A comprehensive web application that analyzes email content using multiple AI and ML models to detect phishing, spam, and other security threats. The system provides real-time analysis with detailed results and maintains a secure, scalable architecture.
- Multi-Model AI Analysis: Uses multiple AI/ML models including DistilBERT, phishing-detection-py, and rule-based analyzers
- JWT Authentication: Secure token-based authentication with HTTP-only cookies
- Real-time Analysis: Instant email content analysis with detailed confidence scores
- History Tracking: Maintains analysis history for each authenticated user
- Modern React Frontend: Clean, responsive UI with TypeScript and Vite
- APISIX API Gateway: Production-ready gateway with rate limiting and load balancing
- Docker Deployment: Containerized architecture for easy deployment and scaling
- Comprehensive Security: Multiple layers of security including input validation, rate limiting, and container isolation
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β React Frontend β β APISIX Gateway β β FastAPI Backendβ
β (Vercel) β β (Port 9080) β β (Port 8000) β
β β β β β β
β - AuthenticationβββββΊβ - Rate LimitingβββββΊβ - JWT Auth β
β - Email Scanner β β - Load Balance β β - Input Verify β
β - Dashboard β β - SSL/TLS β β - AI Analysis β
β - History View β β - CORS β β - Model Loadingβ
βββββββββββββββββββ βββββββββββββββββββ βββββββββββββββββββ
β
βββββββββββββββββββ
β AI Models β
β β
β - HuggingFace β
β - DistilBERT β
β - Rule-based β
β - phishing-py β
βββββββββββββββββββ
π Live Demo: https://email-guard-cyan.vercel.app/
- Authentication: User enters purchased token on auth page
- Token Validation: APISIX gateway validates token and creates secure JWT
- Model Status Check: Frontend verifies AI models are loaded and ready
- Email Analysis: User submits email content for multi-model analysis
- AI Processing: Backend processes email through multiple AI models in parallel
- Results Display: Dashboard shows detailed analysis results with confidence scores
- History Tracking: Analysis results are saved for future reference
- FastAPI: Modern Python web framework with automatic API documentation
- JWT: JSON Web Tokens for secure authentication
- Transformers: Hugging Face ML models for advanced text analysis
- Pydantic: Data validation and serialization
- Uvicorn: High-performance ASGI server
- phishing-detection-py: Specialized phishing detection library
- React 19: Latest React with TypeScript for type safety
- Vite: Fast build tool and development server
- Axios: HTTP client with timeout and error handling
- Tailwind CSS: Utility-first CSS framework for modern styling
- TypeScript: Static type checking for better code quality
- APISIX: API Gateway for routing, rate limiting, and load balancing
- Docker: Containerization for consistent deployment
- etcd: Configuration storage for APISIX
- Vercel: Frontend deployment platform
- Render: Backend deployment platform (optional)
- cybersectony/phishing-email-detection-distilbert_v2.1: Advanced phishing detection
- aamoshdahal/email-phishing-distilbert-finetuned: Email-specific DistilBERT model
- phishing-detection-py: PyPI package for URL analysis
- Rule-based Analysis: Pattern matching and heuristic analysis
# Required
JWT_SECRET_KEY=your-super-secure-jwt-secret-key-here
# Optional
CORS_ORIGINS=http://localhost:5173,https://yourdomain.com
ACCESS_TOKEN_EXPIRE_MINUTES=60# Required for production
VITE_API_URL=http://localhost:9080
# Optional
VITE_APP_TITLE=Email Guard# Optional (has secure defaults)
ADMIN_KEY=edd1c9f034335f136f87ad84b625c8f1- Docker & Docker Compose: For containerized deployment
- Node.js 18+: For frontend development
- Python 3.11+: For backend development
- Git: For cloning and model management
# Clone the repository
git clone https://github.com/yourusername/email-guard.git
cd email-guard
# Start with convenience script
chmod +x run-docker.sh
./run-docker.sh setup
# Or manually
cd docker
docker-compose up -d --build
./setup-apisix.sh
cd ..Access Points:
- Frontend (Production): https://email-guard-cyan.vercel.app/
- API Gateway: http://localhost:9080
- APISIX Admin: http://localhost:9180
- Backend Direct: http://localhost:8000
cd backend
pip install -r requirements.txt
export JWT_SECRET_KEY="your-secret-key"
python app.pycd frontend
npm install
npm run devFor simpler deployment needs, check out our lightweight version with fewer dependencies: Email Guard Lightweight
Features of the lightweight version:
- Simplified Architecture: Single backend service
- Replit Compatible: Can be deployed on Replit
- Minimal Dependencies: Reduced resource requirements
- Essential Features: Core email analysis functionality
- Faster Deployment: Quick setup for testing and development
POST /auth/token- Authenticate with purchased tokenPOST /auth/logout- Logout and clear authentication cookie
POST /scan/email- Analyze email content with multiple modelsGET /models/status- Check AI model loading status
GET /history- Get analysis history for authenticated userGET /health- System health check
Authentication:
POST /auth/token
{
"token": "sample_token_1"
}
Response:
{
"message": "Authentication successful",
"user": {
"sub": "user1",
"role": "user"
}
}Email Analysis:
POST /scan/email
{
"email_text": "Urgent: Your account will be suspended unless you verify immediately..."
}
Response:
{
"results": [
{
"model_source": "HuggingFace",
"model_name": "cybersectony-distilbert",
"decision": "phishing",
"confidence": 0.94,
"description": "High probability phishing email detected"
},
{
"model_source": "PyPI",
"model_name": "phishing-detection-py",
"decision": "phishing",
"confidence": 0.87,
"description": "Suspicious URL patterns detected"
}
],
"timestamp": "2024-01-15T10:30:00Z",
"email_snippet": "Urgent: Your account will be suspended..."
}- JWT Tokens: Secure authentication with configurable expiration
- HTTP-Only Cookies: XSS protection through secure cookie storage
- Role-Based Access: User and admin roles with different permissions
- Token Validation: Server-side verification on all protected endpoints
- APISIX Rate Limiting: Prevents API abuse and brute force attacks
- Authentication: 5 requests/7 minutes per IP
- Scanning: 20 requests/minute per IP
- History: 30 requests/minute per IP
- Input Validation: Comprehensive input sanitization and validation
- Request Size Limits: Prevents DoS attacks through large payloads
- Temporary Storage: Email content stored only during analysis
- No PII Collection: Minimal personal data collection
- Secure Headers: Comprehensive HTTP security headers
- Container Isolation: Docker-based service isolation
- Container Security: Official base images with minimal attack surface
- Network Isolation: Internal Docker networks for service communication
- Secret Management: Environment variable-based configuration
- Health Monitoring: Continuous service health checking
- Background Loading: Models load asynchronously during startup
- Status Monitoring: Real-time model readiness checking
- Graceful Degradation: Fallback to rule-based analysis if models fail
- Cold Start Handling: Extended timeouts for initial model loading
- Tiered Limits: Different limits for different endpoint types
- Burst Protection: Handles traffic spikes gracefully
- IP-Based: Per-client rate limiting
- Production Ready: Redis backend support for scaling
- Docker: Full containerized deployment
- Kubernetes: Orchestration support for large deployments
- Cloud Platforms: Vercel (frontend) + Render/AWS (backend)
- Local Development: Direct execution for development
For development and testing:
# User tokens
sample_token_1 # Standard user access
sample_token_2 # Admin user access
# Usage in API calls
curl -X POST http://localhost:9080/auth/token \
-H "Content-Type: application/json" \
-d '{"token": "sample_token_1"}'# APISIX Rate Limiting
authentication_endpoints:
rate: 5 requests per 7 minutes
burst: 10 requests
scan_endpoints:
rate: 20 requests per minute
burst: 30 requests
timeout: 300 seconds
history_endpoints:
rate: 30 requests per minute
burst: 50 requests# Available Models
models = [
"cybersectony/phishing-email-detection-distilbert_v2.1",
"aamoshdahal/email-phishing-distilbert-finetuned",
"phishing-detection-py",
"rule-based-analyzer"
]Models Not Loading:
# Check model status
curl http://localhost:9080/models/status
# View backend logs
docker-compose logs backend
# Manual model loading
docker-compose exec backend python -c "
from ai.email_guard import get_analyzer
analyzer = get_analyzer()
print(f'Models loaded: {len(analyzer.analyzers)}')
"CORS Errors:
# Check frontend environment
echo $VITE_API_URL
# Verify APISIX CORS config
curl http://localhost:9080/health \
-H "Origin: http://localhost:5173"Rate Limiting Issues:
# Check current limits
curl http://localhost:9180/apisix/admin/routes \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'# Service status
./run-docker.sh status
# View logs
./run-docker.sh logs
# Test connectivity
curl http://localhost:9080/health
curl http://localhost:8000/health- Docker Setup: Complete Docker deployment guide
- Security Notes: Comprehensive security documentation
- AI Models: AI model architecture and usage
- Deployment Guide: Production deployment instructions
The frontend is deployed on Vercel and accessible at: https://email-guard-cyan.vercel.app/
# Connect GitHub repository to Vercel
# Set environment variables:
VITE_API_URL=https://your-api-domain.com
# Deploy automatically on push to main# Set production environment variables
export JWT_SECRET_KEY="super-secure-production-key"
export CORS_ORIGINS="https://your-frontend-domain.com"
# Deploy with Docker
docker-compose -f docker-compose.prod.yml up -dFor simpler deployments, use the Email Guard Lightweight version which:
- Runs on Replit with minimal setup
- Has reduced dependencies
- Provides core functionality
- Suitable for testing and small deployments
# Test authentication
curl -X POST http://localhost:9080/auth/token \
-H "Content-Type: application/json" \
-d '{"token": "sample_token_1"}'
# Test email analysis
curl -X POST http://localhost:9080/scan/email \
-H "Content-Type: application/json" \
-b "auth_token=your-jwt-token" \
-d '{"email_text": "Test phishing email content"}'- Phishing: "URGENT: Your account has been suspended. Click here to verify immediately..."
- Spam: "CONGRATULATIONS! You've won $1,000,000! Click here to claim..."
- Safe: "Hi John, Thanks for your email regarding the meeting. Best regards, Sarah"
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes with proper testing
- Add tests for new functionality
- Commit changes:
git commit -m 'Add amazing feature' - Push to branch:
git push origin feature/amazing-feature - Submit a Pull Request
- Follow Python PEP 8 style guidelines
- Add type hints for all functions
- Include comprehensive error handling
- Write tests for new features
- Update documentation for changes
This project is licensed under the MIT License - see the LICENSE file for details.
- GitHub Issues: Report bugs and request features
- Documentation: Check the docs/ directory
- Security Issues: Contact security@emailguard.com
For enterprise deployments and commercial support:
- Email: support@emailguard.com
- Documentation: Available in the docs/ directory
- Consulting: Custom deployment and integration services
- β Multi-model AI analysis
- β JWT authentication
- β Docker deployment
- β Rate limiting
- β Modern React frontend
- Additional ML models
- Real-time threat intelligence
- Advanced analytics dashboard
- API rate limiting improvements
- Enhanced security features
- Mobile application
- Enterprise SSO integration
- Multi-language support
- Advanced reporting features
- Machine learning model training interface
- Authentication: < 100ms
- Email Analysis: 2-5 seconds (first request), < 1 second (subsequent)
- History Retrieval: < 200ms
- Model Status Check: < 50ms
- Concurrent Users: 100+ (with proper scaling)
- Requests per Minute: 1000+ (with rate limiting)
- Email Size: Up to 10,000 characters
- Model Accuracy: 85-95% depending on content type
Email Guard - Protecting organizations from email-based threats through advanced AI analysis and comprehensive security measures.