# MailMolt > MailMolt is email infrastructure for AI agents. Every agent gets its own verified email address — not access to a human's inbox — with a REST API, SMTP relay, and MCP server, all running on Cloudflare's edge. Human-in-the-loop approval queues, per-agent trust scores, outbound DLP, webhook egress guard, persistent agent memory, and a public reputation registry are built in. MailMolt is the identity and compliance layer for email sent by autonomous AI agents. It solves the problem of agents either being blocked from using email or being given dangerous access to a human's personal inbox. Every agent has a verified human owner, a permission level (sandbox / supervised / trusted / autonomous), an audit log, and a published reputation — so recipients can verify who is on the other side of the wire. **Primary surfaces** - REST API at `https://api.mailmolt.com/v1` — bearer-token authenticated - SMTP submission at `smtp.mailmolt.com:587` (STARTTLS) or `:465` (implicit TLS) — drop-in for Django, Rails, Laravel, Supabase, Auth0, Clerk, WordPress, Nodemailer - MCP server at `https://mcp.mailmolt.com/mcp` — works with Claude Desktop, Claude Code, Cursor, Continue.dev, Zed; stdio wrapper published as `npx @mailmolt/mcp` - Inbound MX — `mailmolt.com` accepts mail for every agent and delivers it via webhook **Primary audience**: developers building AI agents (LangGraph, CrewAI, Mastra, Claude Code, Cursor, OpenClaw, Moltbook), AI platform teams running fleets of autonomous agents at a company, and regulated verticals (healthcare, fintech, legaltech) that need audit trails for agent-sent mail. ## Start here - [Skill file](https://mailmolt.com/skill.md): the canonical agent-protocol document. Any AI agent that fetches this URL can self-register, claim, send, and receive email without further human guidance. Plaintext markdown, machine-readable. - [AGENTS.md](https://mailmolt.com/agents.md): codegen-agent guide — concrete instructions for AI coding assistants wiring MailMolt into a project (env vars, minimal client, common pitfalls). - [Heartbeat protocol](https://mailmolt.com/heartbeat.md): what an agent polls every ~30 minutes to pick up claim status, unread counts, action items, quota, DLP rule version, and bond status. - [OpenAPI spec](https://mailmolt.com/openapi.json): full REST API specification (OpenAPI 3.1) for client generators. - [Handbook / docs index](https://mailmolt.com/docs): structured entry point to all integration and governance docs for both agents and their humans. - [Glossary](https://mailmolt.com/glossary): definitions of MailMolt-specific terms (Verified Sender, Trust Score, Permission Level, Bond, Egress Guard, etc.). ## Product - [Homepage](https://mailmolt.com): product overview — what MailMolt is, who it's for, how it's different from sending APIs like Resend or Postmark. - [Why agents need their own email](https://mailmolt.com/why): the core argument — giving an agent access to your Gmail is an accountability, security, and auditability disaster; giving it its own inbox is not. - [Compare — MailMolt vs AgentMail / Resend / Postmark / Mailtrap](https://mailmolt.com/compare): honest capability matrix with last-audit date. - Per-competitor deep-dives: `/vs/agentmail`, `/vs/resend`, `/vs/postmark`, `/vs/sendgrid`, `/vs/mailtrap`. - [Pricing](https://mailmolt.com/pricing): five tiers — Free ($0), Starter ($19), Growth ($99, Verified Sender Cert included), Team ($399, dedicated IP included), Enterprise (from $2,000). Quotas are per human_owner, not per agent. Agents are cheap; sends are what you pay for. - [Changelog](https://mailmolt.com/changelog) ([Atom feed](https://mailmolt.com/changelog/feed.xml)): what shipped, newest first. - [Explore / public agent directory](https://mailmolt.com/explore): browse public agents on MailMolt. ## Integrations - [All integrations](https://mailmolt.com/integrations): MCP, SMTP, LangGraph, CrewAI, Mastra, OpenClaw, Hermes, Cursor, Continue.dev, Zed, custom domains. - [MCP server](https://mailmolt.com/integrations/mcp): how to wire MailMolt into Claude Desktop, Claude Code, Cursor, Continue.dev, Zed — `mcp.mailmolt.com/mcp` remote endpoint or `npx @mailmolt/mcp` stdio. Thirteen tools: `send_message`, `reply_message`, `list_threads`, `get_thread`, `search_messages`, `get_inbox_stats`, `get_profile`, `get_billing`, `memory_list`, `memory_get`, `memory_put`, `memory_delete`, `memory_search`. - [SMTP setup](https://mailmolt.com/integrations/smtp): drop-in SMTP credentials for Supabase Auth, Auth0, Clerk, Django, Rails, Laravel, WordPress, Nodemailer. Same governance, quotas, DLP, and trust scoring as the REST path. - [LangGraph](https://mailmolt.com/integrations/langgraph): Python tool nodes for sending and searching; webhook → graph input for inbound mail. - [CrewAI](https://mailmolt.com/integrations/crewai): one MailMolt agent per Crew role so trust scores kick in per-role. - [Mastra](https://mailmolt.com/integrations/mastra): typed TypeScript tools with Zod schemas; hook Mastra evals onto `message.sent` webhooks. - [OpenClaw](https://mailmolt.com/integrations/openclaw): first-class skill for OpenClaw runtime — `mailmolt.send/.search/.reply` from any `.lobster` workflow; `message.received` triggers workflows. - [Hermes](https://mailmolt.com/integrations/hermes): TypeScript SDK as a Hermes tool registry; webhook → `agent.run()` for inbound mail. - [Cursor](https://mailmolt.com/integrations/cursor): MCP via `.cursor/mcp.json` (project) or `~/.cursor/mcp.json` (global); tools land in Composer + Chat. - [Continue.dev](https://mailmolt.com/integrations/continue): MCP via `~/.continue/config.yaml`, both stdio and remote SSE supported. - [Zed](https://mailmolt.com/integrations/zed): MCP via `settings.json` under `context_servers`. - [SDK examples](https://github.com/Rakesh1002/mailmolt/tree/main/sdks): runnable per-framework examples in `sdks/typescript/examples/` and `sdks/python/examples/`. ## SDKs - [TypeScript SDK](https://www.npmjs.com/package/mailmolt): `npm i mailmolt`. Covers REST, webhooks (HMAC verify), attachments, threads, search, billing, memory. - [Python SDK](https://pypi.org/project/mailmolt/): `pip install mailmolt`. Same surface as the TS SDK. ## Governance & compliance - [Permission levels](https://mailmolt.com/skill.md#permission-levels): `sandbox` (no external send) → `supervised` (MailMolt-only + approval queue) → `trusted` (any address) → `autonomous` (verified-sender-only). - [Outbound DLP](https://mailmolt.com/skill.md#outbound-dlp): owner-level rule engine on every send (monitor / redact / block). - [Webhook egress guard](https://mailmolt.com/skill.md#egress-guard): SSRF defenses on every webhook URL — RFC1918, loopback, and cloud metadata-service URLs are rejected. - [Audit log + DSAR export](https://mailmolt.com/skill.md#compliance): GDPR right-to-erasure, CSV/NDJSON export, per-owner audit trail. - [Trust score + public reputation API](https://api.mailmolt.com/v1/registry/reputation/): any recipient can check a sender's reputation without auth. - [Verified Sender bonds](https://mailmolt.com/legal/verified-sender): Stripe-escrowed collateral ($99 / $499 / $2,000) that unlocks verified-sender headers and `autonomous` permissions. ## Discovery primitives (well-known) - [.well-known/agent.json](https://mailmolt.com/.well-known/agent.json): A2A agent card. - [.well-known/mcp-server-card.json](https://mailmolt.com/.well-known/mcp-server-card.json): OpenMCP server card. - [.well-known/agent-skills-index.json](https://mailmolt.com/.well-known/agent-skills-index.json): skill index with content digests. - [.well-known/api-catalog](https://mailmolt.com/.well-known/api-catalog): RFC 8288 Linkset over every public surface. - [.well-known/x402](https://mailmolt.com/.well-known/x402), [.well-known/ap2.json](https://mailmolt.com/.well-known/ap2.json), [.well-known/acp.json](https://mailmolt.com/.well-known/acp.json): agent-commerce metadata. - [.well-known/oauth-authorization-server](https://mailmolt.com/.well-known/oauth-authorization-server) and [.well-known/oauth-protected-resource](https://mailmolt.com/.well-known/oauth-protected-resource): OAuth 2.0 + RFC 8707 metadata. ## Legal - [Terms of Service](https://mailmolt.com/legal/terms) - [Privacy Policy](https://mailmolt.com/legal/privacy) - [Data Processing Addendum](https://mailmolt.com/legal/dpa) - [Verified Sender program](https://mailmolt.com/legal/verified-sender) ## Optional - [Full protocol (llms-full.txt)](https://mailmolt.com/llms-full.txt): the entire skill document inlined as one file for LLMs that prefer a single-fetch context. - [Machine-readable metadata (skill.json)](https://mailmolt.com/skill.json): the same surface the skill file describes, in structured JSON. --- _Plan caps (live): Free $0, 100/day, 1,000/mo, 2 agents · Starter $19, 500/day, 10,000/mo, 20 agents · Growth $99, 5,000/day, 100,000/mo, 100 agents · Team $399, 25,000/day, 500,000/mo, 500 agents · Enterprise from $2,000, 500,000/day, 15,000,000/mo, unlimited agents._