MailHidden
Security contact: security@mailhidden.com

Security

MailHidden handles email routing data, so security is part of the product surface. This page summarizes current practices and how to report an issue.

Current practices

  • Alias controls are designed to limit exposure of your real inbox.
  • Operational logging is used to investigate abuse, delivery problems, and security events.
  • Administrative access is intended to be limited to service operation and support needs.
  • Messages may be filtered or blocked to protect users and maintain deliverability.

Reporting vulnerabilities

Send security reports to security@mailhidden.com. Include the affected route, steps to reproduce, expected impact, and any relevant screenshots or logs. Please avoid accessing data that does not belong to you.

Responsible disclosure

Give us a reasonable opportunity to investigate and fix reported issues before public disclosure. We do not currently operate a paid bug bounty program.

Security scope

In-scope reports include account access flaws, alias routing bypasses, unauthorized data exposure, injection vulnerabilities, and practical ways to abuse MailHidden infrastructure. Spam complaints and policy violations should be sent through the abuse process instead.

Registration is temporarily closed

MailHidden is not accepting public registrations at the moment. Public access will open after the service is ready for broader use.

Contact

Login

Access is currently limited to private accounts.