← InboxPilot

Security

InboxPilot uses server-side sessions, encrypted mailbox credential storage, and an audit log for important account, mailbox, scan, rule, and cleanup events.

The safe default is read-only scanning. Mark-read cleanup requires an approved rule and an explicit execute action.

Secrets are stored in production environment variables and Docker volume data is not committed to Git.