SecureMailer powers transactional email for thousands of businesses—with industry-leading deliverability, GDPR/CAN-SPAM compliance, and AWS-grade reliability built in from day one.
Built for developers and growth teams who can't afford email failures. Reliable, secure, and compliant by design.
Dedicated IPs, warm-up automation, and reputation management ensure your emails reach the inbox—not the spam folder.
One-click DKIM signing, SPF record generation, and DMARC policy management protect your domain reputation automatically.
Track opens, clicks, bounces, and complaints in real-time. Export reports or pipe data to your warehouse via webhooks.
Integrate in minutes with our REST API or drop-in SMTP relay. SDKs for Node.js, Python, PHP, Ruby, and Go.
No complex configuration. SecureMailer handles the infrastructure so your team can focus on building great products.
Sign up, add your sending domain, and our system walks you through DNS record configuration. DKIM, SPF, and DMARC—handled automatically with step-by-step validation.
Grab your API key, install our SDK, or plug in your SMTP credentials. Your first test email is one curl command away. Full documentation available from day one.
Watch delivery metrics in real time from your dashboard. Set up bounce handling, configure suppression lists, and scale to millions with zero infrastructure management.
From early-stage startups to enterprise deployments, SecureMailer powers email for companies that can't afford inbox failures.
Join thousands of businesses that trust SecureMailer for their most important communications. No credit card required for the Starter plan.
We believe businesses deserve email infrastructure that's reliable, transparent, and compliant without compromise. That's why we built SecureMailer.
SecureMailer was founded in Wilmington, Delaware with a single purpose: to provide American businesses with email infrastructure that is not only fast and reliable, but built on an ethical foundation that protects both senders and recipients.
The email ecosystem suffers from bad actors—spammers, phishers, and bad-faith marketers who degrade inbox trust for everyone. Our platform is designed from the ground up to make compliant email sending easy and non-compliant sending impossible.
Every account we create, every email we send, and every feature we build is evaluated against one question: does this make email better or worse for the world?
SecureMailer, Inc. is incorporated in Delaware and operates infrastructure in AWS US-East-1 and US-West-2 regions. All customer data is stored within the United States.
Our platform runs on Amazon Web Services, leveraging Amazon SES for high-throughput sending, EC2 for processing, RDS for data, and CloudWatch for observability.
CAN-SPAM Act compliance, GDPR data processing agreements, mandatory unsubscribe mechanisms, and double opt-in workflows are built into the platform—not bolted on.
We protect both sides of every email. Senders get tools to maintain domain reputation. Recipients are protected by mandatory unsubscribe links, suppression lists, and abuse monitoring.
We publish our sending policies, compliance standards, and acceptable use guidelines publicly. Our status page shows real-time performance. No hidden terms, no surprise restrictions.
Spam, phishing, malware distribution, and purchased-list campaigns result in immediate account termination. We actively cooperate with abuse.net, Spamhaus, and law enforcement.
Our deliverability team monitors inbox placement across all major ISPs daily. When Gmail or Outlook changes filtering rules, our customers benefit from proactive adaptation.
Former VP of Infrastructure at SendGrid. 14 years building email systems at scale. Delaware native.
AWS certified architect. Led email infrastructure for Fortune 100 clients. Specialist in deliverability and IP reputation systems.
Attorney specializing in digital communications law. CAN-SPAM and GDPR compliance expert. Former FTC staff counsel.
Start with 10,000 free emails per month. No credit card required.
SecureMailer provides a complete email infrastructure suite—from raw SMTP relay to advanced analytics and template management.
Plug SecureMailer into any application that supports SMTP. Get dedicated IP addresses, automatic warm-up scheduling, and per-domain reputation tracking without any code changes.
Our JSON-based REST API lets you send emails, manage templates, retrieve analytics, and configure domain settings—all programmatically. Webhook delivery for real-time events.
Monitor every email in real time. Track delivery, opens, clicks, bounces, and complaints with millisecond precision. Identify deliverability issues before they affect your reputation.
Hard bounces and spam complaints are automatically processed and added to your suppression list within seconds. SecureMailer prevents re-sending to invalid addresses so your domain reputation stays pristine.
Pay only for what you send. All plans include our full compliance suite, DKIM/SPF setup, and real-time analytics.
No credit card required
No credit card for trial
Response within 1 business hour
Whether you're evaluating SecureMailer or need support, our team is here to help.
Effective Date: January 1, 2025 | Last Updated: June 15, 2025
SecureMailer, Inc. ("SecureMailer," "we," "us," or "our") is committed to protecting the privacy of our customers, end-users of customer applications, website visitors, and anyone else whose personal data we process. This Privacy Policy describes what personal information we collect, why we collect it, how we use and protect it, and the rights you have over that information.
By accessing or using the SecureMailer platform at securemailer.us or any associated services, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.
When you register for an account, purchase a subscription, contact our support team, or otherwise interact with us, we collect information including but not limited to: your name, business email address, company name, billing address (including state and country), payment information (processed by Stripe, Inc. — we do not store raw card data), and any communications you send us.
When you use our platform or visit our website, we automatically collect certain technical data including: IP address, browser type and version, operating system, referring URLs, pages viewed, time and date of access, device identifiers, and API usage metrics. This data is collected through cookies, web beacons, server logs, and similar tracking technologies.
As part of providing our email delivery service, we necessarily process data contained in the emails you send through our platform. This includes recipient email addresses, message headers, metadata, and delivery status information. We process this data solely to provide the email delivery service and do not use it for advertising or profiling purposes.
We may receive information about you from third-party services including payment processors, identity verification providers, and publicly available business registries for the purpose of fraud prevention and compliance verification.
We use personal information we collect for the following purposes:
We do not sell your personal information to third parties. We do not use email content you send through our platform for marketing or advertising to third parties.
SecureMailer shares personal data with third parties only in the following circumstances:
We retain personal account data for the duration of your active relationship with SecureMailer and for up to 90 days after account closure, unless a longer retention period is required by law. Email delivery logs and analytics data are retained for 30 days (Starter), 90 days (Growth), or custom periods (Enterprise). After the applicable retention period, data is securely deleted or anonymized.
Depending on your jurisdiction, you may have the following rights regarding your personal data:
To exercise any of these rights, contact us at privacy@securemailer.us. We will respond to verified requests within 30 days.
SecureMailer implements industry-standard security measures to protect your personal data, including: TLS 1.3 encryption in transit, AES-256 encryption at rest for sensitive data, access controls and role-based permissions for all staff, multi-factor authentication requirements for employee systems, regular third-party security audits and penetration testing, and AWS infrastructure security features including VPC isolation and CloudTrail logging.
Despite these measures, no system is completely secure. We encourage you to use strong, unique passwords and to contact us immediately if you suspect unauthorized access to your account.
SecureMailer stores all customer data in the United States on AWS infrastructure (US-East-1 and US-West-2 regions). If you are located outside the United States, your data will be transferred to and processed in the US. For transfers from the European Economic Area (EEA), we rely on Standard Contractual Clauses (SCCs) as the legal mechanism. Our Data Processing Addendum (DPA) is available to all customers upon request.
The SecureMailer platform is intended for businesses and individuals aged 18 and over. We do not knowingly collect personal information from individuals under the age of 13. If we discover that a child under 13 has provided us with personal information, we will delete such information immediately. If you believe a child has submitted data to us, contact us at privacy@securemailer.us.
For individuals in the European Economic Area (EEA) or United Kingdom, SecureMailer acts as a data controller for account and billing data, and as a data processor for email content and recipient data transmitted through our platform. Our legal bases for processing include: performance of a contract (service delivery), legitimate interests (fraud prevention, security, product improvement), compliance with legal obligations, and consent where explicitly obtained.
SecureMailer's platform enforces CAN-SPAM Act compliance for all commercial email sent through our systems. This includes: mandatory physical address inclusion, clear sender identification, functional unsubscribe mechanisms processed within 10 business days, and prohibition on deceptive subject lines. Our platform also supports CASL compliance features for customers sending to Canadian recipients.
We reserve the right to update this Privacy Policy at any time. We will provide notice of material changes via email to the address on your account and by posting an updated effective date on this page. Continued use of our services after any change constitutes acceptance of the updated policy.
For privacy-related inquiries, data subject requests, or to reach our Data Protection Officer:
SecureMailer, Inc.
Attn: Privacy Officer
123 Market Street, Suite 400
Wilmington, DE 19801
United States
Email: privacy@securemailer.us
Phone: +1 (302) 555-0147
Effective Date: January 1, 2025 | Last Updated: June 15, 2025
These Terms of Service ("Terms") constitute a legally binding agreement between you or the entity you represent ("Customer," "you," or "your") and SecureMailer, Inc. ("SecureMailer," "we," "us," or "our"). By creating an account, accessing, or using the SecureMailer email delivery platform and related services ("Services"), you agree to be bound by these Terms in their entirety.
IF YOU DO NOT AGREE TO THESE TERMS, DO NOT CREATE AN ACCOUNT OR USE OUR SERVICES.
You must be at least 18 years of age and have the legal authority to bind the entity on whose behalf you are using the Services. By registering an account, you represent and warrant that: (a) all registration information you provide is accurate and complete; (b) you will maintain the accuracy of such information; (c) you are authorized to bind any entity on whose behalf you create an account; and (d) your use of the Services does not violate any applicable law.
You are responsible for maintaining the confidentiality of your API keys and account credentials. SecureMailer is not liable for any unauthorized access to your account resulting from your failure to secure your credentials. You must notify us immediately at security@securemailer.us if you suspect unauthorized access to your account.
SecureMailer provides a cloud-based email infrastructure platform including transactional email delivery via REST API and SMTP relay, email template management, delivery analytics, bounce and complaint handling, domain authentication (DKIM, SPF, DMARC), suppression list management, and webhook event delivery. Services are provided on an "as is" and "as available" basis.
You may use the Services only for lawful purposes and in accordance with these Terms and our Acceptable Use Policy. Permitted uses include: sending transactional emails (OTP, password reset, account notifications, order confirmations, receipts); sending account-triggered notifications; sending marketing emails to recipients who have provided express, verifiable opt-in consent; and testing and development in non-production environments.
The following uses are strictly prohibited and will result in immediate account suspension or termination without refund:
SecureMailer reserves the right to determine, in its sole discretion, what constitutes a violation of this section.
SecureMailer commits to a monthly uptime target of 99.97% for the Growth and Enterprise plans as measured by our internal monitoring systems, excluding scheduled maintenance windows of which at least 48 hours advance notice will be provided. In the event of an uptime failure below the committed level, eligible customers will receive service credits per the following schedule: 99.5%–99.97%: 5% credit; 99.0%–99.49%: 10% credit; below 99.0%: 25% credit. Credits are applied to the next billing cycle and are the sole remedy for uptime failures. The Starter (free) plan carries no uptime commitment.
Paid subscription fees are billed in advance on a monthly basis. Overage charges for emails exceeding plan limits are billed in arrears at the end of each billing cycle. All fees are in US dollars and are non-refundable except as expressly stated herein. SecureMailer reserves the right to change pricing with 30 days' written notice to your account email address. Failure to pay may result in service suspension. Accounts not paid within 15 days of the due date may be terminated.
SecureMailer retains all rights, title, and interest in the platform, software, APIs, documentation, and all associated intellectual property. These Terms do not grant you any rights in SecureMailer's trademarks or logos. You retain ownership of your email content and customer data.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SECUREMAILER'S TOTAL CUMULATIVE LIABILITY TO YOU ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICES SHALL NOT EXCEED THE GREATER OF (A) THE FEES PAID BY YOU TO SECUREMAILER IN THE THREE MONTHS IMMEDIATELY PRECEDING THE CLAIM OR (B) ONE HUNDRED US DOLLARS ($100). SECUREMAILER SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS, LOST DATA, OR BUSINESS INTERRUPTION, REGARDLESS OF THE THEORY OF LIABILITY.
You agree to indemnify, defend, and hold harmless SecureMailer, its officers, directors, employees, and agents from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from: (a) your use of the Services; (b) your violation of these Terms; (c) your violation of any applicable law; (d) any content you transmit through the Services; or (e) your infringement of any third-party rights.
Either party may terminate these Terms for any reason with 30 days' written notice. SecureMailer may terminate or suspend your access immediately and without notice if you violate these Terms, our Acceptable Use Policy, or any applicable law. Upon termination, your right to access and use the Services immediately ceases. SecureMailer may retain data as required by law or our data retention policy.
These Terms are governed by and construed in accordance with the laws of the State of Delaware, without regard to conflict of law principles. Any dispute arising from or relating to these Terms shall be resolved exclusively in the state or federal courts located in New Castle County, Delaware. You consent to personal jurisdiction in such courts. Notwithstanding the foregoing, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent irreparable harm.
SecureMailer reserves the right to modify these Terms at any time. Material changes will be communicated via email to your registered address at least 14 days prior to the effective date. Your continued use of the Services after the effective date constitutes acceptance of the updated Terms.
SecureMailer, Inc. | 123 Market Street, Suite 400 | Wilmington, DE 19801
legal@securemailer.us | +1 (302) 555-0147
Effective Date: January 1, 2025 | Last Updated: June 15, 2025
This Acceptable Use Policy ("AUP") governs all use of SecureMailer, Inc.'s email infrastructure services. By using our platform, you agree to comply fully with this AUP. Violations will result in immediate enforcement action up to and including permanent account termination and referral to appropriate authorities.
SecureMailer is committed to providing a trusted email infrastructure platform. To maintain the deliverability, reputation, and integrity of our systems and to protect email recipients worldwide, we require all customers to adhere strictly to this policy. This AUP supplements our Terms of Service and Privacy Policy.
Sending unsolicited bulk email or commercial messages ("spam") is strictly prohibited. This includes: sending to any recipient who has not provided explicit, verifiable, opt-in consent to receive communications from you; sending to email addresses obtained by harvesting, scraping, purchasing, renting, trading, or borrowing; sending to role-based addresses (e.g., info@, webmaster@, admin@) without express consent; and sending the same or substantially similar message to large numbers of recipients without individualized consent.
Strictly prohibited: creating or sending emails that impersonate any person or entity; using misleading or deceptive headers, subject lines, or "From" addresses; operating phishing campaigns or credential harvesting; and any form of email fraud, including advance-fee fraud, lottery scams, or employment fraud.
Prohibited: distributing viruses, worms, trojans, ransomware, spyware, or any malicious software via email; sending emails designed to exploit security vulnerabilities; transmitting code or scripts designed to harm recipients' systems; and distributing content that facilitates the unauthorized access to computer systems.
Any content that violates US federal law, Delaware state law, or the laws of the recipient's jurisdiction is prohibited, including: child sexual abuse material (CSAM) or any content sexualizing minors; content promoting, facilitating, or inciting violence or terrorism; content violating copyright, trademark, or other intellectual property rights; and content related to illegal drug trafficking or arms dealing.
Prohibited: sending threatening, harassing, or abusive emails to any individual; targeted harassment campaigns; doxxing or distributing private personal information without consent; and stalking or unwanted surveillance-facilitation.
All email lists used with SecureMailer must meet the following standards:
SecureMailer monitors complaint rates in real time. Accounts that exceed the following thresholds will be subject to automatic send throttling or suspension:
These thresholds align with Google Postmaster Tools guidelines and Amazon SES complaint rate requirements.
Depending on the severity and nature of a violation, SecureMailer may take any or all of the following enforcement actions:
SecureMailer takes abuse reports seriously. If you have received spam or other abusive email originating from our platform, please report it to abuse@securemailer.us with the full email headers. We investigate all credible reports within 24 business hours and take appropriate action. We cooperate fully with ISP postmasters and anti-spam organizations.
You are responsible for all email sent through your SecureMailer account, including email sent by third-party applications using your API credentials. You must ensure any sub-users, employees, or contractors who access your account understand and comply with this AUP. Ignorance of your recipients' consent status is not a defense.
You may not resell, sublicense, or provide access to SecureMailer's services to third parties without entering into an explicit reseller or white-label agreement with SecureMailer. Unauthorized reselling violates these Terms and may result in termination of all associated accounts.
SecureMailer reserves the right to update this AUP at any time. We will notify active customers of material changes via email with at least 14 days' advance notice.
For questions about this AUP: legal@securemailer.us
To report abuse: abuse@securemailer.us
SecureMailer, Inc. | 123 Market Street, Suite 400 | Wilmington, DE 19801
SecureMailer enforces strict anti-spam standards at the infrastructure level. Compliance isn't optional — it's automatic.
SecureMailer enforces a strict opt-in only policy for all marketing and commercial email campaigns. Sending to purchased lists, scraped addresses, or any recipient who has not explicitly consented is grounds for immediate account termination.
Our platform does not permit cold outreach campaigns. All marketing sends must originate from verified opt-in consent obtained by the account holder.
Our platform natively supports double opt-in (DOI) workflows. When enabled, new subscribers receive a confirmation email before being added to your active list. This dramatically reduces bounce rates, complaint rates, and list quality issues.
Double opt-in is required for all marketing campaigns exceeding 50,000 sends per month and is strongly recommended for all marketing use cases.
SecureMailer monitors complaint rates in real-time through ISP feedback loops with Gmail, Yahoo, Hotmail/Outlook, and other major providers. Complaint data is surfaced to your dashboard within minutes of receipt.
Accounts approaching Google's 0.10% complaint rate threshold are automatically warned and throttled. Accounts exceeding 0.30% are suspended pending review.
All hard bounces, spam complaints, and unsubscribe requests are immediately added to your suppression list and honored on all future sends. SecureMailer maintains a global cross-account suppression list to protect our shared infrastructure.
You can manage, import, and export suppression lists via the API or dashboard. SecureMailer will never allow you to send to a suppressed address.
SecureMailer's email delivery infrastructure is built on Amazon Simple Email Service (SES), the same email platform trusted by Amazon.com and AWS customers globally. We operate in Amazon SES Production Access status, which requires demonstrated compliance with all anti-spam standards.
Our account operates under Amazon SES Production Access, subject to SES sending limits and complaint policies. We maintain a complaint rate well below the 0.10% SES threshold.
We operate in AWS US-East-1 (N. Virginia) and US-West-2 (Oregon) with automatic failover to ensure continued delivery during regional disruptions.
Amazon SNS notifications are processed in real time to update suppression lists within seconds of a bounce or complaint event from any major ISP.
Sign in to your account to access your dashboard
| Message ID | Recipient | Subject | Template | Sent At | Status |
|---|---|---|---|---|---|
| msg_3kXa9P... | j.smith@gmail.com | Verify your email address | email-verify | 2 min ago | Delivered |
| msg_7mBq2R... | alice@acmecorp.com | Invoice #1042 — $299.00 | invoice-v2 | 8 min ago | Delivered |
| msg_2pZx1L... | bob@oldmail.net | Password reset request | password-reset | 15 min ago | Bounced |
| msg_9nYr4K... | carol@startup.io | Welcome to MyApp 🎉 | welcome-email | 22 min ago | Delivered |
| msg_5tQw8M... | dave@enterprise.com | Your OTP: 481927 | otp-code | 31 min ago | Pending |
Base URL: https://api.securemailer.us/v1
The SecureMailer API is organized around REST principles. All requests and responses use JSON encoding. Authentication uses Bearer token (API key) in the Authorization header. We follow standard HTTP status codes and return descriptive error messages.
All API requests require authentication using your SecureMailer API key as a Bearer token in the Authorization header. API keys can be generated in your account dashboard under Settings → API Keys.
Keep your API keys secure. Do not commit them to source control. Use environment variables or a secrets manager. If compromised, rotate your key immediately from the dashboard.
Sends a single transactional or marketing email. For bulk sending, use the /v1/email/batch endpoint.
| Parameter | Type | Required | Description |
|---|---|---|---|
| from | string | required | Sender email address. Must be a verified domain in your account. |
| to | string | array | required | Recipient email address or array of addresses (max 50 per request). |
| subject | string | required | Email subject line (max 998 characters). |
| html | string | optional | HTML body of the email. Required if text is not provided. |
| text | string | optional | Plain-text body. Strongly recommended alongside HTML for deliverability. |
| template_id | string | optional | ID of a saved template. Replaces html/text if provided. |
| variables | object | optional | Key-value pairs for template variable substitution. |
| reply_to | string | optional | Reply-to address. Defaults to the from address. |
| attachments | array | optional | Array of attachment objects with name, content (base64), and mime_type. |
| tags | array | optional | Array of string tags for analytics segmentation (max 10). |
| track_opens | boolean | optional | Enable open tracking pixel. Default: true. |
| track_clicks | boolean | optional | Enable click tracking. Default: true. |
SecureMailer delivers real-time event notifications via HTTP POST to your configured webhook endpoint. Configure webhooks in your dashboard under Settings → Webhooks.
email.delivered — Email accepted by the recipient's mail serveremail.opened — Recipient opened the email (pixel loaded)email.clicked — Recipient clicked a tracked linkemail.bounced — Email bounced (hard or soft). Address added to suppression list if hard bounce.email.complained — Recipient marked as spam via ISP feedback loop. Address suppressed immediately.email.unsubscribed — Recipient clicked unsubscribe. Added to suppression list.Rate limits are applied per API key. Exceeding a rate limit returns HTTP 429 with a Retry-After header indicating when you can resume sending.
| Plan | Send Limit | API Requests | Batch Size |
|---|---|---|---|
| Starter | 10K/month | 100/min | 50 recipients |
| Growth | 250K/month | 1,000/min | 500 recipients |
| Enterprise | Custom | 10,000/min | 5,000 recipients |
| Code | HTTP Status | Description |
|---|---|---|
| invalid_api_key | 401 | API key is missing, revoked, or invalid. |
| domain_not_verified | 403 | Sending domain is not verified on your account. |
| recipient_suppressed | 422 | Recipient is on your or global suppression list. |
| invalid_template | 422 | Template ID not found or template has errors. |
| rate_limit_exceeded | 429 | Rate limit reached. Check Retry-After header. |
| monthly_limit_exceeded | 429 | Monthly email quota exhausted. Upgrade plan. |
| internal_error | 500 | Server-side error. Contact support if persistent. |