Enterprise security

Industry-leading security and compliance

Phenomenal enterprise email sending starts with top-notch security, and our commitment to your data privacy goes beyond simple encryption.

Talk to an email expert

Secure email API with HIPAA, CCPA, PCI, ISO 27001, and GDPR compliance for data protection

Over 150,000 companies are building great apps and email programs with Mailgun

List of different compliances over data on screen

Protect your data and customers

Privacy is paramount to customers of your business, which is why we strive towards leading the way for compliance and security in email.

Looking for additional compliance standards or looking for our DPA? Our security portal has a comprehensive list of all our data practices, protections, and compliance standards across the Sinch Email portfolio.

SOC types I & II certified
GDPR compliant
HIPAA compliant
ISO 27001 certified
PCI-compliant SAQ-A merchant

Talk to an email expert

Explore our security portal

Mailgun for Enterprises

Let’s Talk Email

IdP credentials with SAML provider logos

Application and account security

Keeping your account secure is one of our highest priorities, and we're continually iterating on existing and new security measures to keep your accounts safe.

2-Factor Authentication (2FA)
SAML authentication
AES-256 encryption-at-rest for all customer data
Encryption via TLS and HTTPS
Account lockdown for suspected compromise
Critical security-based log retention for 365 days
Third-party bug bounty program
Daily account data back-ups with incremental/point-in-time encrypted recovery on all primary databases
Intrusion detection systems (IDS) in place to detect unauthorized account access

Explore our security portal

Account and systems access control

1. Responsibilities

Different team members have various responsibilities related to your email sending, and limited access mitigates the risk of something occurring on your account. Administrative access to Mailgun systems and services follows the principle of lease privilege. Access to systems is based on job roles and responsibilities.

2. Individual access

Alongside these user roles, Sinch Mailgun utilizes individually identifying usernames that are not permitted to be shared or reassigned to another person. Account onboarding and offboarding processes are well documented and followed to ensure proper account access by internal and external systems.

3. Security

This attention to security applies to our internal systems as well, with VPN and multi-factor authentication being used to access internal support tools and product infrastructure.

Regular patching and maintenance

Sinch Mailgun's patch management process ensures that all of our systems go through a patch at least once a month. Monitoring, alerting, and routine vulnerability scanning occur to ensure that all product infrastructure runs smoothly after all patches.

When necessary, Mailgun can patch infrastructure in an expedited manner in response to the disclosure of critical vulnerabilities.

Talk to an email expert

Sinch Email enables the creation of thoughtful communications experiences

Integrate in minutes

Mailgun’s RESTful APIs make adding emails to your business a breeze. Let your development team pick their languages of choice and start sending.

Empower effortless template creation

Users can create responsive, beautiful templates all from your application with Mailjet’s Email Editor through Mailjet Embedded.

Test your customers’ email templates

With previews on over 100+ clients and devices, Email on Acid helps you make certain your message displays as intended—in every inbox.

Expand your communications offerings

Send personal, secure messages directly to your customers on their favorite channels, with cloud-based messaging services from Sinch.

Utilize actionable insights

Spend less time monitoring your reputation and email performance by having an Mailgun Optimize expert proactively track your email program.

Add a personal touch

Create a customizable video or voice chat experience in mobile, web, or desktop applications to build deeper connections with your customer base.

Reporting abuse

If you've received spam from a Mailgun customer, or suspect that a customer is in violation of our Acceptable Use Policy; the best way to inform us is to report it to abuse@mailgun.com with full email headers included.

Our security and compliance teams will take a look as soon as possible to determine the best course of action.

Are you ready to transform your email strategy?

Microsoft, Wikipedia, and American Express trust Mailgun Enterprise with their email programs.

Contact sales

Schedule a demo

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
Cookie Statement

Strictly Necessary Cookies (always active)

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Cookie details

Cookie Subgroup	Cookies	Cookies used
documentation.mailgun.com	_cfuvid , __cfruid	First Party
.mailgun.com	OptanonConsent	First Party
mailgun.com	actualOptanonConsent , apt.sid , OptanonAlertBoxClosed , mail_session	First Party
app.mailgun.com	connect.sid , SERVERID	First Party
hello.mailgun.com	uvts , __cf_bm	First Party
m.stripe.com	m	Third Party

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Cookie details

Cookie Subgroup	Cookies	Cookies used
hello.mailgun.com	ubpv , ubvs	First Party
dev.mailgun.com	_an_uid	First Party
app.mailgun.com	rl_page_init_referring_domain , rl_anonymous_id , rl_group_trait	First Party
mailgun.com	_vwo_ds , test_rudder_cookie , _vis_opt_s , rl_group_id , rl_user_id , _ga , rl_session , rl_page_init_referrer , ubvt , _vwo_uuid , apt.uid , optimizelyEndUserId , _gat , _vwo_sn , _ga_xxxxxxxxxx , _gid , _uetvid , _vis_opt_test_cookie	First Party
hello.learn.mailgun.com	visitor_id	Third Party

Functional Cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Cookie details

Cookie Subgroup	Cookies	Cookies used
hello.mailgun.com	_gd_session	First Party
mailgun.com	__q_state_zkTi4FmbUJniF8K2 , _vwo_uuid_v2 , apt.temp-xxxxxxxxxxxxxxxxxx , __tld__	First Party
demo.mailgun.com	_gd_visitor	First Party
dev.mailgun.com	_pin_unauth , __uvt	First Party
app.mailgun.com	__stripe_mid , __stripe_sid	First Party
mailgun.zendesk.com	_cfuvid, __cf_bm, __cfruid	Third Party
vimeo.com	_cfuvid, __cf_bm, vuid	Third Party
producthunt.com	__cf_bm	Third Party
goldcast.io	__cf_bm	Third Party

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Cookie details

Cookie Subgroup	Cookies	Cookies used
www.mailgun.com	pardot	First Party
app.mailgun.com	rl_trait	First Party
hello.mailgun.com	visitor_id	First Party
mailgun.com	_gat_gtag_xxxxxxxxxxxxxxxxxxxxxxxxxxx , _uetsid , _fbp , _tt_enable_cookie , _ttp , _rdt_uuid , __q_domainTest , _gcl_au	First Party
linkedin.com	bcookie, lidc, li_gc	Third Party
pi.pardot.com	pardot, lpv830283	Third Party
bing.com	MSPTC, MUID	Third Party
hello.learn.mailgun.com	pardot	Third Party
pardot.com	visitor_id	Third Party
doubleclick.net	IDE, test_cookie	Third Party
youtube.com	VISITOR_PRIVACY_METADATA, VISITOR_INFO1_LIVE, __Secure-xxxxxxx	Third Party
www.google.com	_GRECAPTCHA	Third Party

Social Media Cookies

These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Cookie details

Cookie Subgroup	Cookies	Cookies used
youtube.com	YSC	Third Party