Security, Privacy & Compliance
Security and privacy that match the trust your email carries.
Email is the front door of your business. The infrastructure behind it should be governed, monitored, and honest about how it handles your data.
We never read message content
Egressif does not read message content. We do not store message bodies for delivery, and where we host mailboxes their contents are stored only to provide the mailbox service. Content is excluded from our operational tooling, human access requires your explicit approval, a security investigation, or a legal order, and every administrative access is logged. For clients whose rules demand more than commitments, we build dedicated infrastructure in their environment and hand over the keys.
Owned network and IP space
We operate our own ASN and IP space and run a resilient, multi-node mail server cluster designed for high availability. Your mail does not depend on infrastructure we can’t see into.
SOC 2-certified datacenters, SOC 2 principles applied
Our infrastructure runs in SOC 2-certified datacenters, and we apply SOC 2 principles across our own stack: encryption in transit and at rest where applicable, least-privilege access, MFA, key management, and continuous monitoring. Egressif itself is not SOC 2 certified, and we will not imply otherwise.
Least-privilege integrations
When you connect Google Workspace or Microsoft 365, we request only the permissions needed for domain and mailbox administration. Tokens are encrypted at rest and deleted after revocation.
Responsible use, enforced
We maintain and enforce a clear acceptable-use policy. Unsolicited bulk email, purchased or harvested lists, and deceptive sending are prohibited across our network. That protection is part of why mail from Egressif is trusted.
Standards we operate to
We operate to mailbox-provider sender requirements, including Gmail, Yahoo, and Microsoft bulk-sender rules. We hold minimal personal data (delivery metadata, not message content), and your data is processed in the US. You remain the controller and sender of your mail and own your regulatory obligations; we keep our side minimal and honest.
Incident commitment
Material security incidents affecting the services or client data we process are reported without undue delay, and in any event within seventy-two (72) hours, including known scope and remediation steps.
Abuse reports, DNC and DNP: honored
Abuse reports are investigated and acted on promptly (report via our Report Abuse page or abuse@egressif.io). Do-not-contact (DNC) and do-not-prospect (DNP) requests are enforced as suppression at the delivery gate itself, beneath every client application, so an honored request cannot be overridden by an upstream mistake.
Visibility, drawn
What our systems see. What they never touch.
Operational visibility
- · configuration and DNS state
- · delivery events and server responses
- · authentication results (SPF / DKIM / DMARC)
- · aggregate logs, metrics, account status
Exactly what running the infrastructure requires. Nothing more.
Outside our tooling
- · message bodies and attachments
- · mailbox contents
- · behavioral profiles of recipients
Human access to operational systems happens only with your approval, for a security investigation, or under legal order. Every access is logged and attributable.
When something goes wrong
Incidents get worked, not spun.
No infrastructure provider gets to promise zero incidents, and you should distrust any that does. What we commit to is the response: material incidents affecting your services or data are reported without undue delay and within 72 hours, with known scope and remediation steps rather than reassuring vagueness. Internally, every incident gets a root-cause review, because a fix that doesn't address the cause is a scheduled repeat. If you have ever read a vendor postmortem that managed to say nothing, you know exactly what we are promising not to write.
Infrastructure
The foundation under the promises.
Our own network and IP space
We run our own ASN and control our own IP ranges. Your sending reputation lives on infrastructure we govern directly, not on a rented corner of somebody else’s network.
A resilient, multi-node cluster
Mail flows through a multi-node cluster of mail servers built for high availability. A node can fail. Delivery keeps going.
End-to-end ownership
We own and operate the stack from the network up: ASN, IP space, DNS, mailboxes, and the operating layer that decides and acts. Where a client keeps a third-party provider, it runs as a path under our routing rather than a hidden dependency. Fewer seams, faster fixes, one team answering for the outcome.
API access across the platform
Manage domains, mailboxes, and sending programmatically, and consume delivery events the same way. The API keeps expanding to cover more of the platform, so Egressif fits into your systems instead of forcing you into ours.
Security taken seriously
We build on SOC 2-certified datacenters, encrypt data in transit and at rest where applicable, and enforce least-privilege access with MFA. We do not read your message content, and access controls plus logging keep it that way.
Deliverability best practices
We follow the RFCs and provider postmaster guidance closely, and implement ahead of enforcement: SPF, DKIM, DMARC alignment, TLS, reverse DNS, and whatever the providers demand next, already in place before they demand it.
FAQ
What your security reviewer will ask.
Are you SOC 2 certified?
Not certified today, and we will not imply otherwise. Our infrastructure runs in SOC 2-certified datacenters, and we apply SOC 2 principles across our own stack: least-privilege access, MFA, encryption in transit and at rest where applicable, audit logging, continuous monitoring. Certification of Egressif itself is not on the roadmap right now; if that matters for your procurement, ask and you will get a current, honest answer.
Can you send what our review needs to start?
Yes. Ask and we will send our security overview, our infrastructure and sub-processor details (we run on Google Cloud in the US), and answer a questionnaire. Reports get a human, not an autoresponder.
How do you handle a security incident that affects us?
Notification without undue delay and within 72 hours, including what we know about scope and what we are doing about it. Then continued updates as facts develop, and a root-cause review when it is resolved. You will never learn about an incident affecting your data from a news article first.
Who at Egressif can access our configuration?
Operational access is least-privilege and role-scoped, protected by MFA, and every administrative action is logged with who, what, and when. Message content sits outside operational tooling entirely; human access requires your approval, a security investigation, or a legal order, and is logged in all cases.
Can we report a vulnerability?
Yes, and please do: security contact details are published at /.well-known/security.txt per RFC 9116. Reports get a human response, not an autoresponder. We take good-faith research seriously and will not lawyer up at people helping us.
What keeps a bad actor from sending through your network?
Vetting before onboarding, recognized email standards enforced on every sender, layered suppression including DNC, DNP and abuse lists at the delivery gate, per-sender rate containment, and a monitoring layer watching for anomalies. Abuse reports go to abuse@egressif.io or the Report Abuse page and are investigated promptly. The network stays trusted because we spend effort keeping it that way.
Related reading
Compliance and security references
Questions about security or compliance?
Talk to us. We'll answer plainly, including the things vendors usually dodge.