Mail P.I. Launch Update: What We Built, What We Learned, and What's Next
We launched Mail P.I. a few weeks ago, and the response has genuinely surprised us — in the best way. Real people using it on real suspicious emails, catching things that could have been costly, and taking the time to tell us what worked and what didn't.
This post is a thank you, a changelog, and a look at where we're headed. We promised to be transparent, so here's the first installment of that.
Thank You to Our First Users
Early users of any tool are doing something that takes a bit of trust — forwarding a suspicious email to a service they just discovered, built by someone they've never met. We don't take that lightly.
The feedback we've received has been direct, specific, and genuinely useful. People told us when a report missed something. They described edge cases we hadn't anticipated. They used the feedback form at the bottom of every report — and we actually read every single submission.
That feedback loop is exactly how Mail P.I. gets better. If you've sent us a report or a note, it has shaped what you're reading below.
What Changed Since Launch
Here are the two biggest improvements we've shipped based on what we heard:
Improved contact form fraud detection
One pattern that came up repeatedly in early reports: scammers using website contact forms as an attack vector. Someone fills out your contact form pretending to be a legitimate business inquiry — then the follow-up email is the actual phishing attempt, often with a malicious link or a fake invoice attached.
Mail P.I. now applies deeper analysis to emails that originate from contact form submissions. The content, context, and intent of these messages is evaluated more carefully, because the abuse pattern is distinct from a cold phishing email and needs to be treated differently.
Stronger domain age signals
Domain age has always been part of our analysis, but we've expanded how much weight it carries and how clearly it's surfaced in reports. A domain registered in the last 90 days that's impersonating a well-known brand is one of the clearest red flags in phishing — and we want that signal to be impossible to miss in the report you get back.
Scammers register cheap lookalike domains specifically because most people never think to check. We do. And now we explain it more clearly when it's a factor.
The Feedback Form Is Real
At the bottom of every Mail P.I. report, there's a feedback option. If something in the report seems wrong — if we scored something too high or too low, or missed a signal you noticed — you can describe it right there.
This isn't a support ticket that disappears into a queue. We read these. They've directly influenced both of the improvements above. If you've had a report that felt off, please use it.
Our Commitment Going Forward
A few things we want to be clear about as we grow:
- Transparency over marketing. We'll keep writing posts like this one — real updates about what changed and why, not just announcements.
- Your email content is never stored. That hasn't changed and won't. Every report is generated statelessly. When the analysis is done, the content is gone.
- Feedback shapes the product. The two improvements above came directly from users. That's the pattern we want to maintain.
We're a small team building something we believe is genuinely useful. The early group of users who took a chance on Mail P.I. before there was much social proof — that matters more than we can easily express.
Keep forwarding the sketchy ones. We'll keep investigating.