No spam, no bought lists, no suppression bypass.

Allowed use

• Contacts collected by the customer through a documented consent or lawful source.
• Campaigns that identify the sender and purpose clearly.
• Messages with a visible unsubscribe link and one-click unsubscribe headers.
• Small pilot batches approved by an operator before any real dispatch.

Prohibited use

• No purchased, rented, scraped, guessed or harvested recipient lists.
• No uploads where the source, consent basis or customer owner is unknown.
• No misleading sender identity, deceptive subject lines or hidden unsubscribe path.
• No attempt to send to suppressed, unsubscribed, bounced or complaint recipients.
• No political, sensitive, illegal or high-risk campaigns without explicit review.

Automated safeguards

• Campaigns require approval before queueing.
• Saved campaign bodies must contain the {{unsubscribe_url}} placeholder.
• The dispatch guard blocks inactive, unsubscribed, bounced, archived and suppressed contacts.
• Mailgun bounces, complaints and unsubscribes create active suppression records.
• Provider dispatch gates remain closed until pilot approval is recorded.

Incident response

If a complaint, consent dispute, provider warning or unexpected provider job appears, the provider-dispatch worker must be stopped, the queue gate closed, and the incident documented in Notion and Linear with recipient data redacted.

This policy follows the spirit of the Mailgun Acceptable Use Policy, including clear unsubscribe handling for marketing email.