MakeSMTP
Return Back Home

Security Statement

Last Updated: May 5, 2025

Our Commitment to Security

At INSPIREMAIL LLC, security is a core principle in the design and operation of our MakeSMTP service. We understand that you trust us with your business communications, and we take that responsibility seriously. This security statement outlines the measures we take to protect your data and ensure the integrity of our service.

INSPIREMAIL LLC
1151 Walker Rd Ste 100
Dover, DE 19904
United States
EIN: 352734537

Infrastructure Security

Secure Data Centers

MakeSMTP operates on infrastructure hosted in SOC 2 Type II certified data centers with:

  • 24/7 physical security and surveillance
  • Multi-factor access controls
  • Redundant power supplies
  • Advanced fire detection and suppression systems
  • Environmental controls for optimal hardware performance

Network Security

Our network security measures include:

  • Enterprise-grade firewalls and intrusion detection/prevention systems
  • DDoS protection
  • Regular vulnerability scanning and penetration testing
  • Network segmentation and secure VLANs
  • Real-time traffic monitoring and anomaly detection

System Security

We maintain rigorous system security through:

  • Hardened operating systems with minimal attack surface
  • Regular security patches and updates
  • Host-based intrusion detection
  • File integrity monitoring
  • Comprehensive logging and monitoring

Data Protection

Encryption

Your data is protected by strong encryption:

  • TLS 1.3 for all data in transit
  • AES-256 encryption for data at rest
  • Secure key management practices
  • Perfect Forward Secrecy (PFS) for communications

Authentication & Access Controls

We enforce strict access controls:

  • Multi-factor authentication for all administrative access
  • Role-based access control (RBAC)
  • Principle of least privilege
  • Strong password policies
  • Regular access reviews
  • Automated account provisioning/deprovisioning

Email Security Measures

Our email-specific security features include:

  • SPF, DKIM, and DMARC implementation
  • SMTP TLS encryption
  • Rate limiting and abuse prevention
  • Proactive monitoring for spam and phishing attempts
  • Automatic blocking of malicious content

Operational Security

Security Team

Our dedicated security team:

  • Monitors systems 24/7
  • Responds promptly to security alerts
  • Conducts regular security assessments
  • Stays current with emerging threats and vulnerabilities
  • Performs security incident response drills

Secure Development Practices

We follow secure development methodologies:

  • Security requirements integrated into development lifecycle
  • Regular code reviews and static analysis
  • Pre-deployment security testing
  • Third-party security assessments
  • Continuous security improvement

Business Continuity

We ensure resilience through:

  • Regular backups with encryption
  • Geographic redundancy
  • Disaster recovery planning and testing
  • High availability architecture
  • Documented incident response procedures

Compliance and Certifications

We adhere to industry standards and best practices:

  • SOC 2 Type II compliance
  • GDPR compliance
  • CCPA compliance
  • CAN-SPAM Act compliance
  • ISO 27001 alignment
  • Regular independent security audits

Security Assurance

Vulnerability Management

Our vulnerability management program includes:

  • Regular automated scanning
  • Manual penetration testing
  • Bug bounty program
  • Threat modeling
  • Timely remediation of identified vulnerabilities

Third-Party Risk Management

We carefully manage vendor relationships:

  • Security assessments for all vendors
  • Contractual security requirements
  • Regular vendor security reviews
  • Supply chain risk management

Security Monitoring

We maintain visibility through:

  • 24/7 security monitoring
  • Automated alert systems
  • Log aggregation and analysis
  • Behavioral analytics
  • Security information and event management (SIEM)

Customer Security Controls

We empower customers with security features:

  • API key management
  • IP-based access restrictions
  • Detailed audit logging
  • Activity monitoring
  • Custom security policies

Security Incident Response

In the event of a security incident:

  • We maintain a documented incident response plan
  • Our team is trained in incident handling
  • We provide timely notifications
  • We conduct thorough post-incident reviews
  • We continuously improve our security posture based on lessons learned

Responsible Disclosure Program

We welcome responsible security research:

  • Security researchers can report vulnerabilities to security@makesmtp.com
  • We commit to timely investigation and remediation
  • We do not pursue legal action against researchers following responsible disclosure
  • We acknowledge contributions that help improve our security

Security Updates

We continuously improve our security:

  • Regular security assessments and audits
  • Implementation of security best practices
  • Monitoring of emerging security threats
  • Evolution of our security program to address new challenges

Contact Information

For security questions or to report security concerns, please contact:

INSPIREMAIL LLC
Attn: Security Team
1151 Walker Rd Ste 100
Dover, DE 19904
Email: security@makesmtp.com