Safe Email for Autonomous AgentGPT Agents

Give AgentGPT's autonomous agents email capabilities through MultiMail — with gated oversight that ensures every email action is reviewed before execution.

AgentGPT is a web-based platform for deploying autonomous AI agents that create and execute task plans without continuous human input. MultiMail provides the email infrastructure layer that gives these autonomous agents the ability to send, receive, and manage email while maintaining human oversight guardrails.

Fully autonomous agents represent the highest-risk category for email access. MultiMail's gated_all mode is strongly recommended for AgentGPT integrations, ensuring every email action — reading, sending, replying — requires human approval. This prevents autonomous agents from sending inappropriate emails during unsupervised task execution.

Connect AgentGPT to MultiMail by extending AgentGPT's tool system with custom functions that call the MultiMail REST API. The integration adds email to AgentGPT's capability set while keeping humans in the loop for every email interaction.

Why MultiMail

Built for AgentGPT developers

Critical Oversight for Autonomous Agents

AgentGPT agents run autonomously without human supervision. MultiMail's gated_all mode is essential here — every email action (send, reply, even inbox reads) gets human approval, preventing runaway autonomous email behavior.

Graduated Trust via Oversight Modes

Start with gated_all for new autonomous agents, then carefully progress to gated_send once you trust the agent's email judgment. MultiMail's five oversight modes let you incrementally increase autonomy with safety checkpoints.

Task Plan Visibility

When AgentGPT creates a task plan involving email, MultiMail's pending queue shows exactly what emails the agent wants to send. Humans can review the full plan before any emails are delivered.

Audit Trail for Autonomous Actions

MultiMail logs every email action with timestamps and approval status. For autonomous agents that may execute dozens of steps, this audit trail is critical for understanding what happened and why.

Rate Limiting as a Safety Valve

MultiMail's plan-based rate limits act as an additional safety valve for autonomous agents. Even if an agent enters a loop, the email rate limit prevents it from sending unlimited messages.

Code examples

Get started in minutes

MultiMail Tools for AgentGPT
typescript
const MULTIMAIL_API = 'https://api.multimail.dev/v1';
const MM_HEADERS = {
  'Authorization': 'Bearer mm_live_your_api_key',
  'Content-Type': 'application/json'
};

async function sendEmail(args: {
  mailbox_id: string;
  to: string;
  subject: string;
  body: string;
}): Promise<Record<string, unknown>> {
  "cm">// In gated_all mode, this queues for human approval
  const resp = await fetch(`${MULTIMAIL_API}/send`, {
    method: 'POST',
    headers: MM_HEADERS,
    body: JSON.stringify(args)
  });
  return resp.json();
}

async function checkInbox(args: {
  mailbox_id: string;
  limit?: number;
}): Promise<Record<string, unknown>> {
  const params = new URLSearchParams({ limit: String(args.limit || 10) });
  const resp = await fetch(
    `${MULTIMAIL_API}/mailboxes/${args.mailbox_id}/inbox?${params}`,
    { headers: MM_HEADERS }
  );
  return resp.json();
}

async function replyEmail(args: {
  message_id: string;
  body: string;
}): Promise<Record<string, unknown>> {
  const resp = await fetch(`${MULTIMAIL_API}/reply`, {
    method: 'POST',
    headers: MM_HEADERS,
    body: JSON.stringify(args)
  });
  return resp.json();
}

Define email tool functions that AgentGPT can use during autonomous task execution.

Register Email Tools in AgentGPT
typescript
"cm">// Extend AgentGPT's tool registry with MultiMail email tools
const emailToolDefinitions = [
  {
    name: 'send_email',
    description: 'Send an email through MultiMail. Uses gated_all mode — '
      + 'the email will queue for human approval before delivery.',
    parameters: {
      mailbox_id: { type: 'string', description: 'Mailbox to send from', required: true },
      to: { type: 'string', description: 'Recipient email address', required: true },
      subject: { type: 'string', description: 'Email subject line', required: true },
      body: { type: 'string', description: 'Email body content', required: true }
    },
    execute: sendEmail
  },
  {
    name: 'check_inbox',
    description: 'Check a mailbox inbox for recent messages.',
    parameters: {
      mailbox_id: { type: 'string', description: 'Mailbox to check', required: true },
      limit: { type: 'number', description: 'Max messages to return', required: false }
    },
    execute: checkInbox
  },
  {
    name: 'reply_email',
    description: 'Reply to an email. Queues for human approval in gated_all mode.',
    parameters: {
      message_id: { type: 'string', description: 'Message ID to reply to', required: true },
      body: { type: 'string', description: 'Reply content', required: true }
    },
    execute: replyEmail
  }
];

// Register tools with AgentGPT's tool system
emailToolDefinitions.forEach(tool => {
  registerTool(tool);
});

Add MultiMail email capabilities to AgentGPT's available tools for autonomous task planning.

Python Script for AgentGPT Email Integration
python
import requests
import json

MULTIMAIL_API = "https://api.multimail.dev/v1"
MM_HEADERS = {"Authorization": "Bearer mm_live_your_api_key"}

def create_email_tools():
    """Define email tools for use with AgentGPT&"cm">#039;s task execution."""
    tools = {
        "send_email": {
            "description": "Send an email. Uses gated_all mode — queues for approval.",
            "execute": lambda args: requests.post(
                f"{MULTIMAIL_API}/send", headers=MM_HEADERS, json=args
            ).json()
        },
        "check_inbox": {
            "description": "Check inbox for recent messages.",
            "execute": lambda args: requests.get(
                f"{MULTIMAIL_API}/mailboxes/{args[&"cm">#039;mailbox_id']}/inbox",
                headers=MM_HEADERS, params={"limit": args.get("limit", 10)}
            ).json()
        },
        "reply_email": {
            "description": "Reply to an email. Queues for approval.",
            "execute": lambda args: requests.post(
                f"{MULTIMAIL_API}/reply", headers=MM_HEADERS, json=args
            ).json()
        },
        "list_pending": {
            "description": "List emails pending human approval.",
            "execute": lambda args: requests.get(
                f"{MULTIMAIL_API}/pending", headers=MM_HEADERS
            ).json()
        }
    }
    return tools

# Usage in AgentGPT task execution
tools = create_email_tools()
result = tools["check_inbox"]["execute"]({"mailbox_id": "mbx_abc123"})
print(f"Inbox: {json.dumps(result, indent=2)}")

A standalone Python script that adds MultiMail email capabilities to AgentGPT through its API.

Getting started

Step by step

1

Create a MultiMail Account and API Key

Sign up at multimail.dev, create a mailbox, and generate an API key. Set the oversight mode to gated_all for autonomous agent use.

2

Set Up AgentGPT

Deploy AgentGPT using the self-hosted option or use the hosted platform at agentgpt.reworkd.ai.

3

Define Email Tool Functions

Create functions that call MultiMail's REST API endpoints for send_email, check_inbox, reply_email, and list_pending.

4

Register Tools with AgentGPT

Add the email tool functions to AgentGPT's tool registry so the autonomous agent can include email actions in its task plans.

5

Monitor and Approve Email Actions

Watch the MultiMail dashboard for pending emails from your autonomous agent. Review and approve each action before it executes. Check the audit log for a complete history of agent email activity.

FAQ

Common questions

Why should I use gated_all instead of gated_send for AgentGPT?
AgentGPT agents are fully autonomous and may execute dozens of steps without human input. gated_all mode requires approval for every email action including reads, giving you maximum visibility into what the agent is doing. gated_send only gates outgoing emails, which may not be sufficient for unsupervised agents.
What if my AgentGPT agent tries to send too many emails?
MultiMail's plan-based rate limits act as a safety valve. The Starter plan caps at 200 emails per month, and paid plans have higher but still finite limits. The API returns 429 responses when limits are reached, which halts the agent's email activity until the next billing period.
Can AgentGPT check if emails were approved?
Yes. Use the list_pending tool or API endpoint to check the approval status of queued emails. The agent can include a check step in its task plan to verify whether previous emails were approved before proceeding with dependent tasks.
How do I prevent an autonomous agent from spamming contacts?
Use gated_all mode so every send and reply requires human approval. Additionally, MultiMail's suppression list prevents emails to addresses that have opted out. Rate limits provide a hard cap on total email volume per billing period.
Is there rate limiting on the MultiMail API?
Rate limits depend on your plan tier. The Starter (free) plan allows 200 emails per month, while paid plans range from 5,000 to 150,000. For autonomous agents, these limits are an important safety mechanism that prevents runaway email behavior.
Related integrations

Explore more

AutoGen

multi-agent · python

View guide →

BabyAGI

multi-agent · python

View guide →

MetaGPT

multi-agent · python

View guide →
Get started

The only agent email with a verifiable sender

Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a 38-tool MCP server. Formally verified in Lean 4.

Read the Docs See Pricing