SIP is my senior‑project email security plugin that helps small teams spot phishing, impersonation, and malware. It runs a local FastAPI service with on‑prem AI (HIPAA‑friendly), analyzes message headers, URLs, and text, and logs decisions to a SQL database with an audit trail.
Clients (workspace add‑on / webhook) → FastAPI (auth + routes) → Parsers (header/URL/content) → Risk scoring → DB (SQLite/MySQL) + AuditLog → UI.
SPF/DKIM/DMARC checks · URL extraction + suspicious keyword flags · model‑assisted classification · quarantine/allow list · exportable logs.
Admin dashboard, multi‑tenant policy sets, smarter impersonation vectors, and evaluators for precision/recall.
Setup (local)
Clone and start the FastAPI server:
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txt
uvicorn app.main:app --reload --port 8000
Then open the UI at http://localhost:8000. Add environment variables for ADMIN_USER, ADMIN_PASS, and DB settings.
GET /health # service status
POST /analyze # analyze raw email or parsed fields
GET /recent # recent decisions
GET /audit-log # audit entries