When to use forwarding vs direct connection
Email forwarding is the simpler of the two email paths into TaxItEasy. It works with any email provider, needs no OAuth grant, and can be set up in under a minute. Forward an email, we pull the attachments, done.
Direct connection — where you grant TaxItEasy read-only access to your Gmail or Outlook inbox — is the right choice when you have a single mixed-use inbox and don't want to maintain a forwarding rule. Forwarding is the right choice when you have a clear set of invoice senders (Stripe, Hetzner, vendor portals), can write a rule for them, and prefer not to grant inbox access. Both can coexist; most teams start with forwarding and add direct connection later.
The walk-through
Step 1 — copy your forwarding address
In the TaxItEasy app, go to Settings → Email integration. The top of the page shows your personal forwarding address, something like [email protected]. The u- prefix is fixed; the hash after it is unique to your account. Click the copy icon.
Treat this address like a password. Anyone who knows it can inject documents into your account — see the inbound address explained for the security rationale and what to do if you accidentally publish it.
Step 2 — pick a forwarding pattern
There are two ways to use the address. Most people mix them:
- Manual forwarding — when an invoice email arrives, hit
Forward, paste youru-…@in.taxiteasy.orgaddress, and send. Works on any device and any email client. Best for low-volume teams or for unusual senders that don't fit a rule. - Automatic filter / rule — set up a rule in your email provider that auto-forwards anything from known invoice senders. Set it once, forget it. Best when you have predictable invoice sources (Stripe receipts, hosting bills, SaaS subscriptions).
Most people set up an auto-forward rule for the 5–10 vendors that send invoices regularly, and manually forward the occasional one-off.
Step 3 — create the filter in your provider
The mechanics vary slightly per provider. The three big ones:
Gmail — Settings (gear) → See all settings → Filters and Blocked Addresses → Create a new filter. In From, enter a vendor (e.g. [email protected]) or a search term that catches the invoices (subject:Invoice works for many vendors). Click Create filter → tick Forward it to → click Add forwarding address, paste your u-…@in.taxiteasy.org, save. Gmail will email a confirmation code to your TaxItEasy account — open the Activity log on the Email integration page, find the confirmation email, and copy the code back to Gmail. This is a Gmail anti-abuse step, not a TaxItEasy step. Once confirmed, the rule auto-forwards future matches.
Outlook (Outlook.com or Microsoft 365) — Settings → Mail → Rules → Add new rule. Add a condition (sender, subject, etc.) and the action Forward to, paste your forwarding address. Microsoft 365 admins may need to enable external forwarding on the tenant first.
Apple Mail (macOS) / iCloud Mail — Apple Mail's rules run on your Mac, not in iCloud, so they only fire when Mail is open. For server-side forwarding from iCloud, sign in to icloud.com → Mail → settings → Rules. Add a sender condition and Forward to action. iCloud limits forwarding to a small number of destinations, but your TaxItEasy address counts as one.
ProtonMail / other GDPR-leaning providers — Most expose a similar Rules or Sieve script interface. Add a sender match and redirect (not forward) where supported — redirect preserves the original sender's SPF/DKIM signatures, which keeps our spam classifier happy.
Step 4 — verify it works
Within a minute of the first forwarded email arriving, the document should appear in Documents and the Activity log on the Email integration page should show one new row. The Activity log includes:
- Time the email was received
- Sender (the original sender from the forwarded message)
- Subject line
- Classification:
invoice,receipt,statement, orirrelevant - Number of attachments extracted
If classification = irrelevant for something you expected to be an invoice, see what happens when you forward a newsletter — same logic applies to misclassified invoices.
What we keep, what we don't
The forwarding pipeline is designed to minimise what we store. Specifically:
- We keep: sender address, send date, subject line, the attachments themselves (which go through the same Documents pipeline as a manual upload), and a small classification record (was it an invoice, did we extract anything, did the classifier hesitate).
- We don't keep the email body. The body is processed in-memory, used to decide classification, and discarded before the message handler exits. Even if you forward a deeply confidential email, the body itself is not retained — only the attachments are.
- Authentication. Every inbound email is verified with SPF and/or DKIM against the original sender's domain (not your forwarding domain). Spoofed emails are rejected with an audit-log entry; we don't process them. This is why
redirectin Sieve / ProtonMail is preferred toforward—redirectpreserves the original signatures.
For a deeper privacy breakdown, see where is my data stored.
Email forwarding is included on every plan
Free, Starter, Business, and Growth all include email forwarding with no separate gate. The only cost is your monthly document quota — each forwarded email counts as the number of invoice-shaped attachments it contains. A forwarded email with no attachments and a receipt body is one document (the email body is not stored, but the receipt content is reconstructed from the inline HTML when possible). A forwarded email with two PDF invoices attached is two documents. The Activity log on Email integration shows the count per email.
Troubleshooting
My address has weird characters / looks scary. That's the design. The hash after u- is non-guessable so nobody else can email-attack your inbox. Don't post it publicly, don't share it in support tickets, don't include it in CSV exports you send around. See the inbound address explained.
I want to share my address with my accountant for client invoices. Don't. Either forward each invoice individually, or — much better — use invite your tax advisor to give them proper read-only access. Sharing the inbound address lets anyone who has it (including a compromised mailbox) inject documents into your account.
Newsletters keep getting forwarded. The AI classifier detects newsletter / marketing patterns and silently skips them (no document, no quota used). They still show in the Activity log marked irrelevant. If you're seeing actual invoices flagged irrelevant, the classifier missed signal — open the activity log entry and click Send to support to give us a labelled sample we can use to tune the classifier.
Email forwarding stopped working overnight. Most often this is your provider revoking the forwarding rule because of an abuse heuristic — Gmail in particular sometimes auto-disables forwarding for accounts with security alerts. Check the Gmail forwarding settings page (Settings → Forwarding and POP/IMAP) and confirm the forwarding is still active. See email forwarding stopped working for the full diagnostic.
I want to revoke my forwarding address (it leaked). In Settings → Email integration, click Regenerate address. The old hash stops accepting mail immediately; you get a new one to update your filters with. Note that any forwarding rules in Gmail/Outlook still reference the old address and will start bouncing — you'll need to update them too.
I want to forward emails from multiple inboxes. No setup needed — the address accepts forwards from any source. Each forwarded email is attributed to the original sender, not the inbox it was forwarded from.
Related
- Connect Gmail, Outlook, or IMAP — the OAuth path, for mixed-use inboxes
- The inbound address explained — security details, address format, what to do if leaked
- What happens when you forward a newsletter — how classification decides
- Email attachment size and format limits — what attachments survive the pipeline
- Email forwarding stopped working — debugging the silent failure case