SS
SecureSMTPMail · forms · delivery
Get started

Legal

Acceptable Use Policy

Effective: June 14, 2026Last updated: June 14, 2026
Last updated June 14, 2026. This document is provided in good faith and may not be exhaustive. Email support@securessmtp.com with questions.

1. The spirit of this policy

SecureSMTP is a shared email-delivery infrastructure. The reputation of our sending IPs and domains is a shared resource. A single bad actor can damage deliverability for every other customer. This policy is how we keep our sending reputation clean and your mail in the inbox.

If you would not send a message to your own grandmother under your real name from your real business email, you probably should not send it through SecureSMTP.

2. Prohibited content

You may not send through the Service any content that:

  • Constitutes spam (any unsolicited bulk email), phishing, or fraud.
  • Distributes malware, ransomware, viruses, trojans, or any malicious code.
  • Is illegal under the laws of the United Arab Emirates or the recipient’s jurisdiction.
  • Violates the CAN-SPAM Act (US), GDPR/PECR (EU/UK), CASL (Canada), or any other anti-spam law applicable to your sending.
  • Contains pornographic, sexually explicit, or adult content.
  • Promotes drugs, weapons, gambling (unless licensed in the recipient’s jurisdiction), cryptocurrency investment advice, get-rich-quick schemes, or pyramid/MLM schemes.
  • Promotes hate speech, harassment, discrimination, or violence against individuals or groups.
  • Infringes intellectual property rights.
  • Impersonates another person or entity, including misleading “From” or “Reply-To” headers.

3. Spam & list hygiene

If your sending is bulk or marketing in nature, you represent and warrant:

  • You have a documented basis for sending to each recipient (opt-in consent or an applicable legal basis).
  • You honour unsubscribe requests within 10 business days (or sooner where required by law).
  • You include a clear unsubscribe mechanism and your physical postal address in marketing emails (CAN-SPAM requirement).
  • You do not purchase, scrape, harvest, or rent email lists. You do not send to addresses you have not verified.
  • You maintain a complaint rate below 0.1% and a bounce rate below 5%. We may suspend sending above either threshold.

We expect customers to use SecureSMTP primarily for transactional email — receipts, password resets, form notifications, order confirmations — not marketing campaigns. For marketing automation at scale, use a dedicated marketing platform.

4. Volume limits

Each plan tier includes a monthly relayed-email quota — see the Pricing page. Exceeding your quota will result in throttling or refusal of further sends until the next billing period or plan upgrade.

Sudden, large spikes in sending volume (e.g. 10× your 30-day baseline within an hour) trigger our abuse-detection sweep and may result in temporary throttling pending review.

5. Service integrity

You may not:

  • Probe, scan, or test the vulnerability of any SecureSMTP system without our written permission.
  • Use the Service to conduct denial-of-service attacks.
  • Attempt to circumvent rate limits, plan quotas, or abuse-detection mechanisms.
  • Reverse-engineer the AI classifier or attempt to craft payloads designed to defeat it.
  • Resell the Service to third parties without a written reseller agreement with us.

6. Plugin licensing

Each API key authorizes a single WordPress installation on Free, Starter, and Pro plans. Business and Enterprise plans allow multiple sites under one Account, subject to your plan’s site limit. Reuse of a single API key across more sites than your plan allows is prohibited.

The SecureSMTP plugin is licensed under the GPL v2 or later, consistent with WordPress plugin requirements. Use of the plugin requires a valid SecureSMTP Account.

7. Monitoring & automated review

We apply automated checks to outbound email, including:

  • Content heuristics (keyword, URL, and TLD risk scoring) applied to every message.
  • AI classification by Anthropic Claude on sampled and new-account messages (see Privacy Policy).
  • Per-site volume anomaly detection (hourly sweep comparing recent volume to baseline).

Messages flagged as high-confidence abuse may be quarantined or refused; the customer is notified, and the WordPress plugin will fall back to native wp_mail() so your site continues to function.

8. Enforcement ladder

For most AUP violations, we apply graduated enforcement:

  1. Warning — email to the Account owner describing the issue and requested remediation.
  2. Throttle — 75% reduction of your sending capacity for 24–72 hours.
  3. Suspension — sending blocked entirely while we investigate; you can still log in to retrieve data.
  4. Termination — Account closed; data retained 30 days per Privacy Policy.

Egregious violations — active phishing campaigns, malware distribution, large-scale spamming, illegal content — bypass the ladder and result in immediate termination without warning.

Repeat offenders may be barred from creating new Accounts.

9. Reporting abuse

If you receive abusive mail that appears to come from SecureSMTP, please email support@securessmtp.com with the full message headers. We investigate every complaint.

10. Your cooperation

If we contact you about a complaint or suspected violation, you agree to respond within 24 hours. Failure to respond may result in suspension pending review.

Questions about this Policy? support@securessmtp.com

Other legal documents

SecureSMTP is operated by Technologia FZE, registered at the Sharjah Research, Technology and Innovation Park (SRTIP), Sharjah, United Arab Emirates.