How we process your email
From SMTP to webhook POST — every stage of the pipeline, explained.
SMTP reception
When someone sends an email to your alias, it hits our SMTP servers first. These run on EU infrastructure — Scaleway in France and Hetzner in Germany. No data leaves the European Union at any point.
We accept the email over TLS, validate the connection, and pass it into the processing pipeline. If you're using a custom domain, your MX records point here. If you're using a managed alias, it's already configured.
Spam filtering
Every email receives a spam score between 0 and 1. Known spam sources are blocked outright. Everything else passes through with its score included in the payload — you decide the threshold.
This is deliberate: we don't silently drop emails that might be legitimate. A score of 0.8 might be spam, or it might be a forwarded newsletter with unusual headers. Your logic, your call.
Authentication verification
We verify three independent authentication layers and include the results in every payload. This lets you make trust decisions based on hard evidence, not guesswork.
DomainKeys Identified Mail. A cryptographic signature proving the email body and headers weren't altered in transit. A "pass" means the content is exactly what the sender's server signed.
Sender Policy Framework. Checks whether the sending server's IP is authorised to send for that domain. Prevents someone from spoofing the From address with an unauthorised server.
Domain-based Message Authentication. The domain owner's published policy on what to do when DKIM or SPF fail. Tells you whether the sender considers failed auth a problem.
Parsing & extraction
The raw email is parsed into structured JSON. We extract the body in three formats (plain text, HTML, and Markdown), pull out all hyperlinks, and process attachments.
Attachments under the size threshold are embedded inline as base64. Larger files are uploaded to EU-hosted S3 storage (Scaleway, France) and replaced with direct download URLs.
We don't interpret, classify, or transform your data. We parse the raw email into a structured format — what you do with it is entirely up to you. See the full payload reference in the webhook payload documentation.
Webhook delivery
The structured JSON payload is sent as an HTTP POST to the webhook URL configured on your alias. Every request is signed with your secret key using HMAC-SHA256.
The X-Emailconnect-Signature header contains a SHA256 HMAC of the request body, signed with your webhook secret. Verify this before processing.
If your endpoint returns a non-2xx status, we retry with exponential backoff. Failed deliveries are logged and visible in your dashboard.
Deployment options
Two ways to get email into the pipeline. Start with a managed alias for instant setup, or bring your own domain for a professional configuration.
Get started quickly
Choose the deployment model that fits your needs. Start simple or go professional from day one.
Managed aliases
Instant setupGet started immediately with our hosted aliases. No DNS setup required — perfect for testing and small projects.
abc4x+custom@user.emailconnect.euCustom domain
Professional solutionUse your own domain for professional email handling. Or use a subdomain to keep your main domain for regular mailboxes.
custom@(sub.)yourdomain.comNot sure which to choose? Start with managed aliases and upgrade anytime.
Per-alias routing
Each alias on your domain is an independent workflow. One domain, unlimited routing logic.
// Same domain, different endpoints
support@yourcompany.com → https://api.yourapp.com/tickets
invoices@yourcompany.com → https://api.yourapp.com/accounting
leads@yourcompany.com → https://api.yourapp.com/crm
*@yourcompany.com → https://api.yourapp.com/catch-all Use a catch-all alias to capture everything that doesn't match a specific alias. The recipient field in the payload tells you which address was used.
See it in action
Send an email and watch the entire pipeline process it in real time.