Acceptable Use Policy
Effective date: July 1, 2026
Last updated: July 2, 2026
This Acceptable Use Policy ("AUP") governs all email sent through Toasty. It is incorporated into the Terms of Service, and a breach of this AUP is a breach of the Terms. We built Toasty for honest outbound. These rules protect your deliverability, your recipients, and every other customer sending on this platform.
1. CAN-SPAM Baseline: Every Message, Every Time
You are the sender of your messages under the CAN-SPAM Act. Every commercial message you send through Toasty must:
- Include your valid physical postal address. A street address or a properly registered P.O. box or commercial mail receiving agency box, in the message body or signature.
- Include a functioning opt-outthat an ordinary recipient can find and use, such as an unsubscribe link or a clear "reply STOP to opt out" instruction. The opt-out mechanism must remain able to receive and process requests for at least 30 days after the message is sent.
- Honor every opt-out promptly. The law allows up to 10 business days; Toasty's suppression list applies opt-outs across your campaigns as soon as they are recorded, and you must not circumvent it. Opt-out requests and the email addresses behind them must never be sold, exchanged, or transferred.
- Use accurate headers and identity. Your From name and address must truthfully identify you or your business, and the From address must match the actual mailbox the message is sent from. No relaying through mailboxes or domains you do not control.
- Use truthful subject lines. The subject must reflect the content of the message.
2. Prohibited Practices
You must not, under any circumstances:
- Send to purchased, rented, harvested, or scraped lists or to addresses generated by dictionary attacks or permutation guessing. Prospect lists must be built from legitimate research into identifiable business contacts.
- Fake a prior conversation.No "Re:" or "Fwd:" subject prefixes on a first-touch message, and no pretending a thread or relationship exists when it does not.
- Use deceptive subject lines or false urgency ("your account," "invoice attached," "final notice" and the like). Note that beyond federal law, state statutes such as California Business & Professions Code § 17529.5 and Washington's Commercial Electronic Mail Act impose liquidated damages per email for misleading subject lines and falsified headers. One deceptive campaign can be an existential liability.
- Impersonate any person, business, or brand, in the From line, signature, domain, or message body.
- Send on behalf of undisclosed third parties. The business the message promotes must be identifiable to the recipient. No ghost-sending for clients who are hidden from view.
- Send malware, phishing, or link-cloaked content, or use the Service for any unlawful purpose.
3. Restricted Verticals
Campaigns promoting the following require our prior written approval (request via legal@sendtoasty.com) and may be declined at our discretion: gambling; adult content or services; weapons; drugs or drug paraphernalia; payday or high-interest loans; get-rich-quick, MLM, or business-opportunity offers; cryptocurrency or forex trading schemes; and political fundraising.
4. Volume and Pacing
Toasty enforces sending limits at the platform level: approximately 30 to 50 messages per day per mailbox, delivered at a human pace throughout the day rather than in bursts. These limits exist to protect your domain reputation and the platform's sending health. Attempting to evade them (for example, by rotating accounts) is a breach of this AUP.
5. Quality Thresholds
- Spam complaints: target below 0.1% of delivered messages. Sustained rates at or above 0.3% trigger automatic suspension of the affected campaigns.
- Bounces: keep hard bounces below 2%. High bounce rates indicate a bad list and will trigger review. Verify addresses before sending; the platform's verification tools exist for this reason.
6. Monitoring and Enforcement
We may scan campaign content and sending patterns for compliance with this AUP. Depending on severity, we may warn you, rate-limit or pause sending, require identity or domain verification, suspend your account during an investigation, or terminate it for a confirmed breach. We aim to be proportionate; we will not hesitate on clear abuse.
This monitoring and enforcement program is how we take the "reasonable action" contemplated by 15 U.S.C. § 7705 for providers whose services are used to send commercial email, and it is maintained as the due-care program contemplated by California Business & Professions Code § 17529.5(b).
7. Reporting Abuse
If you received unwanted email sent through Toasty, or you see a customer violating this policy, email abuse@sendtoasty.com with the full message headers if possible. We review every report.