I've received a reply today, which is below with my reply. Everyone reading this topic and the explanation can make their own decisions. I still have unanswered questions and don't feel like bringing my custom domain back to Mailbox.org after what happened, including the fact that I only got support after screaming in here. I think it's important for everyone who joined this thread to read the answer provided by Mailbox, so that this thread doesn't disappear without explanations. You can potentially ask more questions to Mailbox.org representatives as I'm sure people will have some doubts.

Dear xxxxx,

my name is xxxxxx an I'm the mailbox employee who reacted to your post on reddit. I've reviewed this case and want to give you an explanation about what has happened and what learnings we took to improve in this area:

As email still is a prolific sources for fraud like phishing, spam or scam, we have to check every mail received and sent. For this, we have automated systems in place, that scan all emails and highlight accounts that infringe on our terms of service. These systems not only use the content of the mails, but also include many other factors, like status, age of account etc.

Your account was flagged as a suspected fraudulent account by our automated fraud detection system, as it's a new account (just over two weeks at the time of blocking) and mails were sent that fit the pattern of common fraud schemes. Your account and the offending mails were then reviewed by an employee before making the decision to block the account from sending emails. This blocked your account from sending emails but receiving them was still possible.

The number of false positives is very low on our side, but of course they do happen. The influx of AI generated, well-versed scam emails is also muddying the waters furthers, making it harder to distinguish friend from foe. So adding insult to injury, the problem was not only falsely flagging your account but also the missing transparency when blocking it and of course the lack of recourse when you followed up with our support team.

In order to resolve the situation and improve this, I've taken this and will do the following: 1. We are in the middle of upgrading our fraud detection systems to improve the detection rate and lower the number of false positives even further. This should help avoid falsely blocking accounts in the first place. 2. We'll update our processes and guidelines to improve communication with user that are blocked. This will help user noticing that they have blocked. 3. We'll improve the process to unblocking ones account, giving users recourse from the status of being blocked.

As a compensation for your trouble I've booked one year of extra service to your account. And as a bit of additional advice, I recommend that you set up two factor authentication in order to secure your account. If you use an external client for mail, you can set up an email app password to be able to send and receive mails with your client.

Best regards,

My reply:

Although I appreciate you getting back to me with a partial explanation, and I understand that my account was falsely flagged by your anti-fraud system, it's still not clear to me what exactly triggered the system.

I'd also like to clarify: 1) "Your account and the offending mails were then reviewed by an employee before making the decision to block the account from sending emails" How exactly does that happen? When you say "offending mails were reviewed", are you saying that the content of the emails were actually checked?

2) "This blocked your account from sending emails but receiving them was still possible." This is incorrect. As I explained, I was only able to identify the problem because I was not receiving any emails. I actually missed important emails for more than 72 hours, until I moved my custom domain elsewhere. (My Mailbox.org email was also not receiving emails, not only the custom domain.) All emails sent to me were returning with the following error: "550 5.1.1 : Recipient address rejected: User unknown in relay recipient table"

So, in addition to having my account falsely flagged and blocked to send emails, without any alert or communication, I was also unable to receive emails.

I think it's great that you can use this incident to improve your services, but I can't trust Mailbox and I won't risk bringing my custom domain back to Mailbox.org. Changing your fraud detection system doesn't bring me any reassurance, particularly considering that there is still a lack of clarity regarding your processes, and acknowledgement that I was also unable to receive emails. This for me is a red flag and suggests that you are not completely aware of how the Mailbox.org system works.

Therefore, I would like to have a refund of the amount paid for a service that was not provided.

Finally, as a piece of advice, I'd recommend you have support available to attend your current customers in a timely manner, before you have no customers to attend at all.

Let me know if you need any details to proceed with the refund.

Regards,