How do you monitor e-mail usage in respect to privacy


I’ve stumbled upon one discussion in your forum, which can be found here:

I’m definitly not planning to use your service commercially, and absolutely understand your stance regarding this matter. But…

On the mentioned page, you (i. e. Antilopa) said:

And for the ones that cannot distinguish between fair use and misuse, there are ways to discover that without reading any emails. We can determine or at least raise a suspicion for unwanted activity by routine monitoring of the system. […] In any cases of suspicion of breaking TOS, either by our own monitoring systems or a report from outside, we reserve the right to investigate further. […].

This gives me a very uncomfortable feeling. I trust you not reading my e-mails (to a degree one can trust people they did not met) and would use PGP etc. anyways. But privacy is not just about reading e-mails, it’s also about not making detailed usage statistics of one single user etc.

My problem is: I simply can not imagine a way you could determine the content of the users mails without violating his privacy. I mean, in contrast to spam, whether an e-mail is commercial or uncommercial is only a matter of the content, isn’t it?

And I also have an uncomfortable feeling about the “investigate further” thing. Because if for example you would actually read some e-mails in this case, this should be made clear in the privacy policy (and would be a reason for me to stay miles away from the service).

Don’t get me wrong. I trust you. This is exactly the reason why I ask you to clarify the quoted answer.

Thank you very much. I have a basic understanding of how (mail) server software works, so you can answer in a technical language, if you want to. :slight_smile:

Hi there.
To make things clear again. We do not hunt nor we explicitly look for commercial use cases.
We put that point in our TOS in order to be able to act upon if we happen to discover that someone is in violation of that point.
Point 2.5 states how we communicate to the user in case “further investigation”, or any investigation for that matter, took place:

We do not read/look nor process your personal data, emails, files etc. stored on our servers unless needed for troubleshooting purposes, or under suspicion of breaking Terms Of Services in which case we ask for prior permission from you or inform you afterwards of all actions taken against the account in the transparency report addressed to account holder.

As for ways to find commercial use. Of course as you pointed out its usually a matter of content and one would have to pretty much read every email to find abusers. This is not possible and clearly isn’t our intention, however there are more obvious cases:

  • We are getting many custom domain linking requests strictly for business (no need to look up emails if you check the domain)
  • Same goes for aliases (eg. people requesting jobs@ or sells@ etc)
  • people creating support tickets asking to be able to send more emails (beyond rate limit) because they are running a marketing campaign etc.

Those are obvious cases that do not require checking the email boxes. As for your question about more details of our monitoring. There are multiple levels on which we monitor the service of course. We monitor in realtime amount of delivered, rejected, received, bounced, mail queue, held, bounced emails server wide (in a form of a graph). Otherwise we would not have a slightest clue whats going on with the server. Based on this information we can observe any anomalies, which then leads us to check the logs to understand whats going on (hundreds of rejected emails, un-usual spike in outgoing/incoming mails etc). When checking the logs we can quickly determine what exactly is happening, on individual level. For example: If we see a lot of emails stuck in the queue (sent to non-existing email addresses or servers) by one user, we then commence investigation as to check what is going on by checking the stuck mail in the queue for example. This is in most cases how we catch spammers (that and people reporting abuse, which is bad because in those cases the damage has already been done). In some cases we spot commercial abusers that way. Just yesterday (usually a quiet Sunday) we spotted a shady crypto-currency platform using our email server for their no-reply / invite / password reset account which was sending thousands of emails in few hours time. Few days ago while fighting very annoying spammers creating lots of accounts we blocked few hundreds accounts following the same username pattern (first name followed by a number). Yesterday we got an email back from one blocked person claiming he is using many of those accounts to make money (which also sounded rather shady). All those cases have been discovered without entering anyone’s mailbox.

As stated above and in the previous thread. The point in the TOS is to give us right to block or close accounts upon discovery, not to actively monitor peoples usage. It’s directed at real abusers that can potentially harm the entire platform or use up our resources and free-labor for financial gain (like the example of using Disroot as their free mailgun). We hope it sends a clear message to people who were considering using Disroot for strictly commercial needs that this platform is not for them.

I think the quote below sums up very nicely and to the point the whole idea of spying on mailboxes (when there is no financial gain in form of selling that data involved):

Administering a mail host is sort of like being a nurse; there’s a brief period at the start when the thought of seeing people’s privates might be vaguely titillating in a theoretical sense, but that sort of thing doesn’t last long when it’s up against the daily reality of shit, piss, blood, and vomit.

Now that I think about it, administering a mail host is exactly like being a nurse, only people die slightly less often.

Thanks for your clarification, muppeth.

The examples were very helpful to understand your approach.

I still have a different opinion on this matter, because I think it would be better to have a very definite “we do not look in your mailbox”-policy, especially because you seem to handle the situation well without opening the mailboxes of your users (and abusers as well).

On the other hand, I trust you much more than many other mail services out there that you won’t abuse your technical power. (I mean, the really big problem with GMail & Co. is not that a single administrator will look into one’s mailbox if problems arise and keeps quiet, but the fact that algorithms analyze your behavior and sell your data.)

So thanks for the service you provide. :slight_smile:

P.S.: I hope you can get rid of Google’s captcha soon. I know it’s on your to-do list, I also know spammers and abusers suck. :frowning: Good luck with that!