Security & Compliance

At Mailzan, security is integral to our infrastructure design. We implement industry-leading protocols to protect tenant workspaces, custom domains, and raw parsed data pools.

1. Multi-Tenant Data Isolation

All database queries are scoped strictly by tenant IDs. Tenants cannot access, read, or list resources (domains, mailboxes, API keys, usage logs, or emails) belonging to other companies. Row-level filters are enforced at the application tier.

2. Hashed Credentials & API Keys

User passwords are encrypted using high-entropy bcrypt hashing algorithms. API keys are generated as secure cryptographic tokens and stored in the database using one-way SHA-256 hashes, ensuring they cannot be leaked in plaintext if a database compromise occurs.

3. Automated Email TTL & Data Purging

To prevent data accumulation, all received temporary emails have an automatic Time-To-Live (TTL) expiration configuration. Background workers run hourly tasks to completely erase expired email rows and their attachments from our database nodes.

4. Security Headers & CSRF Protection

We deploy Helmet security protocols to enforce Content Security Policy (CSP), prevent clickjacking, block MIME sniffing, and validate cross-site request forgery (CSRF) tokens for all mutating dashboard actions.