Coming Soon

SpotMailGuard

Catch risky email forwarding before data walks out the door

Monitor email auto-forwarding rules across your entire Google Workspace. Stop silent data exfiltration.

Join Waitlist Learn More
Built for Google Workspace admins
Detects hidden forwarding rules
Real-time alerts

The Problem

Email forwarding rules are a hidden threat

Attackers and malicious insiders set up auto-forwarding to silently exfiltrate sensitive emails—often going undetected for months.

  • No native visibility into user-created forwarding rules
  • Attackers use forwarding to maintain persistence after password changes
  • Departing employees may forward mail to personal accounts
  • Manual audits of forwarding rules don't scale

What's at Stake

Silent data theft happening right now

  • Sensitive emails forwarded to external accounts without your knowledge
  • Attackers maintain access even after password resets
  • Compliance violations when regulated data leaves your org
  • No way to know which users have forwarding enabled

The Solution

Continuous monitoring for forwarding rules

SpotMailGuard scans your Google Workspace for all email forwarding rules, alerts you to risky configurations, and helps you remediate quickly.

SpotMailGuard handles this automatically.

Why IT teams need SpotMailGuard

Email forwarding is one of the most overlooked attack vectors. Take control.

Detect external forwarding instantly

Find all forwarding rules that send email outside your organization—including rules set up by attackers.

Real-time alerting

Get notified immediately when a new forwarding rule is created. Stop data exfiltration before it starts.

Audit all mailboxes at once

See every forwarding rule across your entire org in a single dashboard. No more manual mailbox checks.

Compliance-ready reports

Generate reports showing forwarding rule history for compliance audits and incident investigations.

One-click remediation

Disable risky forwarding rules directly from SpotMailGuard. No need to access each mailbox.

BEC attack detection

Identify forwarding rules commonly used in Business Email Compromise attacks.

How It Works

Protect your email in 4 steps

From zero visibility to full control in minutes.

01

Connect

Link your Google Workspace with OAuth. Read-only access to forwarding rule settings.

02

Discover

SpotMailGuard finds all forwarding rules across every mailbox in your org.

03

Alert

Get notified about external forwarding, new rules, and suspicious patterns.

04

Remediate

Disable risky rules instantly. Generate reports for compliance.

Product Preview

Simple interface, powerful results

Clean, focused tools that get the job done without complexity.

app.spotapps.cloud/spotmailguard

1,247

Mailboxes

23

Forwarding Rules

5

External Forwards

Alert: Suspicious Forwarding Detected

[email protected][email protected] (All mail)

Use Cases

Real-world IT security use cases

Detect BEC attack persistence

Attackers often set up forwarding rules after compromising accounts. Find and remove their backdoors.

Employee offboarding

Check for forwarding rules before deactivating accounts. Ensure no mail is being sent externally.

Compliance monitoring

Prove to auditors that you monitor and control email forwarding as part of data loss prevention.

Insider threat detection

Identify employees forwarding sensitive emails to personal accounts before they leave.

Incident response

Quickly audit forwarding rules during security incidents. See rule creation history.

Trusted by IT teams at leading organizations

TechCorp
GlobalBank
SecureHealth
DataFirst
CloudOps
CyberShield

1,200+

IT Teams

10M+

Files Scanned

99.9%

Uptime

<2hr

Support Response

"We found over 200 files that were publicly accessible. This tool paid for itself in the first hour."

S

Sarah Chen

IT Director, TechCorp

"Finally, a security tool that doesn't require a PhD to use. Our team was productive in minutes."

M

Michael Rodriguez

Security Engineer, GlobalBank

Privacy-First Principles

  • We never access or store your file contents
  • SOC 2 Type II certified infrastructure
  • Minimal permissions—only metadata access required
  • Data processed in your region (US, EU available)

Pricing

Pricing coming at launch

Each SpotApps product has independent pricing. No forced bundles.

Pricing Will Be Announced at Launch

Join the waitlist to get notified when SpotMailGuard launches—including exclusive early-bird pricing.

What to expect:

  • • Free tier for small teams
  • • Pay only for what you use
  • • No forced bundles with other products
View full SpotMailGuard pricing details →

FAQ

Frequently Asked Questions

Everything you need to know about SpotMailGuard

What email forwarding rules does SpotMailGuard detect?

SpotMailGuard detects user-created forwarding rules (both server-side and Outlook/Gmail rules), admin-configured forwarding, and delegation settings that allow others to access mailboxes.

Does this work with Microsoft 365 / Exchange?

Currently, SpotMailGuard supports Google Workspace. Microsoft 365 support is on our roadmap for Q2 2025. Join the waitlist to get notified when it launches.

How quickly are new forwarding rules detected?

SpotMailGuard runs continuous scans and typically detects new forwarding rules within 15 minutes of creation. You can also trigger on-demand scans.

Can I automatically block external forwarding?

Yes. You can set policies to automatically disable external forwarding rules when detected, or get alerts for manual review.

What data do you store?

We store forwarding rule configurations, timestamps, and associated user info for auditing. We never access email content.

Does SpotMailGuard require full admin access?

SpotMailGuard requires admin read access to mailbox settings. We use the minimum scopes necessary and never access email content.

Still have questions?

Contact Support

Get early access to SpotMailGuard

Join the waitlist and be the first to protect your organization's email.

Be the first to know when SpotMailGuard launches. No spam, ever.