
Mailgun security incident: An update on the state of password resets - artsandsci
https://www.reddit.com/r/bugs/comments/7obxkb/mailgun_security_incident_an_update_on_the_state/
======
dboreham
Reading this and the blog post from Mailgun, my first thought was "Why is it
possible to access the content of sent emails via their API?". At the very
least it should be possible to denote emails sent as sensitive and therefore
not to be readable once sent.

