Email Sending & Deliverability Policy

This Email Sending and Deliverability Policy ("Policy") governs the use of email-sending features within Skode CRM and Skode Flow platforms ("Services") provided by Skode Technologies Private Limited ("Skode," "we," "us," or "our"), a private limited company incorporated in India with registered office at Thirumangalath, Chelavur, Kozhikode – 673571, Kerala, India. All users who send emails through our platform must comply with this Policy, applicable laws, and industry best practices.

Skode-sent emails vs. customer-sent emails. Skode uses Zoho Mail (ZeptoMail) to send its own transactional emails — account notifications, invoices from Skode, password resets, and legal notices — from @skode.ai addresses. These emails identify Skode as the sender and include Skode’s registered postal address in Kerala, India as required by the US CAN-SPAM Act. When you, a Skode customer, send emails to yourrecipients through Skode Flow or CRM features, you are the sender under applicable law: you must obtain consent where required, include your own physical postal address, provide a working unsubscribe, and comply with the laws of your jurisdiction and your recipients’ jurisdictions. This Policy sets the minimum standards we enforce on both sides.

1. Purpose

This Policy exists to maintain the integrity of our email sending infrastructure, protect our shared IP reputation, ensure high deliverability rates for all customers, and ensure compliance with applicable anti-spam and data protection laws worldwide.

2. Permitted Use

You may use Skode's email sending features to send transactional emails (invoices, receipts, account notifications), marketing emails to recipients who have provided valid consent, CRM-related communications (follow-ups, deal updates, task notifications), and internal team communications through the platform.

All emails must be sent to recipients who have a legitimate relationship with you and who have provided appropriate consent to receive communications from you.

3. Prohibited Content (SHAFT)

The following categories of content are strictly prohibited in all emails sent through Skode's platform:

S — Stocks: Penny stock promotions, pump-and-dump schemes, unregistered securities offerings, or any unsolicited investment advice.
H — Healthcare: Unapproved pharmaceutical products, miracle cures, unverified health claims, or prescription drug offers without proper licensing.
A — Adult: Sexually explicit content, adult services, pornography, or dating services targeting minors.
F — Finance: Payday loans, predatory lending, cryptocurrency scams, advance-fee fraud, or deceptive financial products.
T — Tobacco/Cannabis: Tobacco products, e-cigarettes, vaping products, cannabis, or related paraphernalia where prohibited by law.

Additionally, the following are prohibited: phishing or spoofing content, malware or malicious attachments, deceptive subject lines, affiliate spam, content that promotes violence or illegal activity, and content that violates intellectual property rights.

4. Sending Limits

Email sending limits vary by plan and are designed to protect deliverability for all customers:

Starter Plan: Up to 500 emails per day, 10,000 per month.
Professional Plan: Up to 5,000 emails per day, 100,000 per month.
Enterprise Plan: Custom limits based on agreement, with dedicated IP options available.

Sending limits may be adjusted based on your sending reputation, bounce rates, and complaint rates. New accounts start with lower limits that increase as positive sending reputation is established.

5. Authentication Requirements

To send emails through Skode, you must configure the following DNS authentication records for your sending domain:

SPF (Sender Policy Framework): Add Skode’s SPF include record to your domain’s DNS to authorise our servers to send on your behalf. SPF must produce an “align” pass with your From domain.
DKIM (DomainKeys Identified Mail): Publish the DKIM public key provided by Skode in your DNS records. We sign all outgoing emails with a 2048-bit DKIM key.
DMARC (Domain-based Message Authentication, Reporting, and Conformance): A valid DMARC record is mandatory if you send to Gmail or Yahoo at scale (see below). A minimum policy of p=none is required; we recommendp=quarantine or p=reject once your domain alignment is stable.

Emails sent from domains without proper SPF, DKIM, and DMARC configuration may be blocked, quarantined, or delivered to spam by major inbox providers.

5.1 Gmail, Yahoo, and AOL bulk-sender requirements (effective February 2024)

If you send more than 5,000 messages per day to Gmail addresses (or a comparable volume to Yahoo and AOL addresses), Google’s and Yahoo’s bulk-sender rules require that you:

Authenticate every outbound message with both SPF and DKIM, and have a published DMARC record on your From domain (at minimum p=none with reporting).
Implement one-click unsubscribe per RFC 8058 — supply a List-Unsubscribe: <mailto:...>, <https:...>header and a List-Unsubscribe-Post: List-Unsubscribe=One-Clickheader, such that clicking the link unsubscribes the recipient without requiring a page visit or login.
Keep your spam-complaint rate below 0.3% measured in Google Postmaster Tools and equivalent provider dashboards.
Avoid from-header spoofing and use your own authenticated sending domain (not a free-mail domain) for bulk sending.

Skode will throttle or suspend sending for customers who do not meet these requirements. Messages that would have been rejected by Gmail or Yahoo are not sent.

6. Bounce Handling

Skode automatically manages email bounces to protect your sending reputation:

Hard Bounces: Email addresses that return a permanent delivery failure (invalid address, domain does not exist) are automatically added to the suppression list after the first occurrence. No further emails will be sent to these addresses.
Soft Bounces: Email addresses that return a temporary delivery failure (mailbox full, server temporarily unavailable) are retried up to 3 times over 72 hours. After 3 consecutive soft bounces across different campaigns, the address is added to the suppression list.

If your bounce rate exceeds 5% for any campaign, your sending may be throttled or paused pending review. A sustained bounce rate above 5% across multiple campaigns may result in enforcement action.

7. Complaint Handling

We participate in feedback loops with major mailbox providers (Gmail, Outlook, Yahoo) to monitor spam complaint rates. Your complaint rate must remain below 0.3% (3 complaints per 1,000 emails delivered) at all times.

0.1% to 0.3%: Warning notification sent. You must review your list hygiene and content practices.
Above 0.3%: Sending is automatically throttled. You must submit a remediation plan before full sending privileges are restored.
Above 0.5%: Sending is suspended immediately pending investigation.

8. Unsubscribe Requirements

All marketing and promotional emails must include:

A clearly visible functional unsubscribe link in the email body or footer.
A one-click unsubscribe mechanism per RFC 8058, implemented via the List-Unsubscribe and List-Unsubscribe-Post headers as described in § 5.1 above. Clicking the unsubscribe link must not require the recipient to log in, pay a fee, or provide any information beyond their email address.
Processing of unsubscribe requests within 2 business days on the Skode platform. The US CAN-SPAM Act requires processing within 10 business days, but Skode enforces a stricter 2-day standard.
A valid physical postal address of the sender in every marketing email, as required by the US CAN-SPAM Act (15 U.S.C. § 7704(a)(5)) and equivalent requirements in other jurisdictions.

Unsubscribe links must remain functional for at least 30 days after the email is sent.

8.1 Consent and anti-spam laws

You are responsible for complying with the email-marketing laws of your jurisdiction and your recipients’ jurisdictions, including:

US CAN-SPAM Act (15 U.S.C. § 7701 et seq.) — accurate From/Reply-To, honest subject line, clear identification as an advertisement (where applicable), valid physical postal address, working unsubscribe, 10 business days to honour.
Canadian Anti-Spam Legislation (CASL) — express consent or narrowly-scoped implied consent; clear sender identification; working unsubscribe.
EU GDPR & ePrivacy Directive, national implementations (e.g. UK PECR regulations 22–24) — prior opt-in for consumer marketing; legitimate-interest basis for limited B2B direct marketing with easy opt-out.
Australian Spam Act 2003 — express or inferred consent, sender identification, working unsubscribe; penalties up to AUD 555,000.
Indian IT Act 2000 & Digital Personal Data Protection Act, 2023 — lawful basis for processing personal data, notice, and right to withdraw consent. Commercial email to Indian numbers that are registered on the TRAI DND registry must be respected.

9. Warm-Up Requirements

New sending domains and IP addresses must undergo a warm-up period to establish positive sending reputation with mailbox providers:

Week 1: Maximum 50 emails per day, targeting your most engaged recipients.
Week 2: Gradually increase to 200 emails per day.
Week 3-4: Gradually increase to 1,000 emails per day.
Week 5+: Continue gradual increases until reaching your plan limit, as long as bounce and complaint rates remain within acceptable thresholds.

Skode provides automated warm-up tools that manage this process for you. Bypassing the warm-up process may result in deliverability issues and enforcement action.

10. Monitoring

Skode continuously monitors email sending activity across our platform, including delivery rates, bounce rates, complaint rates, open and click rates, and sending patterns. We use automated systems to detect anomalies, spam-like behavior, and policy violations. You can monitor your own sending performance through the Email Analytics dashboard in the Skode platform.

11. Enforcement

Violations of this Policy are addressed through a graduated enforcement process:

Level 1 — Warning: First violation results in a written warning notification with specific remediation steps. You have 7 days to address the issue.
Level 2 — Throttle: Repeated violations or failure to remediate results in sending rate limits being reduced. You must submit a remediation plan.
Level 3 — Suspend: Continued violations or serious breaches result in temporary suspension of email sending privileges pending review and remediation.
Level 4 — Terminate: Egregious violations, repeated failure to comply, or actions that materially damage our sending infrastructure may result in permanent termination of email sending privileges and potential account termination.

Severe violations (e.g., phishing, malware distribution, sending to purchased lists) may result in immediate suspension without prior warning.

12. CAN-SPAM Compliance

All emails sent through Skode must comply with the CAN-SPAM Act (United States). This requires:

Accurate "From" and "Reply-To" header information.
Non-deceptive subject lines that reflect the content of the message.
Clear identification of the message as an advertisement, where applicable.
Inclusion of the sender's valid physical postal address.
A clear and conspicuous opt-out mechanism.
Honoring opt-out requests within 10 business days (Skode enforces 2 days).

13. PECR Compliance (United Kingdom)

For recipients in the United Kingdom, all email marketing must comply with the Privacy and Electronic Communications Regulations 2003 (PECR). This requires prior consent for marketing emails (soft opt-in permitted for existing customers), clear sender identification, and a simple opt-out mechanism in every message.

14. UEMA Compliance (India)

For recipients in India, emails must comply with the Unsolicited Electronic Messages Act and related TRAI regulations. Commercial messages must include a valid sender identification, a functioning opt-out mechanism, and must not be sent to numbers or addresses registered on the National Do Not Disturb (DND) registry.

15. Contact Information

If you have questions about this Policy or need assistance with email deliverability, please contact us:

Email Deliverability Support: deliverability@skode.ai
General Support: support@skode.ai
Abuse Reports: abuse@skode.ai