Auto-Action System
Effective: 1 May 2026
The Splashify Pro Email API enforces the Acceptable Use Policy automatically. Thresholds are checked continuously; actions fire without human intervention when triggered. This page documents every threshold so you know exactly what happens, why, and how to recover.
Why we do this automatically
A single bad sender hurts every other sender on shared sending infrastructure. Inbox providers (Gmail, Outlook, Yahoo) score the sending domain and IP reputation collectively; one phishing run can trigger blocklisting that affects unrelated partners for days.
By acting in seconds rather than waiting for a human review queue, we protect:
- Other partners from collateral deliverability damage.
- Recipients from spam, phishing, and fraud.
- Splashify Pro’s reputation as a deliverable email API.
Reputation thresholds (rolling 14-day window)
Every send produces a delivery outcome (sent / delivered / bounced / complained / rejected). We compute the rolling 14-day rate per account and per configuration set.
| Metric | Healthy | At-risk | Auto-paused |
|---|---|---|---|
| Bounce rate | ≤ 3% | 3% – 5% | > 5% (or > 10% in any single day) |
| Complaint rate | ≤ 0.05% | 0.05% – 0.1% | > 0.1% (or > 0.5% in any single day) |
| Spamtrap hits | 0 | 1 | ≥ 2 within 7 days |
At-risk triggers a warning email and a dashboard banner. Sending continues but at reduced peak rate until the rolling rate falls back to healthy.
Auto-paused halts every send from the account. New send requests
return 403 account_paused with the reason. The pause is removed only
after manual review and remediation — it does not auto-clear.
Content-based triggers
Every outbound message passes through a content classifier before it hits the network. The classifier looks for known phishing kits, malware payload signatures, and the banned categories listed in the AUP.
| Trigger | Action |
|---|---|
| Known phishing kit / brand impersonation | Block + auto-pause |
| Malware URL / executable attachment | Block + auto-pause |
| CSAM heuristic | Block + immediate termination + report |
| Banned regulated category | Block individual send, warn |
| URL on Spamhaus DBL / SURBL | Block individual send, warn |
The block is reflected in the response: the API returns 200 with
status: "rejected" and a reason field; the message is never queued.
Behavioural triggers
Some abuse patterns aren’t visible from a single message — they only emerge across many.
| Pattern | Trigger | Action |
|---|---|---|
| Recipient list churn | > 50% of recipients are new in a single send batch | At-risk flag + slower send rate |
| Disposable mailbox saturation | > 5% of sends to known disposable domains | Block disposable domains, warn |
| Hard-bounce ratio on first send to a list | > 15% on first 1,000 messages | Pause batch, warn |
| Spamtrap hit | ≥ 1 known spamtrap address in recipient list | Auto-pause |
| Repeat AUP violation | Second AUP breach within 30 days of reinstatement | Termination |
Sandbox guardrails
Every new account starts in sandbox mode so first-send mistakes don’t damage your reputation.
- 200 emails per 24 hours
- 1 email per second peak rate
- Recipients must be on your verified identity list
Reply-Toheader is automatically set to your registered email so bounces reach you
Request production access when you’re ready. Approval lifts the sandbox cap; it does not lift the AUP thresholds.
Recovery paths
From At-Risk
You usually recover automatically when the rolling 14-day rate falls back below the warning threshold. Practical steps:
- Stop sending to the segment causing bounces or complaints.
- Clean your list — drop hard bounces (already auto-suppressed), drop addresses that haven’t engaged in 90 days, fix any obvious typos.
- Improve content — clearer From name, accurate subject lines, no misleading preview text.
- Slow down. New lists should warm up over 7–14 days, not blast all at once.
From Auto-Paused
- Identify the cause. The dashboard shows which threshold tripped and a sample of the offending sends.
- Email abuse-review@splashifypro.in with:
- Your account ID.
- A short explanation of what went wrong.
- The remediation steps you’ve taken (list cleaning, content changes, sending-source segmentation).
- We review within 2 business days. If the remediation looks genuine and the violation wasn’t deliberate, we lift the pause and place the account on a 30-day probation. A second pause during probation is treated as a Severe violation.
From Termination
Termination is permanent for the account and the legal entity that operated it. Creating a new account to circumvent termination is itself a violation and is detected by our duplicate-detection system (domain + business identifier + payment method overlap).
If you believe the termination was an error, email grievance@splashifypro.in within 15 days of termination. We respond within 30 days under the IT (Intermediary Guidelines) Rules.
Severity levels
| Level | Examples | Default action |
|---|---|---|
| Minor | Single user complaint, deliverability blip | Warning email |
| Material | Sustained reputation breach, AUP edge cases | Auto-pause |
| Severe | Phishing, malware, fraud, repeated material breaches | Termination |
| Critical | CSAM, imminent harm, active fraud | Termination + report to authorities |
Appeal rights
You have the right under the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 to appeal any account action. Send appeals to grievance@splashifypro.in. The Grievance Officer acknowledges within 24 hours and resolves within 15 days.
If you are dissatisfied with the Grievance Officer’s decision, you may escalate to the Grievance Appellate Committee constituted by the Ministry of Electronics and Information Technology under Rule 3A.
What we never do automatically
- Read the body of your emails for any purpose other than the classifier described above. We do not train AI on your content.
- Share your sending data with competitors, marketing networks, or any third party who hasn’t signed our DPA.
- Disclose your sending statistics to your competitors. Reputation data is yours alone.
- Modify the body of your emails. We add
List-Unsubscribeheaders and (when requested) tracking pixels — we never rewrite content.
Transparency
Every auto-action writes an entry to your account’s audit log. You can query the audit log via the API. We do not delete or modify audit entries; they are append-only and preserved for at least the lifetime of your account plus 3 years (consistent with DPDP Act §11(3) record-keeping).