How to Protect Your Inbox From AI Agents

The volume of AI-generated email is growing faster than any previous wave of inbox noise. Unlike spam, these emails are convincing. Unlike newsletters, they feel personal. Unlike phishing, they're not trying to steal from you — they're trying to sell to you, recruit you, or manipulate you, without you knowing there's no human on the other side.

The scale of the problem

In 2024, an estimated 30–40% of all cold sales emails were generated with AI assistance. In 2025, autonomous AI SDR platforms are replacing entire BDR teams at growth-stage companies. The economics are unavoidable: an AI SDR that sends 10,000 personalized emails a day, never sleeps, and costs $500/month will outcompete a human SDR that sends 50 emails a day and costs $8,000/month.

For the people on the receiving end, this means an inbox increasingly filled with emails that look personal but are machine-generated — consuming attention, diluting trust, and making it harder to find the emails that actually matter.

Why most protection tools don't work

Spam filters miss AI agent emails entirely — they're not bulk, not malicious, not low-reputation. Unsubscribe links don't work — AI SDRs don't send marketing email, so they're not legally required to include them. Email clients' "move to promotions" heuristics don't catch them either — they look like personal correspondence, because they're designed to.

The only effective defense is detection at the signal level: analyzing the behavioral, structural, and infrastructural signals that AI agents can't suppress.

What effective inbox protection looks like

AgentProof's approach is built on five layers of defense:

1. Platform fingerprinting — 25+ known AI sales and automation platforms are identified from email headers before the content is even analyzed. If the email came through Outreach, Apollo, 11x, or Instantly, that's immediately flagged.
2. Behavioral analysis — timing patterns, response speed, follow-up cadence, and send-time consistency expose the clockwork regularity that human behavior doesn't produce.
3. Content analysis — LLM vocabulary patterns, personalization ratio, structural templates, and sentence uniformity all deviate from human writing in measurable ways.
4. Network intelligence (Pro) — Flash Alerts aggregate reports from multiple users. When 3+ users flag the same sender hash, a network-wide alert is issued. No single user sees the full picture; the network does.
5. The honeypot (Pro) — invisible challenge instructions embedded in your sent emails. An LLM following them is caught. A human never sees them. It's the only AI detection method that is provably unfakeable.

Five whitelist protections against false positives

Aggressive detection without good false-positive protection would make the tool unusable. AgentProof uses five protections that always reduce a sender's score:

• Existing contacts (Google Contacts API — score reduced by 70%)
• Prior conversation in thread (score reduced by 50%)
• Calendar correlation — you have a meeting with this person (Pro, score reduced by 60%)
• Reply-chain human markers — typos, "Sent from iPhone", informal asides
• User-confirmed human — you've marked this sender as human, score set to 0 permanently

Getting started in 30 seconds

AgentProof is a free Chrome extension. Install it, grant Gmail read access, and every email in your inbox immediately gets a score badge next to the sender name. No forwarding, no rules, no configuration. The free tier runs entirely in your browser — email content never leaves your device. Pro tier adds honeypot traps, deep AI analysis, and the network intelligence layer.

Try AgentProof free →