How Post Guard AI Works

A technical overview of the architecture, email processing pipeline, and third-party services that power intelligent inbox protection.

AI-Powered Privacy-First Real-Time Gmail OAuth Outlook OAuth Pub/Sub Push

Connection Methods

Post Guard AI supports three ways to connect to your mailbox. Choose the method that best fits your email provider and security preferences.

IMAP / App Password

Gmail · Yahoo · Outlook · Any IMAP Server

Works with any IMAP-capable provider
Real-time via IMAP IDLE push
Uses app-specific passwords
TLS certificates validated in production
You App Password IMAP Server
Gmail OAuth 2.0

Secure, token-based — no password required

One-click Sign in with Google
No password stored — uses OAuth tokens
Uses the Gmail REST API
Pub/Sub push for near-instant delivery
Revoke anytime from Google Permissions
You Google Consent Gmail API
Outlook / Microsoft 365

Microsoft Graph API with OAuth 2.0

One-click Sign in with Microsoft
No password stored — uses OAuth tokens
Uses the Microsoft Graph API
Banner injection & folder management
You Microsoft Consent Graph API

System Architecture

Post Guard AI is a cloud-based ASP.NET Core application. It connects to your email provider via IMAP over SSL, the Gmail REST API with OAuth 2.0, or the Microsoft Graph API with OAuth 2.0, classifies every incoming message using an AI model (up to 2 concurrently per server), scans attachments for malware, and stores classification metadata in PostgreSQL — all without ever storing your email content. HTML-only emails (common with marketing templates) are automatically stripped to clean text using HtmlAgilityPack before classification, ensuring the AI evaluates actual content rather than markup noise. When multiple Ollama servers are configured, requests are distributed across them using client-side random selection for horizontal scale-out. Gmail API monitors use adaptive polling (30 s → 5 min) that backs off during quiet periods and resets on activity, cutting idle API usage by over 90%. When a Google Cloud Pub/Sub topic is configured, push notifications wake the monitor instantly — no polling delay at all. Processed message IDs and domain whitelists are bulk-loaded once per batch, eliminating per-message database queries. Database operations automatically retry transient failures (connection drops, deadlocks) with exponential backoff, while permanent errors are surfaced immediately.

Email Provider Gmail · Yahoo · Any IMAP
IMAP / SSL
Post Guard AI ASP.NET Core + MailKit
Google OAuth Gmail REST API
OAuth 2.0 / HTTPS
Post Guard AI Gmail API Monitor
Microsoft OAuth Graph API
OAuth 2.0 / HTTPS
Post Guard AI Outlook Graph Monitor
Google Pub/Sub Push Notifications
HTTPS Push
Post Guard AI Instant Wake
Ollama AI Classification
ClamAV Virus Scanning
PostgreSQL Metadata Store

Gmail OAuth 2.0 Flow

When you choose Sign in with Google, your browser redirects to Google's consent screen. After you approve, Google sends an authorization code back to Post Guard AI, which exchanges it for access and refresh tokens. Your Google password is never shared with us.

1
Click "Sign in with Google" In the Mailbox Manager
2
Google Consent Screen Approve gmail.modify scope
3
Token Exchange Auth code → access + refresh tokens
4
Tokens Encrypted & Stored AES-256-GCM at rest
5
Gmail API Monitoring Begins Adaptive polling (30s–5min) or instant via Pub/Sub push

Email Processing Pipeline

Every email that arrives in your inbox passes through a multi-stage pipeline. Each stage acts as a filter — only messages that are not resolved at one stage The pipeline is designed for throughput: lookups are bulk-loaded once per batch, and up to two messages are classified by the AI concurrently per server.

1. New Mail Detected

Post Guard AI supports three detection methods depending on your connection type:

IMAP IDLE Push notification — instant detection, persistent connection via MailKit
Gmail API Adaptive Polling Starts at 30s, backs off to 5min during quiet periods, resets on activity
Gmail Pub/Sub Push Near-instant via Google Cloud Pub/Sub — polling retained as safety net
Outlook Graph Polling 30-second fixed interval polling via Microsoft Graph API

On initial connection, all existing unread messages are processed first so that emails which arrived while the monitor was offline are still classified. Gmail API monitors use adaptive polling that doubles the interval (30 s → 1 min → 2 min → 5 min) after each empty cycle and resets to 30 s when new messages arrive — cutting idle API usage by over 90%. When a Google Cloud Pub/Sub topic is configured, push notifications wake the monitor instantly; polling is retained as a safety net in case a push is lost. The Pub/Sub watch is automatically renewed before its 7-day expiry. If the connection to the mail server is lost, the monitor reconnects automatically with exponential backoff (2 s → 4 s → … → 2 min max). If authentication fails (bad password, revoked OAuth token, missing OAuth credentials), the mailbox is automatically disabled to prevent retry loops — update the credentials in the Mailbox Manager to resume.

2. Batch Pre-Filter

Before any expensive work begins, two bulk queries run concurrently against PostgreSQL:

  • Processed message IDs — every message ID already classified for this mailbox is loaded into a HashSet.
  • Whitelisted domains — the mailbox-level and owner-level domain whitelists are merged into a single HashSet.

This replaces the previous per-message approach (2×N individual DB queries) with just 2 queries per batch. Messages whose MIME Message-ID already appears in the processed set are skipped immediately — before fetching content, scanning attachments, or calling the AI. Whitelisted senders are allowed through without classification.

3. Attachment Virus Scan

Every attachment is streamed to ClamAV for malware detection via a shared, singleton ClamAV client — eliminating per-attachment connection overhead. If a virus is found, the email is immediately flagged and moved to the quarantine folder. No further processing occurs.

4. Parallel AI Classification

Messages that pass the pre-filter and virus scan enter the AI classification stage. Up to 2 messages are classified concurrently per server using a semaphore-controlled parallelism strategy, matching the number of GPU instances to prevent VRAM exhaustion and CPU fallback. When multiple Ollama servers are configured, requests are distributed across them via random selection for additional throughput.

The message subject, sender, classification-relevant headers, and body are assembled into a structured prompt. Only headers that influence classification (SPF, DKIM, List-Unsubscribe, etc.) are included — reducing prompt size by approximately 80%. When the email has no plain-text part (common with marketing templates from Spotify, Amazon, etc.), the raw HTML is stripped to clean text using HtmlAgilityPack — removing <style>, <script>, and comment nodes, decoding HTML entities, and collapsing whitespace so the AI sees the actual content rather than thousands of characters of markup noise. Email bodies are then truncated to 12,000 characters to stay within the 16,384-token context window (after reserving space for the system prompt), with a truncation indicator appended so the AI knows the content is incomplete.

The classification system prompt is maintained as a dedicated, version-controlled constant — separate from the classification logic — so it can be reviewed, diffed, and updated independently. The prompt is sent to the cloud-hosted Ollama LLM via Microsoft Semantic Kernel . The model returns a JSON classification containing the category, risk level, confidence score, and recommended action.

{
  "category": "PROMOTIONAL",
  "is_safe": true,
  "risk_level": "MEDIUM",
  "confidence": 0.92,
  "recommended_action": "ALLOW_WITH_CAUTION"
}
5. User Preference Matching

The classification result is compared against your per-mailbox preferences (cached once per connection to avoid per-message DB calls). For example, if you allow newsletters but block promotions, a message classified as NEWSLETTER stays in your inbox while a PROMOTIONAL message is moved.

6. Action — Allow or Move

Allow: The message remains in your inbox untouched.
Block: The message is moved to a folder determined by its classification category. Each category (Newsletter, Promotional, Advertising, Selling, Spam, Virus, Unknown) can be routed to a different IMAP folder or Gmail label — configured per-account on the Settings page. All categories default to Promotions for a simple out-of-the-box experience.

IMAP Warning banner injected via UID-targeted append + expunge, then moved to folder via IMAP MOVE command
Gmail API Banner injected via messages.insert, then label applied + INBOX removed via messages.modify
Outlook Graph Banner injected via MIME update, then moved to destination folder via Graph API

IMAP move operations are serialised (IMAP connections are single-threaded) even when classification runs in parallel. If you disagree with a classification, simply drag the email back to your inbox. Post Guard AI detects the banner and automatically whitelists that sender's domain for future messages.

Classification Categories

Each category can be routed to its own destination folder or Gmail label. Configure per-category folders on the Account Settings page — all default to Promotions.

Safe Email

Legitimate personal, transactional, or operational messages.

Newsletter

Recurring informational digests from organizations or creators.

Promotional

Marketing messages designed to drive purchases or engagement.

Advertising

Brand awareness campaigns with heavy visuals and broad targeting.

Selling Product / Service

Direct sales outreach, cold emails, demo requests, and lead generation.

Spam

Phishing, scams, impersonation, malware lures, and deceptive content.

Third-Party Services & Technologies

Post Guard AI integrates with carefully selected open-source and industry-standard services. All services run on our secure cloud infrastructure — no email content is sent to third-party APIs.

MailKit IMAP / SMTP

A cross-platform .NET library for sending and receiving email. Post Guard AI uses MailKit to establish secure IMAP connections, monitor mailboxes with IDLE push notifications, fetch messages, and move classified emails between folders. Supports SSL/TLS, STARTTLS, and modern authentication. In production, TLS certificates are validated against the system trust store — invalid or self-signed certificates are rejected and logged for diagnosis.

github.com/jstedfast/MailKit
Google APIs for .NET Gmail OAuth 2.0

Official Google client libraries used for OAuth 2.0 authentication and Gmail REST API access. Post Guard AI uses the Google.Apis.Gmail.v1 package to poll for new messages via history-based sync, read raw RFC 2822 content, and manage labels. Tokens are automatically refreshed and re-encrypted at rest.

github.com/googleapis/google-api-dotnet-client
Microsoft Graph API Outlook OAuth 2.0

The Microsoft Graph API provides OAuth 2.0 authentication and REST-based access to Outlook and Microsoft 365 mailboxes. Post Guard AI uses Graph to poll for new messages, fetch MIME content, inject warning banners, and manage folders. Tokens are automatically refreshed and encrypted at rest using AES-256-GCM. Users connect via Microsoft's consent screen — your Microsoft password is never shared with us.

learn.microsoft.com/en-us/graph
Ollama AI / LLM

A large language model runtime that serves AI models on our cloud infrastructure. Post Guard AI sends email content to Ollama for classification — the model runs entirely on our servers, meaning no email data is shared with third parties. When multiple Ollama instances are configured, requests are distributed via client-side random selection for horizontal scale-out. The AI returns structured JSON with category, confidence, risk level, and recommended action.

ollama.com
Microsoft Semantic Kernel AI Orchestration

An open-source SDK that provides a unified API for interacting with large language models. Post Guard AI uses Semantic Kernel's Ollama connector to build chat histories, manage prompt execution settings, and parse model responses — decoupling the application from any specific model provider.

github.com/microsoft/semantic-kernel
ClamAV Antivirus

An open-source antivirus engine used by mail gateways worldwide. Every email attachment is streamed to ClamAV via a shared, singleton nClam .NET client for real-time malware detection. The client is registered once at startup and reused across all monitors, eliminating per-attachment connection overhead. If a threat is detected, the message is immediately quarantined before it reaches your inbox.

clamav.net
HtmlAgilityPack HTML Processing

A robust .NET HTML parser used to extract clean, readable text from HTML-only marketing emails before AI classification. Many promotional emails (from Spotify, Amazon, etc.) contain no plain-text part — just heavy HTML with <style> blocks, tracking pixels, MSO conditionals, and thousands of characters of markup. HtmlAgilityPack parses the HTML into a proper DOM tree, strips <style>, <script>, and comment nodes, then extracts the decoded inner text — ensuring the AI sees the actual promotional content rather than markup noise. This dramatically improves classification accuracy for HTML-heavy emails.

html-agility-pack.net
PostgreSQL Database

A powerful open-source relational database used to store user accounts, mailbox configurations, domain whitelists, and classification statistics. No email content is stored — only message IDs (to avoid re-processing) and aggregate metadata for statistics. User passwords are one-way hashed using PBKDF2-HMAC-SHA512 (600K iterations) and can never be recovered. IMAP credentials and OAuth tokens are encrypted at rest using AES-256-GCM. Legacy accounts are migrated transparently to one-way hashing on next login. Write operations use INSERT … RETURNING to retrieve created rows in a single round-trip, and all reader mappings use named columns for resilience against schema changes. Transient database failures (connection drops, deadlocks) are automatically retried up to 3 times with exponential backoff, while permanent errors are surfaced immediately with diagnostic details.

postgresql.org
ASP.NET Core Web Framework

The web application framework powering the management dashboard. Built with Razor Pages, it provides a guided mailbox setup wizard, mailbox configuration, real-time email statistics, user management, and system administration — all secured with cookie authentication, TOTP two-factor authentication, role-based authorization, one-way password hashing, current-password-verified password changes, and forced default password change on first admin login.

dotnet.microsoft.com

Security & Privacy by Design

Private Cloud AI Processing

The AI model runs on our dedicated cloud servers via Ollama. No email content is shared with third-party services.

No Email Storage

Only message IDs and classification metadata are stored. Your actual email content is never persisted.

One-Way Password Hashing

User passwords are hashed using PBKDF2-HMAC-SHA512 with 600,000 iterations and a unique random salt. Passwords can never be recovered — only verified. Legacy accounts are migrated transparently on next login.

AES-256-GCM Credential Encryption

IMAP passwords, OAuth tokens, and TOTP secrets are encrypted at rest using AES-256-GCM with PBKDF2-derived keys (200K iterations). Derived keys are cached by salt so bulk credential loads avoid redundant key derivation.

OAuth 2.0 — No Password Required

Gmail and Outlook OAuth use their provider's consent screen. We never see your email password — only scoped access tokens that you can revoke anytime.

Automatic Token Refresh

OAuth access tokens are short-lived. Post Guard AI automatically refreshes them using the encrypted refresh token — no re-authorization needed.

Two-Factor Authentication

User accounts support TOTP-based 2FA, compatible with Google Authenticator, Microsoft Authenticator, and Authy.

Default Password Enforcement

On first admin login, if the default password is still in use, a non-dismissible modal forces an immediate password change before the application can be used.

TLS Certificate Validation

In production, all IMAP connections validate TLS certificates against the system trust store. Invalid or self-signed certificates are rejected and logged for diagnosis.

Database Resilience

Transient database failures (connection drops, deadlocks, pool exhaustion) are automatically retried up to 3 times with exponential backoff. Permanent errors are surfaced immediately with SQL state diagnostics.

Rate Limiting

Sign-in and beta signup endpoints are protected by per-IP fixed-window rate limiters. Excessive attempts return 429 Too Many Requests, mitigating brute-force, credential-stuffing, and spam-flooding attacks.

Password Change Verification

Changing your account password requires entering your current password first — protecting against unauthorized changes from unattended or hijacked sessions.

Real-Time Health Monitoring

A background service probes Ollama, ClamAV, and PostgreSQL every 10 seconds, tracking response times, uptime percentages, and rolling-window latency averages. Results are pushed to admin dashboards in real time via SignalR.

GDPR Cookie Consent

Analytics cookies (Google Analytics) are blocked until the user explicitly opts in. Users can choose "Accept All" or "Essential Only" — only essential cookies are used for authentication and security.

Data Flow Summary

From To Protocol Purpose
Email Provider Post Guard AI IMAP/SSL Fetch & monitor new messages via IDLE
Google Post Guard AI HTTPS OAuth 2.0 token exchange & consent
Post Guard AI Gmail API HTTPS Adaptive polling / history sync, fetch raw messages, manage labels
Google Pub/Sub Post Guard AI HTTPS Push notification on new Gmail messages — wakes monitor instantly
Microsoft Post Guard AI HTTPS OAuth 2.0 token exchange & consent
Post Guard AI Graph API HTTPS Poll messages, fetch MIME content, manage folders
Post Guard AI Ollama (cloud) HTTP Send email text for AI classification
Post Guard AI ClamAV (cloud) TCP Stream attachments for virus scanning
Post Guard AI PostgreSQL TCP/SSL Bulk-load processed IDs & whitelists per batch; store metadata, user settings, encrypted OAuth tokens
Post Guard AI Email Provider IMAP/SSL Move classified emails to per-category folders

At a Glance

Mail Connection Connects to Gmail, Yahoo, and other providers via IMAP over SSL/TLS using MailKit with real-time IDLE push and production TLS certificate validation. Gmail users can connect via OAuth 2.0 using the Gmail REST API. Outlook and Microsoft 365 users can connect via Microsoft Graph API with OAuth 2.0.
Gmail OAuth One-click Sign in with Google — no app password needed. Access and refresh tokens are encrypted with AES-256-GCM. Tokens auto-refresh transparently. Adaptive polling (30s–5min) reduces idle API usage by over 90%. When configured, Google Cloud Pub/Sub push notifications provide near-instant message detection. Revoke anytime from Google Account Permissions.
Outlook OAuth One-click Sign in with Microsoft for Outlook and Microsoft 365 mailboxes. Uses the Microsoft Graph API for message polling, folder management, and banner injection. OAuth tokens are encrypted at rest and auto-refresh transparently.
Virus Detection Every attachment is streamed to ClamAV via a shared, singleton nClam client for malware scanning. Infected messages are quarantined immediately — before any other processing occurs.
AI Classification Email content is classified by a large language model served by Ollama, orchestrated through Microsoft Semantic Kernel. Up to 2 messages are classified concurrently per server, with multi-server random selection for horizontal scale-out. HTML-only emails are automatically stripped to clean text using HtmlAgilityPack before classification, ensuring marketing templates expose their actual content. Email bodies exceeding 12,000 characters are automatically truncated to stay within the 16,384-token context window. Safe Email, Newsletter, Promotional, Advertising, Selling Product/Service, or Spam — each with a confidence score and risk level.
Your Preferences You choose which categories to allow and which to block on a per-mailbox basis. Each classification category can be routed to its own destination folder or Gmail label — configured on the Settings page (all default to Promotions). Drag a message back to your inbox to automatically whitelist that sender's domain.
Data Storage PostgreSQL stores only user accounts, mailbox settings, domain whitelists, encrypted OAuth tokens, and classification statistics. No email content is ever stored. Processed message IDs and whitelisted domains are bulk-loaded once per batch for O(1) lookups instead of per-message queries. Transient failures are automatically retried with exponential backoff; permanent errors are logged with diagnostic details.
Security Built on ASP.NET Core with cookie authentication, TOTP two-factor authentication, role-based authorization, OAuth 2.0 for Gmail and Outlook, and AES-256-GCM encrypted credential storage with cached PBKDF2 key derivation for fast bulk decryption. User passwords are one-way hashed using PBKDF2-HMAC-SHA512 (600K iterations) and can never be recovered. Default admin passwords are detected on login and must be changed immediately via a forced modal. IMAP TLS certificates are validated against the system trust store in production. AI processing runs on our cloud infrastructure — no email data is shared with third-party services.

Post Guard AI combines real-time IMAP monitoring, Gmail OAuth API access with adaptive polling and Pub/Sub push notifications, Microsoft Graph API access with 30-second polling, parallel AI classification (2 concurrent per server, multi-server load balancing) with automatic HTML stripping and body truncation, a guided mailbox setup wizard, bulk pre-filtering, singleton antivirus scanning, per-category folder routing, one-way password hashing (PBKDF2-SHA512), current-password-verified password changes, production TLS certificate validation, default password enforcement, per-IP rate limiting on sign-in and signup endpoints, real-time health monitoring via SignalR, GDPR-compliant cookie consent, cached encryption key derivation, automatic database retry for transient failures, and user-defined filtering into a single pipeline — keeping your inbox clean, secure, and under your control.

Back to Home