Mailgun’s Commitment to Security and Compliance

Security has been one of Mailgun’s largest priorities since our founding, and to this day, we strive to provide the best sending experience for our customers. Great email sending starts with top-notch security, and our commitment to your data privacy goes beyond simple encryption.

To provide you with the best security experience possible, Mailgun has partnered with an industry-leading cloud server provider. Alongside this, Mailgun is SSAE-16 SOC I & II certified, as well as GDPR and HIPAA compliant based on customer requirements.

In the coming years, we aim to add more compliances to our security certifications in a continued effort to provide the best and safest environment for our customers.

Keeping your account secure is one of our highest priorities, and we’re continually iterating on existing and new security measures to keep you safe.

• 2-Factor Authentication (2FA) enabled for all accounts
• SAML authentication Single Sign-On (SSO) support available soon
• Encryption via TLS and HTTPS
• Account lockdown for suspected compromise
• Third-party bug hunts to test the integrity of our services and security

Your privacy is important to use, and we never share your private information with unauthorized third-parties or sell your email addresses. For more information regarding your data privacy, please refer to our privacy policy.

Bad actors will always find a way, but we want to do everything we can to remove them as soon as possible. If you’ve received spam from a Mailgun customer, or suspect that a customer is within violation of our Acceptable Use Policy; the best way to inform us is to report it to abuse@mailgun.com.

When you report abuse, please send us the full email headers of the spam message to more quickly process your request and clean up our email stream. Our security and compliance teams will take a look as soon as possible to determine the best course of action.