diff --git a/_config.php b/_config.php
index 576c369a9..0ac8d8a3d 100644
--- a/_config.php
+++ b/_config.php
@@ -81,5 +81,11 @@ Security::encrypt_passwords(true);
  */
 Security::set_password_encryption_algorithm('sha1', true);
 
+/**
+ * The secret key that needs to be sent along with pings to /Email_BounceHandler.
+ * Change this to something different for increase security.
+ * For more information see: http://doc.silverstripe.com/doku.php?id=email_bouncehandler
+ */
+define('EMAIL_BOUNCEHANDLER_KEY', '1aaaf8fb60ea253dbf6efa71baaacbb3');
 
 ?>
\ No newline at end of file
diff --git a/core/Email.php b/core/Email.php
index 8756f7b25..6f2c12b6c 100755
--- a/core/Email.php
+++ b/core/Email.php
@@ -797,6 +797,12 @@ class Email_BounceHandler extends Controller {
         return;
       }   
       
+	// Check against access key defined in sapphire/_config.php
+	if( !isset($_REQUEST['Key']) || $_REQUEST['Key'] != EMAIL_BOUNCEHANDLER_KEY) {
+		echo 'Error: Access validation failed. Invalid "Key" specified.';
+		return;
+	}
+
         if( !$_REQUEST['Email'] ) {
             echo "No email address";
             return;