Changelog

From now on, Mailtrap sends all webhook callbacks from a fixed set of Mailtrap-owned IPv4 CIDR blocks: 45.158.83.0/24 and 5.181.200.0/24. The same IP ranges also cover SMTP sending.

This gives you predictable, stable IPs that replace dynamic AWS addresses, a tighter security posture by whitelisting just two /24 blocks instead of the entire AWS IP pool, and consistent test & production behavior since webhook test calls use the same IPs as real traffic. 

Static IPs are especially useful if:

• Your endpoint is behind a corporate or on-premise firewall.

• You're in a regulated industry (finance, healthcare, insurance) with strict network policies.

• Your security team requires an explicit allowlist for all inbound traffic.

• You're automating infrastructure and need static CIDRs for IaC/Terraform templates, including SOC-2 compliant environments that block unknown IPs.

For more information, please read the in-depth Knowledge Base article.

You can now manage API tokens programmatically using five new endpoints — no UI required.

For instance, this allows you to provision sending tokens per customer at signup, automate token rotation without interrupting production, or give AI agents isolated credentials.

Available endpoints:

• List API tokens – Returns all API tokens visible to the current API token.

• Create API token – Creates a new API token for the account with the given name and resource permissions.

• Get API token – Returns a single API token by id.

• Delete API token – Permanently deletes an API token.

• Reset API token – Rotate a token: the old one expires after a short grace period and the new one inherits the same scope and permissions.

The full token lifecycle is covered: from creation to rotation, and each endpoint is scoped to a specific account, project, sandbox, or sending domain.

For more details, please consult the official API documentation.

Hey there!

We’re happy to announce that we’ve added an AI-powered support chat directly in the app. Got a question? Start there! It's the fastest way to get an answer.

And in case our AI assistant isn’t able to help with your issue, simply click on the Start Conversation button and talk to a real human from our customer support team.

You can now exclude recipients who soft bounced, giving you more control over who receives your next send!

How it works: When building a segment, select Campaign soft bounced as a condition and define a time window (e.g., Is Within the last 7 days). Then:

• If you send campaign A, any contact who soft bounced within that period will be captured in the segment. 

• You can send campaign B excluding the 20 soft bounced recipients.

• Furthermore, if a soft bounce is resolved within the time period you set (e.g., 7 days), they're automatically included back in the segment.

Why it matters: Segmenting your contacts by soft bounces protects your sender reputation without the need for any manual cleanup. 

The feature is available under Contacts → Segments.

The Mailtrap Ruby SDK has been significantly expanded. It now covers the full Mailtrap feature set - from batch sending and sandbox testing to contact management, templates, and more.

Here's what's new:

Batch Sending — Send up to 500 emails in a single API call using a shared base configuration. Useful for newsletters, notifications, and any high-volume use case.

Sandbox Mode — Send emails directly to your Mailtrap Sandbox inbox for testing, without touching real recipients. Just initialize the client with sandbox: true and your inbox_id.

Multiple Client Support — You can now run transactional and bulk delivery methods simultaneously within the same Rails app, making it easy to separate email streams by type.

Expanded API Coverage — The SDK now includes modules for:

• Sending Domains API

• Email Sandbox management (Projects, Inboxes, Messages, Attachments)

• Contact management (CRUD & listing)

• Accounts API

Support of reply_to — The from_content mail builder now supports a reply_to field.

Full documentation and code examples are available in the Ruby SDK guide and the GitHub repository.

We have officially released Mailtrap Airflow Provider that lets you send transactional emails directly from your DAGs using the official Mailtrap provider package. With this integration, you can:

• Send plain text or HTML emails as part of your workflows

• Send emails to multiple recipients

• Use Jinja templating for dynamic content (e.g., Airflow variables, XCom values, etc.)

• Track emails with Mailtrap analytics using the category parameter

Requirements: Python 3.9+, Apache Airflow 2.4+

For detailed setup instructions and examples, check out the official GitHub repository or the PyPi package.

From now on, all Mailtrap webhooks will include cryptographic signatures, so you can verify that incoming requests genuinely come from us and haven't been tampered with.

If you use webhooks for deliverability monitoring, CRM sync, or auditing, this adds an extra layer of security using industry-standard cryptographic verification.

Notes:

• Every webhook request is signed automatically

• You can confirm the request originated from Mailtrap before processing it

• No action needed to enable it — all existing webhooks will include signatures

To find your signature key, simply navigate to the webhook you want to configure, and it will be displayed in the webhook details.

You can now connect your Vercel project to Mailtrap Email API and automatically configure the necessary environment variables into your Vercel environments in a few steps. This removes setup friction, minimizes configuration mistakes, and lets you test and send emails at scale with high inboxing rates and fast delivery speed.

For step-by-step instructions on how to integrate Vercel with Mailtrap, feel free to read our Knowledge Base article. ⬅️