diff --git a/svc/main.go b/svc/main.go
index da1aa89..17c1a17 100644
--- a/svc/main.go
+++ b/svc/main.go
@@ -192,6 +192,11 @@ func InitRoutes(pgDB *sql.DB, mssql *sql.DB, ml *mailer.GraphMailer) *mux.Router
 		)
 	}
 
+	// Sadece JWT doğrulaması; route-level yetki kontrolü yok.
+	wrapAuthOnly := func(h http.Handler) http.Handler {
+		return middlewares.AuthMiddleware(pgDB, h)
+	}
+
 	// ============================================================
 	// PUBLIC (NO AUTHZ)
 	// ============================================================
@@ -527,13 +532,22 @@ func InitRoutes(pgDB *sql.DB, mssql *sql.DB, ml *mailer.GraphMailer) *mux.Router
 		{"/api/order/check/{id}", "GET", "view", routes.OrderExistsHandler(mssql)},
 		{"/api/order/validate", "POST", "insert", routes.ValidateOrderHandler(mssql)},
 		{"/api/order/pdf/{id}", "GET", "export", routes.OrderPDFHandler(mssql)},
-		{"/api/order/send-market-mail", "POST", "view", routes.SendOrderMarketMailHandler(pgDB, mssql, ml)},
+		{"/api/order/send-market-mail", "POST", "read", routes.SendOrderMarketMailHandler(pgDB, mssql, ml)},
 		{"/api/order-inventory", "GET", "view", http.HandlerFunc(routes.GetOrderInventoryHandler)},
 		{"/api/orderpricelistb2b", "GET", "view", routes.GetOrderPriceListB2BHandler(pgDB, mssql)},
 		{"/api/min-price", "GET", "view", routes.GetOrderPriceListB2BHandler(pgDB, mssql)},
 	}
 
 	for _, rt := range orderRoutes {
+		if rt.Path == "/api/order/send-market-mail" {
+			bindV3(r, pgDB,
+				rt.Path, rt.Method,
+				"order", rt.Action,
+				wrapAuthOnly(rt.Handle),
+			)
+			continue
+		}
+
 		bindV3(r, pgDB,
 			rt.Path, rt.Method,
 			"order", rt.Action,
diff --git a/svc/routes/order_pdf.go b/svc/routes/order_pdf.go
index f8331b1..87d36e9 100644
--- a/svc/routes/order_pdf.go
+++ b/svc/routes/order_pdf.go
@@ -260,6 +260,18 @@ func normalizeBedenLabelGo(v string) string {
 	// 2️⃣ Uppercase
 	s = strings.ToUpper(s)
 
+	// Yas bedenleri: 2Y / 2YAS / 2YAŞ -> 2
+	for _, suf := range []string{"YAS", "YAŞ", "Y"} {
+		if strings.HasSuffix(s, suf) {
+			num := strings.TrimSpace(strings.TrimSuffix(s, suf))
+			if num != "" {
+				if _, err := strconv.Atoi(num); err == nil {
+					return num
+				}
+			}
+		}
+	}
+
 	/* --------------------------------------------------
 	   🔥 AKSBİR ÖZEL (STD eş anlamlıları)
 	-------------------------------------------------- */