A new approach to cybersecurity
For Business → ProtectionGrid For Large Corporates → ProtectionGrid For Law Enforcement → Intelligence For Governments → Intelligence
Home / ProtectionGrid / MailShield
MailShield · Part of ProtectionGrid

Every email checked.
Before it arrives.

MailShield sits in front of your email infrastructure and protects every inbound and outbound message — AI-powered, in real time, hosted in Europe.

See pricing See how it works →
91%
of all cyber attacks start via email

Phishing emails are getting better — AI-generated text is barely distinguishable from real messages.

Malware attachments bypass simple virus scanners, because they're obfuscated or detonate after a delay.

Data leakage via email — employees accidentally send sensitive data and nobody notices.

One click on the wrong attachment — and your business stands still.

Email attacks are getting smarter

AI now writes the
phishing emails.
Who protects your inbox?

Your employees don't make mistakes — they make decisions in seconds. That's exactly what attackers exploit.

These emails aren't theory — they land in inboxes of European businesses every day. MailShield detects and blocks them before your employees ever have to make that decision.

Inbox · Microsoft 365 ✕ Blocked by MailShield
From: ceo@company-finance.com
Urgent: Wire transfer for acquisition deal

Hi Sarah, can you process this transfer today? It's time-sensitive and confidential — please don't loop in others until it's done. The vendor invoice is attached...

Display name spoofing Detected
CEO impersonation pattern Detected
Urgency + secrecy markers Detected
Look-alike domain Detected
MailShield features

Microsoft filters spam.
We filter attacks.

MailShield is an intelligent relay that sits in front of your mail server — like a doorman who checks every message before it gets through.

AI-powered spam detection

Detects spam more reliably than rule-based filters — even new patterns that don't appear on any blocklist yet.

Anti-phishing

Detects spoofed senders, manipulated links and social engineering patterns — including AI-generated phishing emails.

Anti-virus scanning

Scans attachments in real time for viruses, trojans and ransomware. Quarantines suspicious files before they reach the inbox.

TLS encryption

Enforces encrypted connections for IMAP, POP3 and SMTP. No email leaves or reaches your server unencrypted.

Data Loss Prevention

Detects sensitive data in outbound mails — credit card numbers, IBAN, ID document data — and stops them before they go out.

Real-time dashboard

See in real time what's being blocked: spam volume, phishing attempts, virus hits, DLP events. Everything in the identiqa portal.

How it works

Four steps. Five minutes.

1
Update MX record

Route your mail traffic through MailShield. One DNS entry, 5 minutes effort.

2
AI analyzes

Every inbound and outbound email is checked in real time for spam, phishing, viruses and sensitive data.

3
Threats blocked

Malicious mails are quarantined. DLP holds back sensitive data. You're notified.

4
Clean delivery

Only checked, safe emails reach your inboxes — or are forwarded to Microsoft 365, Google Workspace, etc.

Integrations

MailShield. Where you work.

identiqa for Google Workspace

Direct integration into Google Workspace. Aura analyzes every email before it reaches your inbox. Native admin controls, identical user experience.

Learn more →
identiqa for Microsoft 365

Seamless integration into Microsoft 365. The same AI-powered protection — directly in Outlook, across desktop, web and mobile clients.

Learn more →
Pricing

What does a phishing attack cost?
More than €79 a month.

The right protection for your team — no matter how big.

Core
€79/mo
€3.16 per mailbox
Up to 25 mailboxes. Solid email protection for small teams.
Get started
  • AI-powered spam detection
  • Anti-phishing
  • Anti-virus (attachments)
  • TLS encryption (IMAP/POP3/SMTP)
  • Managed filter rules
  • Monthly security report
Most popular
Pro
€149/mo
€1.49 per mailbox
Up to 100 mailboxes. For mid-market businesses with elevated needs.
Get started
  • Everything in Core, plus:
  • Data Loss Prevention (DLP)
  • Custom filter rules
  • Quarantine management
  • Aura Advanced AI detection
  • Weekly report + dashboard
Premium
€249/mo
€0.50 per mailbox
Up to 500 mailboxes. Enterprise-grade for regulated industries.
Get started
  • Everything in Pro, plus:
  • Unlimited mailboxes (on request)
  • SIEM integration
  • Real-time logs
  • HybridMail integration
  • SLA with response time
  • Dedicated onboarding support
FAQ

Good to know. Before you start.

Doesn't Microsoft 365 / Google Workspace already protect my email?
Both Microsoft and Google offer basic spam and malware filtering. They're effective against generic, high-volume spam — but they were never built to catch targeted phishing, AI-generated attacks, business email compromise (BEC) or data exfiltration. MailShield acts as a specialized layer in front of (or alongside) your existing email service, using AI specifically trained on attack patterns. Most of our customers run MailShield together with Microsoft 365 or Google Workspace.
How does MailShield detect AI-generated phishing emails?
AI-generated phishing emails are linguistically perfect — but they still leave fingerprints. MailShield's Aura model analyzes sender behavior, domain reputation, link structure, attachment behavior, and message context (urgency markers, impersonation patterns, look-alike domains). The model is continuously retrained on new attack data, so it keeps pace as attackers evolve their tooling.
How quickly is MailShield operational?
Usually within a few minutes. You change your MX record at your DNS provider — from that moment on, all your inbound mail traffic flows through MailShield before reaching your servers or cloud mailboxes. No software to install on devices, no agent on your mail server, no maintenance window. Outbound protection requires a slightly different configuration; our onboarding team will guide you.
What happens to a quarantined email?
Suspicious emails are held in quarantine and never reach the user's inbox. Administrators can review quarantined messages in the identiqa portal, release legitimate mail (false positives), or permanently delete confirmed threats. End users optionally receive a daily digest of their own quarantined emails, where they can self-release low-risk items. All actions are logged for audit purposes.
Where is my email data processed?
identiqa operates regional clusters in Europe, the US and additional regions. Each region runs independently, governed by its local entity. Email content of EU customers stays within the European legal space — never touches US infrastructure, never crosses to providers like Cloudflare, Proofpoint or Mimecast that route through US data centres. MailShield is fully GDPR-compliant and aligned with NIS2 requirements.
Can MailShield work alongside our existing email security stack?
Yes. MailShield can run as the primary email filter or in layered architectures alongside existing tools (e.g., Microsoft Defender for Office 365, Proofpoint, Mimecast). Many of our customers initially run MailShield in parallel-monitoring mode to compare detection rates before fully cutting over. Logs and detections can be forwarded to your SIEM for unified incident response.
What about NIS2 and email-related compliance evidence?
NIS2 specifically calls out email security as part of basic cyber hygiene, with managing directors personally liable for inadequate measures. MailShield's audit logs, blocked-attack reports and DLP event histories are structured to serve directly as evidence in NIS2, ISO 27001, DORA and SOC 2 audits. Reports are exportable on demand or scheduled monthly to your compliance team.
CyberHub portal

Full control.
Zero complexity.

Configure, monitor, adjust — all identiqa products are managed centrally through a single dashboard. See every blocked phishing attempt, every quarantined attachment, every DLP event — in real time, from anywhere, without involving IT.

12,847
Mails scanned today
847
Threats blocked
6
DLP events
CEO impersonation attempt Phishing
Bulk newsletter campaign Spam
IBAN in outbound message DLP
Modular protection

Cybersecurity isn't a single product. It's a system.

Combine the modules that fit your IT landscape. The more you protect, the cheaper each component becomes.

HybridMail
Distribute mailboxes flexibly between cloud and your own infrastructure — without compromise.
From €59/mo
SecureDomain
AI-powered protection for your domains and DNS records — including email signing.
From €7/mo
WebShield
The firewall for your websites and online shops.
From €79/mo
AppShield
Makes your internal applications invisible on the internet — access only for authorized users.
From €49/mo
WebAuth
Secures your employees' logins against the most common attack vector.
From €9/mo
All modules
See the complete ProtectionGrid: six modules, one platform, one login.
View all →
Free consultation

Book a consultation.

Leave your details and you'll be able to book a consultation slot directly afterwards. We typically respond within 2 hours — no sales pitch, just a real conversation about your email infrastructure and protection needs.

500+
customers worldwide
< 2h
response time

Get in touch

By submitting this form, you agree to our privacy policy. We'll get back to you within 2 hours during business hours.

500+
customers
CISO as a Service
Cybersecurity is a CEO topic. But not your full-time job.
Your dedicated CISO takes over: strategy, implementation, ongoing oversight. You focus on your business — we secure it.
Request CISO → See services