EverGuard runs as an invisible helper next to Classic Outlook. Here’s exactly what happens every time a new email arrives, and where the website account stops and the Windows app begins.
Your website account is for billing, downloads and device management. The Windows app itself activates with your licence key.
Outlook fires an event the instant an email lands in your Inbox. EverGuard picks it up via Outlook’s standard automation API — no proxy, no server-side change, no alteration to your email account.
< 10 msEvery time you drag an email between folders, EverGuard records the sender plus the subject pattern. A single drag does not blacklist a whole domain, and broad sender rules require repeated consistent corrections.
instantIf there is no safe learned pattern, we pass a trimmed copy of the email (subject, sender, body) to GPT-4o mini with a carefully-tuned prompt. It returns one of five categories: genuine, promotional, safe junk, dangerous, or uncertain.
typically 2–3 secondsBefore any email is moved out of your Inbox, Claude Sonnet 4.6 independently reviews it with the full message and more context. Both AIs must agree (or Sonnet is unsure) to act. If Sonnet disagrees, we leave it in your Inbox and log the save.
only when needed — adds ~3 secondsGenuine stays put. Promotional stays in your Inbox (you often want real-brand marketing). Safe junk moves to an “EverGuard Spam” folder. Dangerous moves to an “EverGuard Dangerous” folder and triggers a gentle desktop notification.
Every decision is in the activity log. Drag an email back to the Inbox and EverGuard treats that as correction evidence for similar future emails, not as a permanent trust decision for every message from that sender. Nothing is silently permanent — dangerous emails sit in quarantine for the configured retention period before they’re removed.
We built EverGuard for our own customers — so we kept this deliberately small and reversible.