MultiMail provides email infrastructure for AI agents operating under human oversight. This policy defines what constitutes acceptable use of the service and is incorporated into and governed by the MultiMail Terms of Service. In the event of conflict between this policy and the Terms, the Terms govern. Every MultiMail account has a human operator who is responsible for their agents' email activity.
MultiMail exists to give AI agents a reliable way to send and receive transactional email. A message is transactional if its primary purpose is to facilitate, complete, or confirm a transaction the recipient has already initiated or agreed to, or to provide notification about an ongoing commercial or service relationship. A message whose primary purpose is to promote a product, service, or commercial opportunity is not transactional, even if it also contains transactional content.
Permitted use: Direct replies to emails your agent received; notifications and status updates to users of your product or service; task-related communication with known contacts and collaborators; automated updates sent to recipients who have a prior relationship with your organization; agent-to-agent communication between MultiMail accounts.
Not permitted: Unsolicited email to recipients who have no prior relationship with your organization; bulk promotional or marketing email; cold outreach, lead generation, or sales prospecting; purchased, scraped, or rented contact lists; any content designed to deceive, phish, or impersonate; email that obscures the fact it was sent by an AI agent when transparency is legally required; malware distribution, credential harvesting, or abuse of any kind.
What counts as a prior relationship: A prior relationship means the recipient has directly and voluntarily provided their email address to your organization, or has an active account, subscription, or ongoing service engagement with your organization. Passive interactions such as website visits, ad clicks, or social media follows do not establish a prior relationship.
When you create a MultiMail account, you become the operator of every agent mailbox under that account. You acknowledge that you are the "sender" (CAN-SPAM), "data controller" (GDPR), and "person who sends" (CASL) for all messages transmitted by agents under your account. This means: you are responsible for all email sent by your agents, as if you had sent it yourself; you must configure an appropriate oversight mode for each mailbox: approving messages before they send (gated), reviewing them after (monitored), or accepting full responsibility for autonomous sending; you must respond promptly to any abuse reports or delivery issues we surface to you; you must comply with applicable email regulations in the jurisdictions where your recipients are located, including CAN-SPAM, GDPR, CASL, and similar laws; you agree to indemnify and hold harmless MultiMail against any claims, fines, or damages arising from your agents' email activity.
A note on oversight modes: MultiMail offers five oversight levels: read_only, gated_all (all email requires approval), gated_send (outbound requires approval, inbound delivered immediately), monitored (post-send review with BCC to operator), and autonomous (agent sends independently). New accounts default to gated_send. Upgrading to monitored or autonomous means you accept full responsibility for messages your agent sends. Operators can configure auto_cc or auto_bcc on any mailbox for additional visibility. Automated safeguards (described below) run on every message in every oversight mode.
Regardless of oversight mode, every message processed by MultiMail (including replies) passes through automated safety checks before delivery. The content scanning pipeline runs before rate limiting, so every message receives a content-specific verdict. Blocked messages include a reason in the API response and in the operator's audit log.
Content scanning. All outbound email passes through automated content filtering to prevent abuse. Messages that violate the transactional-only policy or contain harmful content are blocked before delivery. Threat scanning. Attachments are scanned for malware and URLs are checked against known threat databases. Emails containing threats are blocked before delivery. Email authentication. MultiMail signs all outbound email with DKIM and publishes SPF records for every tenant subdomain. DMARC policies are enforced to protect sender reputation and prevent spoofing. Input validation. All inputs are validated and sanitized. Markdown-to-HTML conversion produces clean, safe output. Rate limiting. Flexible, plan-based rate limits prevent runaway agents from flooding recipients. Limits scale with your plan and account history. Abuse pattern detection. Behavioral analysis detects abuse patterns, even when individual messages appear clean. Recipient validation. Invalid addresses, empty recipients, and mass multi-recipient sends are rejected. Authentication isolation. API keys are scoped to specific accounts. Cross-mailbox access is denied. Keys are only accepted via the Authorization header.
Deliverability is a shared resource. Every MultiMail sender affects the reputation of the platform. We enforce these practices to protect all users: every email must go to someone who has a reason to expect it: a customer, a user, a collaborator, or another agent in a known workflow; we monitor bounce rates and spam complaints across all accounts and sustained rates above 2% bounces or 0.1% complaints will trigger a review; sending limits are based on your plan and increase as your account establishes a track record of clean sending; if a recipient asks to stop receiving email, by any means, your agent must stop sending to them.
We enforce this policy proportionally. Honest mistakes get a conversation. Deliberate abuse gets shut down.
| Issue | Tier | Response |
|---|---|---|
| Bounce rate 2–5% | Warning | Email notification with guidance. Sending continues while you fix it. |
| Bounce rate >5% | Suspended | Sending disabled. Email notification. Admin review required to reactivate. |
| Spam complaints >0.3% | Suspended | Sending disabled. Review required before reactivation. |
| Misconfigured agent sending unexpected email | Suspended | Sending disabled until you confirm the fix. |
| Threat detected (malware, phishing, impersonation) | Suspended | Account suspended. Email blocked. Review required. |
| Bulk unsolicited sending pattern detected | Suspended | Sending disabled. Review required. |
| Deliberate abuse, purchased lists, or repeated violations | Terminated | Immediate account termination. No appeal. |
Enforcement process: Automated enforcement is graduated — warnings allow continued sending, suspensions disable sending until review, and terminations are permanent and reserved for deliberate abuse. For all suspensions, we notify you via email at your oversight address. You have 2 business days to respond with an explanation or remediation plan. During review, inbound email and API access continue to work; outbound sending is paused. If you disagree with an enforcement decision, you may request a final review by emailing [email protected] within 5 business days of the original notice.
AI-generated email is still a developing area of law and norms. We believe in getting ahead of regulation rather than reacting to it. MultiMail agents include a cryptographically signed X-MultiMail-Identity header on every outbound email, identifying the operator, oversight mode, and verification status. This header cannot be disabled by operators. Operators must include a clear disclosure that a message was sent by an AI agent in any context where the recipient might reasonably believe they are communicating with a human. MultiMail provides a default footer disclosure that operators may customize but not remove. Agent identity can be verified by anyone who receives the email by checking the signed header against MultiMail's public key.
MultiMail acts as a data processor on behalf of operators, who are data controllers for the email their agents send and receive. We collect and process message metadata (sender, recipient, subject, timestamps) and message content (markdown body and rendered HTML) as necessary to provide the service. Message content is retained for 90 days after delivery, then permanently deleted. Metadata is retained for 12 months for abuse detection and audit purposes. Email content is not used for model training or any purpose beyond service delivery, abuse detection, and operator-facing audit logs. All data is processed and stored in the United States. Operators own the content of their agents' messages. MultiMail holds a limited license to process, store, and deliver that content as necessary to provide the service.
If you require a Data Processing Agreement for GDPR compliance, contact [email protected].
If you receive unwanted email from a MultiMail address, or if you believe a MultiMail agent is being used in violation of this policy, contact us at [email protected]. We review every report.
We may update this policy as the landscape around AI-generated email evolves. Non-material changes (clarifications, formatting, typo fixes) take effect 14 days after notification. Material changes (new prohibitions, enforcement changes, scope changes) take effect 30 days after notification, and existing accounts are grandfathered for 90 days unless the change is required by law. All changes are communicated to active account operators via email.
MultiMail provides this service "as is" without warranty of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, or non-infringement. Ghst Particle, LLC's total liability to any operator under this policy and the Terms of Service shall not exceed the fees paid by that operator in the 12 months preceding the claim. Ghst Particle, LLC is not liable for any damages arising from an operator's agents' email activity, including but not limited to delivery failures, content errors, regulatory fines, or claims by recipients. See the Terms of Service for complete terms.