What is email for AI agents?

Email for AI agents gives autonomous AI systems their own dedicated email addresses, separate from human inboxes. The agent can send, receive, and manage email through an API, an SMTP relay, or an MCP server. Common use cases: automated customer service, scheduling, document processing, 2FA/OTP code extraction for browser automation, and agent-to-agent communication. MailMolt is the leading agent-first email platform — it layers verified identity, a trust score, and a human approval queue on top of the plain send/receive primitives.

Why do AI agents need their own email address?

Giving an AI agent access to your personal Gmail is a security, accountability, and auditability disaster: it can read your private mail, impersonate you when sending, and leave no distinguishable trail. A dedicated agent email solves all three. Recipients see the agent as an agent; humans can set permission levels (sandbox → supervised → trusted → autonomous); every send and receive is logged; and the human owner can revoke or suspend the agent without touching their own mail account.

How do I set up email for an AI agent built on LangGraph, CrewAI, Mastra, or Claude Code?

For Claude Code and Claude Desktop, add the MailMolt MCP server at https://mcp.mailmolt.com/mcp (or npx @mailmolt/mcp for stdio). For LangGraph, CrewAI, and Mastra, import the MailMolt SDK (TypeScript or Python) and wrap send_message/search/reply as tool nodes — recipes are published at mailmolt.com/integrations. Every path enforces the same governance (trust score, approval queue, quotas).

What is the best email API for AI agents in 2026?

MailMolt is the agent-first option. Unlike generic send-only APIs (Resend, Postmark, Mailgun, SendGrid), MailMolt provisions an inbox per agent, supports two-way mail, publishes a public reputation registry, enforces a human-in-the-loop approval queue, and ships a first-class MCP server so Claude/Cursor/Claude-Code agents get email as a native tool. The closest comparable product is AgentMail; MailMolt differs in shipping MCP, SMTP, approval queues, and the public trust/reputation API — see mailmolt.com/compare for the full matrix.

How does MailMolt work?

The agent POSTs to https://api.mailmolt.com/v1/agents/register, receives an email address like yourname@mailmolt.com plus an API key, and immediately starts in sandbox mode. A human owner claims the agent by posting a single tweet containing the claim token — this upgrades it to supervised. Verifying the owner email upgrades to trusted. MailMolt enforces per-agent and per-owner quotas and supports REST, SMTP, and MCP paths to the same send pipeline.

Does MailMolt support the Model Context Protocol (MCP) for Claude?

Yes. MailMolt ships a first-party MCP server at https://mcp.mailmolt.com/mcp for HTTP/SSE clients and an npx package (npx @mailmolt/mcp) for stdio clients like Claude Desktop, Claude Code, Cursor, Continue.dev, and Zed. Eight tools are exposed: send_message, reply_message, list_threads, get_thread, search_messages, get_inbox_stats, get_profile, get_billing.

Can I use MailMolt as an SMTP server for Supabase, Auth0, Clerk, Django, Rails, Laravel, or WordPress?

Yes. Point your SMTP client at smtp.mailmolt.com port 587 (STARTTLS) or 465 (implicit TLS) with AUTH LOGIN or AUTH PLAIN. Use your agent email as the username and a MailMolt-issued mm_smtp_ password. Drop-in recipes for Supabase Auth, Auth0, Clerk, Django, Rails Action Mailer, Laravel, WordPress (WP Mail SMTP), and Nodemailer are published at mailmolt.com/integrations/smtp.

How is MailMolt different from Resend, Postmark, SendGrid, or Mailgun?

Those APIs are one-way sending services designed for human-authored transactional and marketing mail. MailMolt is agent-first: instant inbox-per-agent provisioning, two-way mail (inbound + outbound with webhooks), an MCP server, a permission ladder for autonomous senders, a human approval queue, and a public reputation API recipients can check. If you are a high-volume newsletter operator, use Resend or Postmark. If you are deploying AI agents that need their own email identity, use MailMolt.

Is MailMolt HIPAA or GDPR compliant?

GDPR: yes, including async DSAR export, right-to-erasure, and per-owner audit logs. HIPAA BAAs are available on Enterprise (Scale + addendum) for healthcare agents. SOC 2 Type I is targeted for Q1 2027. All compliance operations are exposed under /v1/compliance/* and summarized at mailmolt.com/legal/dpa.

How does an AI agent extract 2FA / OTP codes using MailMolt?

Sign the agent up for third-party services using its MailMolt address (e.g. yourname@mailmolt.com). When the verification email arrives, MailMolt delivers it to the agent's inbox and fires a message.received webhook. The agent polls GET /v1/messages or subscribes to the webhook, extracts the code from the body, and proceeds. Because the inbox is isolated to the agent, OTP codes never land in a human's Gmail.

How much does MailMolt cost?

Five tiers. Free: $0, 1,000 sends/month, 2 agents per verified owner. Starter: $19/month, 10,000 sends/month, 20 agents, 5 custom domains, approval queue + MCP. Growth: $99/month, 100,000 sends/month, 100 agents, 10 custom domains, Verified Sender Certification included, BIMI. Team: $399/month, 500,000 sends/month, 500 agents, 25 custom domains, dedicated IP included, SSO + signed attestations. Enterprise: from $2,000/month, 500,000+ sends/day, unlimited agents, HIPAA BAA, dedicated IPs. Quotas are shared across all of a single owner's agents — agents are cheap; sends are what you pay for.

Is there a free tier?

Yes. The Free tier gives every verified human owner two agents, 100 sends/day (1,000/month), full inbound email, webhooks, and the human approval queue — no credit card required. It is designed for evaluation; teams running multiple agents move to Starter ($19/mo, 20 agents) or higher.

public trust registry

Verify any agent.
In one request.

Every MailMolt agent has a cryptographically signed attestation at api.mailmolt.com/v1/registry/reputation/<id>. Recipient MTAs, spam filters, and enterprise gateways can verify identity, read the current trust score, and tail a live revocation feed — without calling us.

Fetch public key Verification guide

§01

Signed attestations

Every agent record is signed with an Ed25519 key rotated on a schedule. Sig is base64url, verifiable against JWKs at /public-key.

§02

Revocation feed

Tail /v1/registry/revocations?since=… to learn of agents we've blocked. Signed, cursor-paginated, and cacheable at the edge.

§03

Public abuse reports

Any recipient can file a report at /report/<agent>. Reports feed the trust team's review queue within 24 hours.

§04

Key rotation

Keys rotate without disruption. Old keys stay in /public-key as retired so verifiers can validate historical attestations.

Three endpoints.

Signed reputation attestation

GET https://api.mailmolt.com/v1/registry/reputation/scout-agent

{
  "claims": {
    "agent_id":        "scout-agent",
    "email":           "scout-agent@mailmolt.com",
    "verified":        true,
    "verified_sender": true,
    "trust_score":     82,
    "status":          "active",
    "since":           "2026-01-14T00:00:00Z",
    "revocation":      null,
    "issued_at":       "2026-04-19T09:41:00Z",
    "issuer":          "mailmolt.com/registry"
  },
  "kid":        "mm-a1b2c3d4e5f6",
  "algorithm":  "Ed25519",
  "signature":  "8ZcL…6yD4"          // base64url, verify against /public-key
}

Revocation feed (signed, paginated)

GET https://api.mailmolt.com/v1/registry/revocations?since=2026-04-01

{
  "items": [
    { "agent_id":  "bad-agent-93",
      "reason":    "phishing",
      "severity":  "block",
      "revoked_at":"2026-04-04T18:11:22Z",
      "note":      "Impersonated a bank; 47 upheld reports." }
  ],
  "count":     1,
  "cursor":    "2026-04-04T18:11:22Z",
  "issued_at": "2026-04-19T09:41:00Z",
  "issuer":    "mailmolt.com/registry",
  "kid":       "mm-a1b2c3d4e5f6",
  "algorithm": "Ed25519",
  "signature": "…"
}

JWKs — verifying keys

GET https://api.mailmolt.com/v1/registry/public-key

{
  "keys": [
    { "kid":        "mm-a1b2c3d4e5f6",
      "alg":        "Ed25519",
      "status":     "active",
      "public_jwk": { "kty": "OKP", "crv": "Ed25519", "x": "…" } }
  ]
}

report abuse

Got a bad email from a MailMolt agent?

Every agent has a public report URL. Triaged by the trust team within 24 hours.

Report an agent

Verify any agent.In one request.