Security

Baseline controls

Production systems should use secure secret storage, role-based admin access, audit logging, rate limits, encrypted transport, restricted data access, backups, and separate staging and production environments.

Admin actions should be logged. Dangerous content such as unsafe HTML and attachments should be sanitised, quarantined, or ignored safely.

Email safety

BetterBeGood should maintain SPF, DKIM, DMARC, bounce monitoring, complaint monitoring, and unsubscribe controls for outbound digests.

Inbound email should have lifecycle logging from receipt through parsing, classification, scoring, digest eligibility, suppression, deletion, or review.

Reporting

Security, abuse, privacy, and deliverability issues can be reported through the contact and abuse reporting pages.