[{"data":1,"prerenderedAt":273},["ShallowReactive",2],{"$fz6zMrJl9wKGFQGmcPOmUCcM5gu-WmLbDGX9uiKIGwXA":3,"$f2sVhl2Kc5-QZSVTwt6mmuvYEtX_wDmTM3NWj8A6Ff2c":212},[4,13,22,31,40,48,55,62,68,76,84,91,99,105,111,117,123,130,139,145,151,157,163,169,175,181,187,194,200,206],{"_path":5,"slug":6,"title":7,"description":8,"excerpt":8,"category":9,"order":10,"screens":11},"\u002Fhelp\u002Fai-assistant","ai-assistant","AI help assistant","How the in-app AI assistant works, what data it receives, and how we keep everything within the EU.","privacy",10,[12],"settings-profile",{"_path":14,"slug":15,"title":16,"description":17,"excerpt":17,"category":18,"order":19,"screens":20},"\u002Fhelp\u002Falias-rules","alias-rules","Alias rules","Control which emails trigger your webhooks with allow and block rules","configuration",5,[21],"aliases",{"_path":23,"slug":24,"title":25,"description":26,"excerpt":26,"category":27,"order":28,"screens":29},"\u002Fhelp\u002Fapi-keys-integrations","api-keys-integrations","API keys and integrations","Create and manage API keys for powerful integrations with automation platforms","integrations",1,[30],"settings-api",{"_path":32,"slug":33,"title":34,"description":35,"excerpt":36,"category":27,"order":37,"screens":38},"\u002Fhelp\u002Fwebhook-alias-atomic-endpoint","webhook-alias-atomic-endpoint","Atomic webhook and alias endpoint","Create a webhook and email alias in a single atomic API call with smart create\u002Fupdate behavior","Create a webhook and email alias in a single API call with automatic linking",3,[39,21],"webhooks",{"_path":41,"slug":42,"title":43,"description":44,"excerpt":44,"category":18,"order":45,"screens":46},"\u002Fhelp\u002Fattachment-processing","attachment-processing","Attachment processing","How EmailConnect handles email attachments and delivers them to your webhooks",6,[47,21],"logs",{"_path":49,"slug":50,"title":51,"description":52,"excerpt":52,"category":53,"order":37,"screens":54},"\u002Fhelp\u002Fcompliance-reviews","compliance-reviews","Compliance reviews","How EmailConnect protects the platform through limited, audited compliance reviews","security",[],{"_path":56,"slug":57,"title":58,"description":59,"excerpt":59,"category":18,"order":60,"screens":61},"\u002Fhelp\u002Fcustom-payload","custom-payload","Custom payload configuration","Choose exactly which fields your webhook receives — reduce overhead, limit PII exposure, and match endpoint requirements",7,[39,21],{"_path":63,"slug":64,"title":65,"description":66,"excerpt":66,"category":18,"order":19,"screens":67},"\u002Fhelp\u002Fcustom-webhook-headers","custom-webhook-headers","Custom webhook headers","Configure custom HTTP headers for authentication, routing, and testing webhooks",[39],{"_path":69,"slug":70,"title":71,"description":72,"excerpt":72,"category":73,"order":74,"screens":75},"\u002Fhelp\u002Fdata-processing-agreement","data-processing-agreement","Data processing agreement (DPA)","How to download our signed DPA from your account settings, what it covers, and why it matters for GDPR compliance under Article 28.","enterprise",2,[],{"_path":77,"slug":78,"title":79,"description":80,"excerpt":80,"category":73,"order":81,"screens":82},"\u002Fhelp\u002Fdata-residency-mode","data-residency-mode","Data Residency Mode","How Data Residency Mode works, what metadata EmailConnect retains, and how geographic MX routing keeps email content within your chosen jurisdiction.",4,[83],"settings-data",{"_path":85,"slug":86,"title":87,"description":88,"excerpt":88,"category":89,"order":28,"screens":90},"\u002Fhelp\u002Fdata-retention","data-retention","Data retention settings","Configure how long EmailConnect stores your email metadata and logs","settings",[83],{"_path":92,"slug":93,"title":94,"description":95,"excerpt":95,"category":96,"order":81,"screens":97},"\u002Fhelp\u002Fdomain-masking-email-automation","domain-masking-email-automation","Domain masking for seamless email automation","How to use EmailConnect without changing your existing email setup through subdomain masking","technical",[98],"domains",{"_path":100,"slug":101,"title":102,"description":103,"excerpt":103,"category":18,"order":74,"screens":104},"\u002Fhelp\u002Fdomain-setup","domain-setup","Domain setup and verification","Complete guide to adding and verifying your domain for email processing",[98],{"_path":106,"slug":107,"title":108,"description":109,"excerpt":109,"category":18,"order":37,"screens":110},"\u002Fhelp\u002Femail-processing","email-processing","Email processing","How EmailConnect receives, processes, and delivers emails to your webhooks",[47],{"_path":112,"slug":113,"title":114,"description":115,"excerpt":115,"category":73,"order":37,"screens":116},"\u002Fhelp\u002Feu-data-sovereignty-compliance","eu-data-sovereignty-compliance","EU data sovereignty & regulatory compliance","How EmailConnect ensures full EU data sovereignty with immunity from the CLOUD Act, FISA 702, and Patriot Act for GDPR-compliant email processing.",[],{"_path":118,"slug":119,"title":120,"description":121,"excerpt":121,"category":119,"order":28,"screens":122},"\u002Fhelp\u002Fgetting-started","getting-started","Getting started with EmailConnect","Learn the basics of setting up your EmailConnect account and processing your first emails",[98],{"_path":124,"slug":125,"title":126,"description":127,"excerpt":127,"category":128,"order":74,"screens":129},"\u002Fhelp\u002Fwhitelist-sender-domains","whitelist-sender-domains","How to whitelist or block sender domains","Restrict your alias to only accept emails from trusted sender domains, or block unwanted ones, using alias rules","use-cases",[21],{"_path":131,"slug":132,"title":133,"description":134,"excerpt":135,"category":136,"order":74,"screens":137},"\u002Fhelp\u002Fmanual-payments","manual-payments","Manual payments (bank transfer or iDEAL\u002FWero)","Skip the mandate. Pay each subscription cycle via bank transfer or iDEAL\u002FWero using a payment link we send three days before renewal.","Pay each billing cycle on your own terms — no mandate, no auto-charges","billing",[138],"settings-billing",{"_path":140,"slug":141,"title":142,"description":143,"excerpt":143,"category":53,"order":19,"screens":144},"\u002Fhelp\u002Fpasskeys","passkeys","Passkeys","Sign in securely without a password using passkeys — fingerprint, face, PIN, or a security key",[12],{"_path":146,"slug":147,"title":148,"description":149,"excerpt":149,"category":73,"order":28,"screens":150},"\u002Fhelp\u002Fenterprise-features-overview","enterprise-features-overview","Platform features & compliance overview","Overview of EmailConnect's Platform capabilities for regulated industries, including audit logging, RBAC, DPAs, and EU data sovereignty guarantees.",[],{"_path":152,"slug":153,"title":154,"description":155,"excerpt":155,"category":136,"order":28,"screens":156},"\u002Fhelp\u002Fpricing-payment-options","pricing-payment-options","Pricing and payment options","Flexible pricing with subscription plans and pay-as-you-go credits",[138],{"_path":158,"slug":159,"title":160,"description":161,"excerpt":161,"category":89,"order":74,"screens":162},"\u002Fhelp\u002Fspam-filtering","spam-filtering","Spam filtering","Protect your webhooks from unwanted emails with built-in spam filtering powered by Rspamd",[21],{"_path":164,"slug":165,"title":166,"description":167,"excerpt":167,"category":27,"order":74,"screens":168},"\u002Fhelp\u002Fwebhooktest-integration","webhooktest-integration","Testing webhooks with WebhookTest","Test your email-to-webhook flows instantly with integrated WebhookTest.eu",[39],{"_path":170,"slug":171,"title":172,"description":173,"excerpt":173,"category":9,"order":10,"screens":174},"\u002Fhelp\u002Fgdpr-trap-server-location","gdpr-trap-server-location","The hidden GDPR trap - why server location isn't enough","EU servers don't guarantee GDPR compliance. Learn why company jurisdiction matters more than you think for data protection.",[],{"_path":176,"slug":177,"title":178,"description":179,"excerpt":179,"category":18,"order":81,"screens":180},"\u002Fhelp\u002Falias-options-explained","alias-options-explained","Understanding alias options","Learn about attachment processing and envelope data options for email aliases",[21],{"_path":182,"slug":183,"title":184,"description":185,"excerpt":185,"category":119,"order":74,"screens":186},"\u002Fhelp\u002Fsubdomain-strategy","subdomain-strategy","Using subdomains for email processing","Keep your main email infrastructure intact while enabling powerful automation",[98],{"_path":188,"slug":189,"title":190,"description":191,"excerpt":191,"category":53,"order":192,"screens":193},"\u002Fhelp\u002Fvirus-scanning","virus-scanning","Virus scanning","How EmailConnect scans every attachment for malware before it reaches your webhook",15,[21],{"_path":195,"slug":196,"title":197,"description":198,"excerpt":198,"category":18,"order":37,"screens":199},"\u002Fhelp\u002Fwebhook-configuration","webhook-configuration","Webhook configuration","Learn how to set up and configure webhooks to receive processed email data",[39],{"_path":201,"slug":202,"title":203,"description":204,"excerpt":204,"category":53,"order":81,"screens":205},"\u002Fhelp\u002Fwebhook-signing","webhook-signing","Webhook signing","Secure your webhook endpoints with HMAC-SHA256 signatures following the Standard Webhooks convention",[39],{"_path":207,"slug":208,"title":209,"description":210,"excerpt":210,"category":18,"order":81,"screens":211},"\u002Fhelp\u002Fwebhook-payload-reference","webhook-payload-reference","What's in your webhook payload","Complete reference of every field in your EmailConnect webhook payload, including enrichment features by plan",[39],[213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271],{"id":6,"title":7,"description":8,"content":214,"category":9,"path":5},"What is the AI help assistant? The help assistant is an optional chat feature built into the EmailConnect dashboard. It can answer questions about configuration, webhooks, domains, aliases, and other platform features — drawing on our knowledge base articles. You can open it with the ? icon in the navigation bar, or press Ctrl+K \u002F Cmd+K . What data does the assistant receive? When you send a question, the following context is included so the assistant can give relevant answers: Data sent Example Why Your question "How do I verify a domain?" To answer it Plan identifier business To tailor answers to your plan's features Current screen aliases To suggest relevant articles Resource counts 2 domains, 5 aliases To give contextual guidance What is never sent: Email content or message bodies Email addresses, sender\u002Frecipient information Webhook URLs or secrets API keys or credentials IP addresses or browser fingerprints Any personally identifiable information (PII) Data handling: streaming only, never stored All conversations are streamed in real-time and are never persisted: Questions and answers exist only for the duration of the HTTP request No chat history is stored on our servers or by the AI provider Closing the help panel discards the conversation entirely There is no training on your data — your questions are not used to improve the model Fully EU-operated infrastructure Every component of the AI assistant runs within the European Union: Component Provider Location Application backend Hetzner Germany Knowledge base service Hetzner Germany AI model (Mistral) Scaleway France Vector database Hetzner Germany We specifically use Scaleway's Mistral API rather than Mistral's own API endpoint, because Mistral's primary API runs on Microsoft Azure infrastructure. Scaleway's wrapper guarantees the model runs on EU-owned infrastructure in France, with no data leaving the EU. Rate limits To prevent abuse, the assistant is limited to 20 questions p",{"id":177,"title":178,"description":179,"content":216,"category":18,"path":176},"When creating or editing an alias in EmailConnect, you'll find two important options that control how email data is processed and delivered to your webhooks. Process attachments This option determines how EmailConnect handles file attachments in incoming emails. Option 1: Inline (default) When set to "Inline", attachments are: Converted to Base64 encoding Included directly in the webhook JSON payload Immediately available for processing Example payload with inline attachment: { "subject": "Invoice for March", "attachments": [ { "filename": "invoice-march.pdf", "contentType": "application\u002Fpdf", "size": 125840, "content": "JVBERi0xLjQKJeHp69MKMSAwIG9iago8PC9Ue..." \u002F\u002F Base64 encoded content } ] } Best for: Small to medium attachments (under 10MB) When you need immediate access to file contents Simple architectures without external storage Quick prototypes and MVPs Option 2: Managed S3 storage When set to "Managed S3 storage", attachments are: Uploaded to Amazon S3 (or compatible storage) Webhook receives URLs instead of file contents Files accessible via secure, time-limited URLs Example payload with Managed S3 storage: { "subject": "Invoice for March", "attachments": [ { "filename": "invoice-march.pdf", "contentType": "application\u002Fpdf", "size": 125840, "url": "https:\u002F\u002Fstatic.emailconnect.eu\u002Fattachments\u002Fuuid..." } ] } Best for: Large attachments (over 10MB) High-volume email processing When webhooks have size limits Long-term file storage needs Option 3: Custom S3 storage Configure your own S3-compatible bucket for attachment storage: Full control over file retention Keep files in your own infrastructure Custom access policies Cost optimization for high volumes Configuration required: Bucket name and region Access key and secret key Optional: custom",{"id":15,"title":16,"description":17,"content":218,"category":18,"path":14},"Alias rules give you granular control over which incoming emails trigger your webhooks. Create rules to allow or block emails based on sender information and attachment characteristics. Note: Rules are a Maker+ feature. How rules work Rules are evaluated before an email triggers your webhook. Each rule checks specific conditions and either allows or blocks the email. Rule evaluation order: Block rules are evaluated first If any block rule matches, the email is rejected If no block rules match, allow rules are checked If allow rules exist and none match, the email is rejected If no rules exist, all emails pass through Creating rules Access rule settings Go to your alias settings Click on the "Rules" tab Click "Add rule" Rule types Allow rules Only emails matching the criteria will trigger your webhook Useful for restricting an alias to specific senders Block rules Emails matching the criteria will be rejected Useful for filtering out unwanted senders or attachment types Filter criteria Sender email address Filter by the sender's full email address. Examples: Allow only orders@supplier.com Block spam@example.com Sender domain Filter by the sender's email domain. Examples: Allow all emails from @trusted-partner.com Block all emails from @spam-domain.com Attachment status Filter based on whether the email has attachments. Options: Has attachments No attachments Use cases: Only accept emails with attachments (for document processing) Reject emails with attachments (for simple notifications) Attachment file types Filter based on attachment file extensions. Examples: Block .exe , .bat , .cmd (executable files) Block .zip , .rar , .7z (compressed archives) Allow only .pdf , .doc , .docx (documents) Sender notifications When an email is blocked by a rule, you can optionally notify the sender. Enabling notifications Edit your rule Toggle "Notify sender when blocked" Optionally customize the notification message Default notification The se",{"id":24,"title":25,"description":26,"content":220,"category":27,"path":23},"EmailConnect's REST API enables powerful integrations with automation platforms, custom applications, and third-party services. Here's how to create and manage API keys for seamless connectivity. Creating API keys Access API settings Navigate to Settings > API Keys Click "Create new API key" Configure key permissions Full scope (default) Complete access to all API endpoints Read and write permissions Suitable for trusted applications Limited scopes Choose specific permissions: Domains : List and manage domains Aliases : Create and manage email aliases Webhooks : Configure webhook endpoints Emails : Read email history and logs Statistics : Access usage statistics Generate and save Choose key name (e.g., "Zapier Integration") Select permissions Click "Generate key" Important : Save the key immediately - it won't be shown again API documentation Access comprehensive API documentation at emailconnect.eu\u002Fdocs : Interactive API explorer Request\u002Fresponse examples Authentication details Rate limits and quotas Popular integrations Zapier Connect EmailConnect to 5,000+ apps: Create API key with full scope Add EmailConnect as a Zapier app Use API key for authentication Build zaps to process emails Example Zapier workflows: Email → EmailConnect → Google Sheets Email → EmailConnect → Slack notification Email → EmailConnect → CRM update Make (formerly Integromat) Visual automation platform: Create API key in EmailConnect Add HTTP module in Make Configure with EmailConnect API endpoints Process emails in complex workflows Example Make scenarios: Parse invoices and update accounting software Extract leads from emails to CRM Trigger multi-step approval workflows N8n (self-hosted automation) Open-source workflow automation: Install official EmailConnect n8n node Create API key with required scopes Configure node with your API key Build automation workflows n8n advantages: Native EmailConnect integration Self-hosted for data privacy Complex",{"id":42,"title":43,"description":44,"content":222,"category":18,"path":41},"EmailConnect provides flexible options for handling email attachments, from simple inline delivery to cloud storage integration. Processing options When configuring an alias, you can choose how attachments are processed: Inline (default) Attachments are Base64-encoded and included directly in the webhook payload. How it works: Email arrives with attachment Attachment is converted to Base64 Encoded content is included in the webhook JSON Your application decodes and processes the file Payload example: { "attachments": [ { "filename": "invoice.pdf", "contentType": "application\u002Fpdf", "size": 125840, "content": "JVBERi0xLjQKJeHp69MKMSAwIG9iago8PC9UeX...", "virusScan": { "status": "clean" } } ] } Best for: Small to medium attachments (under 10MB) Simple webhook endpoints Quick prototypes and MVPs When you need immediate file access Considerations: Increases webhook payload size May hit size limits on some webhook receivers Higher memory usage during processing Managed S3 storage Attachments are uploaded to EmailConnect's managed S3 storage, and your webhook receives secure URLs. How it works: Email arrives with attachment Attachment is uploaded to managed S3 storage Webhook receives a pre-signed URL Your application downloads the file when needed Payload example: { "attachments": [ { "filename": "invoice.pdf", "contentType": "application\u002Fpdf", "size": 125840, "url": "https:\u002F\u002Fstatic.emailconnect.eu\u002Fattachments\u002F...", "status": "completed", "virusScan": { "status": "clean" } } ] } Best for: Large attachments (over 10MB) High-volume processing When webhook endpoints have size limits Deferred processing workflows Considerations: Requires additional HTTP request to fetch files URLs expire after a set period Slight processing delay for up",{"id":50,"title":51,"description":52,"content":224,"category":53,"path":49},"EmailConnect may conduct a compliance review when there are reasonable grounds to suspect a violation of our Acceptable Use Policy . This article explains what a compliance review involves, what data is accessed, the legal basis, and your rights. What is a compliance review? A compliance review is a limited, time-bound review of email metadata associated with a specific account. Reviews are only initiated when there are reasonable grounds to suspect activity that violates our Acceptable Use Policy, such as phishing, spam distribution, or malware delivery. Compliance reviews are strictly limited to metadata. We do not read email body content during a compliance review. What data is reviewed During a compliance review, only the following metadata may be examined: Subject lines of processed emails Sender and recipient email addresses URLs found in emails Attachment filenames (not attachment contents) Timestamps and volume patterns We do not read email body content. The review is limited to metadata that indicates patterns of use, not the substance of private communications. Why we conduct compliance reviews Compliance reviews serve a narrow purpose: protecting the platform and all its users. Preventing abuse — EmailConnect must not be used as infrastructure for phishing, spam, or malware distribution. We have a legal and ethical obligation to prevent our service from aiding illegal activities. Protecting the platform — Abuse by one account can damage the reputation of the service and affect the trust other users place in EmailConnect. Maintaining trust — Users rely on EmailConnect to operate a clean, trustworthy email processing service. Compliance reviews are one mechanism for upholding that standard. Legal basis Compliance reviews are conducted under the following GDPR provisions: Article 6(1)(f) — Legitimate interest. We have a legitimate interest in preventing platform abuse that would harm other users and the service itself. Article 5(1)(c) — Data minimisation. Re",{"id":57,"title":58,"description":59,"content":226,"category":18,"path":56},"With Business+ plans, you can configure exactly which fields are included in your webhook payload on a per-alias basis. Strip what you don't need, keep what you do. Why customise your payload Minimise PII exposure Every field you forward is a field that could end up in logs, error reports, or third-party systems. If your pipeline only needs the sender address and subject line to route a support ticket, there is no reason to forward the full email body. Stripping unnecessary fields reduces your data footprint and simplifies GDPR compliance — you can't leak data you never received. Reduce overhead Smaller payloads mean faster webhook delivery, lower bandwidth, and less processing on your end. At high volumes the difference adds up: a metadata-only payload can be an order of magnitude smaller than one carrying the full HTML body and inline attachments. Match rigid endpoints Some webhook receivers — Zapier, Make, or internal microservices — expect a specific schema. If the endpoint has no flexibility for extra fields, a trimmed payload avoids parsing errors and simplifies your integration. Compliance and audit Regulated industries often require data minimisation by design. Custom payloads let you enforce this at the source: forward only the metadata you need, and leave everything else behind. How it works In your alias settings, select which field groups to include: Field group What it contains Default Sender & recipients From, To, CC, BCC addresses Included Subject Email subject line Included Text body Plain-text version of the email Included HTML body Raw HTML version of the email Included Markdown body Cleaned Markdown conversion Included Links Extracted URLs from the email body Included Attachments File metadata and content\u002FURLs Included Envelope data SMTP routing info (MAIL FROM, RCPT TO) Excluded Spam analysis Spam score, DKIM\u002FSPF\u002FDMARC results Plan-dependent Disable any group you don't need. The payload will only contain the fields you've sele",{"id":64,"title":65,"description":66,"content":228,"category":18,"path":63},"Custom headers in EmailConnect webhooks provide powerful capabilities for authentication, routing, and testing. Here's everything you need to know about configuring and using them effectively. What are custom headers? Custom headers are additional HTTP headers sent with every webhook request. They can be used for: Authentication tokens API versioning Request routing Testing scenarios Metadata passing Adding custom headers In the webhook form Navigate to your alias Click "Add webhook" or edit existing Find the "Custom headers" section Click "Add header" Enter header name and value Save the webhook Header format Headers follow standard HTTP conventions: Name : Case-insensitive, but typically formatted as Header-Name Value : Any string value, including tokens, JSON, etc. Common use cases Authentication Header: Authorization Value: Bearer your-api-token-here Header: X-API-Key Value: sk_live_abcd1234efgh5678 Webhook signatures Header: X-Webhook-Secret Value: shared-secret-for-hmac-verification Content type override Header: Content-Type Value: application\u002Fx-www-form-urlencoded Custom routing Header: X-Environment Value: production Header: X-Tenant-ID Value: customer-123 Testing with WebhookTest WebhookTest offers special headers for testing scenarios without deploying code: Simulating HTTP errors Header: X-Mock-Status Value: 500 Returns a 500 Internal Server Error, perfect for testing retry logic. Adding response delays Header: X-Mock-Delay Value: 3000 Delays response by 3 seconds (3000ms) to test timeout handling. Custom response bodies Header: X-Mock-Response Value: {"status": "queued", "id": 12345} Returns custom JSON response for testing parsers. Different content types Header: X-Mock-Content-Type Value: text\u002Fplain Tests how your system handles non-JSON responses. Real-world examples Connecting to Slack Header: Authorization Value: Bearer xoxb-your-slack-token Zapier webhook Header: X-Hook-Secret Value: y",{"id":70,"title":71,"description":72,"content":230,"category":73,"path":69},"What is a data processing agreement? A data processing agreement (DPA) is a legally binding contract between a data controller (your organisation) and a data processor (EmailConnect). Under GDPR Article 28, a DPA is required whenever a third party processes personal data on your behalf. For email automation, this matters because inbound emails frequently contain personal data — names, email addresses, and potentially sensitive content in the body or attachments. What our DPA covers EmailConnect's DPA addresses the following areas as required by GDPR Article 28(3): Data processing scope Types of personal data processed (email metadata, body content, attachments) Categories of data subjects (your customers, partners, employees) Purpose and duration of processing EU data residency guarantee All data processed and stored exclusively in EU data centres (France & Germany) No data transfers outside the EU\u002FEEA No U.S.-based sub-processors or infrastructure Explicit immunity from CLOUD Act, FISA Section 702, and Patriot Act jurisdiction Sub-processor transparency Complete list of sub-processors with their roles and locations Advance notification of any sub-processor changes All sub-processors are EU-based entities Security measures Technical and organisational measures (TOMs) in place Encryption in transit (TLS) Access controls and authentication requirements Incident response procedures Data subject rights Procedures for handling data subject access requests (DSARs) Support for data portability and erasure requests Response timeframes and cooperation commitments Data deletion Procedures for data return or deletion upon contract termination Confirmation of deletion upon request Alignment with your configured data retention policies Data Residency Mode addendum If you have enabled Data Residency Mode (Platform plan), the DPA includes an addendum that reflects the reduced data scope: Email content (body, attachments, headers) is not stored in EmailConnect's databas",{"id":78,"title":79,"description":80,"content":232,"category":73,"path":77},"Privacy tiers at a glance EmailConnect minimises data exposure at every level. Each tier builds on the one before it. Tier Plan What EmailConnect stores Where email is processed Default All plans Full email, 1-hour retention Shared EU node Custom retention Business+ Full email, configurable window Shared EU node Data Residency Mode Platform Routing metadata only Shared EU node DRM + regional node Platform Routing metadata only In-country node (e.g. mx-de ) DRM + dedicated node Platform Routing metadata only Your own infrastructure Default — content auto-deletes after 1 hour. Minimal exposure by design. Custom retention — set your own retention window. Delete records instantly via the DELETE \u002Fapi\u002Fv1\u002Femails\u002F{messageId} endpoint. Optional custom S3 for attachments. Data Residency Mode — email content is parsed in memory and relayed directly to your webhook and S3 bucket. Never written to our database. Requires custom S3 storage. DRM + regional node — a geography-specific MX server (e.g. mx-de for Germany) ensures email content never leaves the target country. For organisations where data transit through another jurisdiction is a concern, not just storage. DRM + dedicated node — you operate the processing node on your own infrastructure or private cloud. We provide the container image and configuration. Full isolation. Most organisations are well served by the default retention or custom retention tiers. Data Residency Mode and its regional options exist for those with jurisdiction-specific requirements that go beyond retention policies. What is Data Residency Mode? Data Residency Mode is an opt-in feature for Platform plan users that ensures EmailConnect never stores email content (body, attachments, headers) in its central database. Content flows through memory to your webhook endpoint and your own S3 storage — only routing metadata is retained by EmailConnect. This is designed for organisations in regulated industries (finance, healthcare, legal, government) that nee",{"id":86,"title":87,"description":88,"content":234,"category":89,"path":85},"EmailConnect provides flexible data retention controls to help you balance data availability with privacy requirements and storage costs. Configure these settings in retention settings . Understanding data retention Data retention determines how long EmailConnect stores: Processed email metadata Webhook delivery logs Failed webhook attempts Email processing history Why data retention matters Privacy compliance Meet GDPR requirements for data minimization Automatically delete old customer data Reduce liability from storing unnecessary information Storage optimization Lower storage costs by removing old data Improve query performance on active data Keep your account lean and efficient Business requirements Maintain audit trails for the required period Balance debugging needs with privacy Comply with industry-specific regulations Configuring retention settings Access retention settings Navigate to Settings ( \u002Fsettings ) Click on the "Retention" tab Choose your retention period Save changes Available retention periods Free and Maker plans: 1 hour default Business plan: 24 hours default Configurable up to 30 days Platform plan: 24 hours default Configurable up to 365 days Automated export options before deletion What gets retained Email metadata Subject and recipient Processing timestamp Size and attachment count Delivery status Webhook logs Delivery attempts and timestamps HTTP response codes Response times Retry attempts What doesn't get stored Email body content Attachment contents (only metadata) Raw email data Personal identifying information beyond email addresses Retention lifecycle Day 0: Email received Email processed and webhook triggered Metadata stored in database Delivery logged During retention period Full access to logs and history Debugging information available Retry options for failed webhooks After retention period Data automatically deleted No manual intervention needed Deletion is permanent and irreversible Changing retention settings I",{"id":93,"title":94,"description":95,"content":236,"category":96,"path":92},"Many businesses want to automate their email processing but hesitate because they don't want to change their existing email infrastructure. Domain masking solves this perfectly—you can process emails through EmailConnect while maintaining your professional email addresses and existing setup. The domain masking approach Domain masking lets you use EmailConnect's powerful email processing while keeping your existing email infrastructure completely unchanged. Your customers still email your professional addresses, but the emails get processed through automation behind the scenes. How it works Create a subdomain for EmailConnect processing (e.g., automation.yourcompany.com ) Set up aliases on your subdomain that mirror your main addresses Create forwarding rules from your main domain to the subdomain Process and respond using your original professional addresses This approach gives you the best of both worlds: seamless automation and unchanged customer experience. Real-world setup example Scenario: Company with existing email infrastructure wants to add automation Current setup: Main domain: yourcompany.com (hosted with Google Workspace) Email addresses: support@yourcompany.com , sales@yourcompany.com Transactional emails: SendGrid for notifications and responses Masking implementation: 1. Create subdomain: automation.yourcompany.com 2. Point subdomain to EmailConnect: MX records → mx1.emailconnect.eu 3. Set up aliases: - support@automation.yourcompany.com - sales@automation.yourcompany.com 4. Create forwarding rules in Google Workspace: - support@yourcompany.com → support@automation.yourcompany.com - sales@yourcompany.com → sales@automation.yourcompany.com 5. Configure responses to come from original addresses Customer experience: Customers email support@yourcompany.com and receive responses from support@yourcompany.com —they never see the automation subdomain. Step-by-step implementation guide Step 1: Choose your automation subdomain Select a subdomain that wo",{"id":101,"title":102,"description":103,"content":238,"category":18,"path":100},"Setting up your domain correctly is crucial for receiving emails through EmailConnect. This guide covers everything you need to know. Prerequisites Access to your domain's DNS settings Administrative rights to modify DNS records Your domain should be active and resolving Step-by-step setup 1. Add your domain Navigate to Domains in your dashboard Click Add domain Enter your domain name without any subdomain (e.g., example.com , not www.example.com ) Click Add domain 2. Configure MX records MX (Mail Exchange) records tell email servers where to deliver emails for your domain. Required MX record: Type: MX Name: @ (or leave blank) Value: mx1.emailconnect.eu Priority: 10 TTL: 3600 (or your provider's default) Important notes: Remove any existing MX records that point to other email services If you need to keep existing email service, contact support for advanced configuration Changes may take up to 24 hours to propagate globally 3. Add TXT verification record A TXT record is used to verify domain ownership. Required TXT record: Type: TXT Name: @ (or leave blank) Value: verify-ec=yourdomain.com TTL: 3600 4. Verification process After adding the DNS records: Wait 5-10 minutes for initial DNS propagation Click Verify domain in your dashboard The system will check your DNS configuration Verification typically completes within 1-2 minutes Verification status: Pending : DNS records not yet detected Verified : Domain is ready to receive emails Failed : DNS configuration issues detected Troubleshooting Common issues "MX record not found" Double-check the MX record value: mx1.emailconnect.eu Ensure priority is set to 10 Wait longer for DNS propagation (up to 24 hours) "TXT verification record missing" Verify the TXT record value exactly matches: verify-ec=yourdomain.com Check that the record is added to the domain level of your choice (@ vs e.g. in.) "Verification taking too long" DNS changes can take up to 24 hours to propagate globally Use ",{"id":107,"title":108,"description":109,"content":240,"category":18,"path":106},"EmailConnect transforms incoming emails into structured webhook payloads. This guide explains the processing pipeline from email receipt to webhook delivery. Processing pipeline 1. Email reception When an email arrives at your configured domain: SMTP connection - Sender's mail server connects to mx1.emailconnect.eu Spam & virus check - Email is scanned for spam. On Business+ plans, attachments are also scanned for viruses using ClamAV Rule evaluation - Alias rules are checked (Maker+ feature) Acceptance - Email is accepted for processing 2. Parsing and extraction EmailConnect extracts structured data from the raw email and enriches it based on your plan. Message parsing (all plans): Sender and recipient addresses, display names Subject line, date, and timestamps HTML and plain text body Link extraction from both HTML and plain text Attachments with filenames, MIME types, and sizes (Base64 inline or S3 URL) Email classification by type ( normal , transactional , marketing , notification , automated ) Content enrichment (Maker+): Markdown conversion — HTML body converted to clean Markdown, useful for LLM pipelines and content extraction Classification confidence and signals (e.g. has_attachment , has_unsubscribe_link ) Integrity hashes — SHA-256 hashes of both the processed content and the raw email for audit trails and deduplication Spam analysis (Maker+): rspamd composite score and verdict SPF, DKIM, and DMARC authentication results Matched rules with individual weights Configurable threshold for automatic filtering Security scanning (Business+): ClamAV virus scanning on all attachments Infected files are excluded from delivery with excludeReason: "virus-detected" Per-attachment and summary-level scan results 3. Webhook delivery The structured payload is delivered to your configured endpoint: Payload construction - JSON payload is built Signing - Request is signed for verification Delivery - POST request sent to your webhook URL Retry handling - Fa",{"id":147,"title":148,"description":149,"content":242,"category":73,"path":146},"Platform-grade email infrastructure for regulated industries EmailConnect's Platform plan is designed for organisations in finance, healthcare, legal, and government that require full regulatory compliance and auditable infrastructure alongside their email automation. All Platform features build on top of the existing Maker+ capabilities — you get everything in Maker+, plus the compliance and security controls your CISO, DPO, or legal counsel needs to approve the vendor. What's included Immutable audit logging Every email processed, every webhook delivered, and every administrative action is logged in a searchable, exportable audit trail. Designed to meet GDPR accountability requirements (Article 5(2)) and support NIS2 incident reporting obligations. Timestamped records of all system activity Exportable in standard formats for compliance reporting Tamper-proof log storage within EU jurisdiction Role-based access control (RBAC) Granular permissions for teams of any size. Define who can configure aliases, view logs, manage billing, or access sensitive data. Admin, operator, and read-only roles Separation of duties for security-critical operations User activity tracking for compliance audits Signed data processing agreement (DPA) A formal DPA that explicitly guarantees EU-only data residency and processing, as required by GDPR Article 28 for controller-processor relationships. Covers all sub-processors and storage locations Specifies data handling, retention, and deletion procedures Available for download at Settings → Compliancy on all plans, including Free Data Residency Mode For organisations that require email content to remain exclusively within their own infrastructure, Data Residency Mode ensures that EmailConnect never persists email body, attachments, or headers in its central database. Email content is delivered to your webhook and stored in your own S3 bucket Only routing metadata is retained by EmailConnect (message ID, recipient address, subject, t",{"id":113,"title":114,"description":115,"content":244,"category":73,"path":112},"Why data sovereignty matters for email processing Inbound email is one of the most sensitive data flows in any organisation. Invoices, contracts, customer complaints, HR correspondence, legal notices — all of it arrives via email. Where that data is processed and who has legal authority over it is a material business risk. The U.S. jurisdiction problem Most email processing services are operated by U.S. companies or use U.S.-owned cloud infrastructure. This creates exposure to several U.S. laws that directly conflict with EU data protection: CLOUD Act (2018) The Clarifying Lawful Overseas Use of Data Act allows U.S. law enforcement to compel U.S.-based companies to hand over data stored anywhere in the world — including EU data centres. A DPA with a U.S.-owned processor cannot override this. FISA Section 702 The Foreign Intelligence Surveillance Act allows U.S. intelligence agencies to collect data from non-U.S. persons through U.S. technology companies. This surveillance operates without individual warrants and can encompass email content. Patriot Act Grants broad authority for U.S. government agencies to access business records held by U.S. companies, including data stored in EU locations. The practical impact The Schrems II ruling (2020) invalidated the EU-U.S. Privacy Shield precisely because of these conflicts. The EU Court of Justice found that U.S. surveillance laws provide insufficient protection for EU personal data. This legal uncertainty affects any organisation using U.S.-owned email infrastructure. How EmailConnect ensures sovereignty EmailConnect is designed from the ground up to eliminate U.S. jurisdictional exposure: EU-owned company EmailConnect is owned and operated by an EU entity. No U.S. parent company, no U.S. investors with board control, no U.S. legal obligations. EU-only infrastructure All servers, databases, and storage are located in EU data centres (Germany and the Netherlands), operated by EU-headquartered providers. No AWS, no Azure, no",{"id":171,"title":172,"description":173,"content":246,"category":9,"path":170},"TL;DR: EU servers ≠ GDPR compliance. Company jurisdiction matters more than you think. The wake-up call: When Microsoft cut off the International Criminal Court In February 2025, something unprecedented happened. Microsoft blocked the email account of Karim Khan, Chief Prosecutor of the International Criminal Court in The Hague, following US sanctions imposed by President Trump. Think about that for a moment: A US company shut down email access for one of Europe's most important judicial institutions. Khan had to scramble to Proton Mail just to do his job. The ICC's work was virtually paralyzed. If this can happen to the International Criminal Court, what does that mean for your business data? The GDPR compliance reality check Most businesses focus on where servers are located while completely missing the bigger picture. Here's what actually determines your data's protection: True EU compliance vs hidden US exposure Service type EU-safe options US jurisdiction risk Cloud hosting Hetzner, Scaleway, OVHcloud AWS, Google Cloud, Microsoft Azure Email services Proton Mail, Tutanota, Posteo Gmail, Outlook\u002FOffice 365, Yahoo Object storage Scaleway Object Storage, OVHcloud AWS S3, Google Cloud Storage Analytics Matomo (self-hosted), Plausible Google Analytics, Adobe Analytics Payments European banks, Stripe EU PayPal, Stripe US CDN KeyCDN, BunnyCDN Cloudflare, AWS CloudFront The "European Company, US Infrastructure" trap Here's where it gets tricky: Company X claims to be "European" and GDPR-compliant, but runs everything on AWS. This is incredibly common and creates a false sense of security. Red flags to watch for: "EU-based" but infrastructure shows AWS\u002FGCP in technical checks Privacy policy mentions US data processing Terms reference US legal jurisdiction Company registration outside the EU Quick due diligence: 3 minutes to check any provider 1. Check the company registration Where is it legally incorporated? EU entity o",{"id":119,"title":120,"description":121,"content":248,"category":119,"path":118},"Welcome to EmailConnect! This guide will help you get up and running with email processing in just a few minutes. What is EmailConnect? EmailConnect is a service that converts incoming emails into webhook calls, allowing you to process emails programmatically in your applications. It's perfect for: Customer support systems Order processing workflows Newsletter management Automated email responses Integration with existing business systems Quick setup process 1. Create your account If you haven't already, sign up for an account . The Free plan includes: 100 emails per month 1 domain 3 aliases 3 webhooks Tip: You can start receiving emails immediately using a system alias — no domain setup required. Your system alias format is yourusername+anything@user.emailconnect.eu . For example, alice+support@user.emailconnect.eu will deliver to your webhook right away. 2. Add your domain Go to the Domains section in your dashboard Click Add domain Enter your domain name (e.g., yourdomain.com ) Follow the DNS configuration instructions 3. Configure DNS records You'll need to add these DNS records to your domain: Type: MX Name: @ Value: mx1.emailconnect.eu Priority: 10 Type: TXT Name: @ Value: verify-ec=yourdomain.com 4. Create an alias Go to the Aliases section Click Create Alias Choose your domain Set up your email pattern (e.g., support@yourdomain.com ) Configure your webhook URL 5. Test your setup Send a test email to your alias and check your webhook endpoint to see the processed email data. Next steps Set up webhooks to process incoming emails Configure aliases for different email addresses Learn about email processing options Need help? If you run into any issues, contact our support team at support@emailconnect.eu .",{"id":132,"title":133,"description":134,"content":250,"category":136,"path":131},"EmailConnect offers two ways to pay for a subscription. Automatic payments are the default — fast, hands-off, and recommended for most customers. Manual payments are an alternative for customers who'd rather not grant a recurring mandate and prefer to pay each cycle deliberately. This article explains how manual payments work, who they're for, and what to expect. At a glance Automatic payment Manual payment Methods Credit\u002Fdebit card · SEPA Direct Debit Bank transfer · iDEAL · Wero Mandate required Yes (one-time setup) No Renewal Charged automatically You complete a payment link each cycle Notice before renewal None needed Payment link emailed 3 days before expiration Subscription continues As long as the payment method works Only after each manual payment is received Best for Most customers Customers who prefer to stay in control of every charge Automatic payments When you start a paid subscription, EmailConnect (via our payment processor Mollie ) sets up a mandate against your chosen method: Credit or debit card — Visa, Mastercard, Amex SEPA Direct Debit — any EU bank account After the first payment, each subsequent monthly or annual renewal is charged automatically. You don't need to take action. If a payment fails (expired card, insufficient funds), we notify you and retry; you can update the payment method from Settings → Billing . This is the default option at checkout and what most customers use. Manual payments If you'd rather not authorise recurring charges, choose "Pay with bank transfer or iDEAL\u002FWero instead" at checkout. With manual payments: No mandate is created. We hold no direct-debit authority and cannot pull money from your account. Three days before each renewal , we email you a secure Mollie payment link. You complete the payment using iDEAL (Netherlands), Wero (rolling out across the EU), or a regular SEPA bank transfer . Once the payment is received, your subscription is extended for the next cycle and your service cont",{"id":141,"title":142,"description":143,"content":252,"category":53,"path":140},"Passkeys are a modern, phishing-resistant way to sign in to EmailConnect without typing a password. They use your device's built-in security — fingerprint sensor, face recognition, device PIN, or a hardware security key — to verify your identity. What are passkeys? Passkeys are built on the WebAuthn\u002FFIDO2 standards, supported by all major browsers and operating systems. Instead of a password that can be guessed, leaked, or phished, a passkey is a cryptographic key pair: A private key stays on your device (or in your password manager) and never leaves it A public key is stored on EmailConnect's server When you sign in, your device proves it holds the private key without ever revealing it Because the passkey is bound to the specific website ( app.emailconnect.eu ), it cannot be tricked into working on a phishing site. Even if someone creates a perfect copy of the EmailConnect login page, your passkey simply will not activate on the wrong domain. Synced vs device-only passkeys When you register a passkey, EmailConnect shows a badge indicating whether it is synced or device-only . This distinction matters for account recovery, so it is worth understanding. Synced Device-only Badge in EmailConnect Synced (neutral) Device-only (warning) Stored in Password manager or cloud keychain Device hardware (TPM, Secure Enclave) Available on other devices Yes, wherever your password manager is installed No, only on the original device Examples Bitwarden, 1Password, iCloud Keychain, Google Password Manager Windows Hello (without Microsoft account sync), YubiKey, Titan Security Key If you lose the device Still accessible from another device Gone permanently, no recovery Synced passkeys A synced passkey is stored in a password manager or cloud keychain and backed up to the cloud. This is what most users should aim for. When EmailConnect detects deviceType: multiDevice and backedUp: true , it shows the Synced badge. If you use a password manager like Bitwarden or 1Password, your",{"id":153,"title":154,"description":155,"content":254,"category":136,"path":152},"EmailConnect offers flexible pricing to match your email processing needs, from hobbyist projects to enterprise deployments. Choose between our subscription plans or pay-as-you-go credits. Free plan Perfect for getting started and small projects: 1 domain 2 aliases (workflow endpoints) 100 emails per month 1-hour data retention Basic email classification + link extraction Community support Ideal for: Testing and development Personal projects Low-volume automation Learning the platform Subscription plans Maker plan - €12.95\u002Fmonth (or €129.50\u002Fyear) For makers and solo developers: 1,500 emails per month 1 domain 5 aliases (workflow endpoints) Webhook delivery with custom headers Spam filtering + webhook signing Classification, links, markdown, integrity hashes Overage: €5.00\u002F1,000 emails Email support Ideal for: Side projects with real traffic Solo developer tools SaaS prototypes Moderate email volume Business plan - €49\u002Fmonth (or €490\u002Fyear) Scale up your email processing: 10,000 emails per month 3 domains 25 aliases (workflow endpoints) Own S3 connection with configurable retention Custom payload builder + alias routing Virus scanning on attachments Delete email API endpoint Email retention up to 30 days All Maker features included Overage: €4.00\u002F1,000 emails Priority email support Ideal for: Growing businesses SaaS applications Multiple projects High email volume Platform plan - Custom pricing Tailored solutions for platforms and high-volume users: 75,000+ emails per month 10+ domains, 500+ aliases Multiple S3 connections Audit logging Custom credit rates Contact sales for: Volume discounts Custom requirements Compliance needs Dedicated infrastructure Credits system Pay only for what you use - perfect for variable or seasonal workloads. How credits work 1 credit = 1 email processed No monthly commitment Credits are valid for 12 months. Purchasing new credits extends the expiration of all existing credits to match the latest batch. Credits are consumed FIFO (oldest fi",{"id":159,"title":160,"description":161,"content":256,"category":89,"path":158},"EmailConnect provides built-in spam filtering powered by Rspamd to protect your webhooks from unwanted emails. For Maker+ users, spam analysis is automatically enabled on all custom domains. How spam filtering works Every email sent to your Maker+ custom domains is automatically analyzed by Rspamd, which: Checks SPF, DKIM, and DMARC authentication Analyzes email headers and content patterns Detects phishing attempts (suspicious URLs, display text mismatches) Checks URLs against known phishing databases (OpenPhish, PhishTank) Assigns a spam score from 0 (ham) to 15+ (definite spam) The spam score and analysis results are included in every webhook payload, giving you full visibility into email authenticity. Phishing protection EmailConnect automatically detects phishing attempts using multiple techniques: What we detect Technique Description Display text mismatch Links showing "paypal.com" but pointing to "evil-site.com" Known phishing URLs URLs matching OpenPhish and PhishTank databases Suspicious redirects Short URLs and redirect services often used in phishing Brand impersonation Emails mimicking legitimate services (banks, tech companies) How it works Phishing detection analyzes the content of emails (URLs, HTML, text patterns) rather than sender IP addresses. This means phishing protection works reliably regardless of how the email was delivered. When phishing is detected, the spam score increases and a phishing indicator appears in the webhook symbols array: { "spam": { "score": 6.5, "symbols": [ { "name": "PHISHED_URL", "weight": 4.0, "description": "evil-site.com" } ] } } Common phishing symbols include: PHISHED_URL - URL matches known phishing database PHISHING - General phishing indicators detected PHISHED_DISPLAYED_URL - Display text doesn't match actual URL Phishing vs spam score Phishing detection contributes to the overall spam score. A detected phishi",{"id":183,"title":184,"description":185,"content":258,"category":119,"path":182},"Setting up email processing can be intimidating when it involves changing the MX records of your main domain. Here's a clever strategy that keeps your primary email infrastructure intact while enabling powerful automation capabilities. The subdomain approach Instead of modifying your main domain's MX records, create a dedicated subdomain for email processing: ai.yourdomain.com - for AI-powered email processing in.yourdomain.com - for incoming webhook processing automation.yourdomain.com - for automated workflows Benefits of this approach 1. Zero disruption to existing email Your main domain continues to function exactly as before. All existing email addresses and services remain untouched. 2. Easy forwarding setup You can create simple email aliases in your existing email system: support@yourdomain.com → forwards to → support@in.yourdomain.com invoices@yourdomain.com → forwards to → invoices@automation.yourdomain.com 3. Gradual migration Test your automation workflows with the subdomain first. Once confident, you can gradually forward more addresses or eventually switch your main domain if desired. How to set it up Step 1: Create a subdomain in EmailConnect Go to your dashboard Click "Add domain" Enter your subdomain (e.g., in.yourdomain.com ) Follow the DNS verification steps Step 2: Configure Mx records Add these MX records for your subdomain only: in.yourdomain.com MX 10 mx1.emailconnect.eu Step 3: Create aliases In EmailConnect, create aliases for the subdomain: support@in.yourdomain.com orders@in.yourdomain.com etc. Step 4: Set up forwarding In your main email system (Gmail, Office 365, etc.), create forwarding rules: From: support@yourdomain.com To: support@in.yourdomain.com Real-world example Let's say you run an e-commerce store at mystore.com : Keep your main email ( hello@mystore.com ) on your current provider Create automation.mystore.com for processing orders Forward orders@mystore.com to orders@automation.mystore.com Configure webh",{"id":189,"title":190,"description":191,"content":260,"category":53,"path":188},"Every attachment on Business+ plans is scanned for malware before delivery. Infected files are rejected automatically — your webhook only receives clean, verified attachments. Powered by ClamAV EmailConnect uses ClamAV , the industry-standard open-source antivirus engine. ClamAV is maintained by Cisco's Talos Intelligence Group and is trusted by millions of deployments worldwide, from mail servers to enterprise gateways. Open source — fully auditable, no black-box scanning Battle-tested — used by major email providers, hosting companies, and enterprises Broad coverage — detects viruses, trojans, ransomware, phishing payloads, and other threats Virus definition updates Virus definitions are updated automatically via ClamAV's built-in freshclam daemon. Definitions are stored persistently, so restarts don't trigger a full re-download. Updates are applied in the background without service interruption. To keep memory usage predictable during updates, new definitions are loaded sequentially rather than in parallel with the old set. How scanning works An email with attachments arrives at your alias Each attachment is streamed to the ClamAV daemon for scanning Clean files are delivered normally with scan metadata in the payload Infected files are rejected and excluded — no download URL is provided Scanning happens inline before your webhook fires. There is no separate queue or delay beyond the scan itself. Clean file payload Clean attachments include a virusScan object confirming the result: { "filename": "report.pdf", "contentType": "application\u002Fpdf", "size": 48210, "downloadUrl": "https:\u002F\u002Fapp.emailconnect.eu\u002Fattachments\u002F...\u002Fdownload", "virusScan": { "status": "clean" } } Infected file payload Infected attachments are excluded from the payload. No download URL is provided, and the file is not stored: { "filename": "eicar_com.zip", "conte",{"id":33,"title":34,"description":35,"content":262,"category":27,"path":32},"The atomic webhook\u002Falias endpoint lets you create a webhook and email alias in a single API call. Both resources are created together in a transaction — if either fails, neither is created. This is the recommended way to set up email forwarding programmatically. Endpoint POST https:\u002F\u002Fapp.emailconnect.eu\u002Fapi\u002Fwebhooks\u002Falias X-API-KEY: YOUR_API_KEY Content-Type: application\u002Fjson Request body Field Type Required Description domainId string Yes ID of the domain to create the alias under webhookUrl string Yes URL to receive webhook payloads (must be a valid URI) webhookName string Yes Display name for the webhook (1–100 characters) webhookDescription string No Optional description (max 500 characters) aliasType string Yes "catchall" or "specific" localPart string Conditional Required when aliasType is "specific" . The part before the @ (1–64 characters) syncWithDomain boolean No Sync catch-all webhook with domain default. Default: true firstOrCreate boolean No Smart create\u002Fupdate — reuse existing alias if found. Default: false updateWebhookData boolean No Update webhook name\u002FURL if alias already exists. Default: true generateSecret boolean No Generate webhook signing secret (Business plan required). Default: false webhookSecret string No Provide your own signing secret (Business plan required) Basic example Node.js const response = await fetch('https:\u002F\u002Fapp.emailconnect.eu\u002Fapi\u002Fwebhooks\u002Falias', { method: 'POST', headers: { 'X-API-KEY': 'YOUR_API_KEY', 'Content-Type': 'application\u002Fjson' }, body: JSON.stringify({ domainId: 'dom_abc123', webhookUrl: 'https:\u002F\u002Fyour-app.com\u002Fwebhook\u002Femails', webhookName: 'My email webhook', aliasType: 'specific', localPart: 'support' }) }); const result = await response.json(); \u002F\u002F result.alias.email → "support@yourdomain.com" \u002F\u002F result.webhook.id → "wh_xyz789" Python import requests response = requests.post( &#3",{"id":196,"title":197,"description":198,"content":264,"category":18,"path":195},"Webhooks are HTTP endpoints that receive processed email data from EmailConnect. This guide covers everything you need to know about setting up and managing webhooks. What are webhooks? When an email is received by EmailConnect, it's processed and sent as an HTTP POST request to your webhook URL. This allows your application to: Receive email data in real-time Process emails programmatically Integrate with existing systems Trigger automated workflows Webhook data format EmailConnect sends email data in JSON format: { "spam": { "score": -0.99, "isSpam": false, "action": "default" }, "message": { "date": "2026-02-12T10:30:00.000Z", "sender": { "name": "Alice Martin", "email": "alice@example.com" }, "content": { "text": "Hi team,\\n\\nPlease find the report attached.\\n\\nBest,\\nAlice", "html": "<p>Hi team,<\u002Fp><p>Please find the report attached.<\u002Fp><p>Best,<br>Alice<\u002Fp>", "markdown": "Hi team,\\n\\nPlease find the report attached.\\n\\nBest,\\nAlice", "links": [] }, "subject": "Monthly report attached", "recipient": { "name": null, "email": "reports@yourdomain.com" }, "attachments": [] }, "integrity": { "contentHash": "a3f2b8c1...", "rawEmailHash": "9f8e7d6c..." }, "classification": { "type": "normal", "confidence": "definite", "signals": ["single_recipient"] }, "security": { "virusScan": { "scanned": true, "threatsFound": 0 } } } Setting up webhooks 1. Create a webhook endpoint Your webhook endpoint should: Accept HTTP POST requests Return a 200 status code for successful processing Process requests ",{"id":208,"title":209,"description":210,"content":266,"category":18,"path":207},"Every email that arrives at your alias is transformed into structured JSON and delivered to your webhook endpoint. This reference covers every field you can expect, including the enrichment features available on each plan. Full payload example Below is a complete payload with all fields present. Your actual payload will vary depending on the email content and your plan. The payload has five top-level sections: spam , message , integrity , classification , and security . { "domainId": "cm1a2b3c4d5e6f7g8h9i0j1k2", "aliasId": "cm9z8y7x6w5v4u3t2s1r0q9p8", "spam": { "score": -0.99, "action": "default", "engine": "rspamd", "isSpam": false, "report": "default: False [-0.99 \u002F 0.00]; DMARC_POLICY_ALLOW(-0.50)[example.com,none]; R_DKIM_ALLOW(-0.20)[example.com:s=selector1]; R_SPF_ALLOW(-0.20)[+ip4:198.51.100.0\u002F24]; ...", "symbols": [ { "name": "DMARC_POLICY_ALLOW", "weight": -0.5, "description": "example.com,none" }, { "name": "R_DKIM_ALLOW", "weight": -0.2, "description": "example.com:s=selector1" }, { "name": "R_SPF_ALLOW", "weight": -0.2, "description": "+ip4:198.51.100.0\u002F24" } ], "threshold": 0, "authentication": { "spf": { "result": "pass" }, "dkim": { "result": "pass" }, "dmarc": { "result": "pass" } } }, "message": { "date": "2026-02-12T10:30:00.000Z", "sender": { "name": "Alice Martin", "email": "alice@example.com" }, "content": { "text": "Hi team,\\n\\nPlease find invoice #2026-0042 attached.\\n\\nBest,\\nAlice", "html": "<p>Hi team,<\u002Fp><p&gt",{"id":202,"title":203,"description":204,"content":268,"category":53,"path":201},"Webhook signing adds a cryptographic signature to each webhook request, allowing your server to verify that requests genuinely came from EmailConnect. This prevents attackers from sending forged webhook payloads to your endpoint. EmailConnect follows the Standard Webhooks convention, an open specification adopted by services like Svix, Resend, and others. You can use any Standard Webhooks-compatible library to verify signatures. Migrating from legacy headers? Before 1 June 2026, EmailConnect sends both Standard Webhooks headers and legacy X-Webhook-Signature \u002F X-Webhook-Timestamp headers. The two formats differ: legacy signatures use the secret as a raw string and produce a hex-encoded sha256=... value, while standard signatures use a base64-decoded whsec_ secret and produce a base64-encoded v1,... value. After 1 June 2026, only the standard headers are sent. Update your verification code to use the standard headers described below. How it works When webhook signing is enabled: EmailConnect generates a base64-encoded secret key for your webhook (prefixed with whsec_ ) For each request, EmailConnect constructs a signed content string from the message ID, timestamp, and body An HMAC-SHA256 signature is computed and included as an HTTP header Your server verifies the signature using the shared secret Signature headers EmailConnect sends the following headers with signed webhooks: Header Description webhook-id Unique message identifier (e.g., msg_2KWP... ) webhook-timestamp Unix timestamp (seconds) when the request was signed webhook-signature Signature in format v1,<base64-signature> (may contain multiple space-separated signatures during key rotation) The signing scheme The signed content is the concatenation of the message ID, timestamp, and JSON body, separated by dots: {webhook-id}.{webhook-timestamp}.{body} This content is signed with HMAC-SHA256 using the base64-decoded secret (strip the whsec_ prefix before decoding). The resulting signature is base64-enco",{"id":165,"title":166,"description":167,"content":270,"category":27,"path":164},"WebhookTest is seamlessly integrated into EmailConnect, making it incredibly easy to test your email-to-webhook flows without switching between services or setting up external endpoints. What is WebhookTest? WebhookTest (webhooktest.eu) is a free service that provides instant webhook endpoints for testing. When integrated with EmailConnect, it allows you to: See webhook payloads in real-time Test different response scenarios Debug your email processing logic Validate data before connecting to production systems Quick start Step 1: Create a test webhook In your EmailConnect dashboard, go to any alias Click "Add webhook" Click the "Use WebhookTest" button A unique test endpoint is automatically generated (e.g., https:\u002F\u002Fwebhooktest.eu\u002Fu\u002Fabc123 ) Step 2: Send a test email Send an email to your configured alias. Within seconds, you'll see: The complete JSON payload in WebhookTest Response status and headers Processing time and metadata Step 3: Iterate and refine Make adjustments to your webhook configuration and test again instantly. No deployment needed! Advanced testing scenarios Testing error handling Use custom headers to simulate different response codes: Header: X-Mock-Status Value: 500 This will make WebhookTest return a 500 error, allowing you to test your retry logic. Testing timeouts Header: X-Mock-Delay Value: 5000 Delays the response by 5 seconds to test timeout handling. Testing different content types Header: X-Mock-Content-Type Value: application\u002Fxml Tests how your system handles non-JSON responses. Real-world workflow Development phase Create alias with WebhookTest endpoint Send test emails with various formats Verify the JSON structure matches your expectations Test edge cases (large attachments, special characters, etc.) Integration phase Keep WebhookTest as a secondary webhook Add your production endpoint as primary Compare responses between test and production Remove WebhookTest when confident Debugging production issues Tempor",{"id":125,"title":126,"description":127,"content":272,"category":128,"path":124},"Need to make sure your alias only accepts emails from specific companies or domains? Or want to block a noisy sender? Alias rules let you create an allowlist (whitelist) or blocklist for any alias in just a few clicks. Note: Alias rules require a Maker plan or higher. Allowlisting: accept only trusted domains The most common use case is restricting an alias so it only processes emails from domains you trust. For example, if your invoices@yourcompany.com alias should only accept emails from your two suppliers: Step-by-step Open the alias you want to protect Go to the Rules tab Click Add rule Set rule type to Allow Set criteria to Sender domain Enter your trusted domains: @supplier-one.com , @supplier-two.com Save the rule That's it. Only emails from those domains will trigger your webhook. Everything else is silently rejected. How the allowlist works When you create one or more Allow rules: Emails matching any allow rule are accepted Emails matching no allow rule are rejected If you also have block rules, those are checked first This means you don't need to think about blocking — just define who's allowed and everything else is excluded automatically. Blocklisting: reject specific domains If you want to accept most emails but block a few noisy or unwanted senders: Open the alias Go to the Rules tab Click Add rule Set rule type to Block Set criteria to Sender domain Enter the domain(s) to block: @spam-company.com Save the rule Combining domain and email filters You can create multiple rules on the same alias. Common patterns: Allow a company but block one person: Rule 1 (Allow): Sender domain = @bigcorp.com Rule 2 (Block): Sender email = noreply@bigcorp.com Allow multiple partner domains: Rule 1 (Allow): Sender domain = @partner-a.com, @partner-b.com, @partner-c.com Block competitors from a shared inbox: Rule 1 (Block): Sender domain = @competitor1.com, @competitor2.com Notifying blocked senders By default, blocked emails are silently rejected. If you want",1781207680519]