OpenShield
./targets./providers./bounties./roadmap./transparencyLog inDEPLOY →
// REPORTING SPAM

How reporting works.

When you open a spam email in Gmail or Outlook, the OpenShield extension adds a small "Report to OpenShield" button right next to it. Click it, and that's the whole job — no copying headers, no filling out forms.

Behind the scenes, we look at a few technical signals from the email — who it really came from, and whether the sender's domain passed standard authentication checks — to build a case against the sender. On Gmail, we can often pull this proof automatically; on Outlook and the Gmail mobile app, we use what's visible on screen instead.

What we never do: read, store, or transmit the actual content of your email. We only look at the technical envelope of the one message you chose to report, and we throw away the raw technical data the moment we've extracted the proof we need. See our privacy policy for the full picture.

Reporting requires being signed in — this is the one piece of friction we ask for, and it exists purely to stop the reporting system itself from being spammed or gamed. See Your account for how sign-in works.