Why is my account rate‑limited?

If you’ve encountered a message that or noticed that you temporarily can’t send messages or perform certain actions, it’s likely due to Private.Ki’s anti-abuse protections kicking in. It's called rate-limiting.

Rate-limiting is a security measure we use to prevent spam, bulk abuse, or automated attacks on our service.

In simpler terms, it means the system detected unusually high activity from your account (or IP) and imposed a temporary restriction to protect both you and the platform.

Here’s more detail on what might have causes your account to be temporarily restricted:

Reasons for being rate-limited:

  • Sending too many messages in a short time: For example, if an account tries to send a lot of emails or chat messages within minutes, the system will flag this as potential spam behavior. Legitimate users rarely send huge volumes instantaneously, so this is often a sign of a compromised account or a spam bot.

  • Creating multiple accounts rapidly: If someone (or a script) attempts to create multiple new Private.Ki accounts, our system will notice and throttle or block those attempts. This prevents spammers from mass-signing up to send junk or malicious messages.

  • Unusual login or activity: Although the main triggers are messaging volume, other behaviors like hammering the server with requests could also lead to rate limits. For instance, if an account tries to perform an expensive operation repeatedly (searching a lot of times, etc.), we might rate-limit to ensure system stability.

  • Suspected automation: Our algorithms watch for patterns that indicate an automated bot rather than a human. If your usage pattern accidentally mimics a bot (say you copy-pasted a huge list of recipients and fired off messages quickly), you might trip a limit.

What the rate limit does: When triggered, a rate limit might prevent you from sending any new messages or using certain other functions for a short duration. You might receive a notification like “Sending temporarily blocked due to unusual activity. Please try again later.” In chat, you might be prevented from sending further messages for a bit.

Typically, rate limits reset after a short time. This could range from a few minutes to a few hours, or in cases of heavier abuse, even more. The system might apply escalating timeouts or other measures if abusive behavior continues.

Why we have rate limits (your safety and service health): Rate-limiting is there to protect the service and its users. Without it, spammers could misuse Private.Ki to send thousands of junk emails, which would have several bad consequences:

  • It could get Private.Ki’s mail servers blacklisted by other email providers. Email services monitor spam and will block servers that send too much of it. We don’t want your legitimate emails to be rejected because of a few bad actors.

  • It could flood users with spam or phishing messages, undermining the usability and trust in the platform.

  • It could overload our servers, affecting performance for everyone.

What to do if you’re rate-limited:

  • First, consider if your recent activity might look unusual. You can simply wait for the limit to lift. In the meantime, avoid repeated attempts as that may extend the timeout.

  • Use Private.Ki normally, according to our Terms of Service. Don't send unwanted messages such as spam, don't send newsletter through Private.Ki.

  • Ensure your account is secure. If you did not perform any high-volume activity, and you got rate-limited, it’s possible your account might be sending spam without your knowledge (for example, if your credentials were compromised by malware). Check your Sent folder for any messages you didn’t send. If you suspect a breach, change your password immediately. Rate-limiting in this case actually helps by preventing the attacker from doing massive damage.

Privacy of anti-abuse measures

We know privacy-conscious users might worry, “Are you logging my activities for this?” Rest assured, we do this in a privacy-preserving way. For example, instead of logging full IP addresses or email details, we might log a one-way hash just to identify a repeat pattern. We do not keep these logs long-term (only as long as needed to mitigate spam), and they aren’t tied to your identity beyond the technical need to throttle abuse. 

No human is reading your messages – spam detection might look at metadata like number of messages, but not your content.