AAWG has been collaborating with the Best Practices Working Group of the i2Coalition over the past 2 years to discuss ways to solve malicious activity within hosting and cloud ecosystems. The result of these efforts is the M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers which was published in March.” I am proud to have been part of this document as one of its drafters and as a member of both the i2Coalition and M3AAWG through my employment at Rackspace.

The Messaging, Mobile & Malware Anti-Abuse Working Group (M3AAWG) has been working to combat spam, phishing, denial of service attacks, mobile spam and other forms of abuse since early 2004. M3AAWG represents over a billion mailboxes and 200 companies among its global membership.

The Internet Infrastructure Coalition (i2Coalition) focuses on education and advocacy for the companies that build the Internet above the telco layer. i2Coalition fights for a free and open Internet and works with groups like M3AAWG to make sure that they have the resources and insights necessary to make the Internet a better, safer place.

The collaboration between M3AAWG and the i2Coalition was a natural and important fit in creating a best practices document from inception to its release. System abuse is an enormous challenge on the internet, and it has become an increasing issue with hosting providers as malicious parties have gone from ISPs to the hosted space with new and different ways of exploiting vulnerabilities in the Internet’s infrastructure and customer environments.

The primary goals of the document is to provide cloud and hosting companies with guidelines for prevention, detection, identification, and remediation of of abuse issues on their networks. The document is written to apply to a wide range of companies in the hosting industry from a multi-national to small local hosting companies. This document will be continually evolving as the threat landscape and the methods of exploiting hosting companies and their customers changes.

M3AAWG and the i2Coalition encourage all web hosting providers to read this document, share it and put it into action.

By Matthew Stith, Anti-Abuse Specialist

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign


Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API