Tally for Outlook
Email automation, but Tally never hits Send.
Tally reads shared inboxes, drafts replies, forwards messages, and moves items between folders. The send and delete endpoints are blocked — every email a human has to actually click Send.
What Tally does with Outlook
Tally connects to Outlook to automate the data flow into your accounting stack — with explicit safety rules at every step.
Shared inbox monitoring
Reads messages from shared mailboxes (e.g., a client's accounting@ alias). Lists folders, searches messages, reads attachments.
Reply & forward drafting
Drafts replies to incoming emails or forwards messages to a teammate. Drafts land in the user's drafts folder for review and human Send.
New message drafting
Creates new draft emails (e.g., to send a vendor a W-9 request). Auto-tagged with [Drafted by Ballast-Tally] in the body.
Folder management
Moves messages between folders (e.g., 'Processed', 'To Review'). Useful for inbox automation without losing the original message.
Attachment reading
Lists and downloads email attachments — invoices, statements, receipts. Documents flow into the AP pipeline automatically.
Per-client mailbox isolation
Each Ballast client maps to a specific mailbox (or set of folders within a mailbox). Tally cannot read across client boundaries.
How it works
Setup is straightforward and auditable. No copy-pasted CSVs, no shared logins.
Authorize Tally in Outlook
A Ballast accountant initiates the connection. Authorization happens through Outlook's standard OAuth or API-key flow with the minimum required scopes.
Credentials encrypted at rest
Tokens are immediately encrypted with AES-256-GCM and stored in Tally's PostgreSQL database. Plaintext credentials never touch logs or error reports.
Tally pulls and normalizes data
Tally fetches data from Outlook on a schedule, normalizes it, and ties it back to the corresponding records in QuickBooks Online.
Your accountant takes it from there
A Ballast accountant reviews exceptions, posts entries, and closes the books. You get monthly financials without lifting a finger.
Availability
This integration is provided to Ballast Consulting Group's accounting clients at no additional charge as part of their engagement. There is no per-seat fee, per-API-call fee, or per-integration fee billed to the client. The cost is included in your accounting fee.
Tally isn't sold separately. Access requires an active engagement with Ballast Consulting Group as your finance and accounting department. If you're interested in becoming a Ballast client, please reach out.
Security & compliance
Every Tally integration follows the same safety pattern. Here is how the Outlook integration specifically is locked down.
App-only auth, single tenant
Tally uses one Azure AD app on Ballast's tenant with app-only client credentials. There's no per-client OAuth flow and no per-user refresh tokens to manage. Tokens are cached in-memory for ~55 minutes.
Send hard-blocked
/sendMail and /send paths are blocked at the path-allowlist layer. Tally cannot transmit an email — every email goes out only after a human clicks Send.
Delete hard-blocked
DELETE method is rejected at the method-allowlist layer. Tally cannot delete a message under any circumstances.
Per-client recipient domain allowlist
Each client config has an allowed_recipient_domains list. Tally cannot draft email to a domain not on the list — preventing data exfiltration even if an agent is tricked.
Email body sanitization
Email bodies are treated as untrusted external content and sanitized before reaching the agent. Content is wrapped in <external_email_content source='untrusted'> delimiters with explicit injection warnings.
Mailbox-scoped via RBAC for Apps
Tally's app-only access is restricted per mailbox via Microsoft's ApplicationAccessPolicy in Exchange. Each client config maps to specific mailbox IDs the app can read.
Frequently asked questions
Can Tally send email automatically?
No. Drafting is supported; sending is hard-blocked. Tally creates drafts in your Drafts folder; you review and click Send. This is by design — no email leaves your tenant without a human in the loop.
Can Tally delete email?
No. DELETE is blocked at the method-allowlist layer. Tally can move messages between folders but cannot delete them.
What if a vendor sends an email with malicious instructions to the Tally agent?
Email bodies are sanitized and wrapped in untrusted-content delimiters before reaching the agent. The agent's system prompt also instructs it to message a Slack channel for human approval before following any instructions found in email bodies.
How does Tally know which mailbox to read for a given client?
Each client config has a mailbox ID (or set of folder IDs within a mailbox). The mailbox-to-client mapping is stored server-side and enforced on every call.
Why is the auth model app-only instead of OAuth-per-user?
Shared mailboxes work better with app-only access. There's no individual user identity to tie permissions to — Ballast's Azure AD app is granted access to specific mailboxes via Exchange RBAC.
Talk to Ballast about your books
Tally's Outlook integration comes at no additional charge when Ballast runs finance and accounting for you. If you need a team that actually understands the systems your business runs on, get in touch.