All integrations

Setting up the Outlook add-in

The add-in shows a whole-email analysis in a task pane beside the message: sender checked, authentication verified live, content read by the AI agent, every link (Safe Links unwrapped) ready for a cloud investigation. This guide covers the install, the sign-in and what the analysis checks.

The add-in answers one question beside the message itself: can this email be trusted? With the pane open, Guard.ch verifies the sender's SPF, DKIM and DMARC against live DNS, weighs the sender's reputation, reads the content the way a sceptical analyst would, and settles on one plain answer: Looks safe, Be careful, High risk, or an honest Couldn't verify.

Nothing else about your mailbox changes. The pane lives with the open message and holds a small session of its own. This guide covers the install from its manifest, the one-time pairing sign-in, what the analysis covers, and what each notice in the pane means.

What it adds to Outlook

  • The verdict, on open. With the pane open on a message, the whole-email analysis runs by itself: posture, headline, key facts, evidence with web sources, and advice, rendered right in the pane. A signed-out pane offers the sign-in first and starts the held analysis the moment pairing completes. Reopen the same email and the stored verdict is back instantly; it is kept for six hours per message.
  • Every link, unwrapped and ready. Below the verdict, the pane lists the links found in the message (the first 15), with Microsoft's Safe Links wrapping removed first, so you see and investigate the real destination. A link whose visible text points at a different domain than its real target carries a warning label.
  • A paste box. At the bottom of the pane, any URL from anywhere can be pasted and launched the same way.

Install it

The add-in installs from its manifest, a small file that tells Outlook where the pane lives. It works in Outlook on the web, the new Outlook, and classic Outlook, on Microsoft 365 and Outlook.com mailboxes:

  1. Download the manifest: guard.ch/ext/outlook/manifest.xml. Your browser saves a small XML file; that file is the whole install.
  2. Open aka.ms/olksideload. Outlook on the web opens and shows the Add-Ins for Outlook dialog. (In classic Outlook on Windows, the same dialog is behind File › Info › Manage Add-ins.)
  3. Choose My add-ins, scroll to Custom Addins, select Add a custom add-in, then Add from File, and pick the downloaded manifest. Confirm the prompt.
  4. Open any message and choose Guard.ch Companion from the message's apps. The pane opens beside the email, and the add-in follows you into the other Outlook clients on the same mailbox.

Rolling it out to a whole organisation? An administrator deploys the same manifest centrally in the Microsoft 365 admin center under Settings › Integrated apps › Upload custom apps; the upload takes the manifest address directly (guard.ch/ext/outlook/manifest.xml), and assigned users get the pane with no manual step.

Signing in

  1. The pane shows Sign in with Guard.ch. Choose it, and your normal browser opens guard.ch with a one-time pairing code already attached.
  2. Sign in there the way you always do: email code, passkey or Google. You never type anything into the pane itself.
  3. The pane notices the moment the browser side finishes, picks up a fresh session of its own, and starts the analysis it was holding.

That session belongs to the pane alone: the quiet Sign out at its bottom drops it without touching your browser, and the add-in never sees your password or your mailbox credentials.

What the analysis checks

The pane hands Guard.ch a minimal copy of the open message: sender, recipients, subject, date and body. The server parses it, verifies SPF, DKIM and DMARC against live DNS, weighs the sender's reputation, and has the AI agent read the content. Everything returns in one response: the posture, a headline, key facts, the evidence with its web sources, and the advice.

The verdict is kept for six hours per message, so reopening an email never spends another run. A message over 25 MB is declined with a plain notice; its links below still work as the way in.

Opening links as investigations

Each listed link, and anything you paste, opens the Guard.ch launcher in a new browser tab: the page loads in a disposable browser in our cloud, streamed live with every request, cookie and redirect on the record, and your Outlook never touches the target. The pane caps the list at the first 15 links it finds; the paste box covers anything beyond that.

What it can and cannot read

The add-in holds Outlook's read-only item permission: it can read the message you have open, and nothing else. It cannot browse your mailbox, cannot send mail, and never receives your mailbox credentials.

What travels to Guard.ch is the reconstructed copy of that one message, for that one analysis. The pane follows your Outlook language (English and German are built in) and stores nothing beyond its own session, which its Sign out removes again.

Works with
Outlook on the web, the new Outlook, and classic Outlook (Microsoft 365 and Outlook.com)
Install
Free; a small manifest added under My add-ins, or deployed centrally
Permissions
Read the open message only (ReadItem)
Sign-in
One-time pairing in your own browser; the pane holds its own session
Analysis
SPF, DKIM and DMARC verified live, sender reputation, AI verdict; kept six hours per message
Languages
English and German, following your Outlook language

Troubleshooting

Every notice the pane can show has a short answer:

“The sign-in didn't complete. Please try again.” The pairing was cancelled or timed out before the browser side finished. Choose the sign-in again and complete it in the tab that opens; the pane picks it up by itself.

“Your Guard.ch session expired. Please sign in again.” Pane sessions age out like any session. One fresh pairing brings the verdicts back.

“Connecting an app or extension to Guard.ch requires a Guard.ch plan.” The paired account carries no active plan. Open the dashboard, start the trial or pick a plan, and run the analysis again. On a team, ask your workspace manager for a seat.

“This email is too large to analyze in full.” The message is over the 25 MB limit, which is permanent for this email; the links listed below it still open as investigations.

The add-in is missing in classic Outlook. Classic Outlook on Windows caches its add-in list and can take up to a day to show a manually added add-in. Outlook on the web and the new Outlook show it immediately; the install itself happens once per mailbox.

The pane is nowhere to be found. The add-in lives on messages you read, not on drafts: open a message, then pick Guard.ch Companion from the message's apps. To remove or re-add it, the same Add-Ins for Outlook dialog holds it under My add-ins, in the Custom Addins section.

Other entry points

However a link reaches Guard.ch, it lands in the same capture and the same report. Pair the add-in with the browser extension for everything outside the inbox, or see what an investigation actually captures on the product page.

30 days free, a few clicks away.

Add a card to start, we will not charge it until the trial ends, and cancelling is just a few clicks away.

Start 30-day trial