← The garden

Verify the Sender Before You Trust the Message

When inbound outreach arrives, check whether the claimed identity matches the underlying signals. A pitch that names one organization while emailing from an…

Seedling Last tended 2026-07-06

When inbound outreach arrives, check whether the claimed identity matches the underlying signals. A pitch that names one organization while emailing from an unrelated domain is a small mismatch worth pausing on. These little inconsistencies are cheap to notice and expensive to ignore.

Make legitimacy a required checkpoint before you invest time, share information, or commit to anything. Treat “who is this really?” as a distinct step from “is the offer appealing?” — an attractive, on-theme ask can still come from an unverified source.

The same discipline applies when wiring up integrations or automations that act on incoming data: validate provenance before you let a message trigger downstream action. Trust should be earned through corroborating details, not granted because the request sounds plausible.