Is SiftMail the same as sift.email?

No. SiftMail (siftmail.app) is an AI-powered email security and triage platform for end users that connects to Gmail or Outlook. sift.email is a separate, unrelated email-list verification API for marketers. The two products are different companies in different categories with no affiliation.

What does SiftMail do?

SiftMail connects to a user's Gmail or Outlook inbox, automatically categorizes every email, surfaces important messages, bundles promotions and newsletters into digests, and detects phishing, impersonation, and Business Email Compromise attempts. It also provides the Sift Inbox Index, a searchable index of inbox history.

Does SiftMail read my emails?

SiftMail reads email headers and metadata for triage and security analysis. Full message bodies are not stored. The classification models receive only the minimum data required to score and categorize each message.

Does SiftMail work with Outlook?

Yes. SiftMail supports both Gmail and Outlook (Microsoft 365) via OAuth.

Yes — Shield Lite is free forever and includes 1 mailbox, 100 daily scans, basic risk scoring, and a 7-day history scan. Shield Pro is $15 per month with a 3-day free trial. Domain Defense is $39 per user per month for teams.

Home > Threat Library > Domain Spoofing

🎭

Domain Spoofing

High Severity30% of phishing emails use some form of domain spoofing

Domain spoofing is a technique where attackers forge the "From" address in an email header to make it appear as though the email originated from a trusted domain, even though it was sent from an entirely different server.

How it works

Email protocols (SMTP) don't inherently verify sender identity
Attackers set the "From" field to any address they choose
Without SPF/DKIM/DMARC, receiving servers can't verify the real sender
Victims trust the email because it appears to come from a known address

Red flags to watch for

Email claims to be from your bank but authentication fails
Check email headers for SPF/DKIM/DMARC failure indicators
Reply address differs from the display "From" address

Real-world example

Subject: Important update to your account
From: admin@yourbank.com (spoofed)
“Due to recent security upgrades, we need you to re-verify your online banking credentials. Click the secure link below to maintain access to your account.”

How to protect yourself

Configure SPF, DKIM, and DMARC records for your domain
Use SiftMail which checks authentication results on every incoming email
Educate users that "From" addresses can be faked

How SiftMail detects this

SiftMail checks SPF, DKIM, and DMARC authentication on every email and factors results into the risk score. Failed authentication significantly increases the threat score.

Stop domain spoofing before they reach your inbox

SiftMail scores every incoming email and automatically quarantines threats. Free plan available, setup takes 30 seconds.

Protect My Inbox Free Check a Suspicious Email