At Maropost, we want our customers to only send emails to contacts who truly want to receive them, otherwise, they’re sending spam. That’s why we require you to have permission from all of your contacts in order to email them. There are a few rules to be aware of when it comes to the types of email addresses you can are able to send emails to and the types of permission you are granted for sending to them. This Acceptable Use Policy (“AUP”) describes activities that are not allowed in connection with your use of the Services. The AUP is incorporated by reference in your Agreement.
Email
Overview
Maropost and its partners only support permission-based and lawful email/mobile marketing practices that comply with but are not limited to regulations such as Canadian Anti-Spam Laws (“CASL”), United States Controlling the Assault of Non-Solicited Pornography and Marketing or (“CAN-SPAM“) Act, United States Telephone Consumer Protection Act (TCPA), or privacy regulations like General Data Protection Regulation (GDPR).
Closed-Loop Authentication List Building
Maropost products enable clients to put an ‘opt-in’ form on their website. This feature collects and stores the email addresses of permission-based recipients. All Maropost products also have an option to use closed-loop authentication: an email address is not added to the recipient list until a link is clicked in the confirmation email. This process is implemented completely by the software.
Contact List Abuse Prevention
Maropost technology automatically screens email campaigns for indicators of potential problems such as blacklisting and high spam scores. Any Maropost account email campaign that surpasses a threshold is automatically suspended until the Postmaster reviews and clears it.
To protect Maropost’s reputation, and that of its clients, Maropost offers to help new customers upload their first large email distribution list. This service allows Maropost to view the contents of an email distribution list, with the customer’s permission. In addition, Maropost helps first time customers run a sample email campaign to a few select recipients from their list before sending it to the rest.
Software Control Tools
Maropost provides its customers with certain tools to assist in compliance with Email and Privacy regulations. For example, Maropost products independently add an unsubscribe option to each email sent. Unsubscribes can be requested via a link in each email that goes to a landing page where users can unsubscribe from all or some lists.
This option cannot be removed by the customer; however, they can choose how it will be phrased. Anyone who unsubscribes will be automatically flagged in the database and their email address will be suppressed from all future mailings. Unsubscribe status can not be overwritten by list merging. To further protect recipients from email abuse, contacts receiving emails sent using the Maropost products will only see their names in the ‘To’ field. No other recipients’ email addresses are visible.
Email Sending Practices
Maropost honors ISP and Mailbox providers policies (restrictions on the number of connections, speed of sending servers, open relay off, reverse DNS enabled, RFC compliance). Authentication standards, such as sender policy framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) are used for outgoing email campaigns. Maropost products distinguish between soft and hard bounces. Hard bounces (bad email addresses) are immediately flagged and suppressed from future mailings.
Suppression File Encryption
Maropost supports suppression file encryption. Suppression file abuse is a significant source of spam. The simple act of encrypting these files makes this sort of abuse more difficult. The Email Sender and Provider Coalition (ESPC) has implemented a membership requirement that members should support MD5 suppression file encryption. It is our hope that adoption of this standard will not only help reduce spam but also drive broader encryption adoption within the industry. You can read more by clicking here.
Dealing with Complaints
As customers use Maropost systems, the number of complaints they receive is tracked by an internal reputation and tracking system. Customers with a high number of complaints may be subject to list upload restrictions. Larger lists are uploaded not by the customer, but by Maropost upon the customer’s instruction, and may be subject to manual scrutiny.
When a complaint is received the following process is followed:
User addresses from complaints received via ISP or Mailbox providers Feedback Loops (FBLs) are automatically unsubscribed. Complaints received directly from end-users or via third-party sources like SpamCop, are reviewed by our Postmaster team and the account is subject to suspension. The user address is unsubscribed (manually added to the account’s Do Not Mail list) and we track such reports. We may ask our customers to provide proof of consent in such cases. We may also ask our customers to reconfirm their lists, as needed.
Maropost reserves the right to assess a fee against clients of up to, the greater of $1,000 and 10% of their monthly fees, for each account suspension caused by the client delivering emails that are reasonably deemed unacceptably spam or bounce heavy by Maropost, including, without limitation, due to complaints arising from Blocklists like Spamhaus, SURBL listings, mailbox providers or similar organizations, services or lists. These fees are cumulative if issues continue. These fees, which represent liquidated damages and not a penalty or fine, will be chargeable upon each incident of spam complaint or reasonable apprehension of spam heavy content. In addition to the above, and without prejudice to Maropost’s entitlement to fees owing under a subscription agreement, Maropost may, at its sole discretion, terminate the customer accounts of repeat, or otherwise egregious, offenders hereunder.
End users should only receive emails from our system sent on behalf of our customers that they recognize opting in to. We do not allow any customer to use our platform to send unsolicited emails.
If you have received an unsolicited email from one of Maropost’s customers, please contact abuse@maropost.com.
Acceptable Guidelines for Customers
Below are some guidelines around list collection, identification, unsubscribe, and content requirements that need to be followed by all Maropost customers.
Consent
Maropost requires its customers to ensure they have proper opt-in permission (explicit, express, or implied) for each recipient in their list. Customers are also required to produce proof of opt-in or prior relationship upon request within 72 hours of receipt of a request by the recipient or Maropost. You must use reasonable means to ensure that the person giving consent is the owner of the e-mail address for which the consent is given. Customers are encouraged to ensure they are emailing end users only for the purposes for which their consent has been collected. For example: If bob@example.com has consented to receive a one-time product update from Brand A, their email address should not be used to send Brand A’s general periodic email newsletter.
Explicit or Express Consent
Recipients must express their choice to receive one or more types of emails. Note that consent must be collected using an opt-in mechanism and not an opt-out mechanism. The recipient must take positive action to indicate their consent. Note that express consent may be collected both orally or in writing.
Co-registration on a partner’s website may be acceptable so long as there are separate opt-in options for each list and the recipient is presented with options and choices in a clear and conspicuous manner. For example, recipient choice to consent to one email list should not be construed as consent to receive email from multiple partner lists.
Below are some common sources of collecting express consent:
Implied consent
Recipients must have had a prior business or non-business relationship, in most cases within the last two (2) years. There are some other forms of implied consent as well like:
Below forms of acquiring email addresses may not provide adequate consent (not an exhaustive list):
Unsubscribe
Every email sent using the Maropost platform must include a clear, conspicuous unsubscribe mechanism that is simple and easy to use. Maropost automatically includes such functionality in the footer of every email.
However, if customers wish to add additional unsubscribe links in the content, Maropost provides the option of using several ‘campaign tags’ to add an unsubscribe link in outgoing emails. Such unsubscribe requests are captured by Maropost software and relevant user addresses are automatically removed from the applicable mailing lists. Customers are responsible for choosing a ‘campaign tag’ that is optimized for their campaign type and recipient selection method. Customers are also responsible to make sure it is coded correctly within their email content.
In case customers use some other unsubscribe link, a plan should be in place to make sure users opting out using such means are marked as unsubscribed in Maropost.
We understand that this may not be entirely feasible, so we discourage customers from using non-Maropost unsubscribe links. Using unsubscribe links belonging to third-party advertisers is very risky because the user never opted into the advertiser and it is challenging to make sure all such users are properly unsubscribed in Maropost.
Maropost also advises customers to ensure singular opt-in does not have multiple opt-outs. Example: If the end user is subscribing to List A, then the sender should not auto-subscribe user address to List B, List C and List D. In case the sender does that, they should ensure that unsubscribe action in any email actually opts the user out of all applicable lists (A, B, C, D).
Snowshoe Spamming or Waterfalling
Snowshoe spamming is an abusive sending technique used in an attempt to avoid email filters. Named for the similarity to how a snowshoe distributes the load of a traveler across a wide area of snow, snowshoe spamming spreads spam across many IPs and domains in order to dilute reputation metrics and evade filters. Furthermore, the practice of switching domains is considered against best practices and your sending reputation will be negatively affected and generally unrecoverable.
It is at the sole discretion of Maropost to determine if the use of multiple IPs or domains are being used for such a practice. If it is determined that Snowshoeing is occurring, Maropost at its sole discretion may suspend or terminate your account.
Waterfalling is an abusive technique wherein a list owner “waterfall” the same illicitly obtained address list through a series of (usually) unknowing, innocent ESPs. Each time they clean out bounces, complainants, and maybe non-respondents, with the end goal being to send the final result through a good ESP with solid deliverability.
The result of this process damages the reputation of each ESP involved, as well as being a violation of ethics, counter to best practices and against our policy.
It is at the sole discretion of Maropost to determine if Waterfalling is being used. If it is determined that Waterfalling is occurring, Maropost at its sole discretion may suspend or terminate your account.
Identification
Maropost requires its customers to accurately identify themselves in emails sent out of their account:
Content
We prohibit customers from sending certain types of content (not an exhaustive list):
With regards to the From: domains; we require customers to ensure they maintain proper DNS entries – A (IP address), TXT (for SPF, DKIM, and DMARC authentication records). Customers also need to ensure they have proper MX records for the Reply-to domain.
From address must be a registered domain and clearly identify the sender. Customer must own or have permission to utilize the From Domain and the domain must have a functional “live” site that ties back to the Customer.
If from or reply address is unmonitored, it must have an autoresponder detailing that it is unmonitored, as well as alternative ways to contact the Customer. A monitored email address must be one of those included forms of communication.
It is also prohibited to use any form of Private WHOIS registration.
ISPs assign a fair bit of reputation to From: domains and we discourage customers from rotating these domains frequently because ISPs regard this as an attempt to circumvent filtering. This includes rotating both the domain and the subdomain. Example: Similar mail should not be sent from many domains like ab.example.com, bc.example.com, de.example.com, fg.example.com, hi.example.com, jk.example.com. Instead, all this mail should be sent from example.com.
In case of any questions or concerns, please feel free to email postmaster@maropost.com
Abuse
You may not use the network or Services to engage in, foster, or promote illegal, fraudulent, abusive, or irresponsible behavior, including, but not limited to:
Offensive Content
You may not publish, transmit or store on or via the Services any content or links to any content that we reasonably believe:
No High-Risk Use
You may not use the Services in any situation where failure or fault of the Services could lead to death or serious bodily injury of any person, or physical or environmental damage
Email Validation
Without limiting the application of any other provisions of this AUP, with respect to any of the Services’ email validation features or functionality, you may not:
Vulnerability Testing
You may NOT attempt to probe, scan, penetrate or test the vulnerability of the system or network, or to breach security or authentication measures, whether by passive or intrusive techniques.
Excessive Use of Shared System Resources
You may not use any shared system provided by us in a way that unnecessarily interferes with the normal operation of the shared system, or that consumes a disproportionate share of the resources of the system. For example, we may require you to repair coding abnormalities in your application if it unnecessarily conflicts with other customers’ use of the Services. You agree that we may quarantine or delete any data stored on a shared system if the data is infected with a virus, or is otherwise corrupted, and has the potential to infect or corrupt the system or other customers’ data that is stored on the same system.
Third-Party Conduct
You are responsible for violations of this AUP by anyone using our Services with your permission or on an unauthorized basis as a result of your failure to use reasonable security precautions. Your use of the Services to assist another person in an activity that would violate this AUP if performed by you is a violation of the AUP.
You must use reasonable efforts to secure any device or network within your control against being used in breach of the applicable laws against spam and unsolicited email, including where appropriate by the installation of antivirus software, firewall software, and operating system and application software patches and updates. Our right to suspend or terminate your Services applies even if a breach is committed unintentionally or without your authorization, including through a Trojan horse or virus.
Other
You may only use IP addresses assigned to you by us in connection with your Services. You agree that if you register a DNS record or zone on Maropost managed or operated DNS servers or services for a domain of which you are not the registrant or administrative contact according to the registrars WHOIS system, that, upon request from the registrant or administrative contact according to the registrars WHOIS system, we may modify, transfer, or delete such records or zones. You may not register to use any Services under a false name, or use an invalid or unauthorized credit card in connection with any Services.
Individuals accessing the service must have their own login IDs. Sharing the same login ID between multiple individuals is a violation of Maropost’s Security Policy. This policy also applies to vendors who are accessing service as agents on behalf of the primary account owner.
SMS
Overview
Maropost and its partners, only support permission-based and lawful email/mobile marketing practices that comply with but are not limited to regulations such as Canadian Anti-Spam Laws (“CASL”), United States Controlling the Assault of Non-Solicited Pornography and Marketing or (“CAN-SPAM“) Act, United States Telephone Consumer Protection Act (TCPA), or privacy regulations like General Data Protection Regulation (GDPR).
Consent
Maropost requires its customers to get prior explicit opt-in consent in order to send text messages for marketing purposes. Providing only an opt-out does not constitute explicit consent. Customers are also required to produce auditable proof of opt-in upon request.
Consent must be unambiguous to the end user and clear details of the purpose of the messages must be provided. Customers are required to ensure they are sending text messages only for the purposes for which consent has been collected. For example: If consent has been captured for sending text receipts, sending other types of messages (like promotions, deals) is not allowed.
Content
We prohibit customers from sending certain types of content:
Intellectual Property and Other Proprietary Rights
You may not use our Services in a manner that infringes on or misappropriates the rights of a third party in any work protected by copyright, trade or service mark, invention, or other intellectual property or proprietary information. For example:
In addition, you may not use the Services to publish another person’s trade secrets or to publish information in violation of a duty of confidentiality. It is our policy to terminate the services of customers who are repeat infringers in appropriate circumstances.
Export Control
The Services may not be used in violation of export laws, controls, regulations, or sanction policies of the United States or your applicable jurisdiction. The Services may not be used by persons, organizations, companies, or any such other legal entity or unincorporated body, including any affiliate or group company, which is involved with or suspected of involvement in activities or causes relating to illegal gambling; terrorism; narcotics trafficking; arms trafficking or the proliferation, development, design, manufacture, production, stockpiling, or use of nuclear, chemical or biological weapons, weapons of mass destruction, or missiles; in each case including any affiliation with others whatsoever who sponsor or support the above such activities or causes.
Cooperation with Investigations and Legal Proceedings
If we are legally required to permit any relevant authority to inspect your content or traffic, you agree we can do so; provided however that, where possible without breaching any legal or regulatory requirement, we give you reasonable prior notice of such requirement.
We may, without notice to you, report to the appropriate authorities any conduct by you that we believe violates applicable law, and provide any information we have about you, or your users, or your traffic and cooperate in response to a formal request from law enforcement or regulatory agency investigating any such activity, or in response to a formal request in a civil action that on its face meets the requirements for such a request.
Changes to the AUP
The Internet is still evolving, and the ways in which the Internet may be abused are also still evolving. Therefore, we may from time to time amend this AUP to further detail or describe reasonable restrictions on your use of our Services by publishing a revised version of the AUP at https://devtest.maropost.com/anti-spam-policy/, or in the event of a material adverse change to the AUP, by providing you thirty (30) days written notice.
The revised AUP will become effective as to you on the first to occur of: (i) your execution of a new or additional agreement with respect to the Services that incorporates the revised AUP by reference, (ii) the first day of a renewal term for an Agreement that begins at least thirty (30) days after the time that the revised AUP has been posted, or (iii) thirty (30) days following our written notice to you of a material change to the AUP.
If your compliance with the revised AUP would adversely affect your use of the Services, you may elect to terminate the Agreement by giving written notice of your objection no later than thirty (30) days following the date that the revised AUP would otherwise have become effective as to you. We will not charge you an early termination fee for a termination on these grounds. If you elect to terminate, you may continue using the Services for up to an additional ninety (90) days and we will not enforce the revision as to you during this time, you will continue to be subject to the prior version. If you choose to terminate your Services under this Subsection, we may decide to waive that change as to you and keep your Agreement in place for the remainder of the term.
Consequences of Violation of AUP
If you breach the AUP we may suspend or terminate your Services in accordance with the Agreement. We may intercept or block any content or traffic belonging to you or to users where Services are being used unlawfully or not in accordance with this AUP.
No credit will be available under the Agreement for interruptions of service resulting from any AUP violation.