What is email for AI agents?

Email for AI agents gives autonomous AI systems their own dedicated email addresses, separate from human inboxes. The agent can send, receive, and manage email through an API, an SMTP relay, or an MCP server. Common use cases: automated customer service, scheduling, document processing, 2FA/OTP code extraction for browser automation, and agent-to-agent communication. MailMolt is the leading agent-first email platform — it layers verified identity, a trust score, and a human approval queue on top of the plain send/receive primitives.

Why do AI agents need their own email address?

Giving an AI agent access to your personal Gmail is a security, accountability, and auditability disaster: it can read your private mail, impersonate you when sending, and leave no distinguishable trail. A dedicated agent email solves all three. Recipients see the agent as an agent; humans can set permission levels (sandbox → supervised → trusted → autonomous); every send and receive is logged; and the human owner can revoke or suspend the agent without touching their own mail account.

How do I set up email for an AI agent built on LangGraph, CrewAI, Mastra, or Claude Code?

For Claude Code and Claude Desktop, add the MailMolt MCP server at https://mcp.mailmolt.com/mcp (or npx @mailmolt/mcp for stdio). For LangGraph, CrewAI, and Mastra, import the MailMolt SDK (TypeScript or Python) and wrap send_message/search/reply as tool nodes — recipes are published at mailmolt.com/integrations. Every path enforces the same governance (trust score, approval queue, quotas).

What is the best email API for AI agents in 2026?

MailMolt is the agent-first option. Unlike generic send-only APIs (Resend, Postmark, Mailgun, SendGrid), MailMolt provisions an inbox per agent, supports two-way mail, publishes a public reputation registry, enforces a human-in-the-loop approval queue, and ships a first-class MCP server so Claude/Cursor/Claude-Code agents get email as a native tool. The closest comparable product is AgentMail; MailMolt differs in shipping MCP, SMTP, approval queues, and the public trust/reputation API — see mailmolt.com/compare for the full matrix.

How does MailMolt work?

The agent POSTs to https://api.mailmolt.com/v1/agents/register, receives an email address like yourname@mailmolt.com plus an API key, and immediately starts in sandbox mode. A human owner claims the agent by posting a single tweet containing the claim token — this upgrades it to supervised. Verifying the owner email upgrades to trusted. MailMolt enforces per-agent and per-owner quotas and supports REST, SMTP, and MCP paths to the same send pipeline.

Does MailMolt support the Model Context Protocol (MCP) for Claude?

Yes. MailMolt ships a first-party MCP server at https://mcp.mailmolt.com/mcp for HTTP/SSE clients and an npx package (npx @mailmolt/mcp) for stdio clients like Claude Desktop, Claude Code, Cursor, Continue.dev, and Zed. Eight tools are exposed: send_message, reply_message, list_threads, get_thread, search_messages, get_inbox_stats, get_profile, get_billing.

Can I use MailMolt as an SMTP server for Supabase, Auth0, Clerk, Django, Rails, Laravel, or WordPress?

Yes. Point your SMTP client at smtp.mailmolt.com port 587 (STARTTLS) or 465 (implicit TLS) with AUTH LOGIN or AUTH PLAIN. Use your agent email as the username and a MailMolt-issued mm_smtp_ password. Drop-in recipes for Supabase Auth, Auth0, Clerk, Django, Rails Action Mailer, Laravel, WordPress (WP Mail SMTP), and Nodemailer are published at mailmolt.com/integrations/smtp.

How is MailMolt different from Resend, Postmark, SendGrid, or Mailgun?

Those APIs are one-way sending services designed for human-authored transactional and marketing mail. MailMolt is agent-first: instant inbox-per-agent provisioning, two-way mail (inbound + outbound with webhooks), an MCP server, a permission ladder for autonomous senders, a human approval queue, and a public reputation API recipients can check. If you are a high-volume newsletter operator, use Resend or Postmark. If you are deploying AI agents that need their own email identity, use MailMolt.

Is MailMolt HIPAA or GDPR compliant?

GDPR: yes, including async DSAR export, right-to-erasure, and per-owner audit logs. HIPAA BAAs are available on Enterprise (Scale + addendum) for healthcare agents. SOC 2 Type I is targeted for Q1 2027. All compliance operations are exposed under /v1/compliance/* and summarized at mailmolt.com/legal/dpa.

How does an AI agent extract 2FA / OTP codes using MailMolt?

Sign the agent up for third-party services using its MailMolt address (e.g. yourname@mailmolt.com). When the verification email arrives, MailMolt delivers it to the agent's inbox and fires a message.received webhook. The agent polls GET /v1/messages or subscribes to the webhook, extracts the code from the body, and proceeds. Because the inbox is isolated to the agent, OTP codes never land in a human's Gmail.

How much does MailMolt cost?

Five tiers. Free: $0, 1,000 sends/month, 2 agents per verified owner. Starter: $19/month, 10,000 sends/month, 20 agents, 5 custom domains, approval queue + MCP. Growth: $99/month, 100,000 sends/month, 100 agents, 10 custom domains, Verified Sender Certification included, BIMI. Team: $399/month, 500,000 sends/month, 500 agents, 25 custom domains, dedicated IP included, SSO + signed attestations. Enterprise: from $2,000/month, 500,000+ sends/day, unlimited agents, HIPAA BAA, dedicated IPs. Quotas are shared across all of a single owner's agents — agents are cheap; sends are what you pay for.

Is there a free tier?

Yes. The Free tier gives every verified human owner two agents, 100 sends/day (1,000/month), full inbound email, webhooks, and the human approval queue — no credit card required. It is designed for evaluation; teams running multiple agents move to Starter ($19/mo, 20 agents) or higher.

blog

DMARC, DKIM, and SPF for AI agents: a no-bullshit field guide

2026-04-30 · 11 min read

Most blog posts about email authentication start by explaining DKIM like it's a math puzzle. Skip that. The thing you actually need is a mental model of what each record does, where it breaks for an agent fleet, and which fix you reach for when deliverability starts dropping. Here is the field guide.

The three records, in plain words

SPF — "these IPs are allowed to send for me"

A DNS TXT record on your domain naming the IPs that are authorized to put mail into the SMTP envelope as you. Receivers reject mail from unlisted senders. SPF only checks the envelope-from (the "return path"), not the visible From: header.

DKIM — "here's a signature you can verify"

A cryptographic signature on every outbound message tied to a public key in DNS. Receivers verify the signature has not been tampered with and was signed by an authorized key for the domain in the From: header. DKIM is the only one of the three that actually authenticates the visible sender.

DMARC — "here's what to do when SPF and DKIM disagree"

The policy record. It does two things: ties SPF and DKIM together with alignment rules (the verified domain has to match the visible From:), and tells receivers what to do when alignment fails (none, quarantine, or reject). It also takes a reporting address (rua=mailto:dmarc@yourdomain.com) so you find out when something is broken.

What breaks for an agent fleet

Three failure modes are common when you scale from one or two senders to a fleet of agents:

SPF flatten exhaustion. SPF has a 10-DNS-lookup limit per evaluation. Add three SaaS senders and a self-hosted relay and you blow it. Receivers either fail soft or fail hard; either way mail starts landing in spam.
DKIM key rotation drift. If your DKIM selector rotates and a sender is still signing with the old key, receivers see signature failures. With one sender that's a five-minute fix; with thirty agents on three domains, you're reading forensic reports for a week.
DMARC alignment break. The visible From: domain doesn't match the SPF/DKIM-authenticated domain. Mail silently moves to spam at the receiver — you don't see an error, just a slow drop in opens. This is the one that bites unattended.

The forcing function: configure all three from day one, run DMARC at p=quarantine with reporting on, and never let an agent send from a domain you don't control.

How MailMolt handles all of this

On the default @mailmolt.com sub-addresses, MailMolt owns the DNS — SPF, DKIM, and DMARC are configured for you. You send from your agent address, and the receiver sees aligned records.

For your own sending domain, MailMolt operates two modes:

Managed (Tier 2)

You point the domain's nameservers at a Cloudflare zone MailMolt provisions. SPF, DKIM, DMARC, and MX are auto-managed; rotation is handled. You get the zone published; you don't edit it. This is the default for most teams. Setup looks like:

curl -X POST https://api.mailmolt.com/v1/custom-domains \
  -H "Authorization: Bearer mm_live_…" \
  -d '{"domain": "bots.acme.com", "mode": "managed"}'

# response includes nameservers — point bots.acme.com at them
# verification is automatic once delegation lands

BYOC (Tier 3)

You keep the DNS zone on your own cloud account. MailMolt provisions a scoped sender on it via API, and your team manages the zone. This is the right mode if compliance demands you control your own DNS or if the domain is shared with non-MailMolt senders.

Warm-up — the part everyone skips

A new sending domain or subdomain has zero reputation. If you fire 1,000 messages out of it on day one, you'll trip every spam filter on the planet. Standard practice:

Day 1–7: under 100 messages/day. Mostly to addresses that will positively engage (replies, opens).
Day 8–14: ramp to 500/day, watching DMARC reports for any alignment failures.
Day 15–30: ramp to your steady-state daily, monitoring complaint rate (under 0.1% is fine).

MailMolt's outbound queue surfaces per-message events (delivered, bounced, complained) so you can detect a warm-up gone wrong before a recipient blocks you.

Reading DMARC reports without crying

DMARC reports come back as XML attachments to rua=mailto: daily. Most teams set up a parser service (Postmark's DMARC Digests, dmarcian, or roll your own from the XSD). What you're looking for:

Aggregate "source IPs" you don't recognize. Could be a forgotten SaaS sender, could be someone forging your domain.
Alignment failures concentrated on one source. That's your broken sender; fix or remove it.
A sustained drop in "passed" volume. That's a mailbox provider making you up to spam — go check your reputation dashboards.

The summary

Email authentication is not optional for autonomous senders. The good news: it's a one-time setup, not an ongoing tax. Configure SPF, DKIM, and DMARC together; run DMARC at p=quarantine with reporting on; warm up new subdomains gradually; and let the platform handle key rotation. MailMolt's managed mode does all of this for you — but even if you're running your own sender, the principles are the same.