This Acceptable Use Policy (“AUP”) supplements our Terms. It exists to protect customers, recipients, and the Service. Breach is grounds for suspension or termination.
You may not use Inboxr to…
- Send unsolicited bulk email (“spam”).
- Receive mail intended to deceive a third party (e.g. phishing-relay, credential stuffing, account-takeover relay).
- Bypass account verification or KYC checks for services you do not own.
- Receive content that is unlawful, defamatory, or infringes intellectual property rights.
- Receive child sexual abuse material (CSAM) or other content prohibited by Australian or applicable law.
- Resell raw mail to third parties.
- Use addresses to harass, threaten, or impersonate.
- Run security testing of the Service without prior written consent (see “Responsible disclosure” below).
- Probe, scan, or attempt to compromise other tenants or our infrastructure.
- Use the Service to support or evade sanctions in violation of applicable export-control laws.
Outbound mail rules
- The
From:address must be on a domain you have rights to use. - Outbound is for transactional and operational mail, not marketing campaigns.
- You are responsible for SES bounce/complaint rates on your custom domains.
Volume & rate limits
Plan-level caps on inboxes, inbound msgs/day, and outbound msgs/month are enforced. Sustained traffic above these caps is grounds for throttling.
Reporting abuse
Report abuse of the Service to abuse@getinboxr.app. Include the offending address, message-id, and headers when possible.
Responsible disclosure
Security researchers may report vulnerabilities to security@getinboxr.app. Please give us a reasonable window to remediate before public disclosure. We will not pursue legal action against good-faith research that respects this policy.