Acceptable Use Policy (AUP)

To protect our users, reputation, delivery, infrastructure, and legal compliance posture, TrekMail strictly forbids certain types of activity across email, API, MCP, Drive, Account Drive, public links, and all related services.

Prohibited Content

You may not use TrekMail to send, store, host, link to, transmit, publish, distribute, or make available:

• Unsolicited Commercial Email (Spam): No purchased lists, no scraped data. You must have consent.
• Phishing/Malware: Any attempt to steal data, impersonate another party, host phishing materials, or distribute harmful software.
• Adult Content: Pornography, sexually explicit material, or non-consensual intimate imagery.
• Illegal Goods: Drugs, weapons, counterfeit goods, or gambling.
• Illegal or Rights-Infringing Content: Child sexual abuse material, terrorist content, content that violates intellectual property rights, privacy rights, publicity rights, or other third-party rights, or any content that is illegal in a jurisdiction relevant to TrekMail, the account owner, or the recipient.
• Abusive Public Links: Public Drive links used for spam, phishing, malware delivery, deceptive downloads, traffic laundering, unlawful file distribution, or evasion of another provider's abuse controls.
• Bandwidth or Storage Abuse: Use of Drive, public links, large attachment links, or related features as a public content delivery network, warez host, bulk file distribution service, backup dump, or bandwidth-abuse service outside normal email-hosting and file-management use.

Prohibited API and Automation Use

You may not use the TrekMail API or MCP server to:

• Circumvent plan limits — using the API to bypass domain, mailbox, or feature restrictions.
• Scrape or harvest data — bulk-exporting data beyond normal operational use.
• Resell API access — providing API access to third parties outside your account.
• Automate abuse — using AI agents or scripts to send spam, create throwaway mailboxes, or perform actions that violate this policy.
• Abuse message tokens — using message tokens to send unsolicited email, harvest email content from mailboxes you do not own, or send phishing/impersonation messages via the API or MCP server.
• Abuse Drive or public links — using automation to create, enumerate, test, drain, or distribute public Drive links or stored files for abuse, evasion, or unauthorized access.
• Brute-force tokens — attempting to guess or enumerate API tokens.
• Email Verifier abuse — using the Email Verifier to harvest, probe, or confirm the existence of email addresses obtained without the address owner's consent; submitting scraped, purchased, or otherwise unlawfully obtained email lists for verification; or using verification results to compile or enrich contact lists for the purpose of sending unsolicited email in violation of this policy.

API tokens (including message tokens) that are used for prohibited activity will be revoked and the associated account may be suspended.

Registration Restrictions

To maintain platform integrity and prevent abuse:

• Disposable email addresses are blocked. You cannot register with a temporary or throwaway email service (e.g., Guerrilla Mail, Mailinator, Tempail, and similar providers). Registration and OAuth sign-up attempts using known disposable domains are rejected automatically.
• Email verification is required. New accounts must verify their email address. A verification link is sent at registration. Accounts that remain unverified after 7 days will have outbound email sending blocked until verification is completed.

Email Content Compliance

You are solely responsible for ensuring that all email sent through TrekMail infrastructure complies with applicable federal and state laws, including but not limited to the CAN-SPAM Act (15 U.S.C. § 7701 et seq.) and the Washington State Commercial Electronic Mail Act (RCW 19.190). In particular:

• Misleading subject lines are prohibited. You may not use false, deceptive, or misleading information in the subject line or header fields of any email sent through the Service. Violations may expose you to statutory penalties of up to $500 per recipient under applicable state laws.
• Unsubscribe compliance is mandatory. Every commercial email must include a functioning unsubscribe mechanism that is honored within 10 business days.
• Accurate sender identification is required. All emails must accurately identify the sender and include a valid physical postal address.

TrekMail is not liable for email content composed or directed by you, but reserves the right to suspend accounts that expose the platform to legal risk through non-compliant email practices.

Drive, File Storage, and Public Link Compliance

You are solely responsible for files uploaded to TrekMail Drive, Account Drive, shared folders, large attachment links, and public download links created from your account. Public links are bearer links: anyone who obtains the link may be able to access the linked file until the link expires, reaches its download limit, is revoked, is deleted, or is disabled.

You may not use TrekMail file storage or public links to host, share, or facilitate illegal, infringing, abusive, malicious, or deceptive content. TrekMail may disable files, folders, public links, or accounts where we reasonably believe doing so is necessary to protect users, comply with law, enforce this policy, protect third-party rights, or preserve the security and integrity of the Services.

If a Drive Storage Add-on payment fails and payment retries are exhausted, or if the Add-on is canceled and the paid period ends, the account enters a limited read-only grace period for seven (7) days. During that period, uploads may be blocked or restricted. If the account remains over its remaining storage cap after the seven (7) day grace period, Drive files may be permanently and irreversibly deleted to bring the account within its available storage. There is no additional 30-day grace period for unpaid or ended Drive Storage Add-on capacity.

Enforcement

• Monitoring: We use automated systems to detect high bounce rates, spam complaints, and abnormal API usage patterns.
• Suspension: Violations may result in immediate account suspension.
• File and link restrictions: Violations may result in disabling, removal, preservation, or deletion of files, folders, public links, or related records.
• Domain cleanup: Domains and mailboxes belonging to accounts suspended for more than 7 days are automatically removed from the mail system.
• Refunds: We do not offer refunds to accounts terminated for abuse.

White Label Lite and reseller responsibility

If you serve mailboxes to your own customers via White Label Lite, the same AUP applies to all activity on your account — including activity carried out by your end customers. You are responsible for ensuring your customers' use of the service complies with this policy. Suspensions and enforcement actions apply to your TrekMail account as a whole; from your customers' point of view, this would mean their email service goes down. Build downstream responsibility into your reseller relationships accordingly.

Reporting Abuse

If you receive spam from a TrekMail user, please forward the full headers to abuse@trekmail.net for investigation. To report an abusive or illegal public Drive link, include the exact URL, a short explanation of the issue, your name, and a contact email address. Do not download, copy, redistribute, or further expose suspected illegal material.