Compliance · sender reputation
Suppression types (Email, Domain, IP) with Global and Per-list scopes. Auto-suppression from bounces, complaints, and unsubscribes. CSV bulk import, manual add, API and trigger-driven flows. Built for senders who treat compliance as a feature, not a footnote.
Suppression types
Suppression in Mumara isn't a single list — it's layered. Each type catches a different shape of opt-out, and Mumara honours them all on every send.
Block individual email addresses. The most common scope — populated automatically from bounces, complaints, and unsubscribe clicks, with manual add and CSV import for migrations.
Example
[email protected]Block entire domains. Useful when a domain returns systematic bounces (e.g., a defunct corporate mail server) or for legal reasons (competitor exclusion, sanctioned regions).
Example
example.comBlock contacts whose engagement came from specific IPs. Supports single addresses, ranges, and CIDR notation — the only level with full network-block semantics.
Example
192.168.1.0/28Add to suppression
Every suppression page has the same shape: Add New opens a modal where you pick the scope (Global or specific list), the source (manual entry or CSV upload, up to 100MB), and a Reference note for audit. Email suppression also supports hashed inputs for cross-platform suppression-list sharing without exposing raw addresses.
Global blocks the address across the whole account. Per-list scopes the block to one specific list — useful when contacts consented to one programme but not another.
Migrating from another ESP? Upload the suppression list as CSV. Mumara dedupes against existing entries automatically. For massive lists, the Rocket Import addon accelerates the bulk path.
Toggle Email Hashing when importing pre-hashed addresses (e.g., from a vendor's suppression export). Lets compliance teams share lists without exposing raw PII.
Free-text Reference field on every record. "GDPR erasure request", "manual review 2026-Q2", "FBL complaint". When the regulator asks, you have the audit ready.
IP suppression · power-user controls
IP suppression is the only level with full network-block semantics. The textarea accepts single addresses, dashed ranges (192.168.1.0-20), or CIDR notation (192.168.1.0/28). One IP per line. Useful for cutting off entire abusive subnets, datacenter ranges, or compromised office networks — at the contact level, not the MTA level.
Mumara parses each line independently. Single IP, dashed range, or CIDR — mix and match in a single submission. Errors are reported per line so a typo in row 4 doesn't kill rows 1–3.
Per-list scope means you can block a network for one programme (e.g., a customer's known abuse range for marketing emails) while still sending them transactional via a different list.
Use IP suppression for incident response — when a datacenter sends spam complaints in bulk, suppress the source range immediately. The block applies at the next 15-minute sync to sending nodes.
Two sources of truth
Most suppression in a healthy programme is automatic — Mumara catches it before you have to think about it. The manual paths exist for the edge cases automation can't see.
Hands-off compliance
Hard bounces land in suppression immediately. FBL complaints from mailbox providers (Gmail, Yahoo, Microsoft) flow in via the feedback loop. Every unsubscribe click writes the contact to suppression on the spot. You don't have to lift a finger.
Compliance + ad-hoc
For one-off blocks (a legal request, a known bad actor) use the Add New form. For migrations, CSV bulk import (up to 100MB). For automated workflows, fire 'Add contact to suppression list' as a trigger action. For external systems, push via the API.
Scope per entry
Every suppression entry — Email, Domain, or IP — picks a scope. The same opt-out can mean "stop everything" or "stop this one programme" depending on what the recipient actually consented to. Mumara honours the granularity recipients asked for.
Applies to every send from the account — every list, every campaign, every broadcast. The default scope for opt-outs the recipient gave for the whole brand.
Applies only to the named list. Use when a contact opted out of one programme (e.g., product updates) but still consented to others (e.g., billing notifications).
Sync note: suppression-list updates synchronise to every sending node every 15 minutes. Adds aren't always instant — for compliance-critical workflows, pause the sender alongside the suppression add.
What bad suppression costs
Suppression isn't a backend concern. Done wrong, it surfaces as deliverability collapse, regulator fines, and lost trust. Done right, it's invisible — which is the whole point.
Once a contact unsubscribes, every subsequent send to that address is technically actionable under CAN-SPAM (up to $50,000 per violation) and GDPR. Auto-suppression on unsub click is what keeps you on the right side of the line without thinking about it.
When Gmail or Yahoo forwards a complaint to your feedback loop, every additional send to that complainant amplifies the damage. Mumara's auto-suppression on FBL receipt keeps repeat-complaint events at zero.
Mailbox providers track senders who keep retrying known-dead addresses. Hard bounce → auto-suppression is table stakes for reputation; without it, your inbox-placement rates erode quietly on every campaign.
When a regulator or auditor asks 'why is this contact in suppression, and when?', a Reference field with a per-entry note is the difference between a 10-minute response and a 10-day investigation. Mumara captures the trail on every entry.
“The auto-suppression chain — bounces, complaints, unsubscribes — just works. We migrated 4 million records across three brands and the suppression list landed clean. Compliance reviewers love the per-entry Reference notes.”
Verified review
Mumara customer
Common questions
Suppression-list updates synchronise to every sending node every 15 minutes. For the vast majority of senders, this is fine — the suppression set is checked on every send and a 15-minute window is well below the natural send cadence. For compliance-critical workflows where instant blocking matters (e.g., a GDPR erasure during an active broadcast), pause the broadcast at the same moment you add to suppression so the next batch picks up the new entry.
Global suppression blocks the address across every send from the account — every list, every campaign, every broadcast. Per-list scopes the block to one specific list. Use Global for opt-outs the recipient gave for your whole brand. Use Per-list when the recipient said 'stop product updates but keep sending billing notifications' — the suppression applies to the product-updates list only.
Several triggers populate suppression automatically: a hard bounce on a send (per the Bounce Rules you configure), a spam complaint received via the feedback loop from major ISPs, and an unsubscribe click. All write to suppression with no manual review required. Soft bounces accumulate over time before suppressing, per your Bounce Rules.
Yes. The Add New modal accepts CSV uploads up to 100MB. Mumara dedupes against existing entries automatically. For very large lists (millions of records), the Rocket Import addon offers an accelerated path. All entries can be tagged with a Reference note for audit (e.g., 'Migrated from previous ESP 2026-05').
Single IPs (192.168.1.0), dashed ranges (192.168.1.0-20), and CIDR notation (192.168.1.0/28). One entry per line, mix any of the three notations in a single submission. Mumara parses each line independently and reports errors per line. Useful for cutting off entire datacenter ranges or compromised subnets at the contact-engagement level.
Yes. The Suppression endpoint supports add, remove, and lookup operations. Integrate it with your CRM or compliance tooling so an opt-out elsewhere flows into Mumara automatically. The 'Add contact to suppression list' trigger action also handles this from within Mumara workflows.
When importing a suppression list from a vendor that pre-hashes email addresses for privacy (so they never share raw PII), toggle Email Hashing and Mumara matches against hashed inputs instead of plain emails. Useful for cross-platform compliance coordination where the source list can't expose raw addresses.
Related but distinct. Bounce processing is the upstream system — it ingests bounce messages from the sending pipeline and classifies them (hard / soft / transient). When a bounce meets your Bounce Rules' threshold (e.g., hard bounce on first attempt), the bounce processor writes the contact to suppression. Suppression is the downstream consequence; bounce processing is the cause.
Related
Suppression is the compliance counterpart to your contact database — every suppressed contact is still a record, just excluded from sends.
Read moreBounce processing and FBL ingestion are the upstream that feeds auto-suppression. Configure once, runs forever.
Read more"Add contact to suppression list" is a trigger action — wire programmatic compliance flows like GDPR erasure into your automations.
Read moreForms write new contacts into lists — suppression keeps them out. Together they bound the lifecycle: signup → engage → opt out, all tracked.
Read moreMumara Campaigns · Suppression Management
Suppression Management ships with every Mumara Campaigns plan — Self-Hosted and Mumara Machine. Auto-suppression from bounces, complaints, and unsubscribes runs by default. Free trial includes the full deliverability toolkit.
