Acceptable Use Policy

1. Overview

InboxKit provides authenticated email infrastructure services powered by official Google Workspace and Microsoft 365 mailboxes. This Acceptable Use Policy ("Policy") applies to all customers, users, and any third parties who access or use InboxKit services. By using InboxKit, you agree to comply with this Policy and all applicable laws and regulations.

This Policy outlines prohibited uses, our commitment to legitimate email practices, and our enforcement actions for violations.

2. Prohibited Uses

InboxKit strictly prohibits customers from using our services for:

A. Spam and Unsolicited Email

• Sending unsolicited bulk email or spam to recipients who have not explicitly opted in to receive communications
• Sending email to purchased or harvested email lists
• Using techniques to evade spam filters, including snowshoeing (sending from multiple domains/IPs to dilute reputation metrics) or waterfalling (cycling email lists through multiple providers)
• Sending email to invalid, dormant, or non-responsive addresses for the purpose of gaining reputation
• Misrepresenting the purpose or content of email campaigns in subject lines or headers

B. Phishing, Fraud, and Deception

• Spoofing sender identities or impersonating legitimate organizations
• Creating fake or misleading sender addresses, domain names, or headers
• Phishing attacks designed to collect sensitive information (credentials, financial data, etc.)
• Email campaigns containing fraudulent claims or misleading content
• Creating counterfeit websites or mimicking banking/payment systems

C. Malware and Security Threats

• Distributing malware, viruses, ransomware, or other malicious code
• Sending emails with trojan horses or worms
• Distributing compromised or infected files
• Conducting unauthorized security testing, including simulated phishing without proper authorization

D. Illegal Activities

• Sending email that violates local, state, federal, or international laws
• Money laundering, pyramid schemes, or other financial crimes
• Drug trafficking, weapons sales, or other illegal goods/services
• Child exploitation, human trafficking, or abuse of minors
• Copyright infringement or intellectual property violations
• Harassment, stalking, threats, or defamation
• Extortion or blackmail

E. Violating Anti-Spam Laws

• Non-compliance with CAN-SPAM Act (US)
• Non-compliance with GDPR and similar international privacy regulations
• Non-compliance with Canada's Anti-Spam Law (CASL)
• Non-compliance with other country-specific email regulations
• Failure to include opt-out mechanisms where required

F. Abuse of InboxKit Service

• Advertising InboxKit itself through unsolicited email campaigns
• Using InboxKit infrastructure for sending on behalf of unauthorized third parties
• Intentionally damaging InboxKit's reputation or network infrastructure
• Attempting to reverse-engineer, bypass, or circumvent InboxKit security systems
• Renting, reselling, or providing access to InboxKit mailboxes without authorization
• Using the service to test malware, spam techniques, or other harmful activities

3. Authentication and Deliverability Requirements

All customers must comply with industry-standard email authentication practices:

• SPF (Sender Policy Framework): Properly configured to authenticate sending domains
• DKIM (DomainKeys Identified Mail): All emails must be cryptographically signed
• DMARC (Domain-based Message Authentication, Reporting & Conformance): Policy enforcement recommended
• List Hygiene: Regular removal of invalid, bounced, and unengaged addresses
• Engagement Monitoring: Discontinue sending to addresses that show no engagement over a reasonable period
• Preference Centers: Provide opt-out mechanisms in all marketing communications

Failure to maintain these standards may result in account suspension or termination.

4. Legitimate Use Cases

InboxKit supports legitimate business email use, including:

• Opted-in sales and business development campaigns
• Legitimate B2B marketing and lead generation
• Transactional email (receipts, confirmations, notifications)
• Customer relationship management and outreach
• Legitimate business communications with consent

All uses must comply with CAN-SPAM, GDPR, CASL, and other applicable regulations.

5. Compliance and Monitoring

InboxKit monitors for policy violations through:

• Automated abuse detection systems
• Complaint feedback from recipients and inbox providers
• Blacklist monitoring (SURBL, Spamhaus, etc.)
• Bounce rate and engagement analysis
• Reports from third parties including law enforcement

6. Enforcement and Consequences

Violations of this Policy may result in:

• First Offense: Warning and mandatory corrective action plan
• Repeated Violations: Temporary account suspension
• Severe Violations: Immediate account termination without refund
• Legal Action: For illegal activities, InboxKit may report to law enforcement and pursue civil or criminal claims
• Law Enforcement Cooperation: InboxKit cooperates fully with law enforcement investigations

Severe violations (phishing, malware, illegal activity) may result in immediate termination without notice.

7. Reporting Abuse

InboxKit takes abuse seriously. To report violations of this Policy:

Email: abuse@inboxkit.com

Include: Account information, specific examples, dates, and evidence of violation.

All reports are investigated promptly and confidentially.

8. Contact and Questions

For questions about this Policy, contact:

InboxKit Compliance Team
Email: support@inboxkit.com
Website: inboxkit.com

9. Policy Updates

InboxKit reserves the right to update this Policy at any time. Continued use of InboxKit services constitutes acceptance of any updates.

By using InboxKit, you acknowledge that you have read, understood, and agree to comply with this Acceptable Use Policy.