Vulnerability Disclosure Policy

At MATTER Mail, we prioritize the security and trust of our users. While we build robust software, vulnerabilities may still emerge. We welcome collaboration with the security research community to identify and resolve issues responsibly.

Disclosure Policy

• •
  Timely Remediation: We will make a reasonable effort to fix the vulnerability as soon as we are made aware.
• •
  Coordinated Disclosure: Please do not publicly disclose the vulnerability until we have had reasonable time to develop a fix.
• •
  Minimal Scope & Authorization: Only test with accounts you own or for which you have explicit permission.
• •
  Ethical Conduct: Avoid actions that violate privacy, disrupt service, or result in data loss.
• •
  Reporting Contact: Submit reports to: [email protected].

Exclusions

• •Denial-of-Service (DoS/DDoS) testing
• •Spamming or message flooding
• •Social engineering targeting team members or users
• •Physical attacks or hardware-based tampering

Safe Harbor

Security research activity conducted in good faith and in accordance with this policy is authorized — we will not pursue legal action.