Anti-Spam Policy
Anti-Spam Policy
HostupCloud maintains a zero-tolerance policy for spam and unsolicited bulk communications of any kind. This policy applies to all customers, resellers, and any third party using HostupCloud infrastructure to send email or other electronic messages. It supplements our System Policies & AUP and is consistent with the CAN-SPAM Act (US), UK GDPR + PECR + Data (Use and Access) Act 2025 (UK), EU GDPR + ePrivacy Directive 2002/58/EC (EU), and India's TRAI Commercial Communications Regulations and DPDPA 2023 + Rules 2025.
Last updated: 22 February 2026 · Effective: 22 February 2026 · Report spam: abuse@hostupcloud.com
1. Definition of Spam
For the purposes of this policy, "spam" means any unsolicited bulk electronic communication, including but not limited to:
1.1Unsolicited Bulk Email (UBE): Email sent to recipients who have not given prior, explicit, verifiable consent to receive communications from the sender.
1.2Unsolicited Commercial Email (UCE): Commercial email sent without recipient consent, regardless of volume.
1.3Email to harvested addresses: Sending to email addresses collected via web scraping, directory harvesting, or purchased lists without verifiable opt-in consent.
1.4SMS / Messaging Spam: Unsolicited bulk SMS, WhatsApp, Telegram, or other messaging platform messages.
1.5Spam through web forms: Using contact forms, comment sections, or API endpoints to deliver unsolicited messages.
1.6Forum / Social Media Spam: Posting bulk promotional content in forums, social platforms, or communities without genuine participation.
2. Prohibited Spam Activities
2.1Sending, relaying, or hosting any unsolicited bulk email (UBE/UCE) from or through HostupCloud servers.
2.2Operating an open mail relay that allows third parties to send email through your server without authentication.
2.3Sending email with forged, falsified, or misleading header information (including From, Reply-To, or Message-ID fields).
2.4Using deceptive subject lines that do not accurately describe the email content.
2.5Using third-party infrastructure to spam while using HostupCloud domains in the From or Reply-To field (backscatter/snowshoe spam).
2.6Operating email harvesting scripts, dictionary attacks, or brute-force address enumeration on any mail server.
2.7Purchasing, renting, or using email lists without verified opt-in consent from all recipients.
2.8Sending email to distribution lists or role addresses (postmaster@, webmaster@, admin@) without legitimate operational reason.
2.9Phishing emails that impersonate a legitimate entity to obtain credentials or financial information.
2.10Operating a botnet, spam zombies, or using HostupCloud resources to control compromised systems for spam distribution.
3. Permitted Email Communications
3.1Transactional emails sent to customers who have placed orders, created accounts, or requested services (invoices, password resets, account alerts).
3.2Newsletters and marketing emails sent to recipients who have given clear, verifiable, freely-given, specific, and informed consent (double opt-in preferred).
3.3Business-to-business (B2B) communications sent to professional contact addresses where there is a legitimate commercial interest, with a clear opt-out.
3.4Automated emails triggered by user actions (welcome emails, form confirmations, order updates) where the user initiated the action.
3.5Emails to existing customers about similar products or services (soft opt-in) under PECR regulations, subject to a clear opt-out.
All permitted bulk emails must include: (a) accurate sender information; (b) a physical postal address; (c) a clear and functioning unsubscribe mechanism; and (d) honouring unsubscribe requests within 10 business days.
4. Mailing List & Newsletter Standards
4.1Use confirmed (double) opt-in: After initial sign-up, send a confirmation email requiring the recipient to click a link to verify their address and consent.
4.2Maintain suppression lists: Keep and honour a list of unsubscribed addresses and do not email them again.
4.3Prune inactive subscribers: Remove addresses that have not engaged (opened/clicked) in 12 months to maintain list hygiene.
4.4Monitor bounce rates: A hard bounce rate above 2% or spam complaint rate above 0.1% (per Google/Yahoo 2024 sender guidelines) may result in email service suspension.
4.5Authenticate your domain: Configure SPF, DKIM, and DMARC records for all sending domains.
4.6Sending to third-party purchased or rented lists without verified individual consent for HostupCloud specifically is prohibited.
4.7List sharing between customers using the same HostupCloud-hosted platform without individual consent is prohibited.
5. Enforcement Actions
| Violation | Action | Timeline |
|---|---|---|
| Minor: low-volume, accidental spam complaint | Warning email with remediation guidance | Within 24 hrs |
| Moderate: confirmed spam, complaint rate >0.1% | Outbound email port 25 blocked pending review | Within 4 hrs |
| Severe: open relay, bulk UBE, phishing | Immediate suspension of email and network access | Within 2 hrs |
| Critical: botnet C2, snowshoe spam campaign | Immediate account termination + null-route | Within 1 hr |
| Repeat violation after reinstatement | Permanent account termination, no refund | Immediately |
5.1Customers whose IP addresses are blacklisted due to spam may request delisting after resolving the underlying issue.
5.2HostupCloud works with major spam blacklist operators (Spamhaus, SURBL, Barracuda) to ensure our IP ranges remain clean.
5.3Customers who cause our IP ranges to be blacklisted may be held liable for the remediation costs and any resulting service disruption to other customers.
6. Reporting Spam
6.1To report spam originating from HostupCloud infrastructure, email abuse@hostupcloud.com with full email headers.
6.2Include the full email headers (not just the body) — this is how we identify the originating server and customer account.
6.3For bulk spam reports (e.g. from an email security gateway), we accept machine-readable ARF (Abuse Reporting Format) complaint submissions.
6.4We will acknowledge your spam report within 8 hours and action it within 24 hours of receipt of valid evidence.
6.5We are unable to act on spam reports that do not include full email headers, as we cannot identify the responsible customer without them.
HostupCloud is a signatory to the M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group) best practices. We actively participate in anti-spam industry initiatives and share abuse intelligence with trusted ISP partners.
Report Spam from Our Network
Receiving spam from a HostupCloud IP? Forward the full email headers to our abuse team and we'll investigate within 24 hours.
abuse@hostupcloud.com