As we worked on our Best Practices for Web Hosting Providers, a common refrain we heard was, “What about best practices for reporting badware URLs?” So, we pulled together another great working group and started figuring out what elements make a report of a badware URL most likely to get the URL cleaned up or taken down. After several virtual meetings, we have a draft to share with you for your feedback.
Download the draft as a Word doc (.docx) or as a PDF.
We welcome any feedback you have on this draft. In particular, we’re interested in thoughts on the following:
- Are there better ways to identify the proper targets of the reports than those outlined in Practice 2?
- Are there other critical pieces of information that could be included in the list in Practice 3?
- Do you have suggestions for other escalation parties and/or guidance in Practice 5?
- Are the sample notifications in the appendix easy enough to follow? Is there anything you would change about the format?
- Should we also recommend an XML data format for reporting? If so, should it be based on an existing standard like IODEF, the Malware Metadata Exchange Format, the Mail Abuse Reporting Format, or something similar? Which one, and how would you recommend simplifying otherwise complex formats for the relatively simple job of reporting malware URLs for takedown/cleanup?
We would appreciate your feedback here in the comments or via email to contact\at\stopbadware\dot\org by Friday, September 16.
