What it is

A gateway, a brain, and a console.

MxGuard is a cloud-delivered email security gateway. Point your MX record at it and every inbound message is scored, sorted, and forwarded on to your real mail server — with a single web console to manage everything.

Gateway

Your MX record points at us. Inbound mail flows through a hardened SMTP pipeline before it ever touches your backend. No firewall changes, no agents to install.

Hybrid AI brain

A machine-learning classifier decides the easy 95% in milliseconds. Borderline messages are handed to Claude (Anthropic's LLM), which reads them the way a person would before a verdict is reached.

Console

A web app for every customer — live feed, quarantine, allow/block rules, score breakdowns, daily digest, audit log, domain management. No support tickets needed.

Want the technical pipeline detail? See how it works →

The problem

Old filters guess. Modern attackers know the rules.

Rule-based and Bayesian filters were designed for an era of obvious spam. They struggle with the messages that matter most — the ones written carefully, sent from clean infrastructure, addressed to a specific person, asking for one thing.

× FAIL

Targeted BEC

CEO impersonation, invoice redirection, gift-card fraud. Clean SPF/DKIM. No malicious payload. Rule filters see nothing wrong.

× FAIL

Lookalike domains

accountss-secure.io, compaany-co.net. Bayesian filters treat them as just another word.

× FAIL

AI-written phishing

Grammar, tone, formatting indistinguishable from real correspondence. Pre-2023 heuristics were never trained for this.

× FAIL

Drowning in false positives

Legitimate bulk mail, mailing lists, transactional notifications — flagged because they match a rule from 2014.

What's included

No hardware. No installs. No capital cost.

MxGuard runs in our UK-based cloud. Customers point their MX records at our infrastructure and start receiving filtered mail within minutes. There's nothing to deploy on your premises, no agents to install, no firewall rules to add.

Subscription pricing means no up-front capital investment and no surprise upgrade costs. Scale up or down month-to-month as your business changes.

On every plan

  • ML-based threat scoring
  • Claude LLM evaluation on uncertain mail
  • Real-time live feed dashboard
  • Daily digest emails with one-click actions
  • Allow / block rules with hit tracking
  • URIBL + Spamhaus + URLhaus threat feeds
  • ClamAV attachment scanning
  • ARC sealing for forwarded mail
  • Self-service domain management
  • 30-day quarantine retention

Full feature list on the features page.

Threat coverage

What MxGuard stops.

Six classes of threat, covered by the layered pipeline and the hybrid AI brain working together.

Phishing

Credential-harvest pages, fake login flows, OAuth-consent traps. URL reputation plus Claude's analysis of the message asking for the click.

BEC & impersonation

CEO fraud, invoice redirection, gift-card scams, supplier impersonation. Payload-free attacks — where the LLM layer is strongest.

Malware & ransomware

ClamAV scans every attachment, including archives. Macro-bearing Office docs and HTML smuggling are scored heavily.

Bulk spam & UCE

Classic spam, snowshoe campaigns, hailstorm runs. DNSBLs catch the easy 80%; the ML model handles the rest with near-zero false positives on legitimate bulk.

Lookalike domains

Homoglyph attacks, doubled letters, ccTLD swaps. Detected at envelope, From header, and reply-to. Cross-checked against your sender history.

Backscatter & spoofing

SPF / DKIM / DMARC enforcement plus ARC sealing through forwarding. Fake bounces and forged From addresses are rejected at SMTP time.

Who it's for

Built for the people who run the mail.

Small & mid-sized businesses

Enterprise-grade detection at SMB pricing. Self-service onboarding, no procurement process. Most customers are live within a working day.

ISPs & hosting providers

Multi-domain customer accounts, per-customer dashboards, ARC sealing for forwarding, Prometheus metrics. Designed to be wholesale-friendly.

MSPs & IT consultancies

Manage email security for multiple clients from one console. Per-client billing, audit logs, and a forum for tracking what's shipping next.

eFa users facing July 2026

eFa reaches end-of-life this July. MxGuard is a direct replacement — same MX-fronting role, modern detection, dedicated migration path. See the migration plan ↓

Positioning

What MxGuard replaces.

For decades, mail security has meant stacking together open-source rule engines and Bayesian filters — or paying enterprise-suite prices. MxGuard replaces both.

Legacy stacks

eFa · SpamAssassin · Rspamd · MailScanner

Hand-tuned rule trees that are slow to adapt to modern spam, produce frequent false positives on legitimate bulk mail, and require expert administration to maintain.

eFa end-of-life: July 2026

Enterprise suites

Proofpoint · Mimecast · Barracuda · Microsoft Defender

Powerful, but priced in the thousands per year per organisation, bundled with features you won't use, and locked into multi-year contracts. MxGuard delivers the same hybrid-AI architecture at a fraction of the cost, with month-to-month billing.

For a feature-by-feature comparison see the features page.

Migration

Coming from eFa or SpamAssassin?

MxGuard runs in front of the same backend mail server you already have. The only thing that changes is which IP your MX record points at.

eFa end-of-life: July 2026

  1. 1Add your domain in the console. One TXT record to verify ownership.
  2. 2Tell MxGuard where to forward to. Host:port of your real mail server. No firewall changes.
  3. 3Test in parallel. Add MxGuard as a secondary MX while eFa stays primary.
  4. 4Cut over. Lower the eFa MX priority, then drop it once you’re confident.
  5. Done. Most cutovers complete inside two days including a parallel observation period.

See it in action.

Start a free 30-day trial — no credit card, no commitment.