To make things clear again. We do not hunt nor we explicitly look for commercial use cases.
We put that point in our TOS in order to be able to act upon if we happen to discover that someone is in violation of that point.
Point 2.5 states how we communicate to the user in case “further investigation”, or any investigation for that matter, took place:
We do not read/look nor process your personal data, emails, files etc. stored on our servers unless needed for troubleshooting purposes, or under suspicion of breaking Terms Of Services in which case we ask for prior permission from you or inform you afterwards of all actions taken against the account in the transparency report addressed to account holder.
As for ways to find commercial use. Of course as you pointed out its usually a matter of content and one would have to pretty much read every email to find abusers. This is not possible and clearly isn’t our intention, however there are more obvious cases:
- We are getting many custom domain linking requests strictly for business (no need to look up emails if you check the domain)
- Same goes for aliases (eg. people requesting jobs@ or sells@ etc)
- people creating support tickets asking to be able to send more emails (beyond rate limit) because they are running a marketing campaign etc.
Those are obvious cases that do not require checking the email boxes. As for your question about more details of our monitoring. There are multiple levels on which we monitor the service of course. We monitor in realtime amount of delivered, rejected, received, bounced, mail queue, held, bounced emails server wide (in a form of a graph). Otherwise we would not have a slightest clue whats going on with the server. Based on this information we can observe any anomalies, which then leads us to check the logs to understand whats going on (hundreds of rejected emails, un-usual spike in outgoing/incoming mails etc). When checking the logs we can quickly determine what exactly is happening, on individual level. For example: If we see a lot of emails stuck in the queue (sent to non-existing email addresses or servers) by one user, we then commence investigation as to check what is going on by checking the stuck mail in the queue for example. This is in most cases how we catch spammers (that and people reporting abuse, which is bad because in those cases the damage has already been done). In some cases we spot commercial abusers that way. Just yesterday (usually a quiet Sunday) we spotted a shady crypto-currency platform using our email server for their no-reply / invite / password reset account which was sending thousands of emails in few hours time. Few days ago while fighting very annoying spammers creating lots of accounts we blocked few hundreds accounts following the same username pattern (first name followed by a number). Yesterday we got an email back from one blocked person claiming he is using many of those accounts to make money (which also sounded rather shady). All those cases have been discovered without entering anyone’s mailbox.
As stated above and in the previous thread. The point in the TOS is to give us right to block or close accounts upon discovery, not to actively monitor peoples usage. It’s directed at real abusers that can potentially harm the entire platform or use up our resources and free-labor for financial gain (like the example of using Disroot as their free mailgun). We hope it sends a clear message to people who were considering using Disroot for strictly commercial needs that this platform is not for them.
I think the quote below sums up very nicely and to the point the whole idea of spying on mailboxes (when there is no financial gain in form of selling that data involved):
Administering a mail host is sort of like being a nurse; there’s a brief period at the start when the thought of seeing people’s privates might be vaguely titillating in a theoretical sense, but that sort of thing doesn’t last long when it’s up against the daily reality of shit, piss, blood, and vomit.
Now that I think about it, administering a mail host is exactly like being a nurse, only people die slightly less often.