Trustifi Inbound Shield

Editor's Score

By Craig MacAlpine
Updated Apr 24, 2024

Trustifi Logo

Expert Insights Verdict


Trustifi’s Inbound Shield is a strong solution for both SMBs and larger enterprises looking to displace their legacy email gateway solutions. The platform offers effective protection against spam and graymail, but also accurately detects and removes more sophisticated attacks, such as phishing and account takeover. Inbound Shield is easy to deploy—particularly within cloud-based email clients—and offers easy-to-manage protection against more targeted threats via its intuitive admin console.

  • Granular threat remediation policies
  • Intuitive, navigable management console
  • Compatible with Microsoft 365, Google Workspace and Exchange 2013+

  • Only supports English, Spanish, and Portuguese
  • Potential for notification fatigue when configured to send quarantine reports immediately upon removing a threat


Trustifi is an email security provider offering a variety of solutions that enable organizations to secure their inbound and outbound email communications against advanced threats such as spear-phishing, account impersonation, and account takeover. Trustifi Inbound Shield is their cloud email security solution that offers protection against malicious emails sent from external senders.

Inbound Shield offers spam filtering, sandboxing and virus scanning, as well as AI-powered threat detection and post-delivery remediation, helping to block both known and zero-day email-borne threats. The platform is compatible with local email clients, Microsoft 365, Exchange (versions 2013+), and Google Workspace.

Trustifi Explainer Video

Key Features

Spam Filtering

Inbound Shield carries out DMARC analysis on all inbound emails, combining DKIM and SPF authentication mechanisms to filter emails based on the sender’s domain reputation, helping to identify and block brand spoofing and impersonation attempts. Emails that fail DMARC checks are quarantined or blocked as per admin-configured policies.

Sandboxing And Virus Scanning

Once the domain reputation has been verified, Inbound Shield scans all links and attachments for known viruses and malware. This scanning takes place in a secure sandbox environment, so that any threats are detonated in isolation of the customer’s email network.

AI-Powered Threat Detection

The platform’s AI-powered threat detection engine analyzes all email content for anomalous activity and indicators of malicious intent, such as requests for the recipient to share confidential data such as financial information or credentials. This enables Trustifi to prevent the delivery of sophisticated phishing attacks.

All emails are classified according to their threat types, with classifications ranging from “Authenticated” (i.e., “safe to open”) through to warnings such as “Impersonation Attack” or “Spoofing Attack.” Admins can define policies to block or quarantine emails automatically according to their classification.

Threat Quarantine

Via the platform’s central management system, admins can review quarantined emails, including email content and headers and Trustifi’s reason for quarantining them. Admins can then either release emails, mark them as “Handled” and classify them, whitelist or blacklist them, or request that the sender verify their identity before the email can be delivered.

Quarantined emails are held for 60 days before being deleted.

Whitelisting and blacklisting policies are highly granular; they can be based on the sender’s email address, IP address, or domain, or on content found within the email. This prevents repeat attacks from known threat actors, as well as preventing the accidental quarantine of legitimate senders, and means that, if a threat actor sends an email from a legitimate domain, the platform won’t automatically block all future emails from that domain.

Admins can configure Inbound Shield to notify themselves and users as soon as an email is quarantined. It’s important to note that this type of setup can be problematic if an organization has a high volume of emails coming in, as it can lead to notification fatigue.

Post-Delivery Remediation

Inbound Shield adds a warning banner to the content of any delivered emails that have been classified as potentially malicious. These banners warn users against replying to the email, clicking on links, and opening attachments.

The platform’s Threat Response system scans emails that have already been delivered for malicious content, blocking threats that may come from an internal sender whose account has been compromised. This feature is also particularly useful to run when a customer first joins Trustifi, as it can help detect malicious emails that were delivered before the platform was implemented. Threat Response scans are straightforward to run via a simple wizard, and admins ca choose whether discovered threats are archived, permanently deleted, or quarantined so that only admins can view them.


As well as reporting on quarantined emails, Inbound Shiels offers an email logging system within the management console, which monitors and logs all actions performed by admins. This is useful for auditing and accountability.

Trustifi Dashboard

Trustifi Dashboard

Ease Of Use

Inbound Shield is easy to deploy, offering direct API integrations (no infrastructure changes or MX record redirects needed) with cloud-based email platforms such as Microsoft 365 and Google Workspace. It takes approximately one hour to set up Inbound Shield for less than 1,000 users via API; for 1,001+ users, the platform must be set up via mailflow. Our technical team deployed the solution in around an hour, even when not using Trustifi’s setup wizard.

Onboarding users takes only a few minutes, thanks to integrations with user directory services such as Azure Active Directory.

The platform comes with pre-configured protection settings in place so that it instantly provides threat protection upon deployment. Admins can then sign in to define more granular threat detection policies. Defining custom policies is very straightforward via the “Inbound Email Rules” tab. If needed, admins can import longer lists of keywords from a CSV file, instead of having to manually type them in.

Trustifi provides technical support with the deployment and integration process and offers ongoing phone and email support. Trustifi also has an FAQ forum, which includes detailed guides on how to properly configure and manage the platform. For MSPs, Trustifi offers marketing materials and case studies.

Overall, the Inbound Shield management console is highly intuitive and straightforward to navigate. Admins can easily define policies on how the platform should handle malicious emails, and apply policies globally to all users, or to specific user groups.

Configuring Inbound Email Rules In Trustifi

Configuring Inbound Email Rules In Trustifi

Pricing And Plans

Pricing for Trustifi Inbound Shield is available upon direct request via Trustifi.

Best Suited For

Thanks to its intuitive, navigable interface, Inbound Shield requires little technical knowledge to manage, making it suitable for SMBs as well as larger enterprises looking to displace their legacy email gateway solutions.

But prospective buyers shouldn’t mistake “user-friendly” with “basic”—Inbound Shield’s granular policy configurations, comprehensive activity logs, and seamless integration with Trustifi’s Outbound Shield encryption solution make it particularly well suited to organizations that must prove compliance with strict data protection regulations, such as those operating in the healthcare, legal, and financial services sectors.

Viewing Quarantined Emails In Trustifi

Viewing Quarantined Emails In Trustifi

Final Verdict

Trustifi’s Inbound Shield is a robust email security solution that offers effective identification, classification, and remediation of email-borne threats.

Unlike traditional SEGs, Trustifi is easy to deploy—particularly within cloud-based email clients such as Microsoft 365 and Google Workspace—and offers protection against more targeted threats such as spear phishing and impersonation attack, which often slip through the spam filtering and connection checks offered by legacy solutions.

For larger organizations with a high email volume, we recommend configuring quarantine reports to be delivered on a regular schedule, rather than sending a report as soon as an email is quarantined, to help mitigate notification fatigue.

We recommend that any organization looking for user-friendly yet robust protection to displace their legacy email gateway solution consider shortlisting Trustifi.

CEO and Founder, Expert Insights

Craig MacAlpine is CEO and founder of Expert Insights. Before founding Expert Insights in August 2018, Craig spent 10 years as CEO of EPA cloud, an email security provider acquired by Ziff Davies, formerly J2Global (NASQAQ: ZD) in 2013, which has now been rebranded as VIPRE Email Security. Craig has extensive experience in the email security industry, with 20+ years of experience helping organizations to stay secure with innovative information security and cyber security solutions. Craig delivers these insights to readers with detailed product reviews, comparisons and buyers’ guides.

Company Information
Category Icon

Email Security

Website Icon

Founded Icon


Headquartered Icon

Las Vegas, NV

Deployment Icon


Suitable Icon

SMB, enterprise

Trustifi Inbound Shield Awards
Product Award Product Award Product Award Product Award Product Award Product Award Product Award Product Award
Trustifi Inbound Shield Interviews
Rom Hendler
CEO And Co-Founder, Trustifi
Read Here