MultiMail embeds EU AI Act disclosure, GDPR consent handling, and human review evidence into every agent email — giving compliance teams a single platform layer to evaluate and approve.
Compliance teams are increasingly asked to sign off on AI agent email deployments without a consistent infrastructure layer to evaluate. Policy questions about disclosure, auditability, and human review land on compliance officers who must assess each deployment individually — often after the fact. The result is ad-hoc controls stitched together at the application layer: disclosure statements added manually by developers, audit trails kept in spreadsheets, review workflows running through Slack. Three regulatory frameworks create concrete obligations for organizations deploying AI agents that generate or send email. EU AI Act Article 50(1) requires disclosure that content is AI-generated when systems interact with natural persons, unless it is obvious from context. GDPR Article 6 requires a documented lawful basis for processing personal data, and Article 21 gives individuals the right to object to direct marketing at any time. CAN-SPAM requires accurate sender identification, a functioning opt-out mechanism, and honor of opt-out requests within 10 business days. Each of these touches the email delivery layer — and none of them can be reliably enforced by application code alone, because application code changes.
MultiMail moves compliance controls out of application code and into the email delivery infrastructure. Disclosure headers, human review gates, audit logs, and opt-out mechanics are configured at the mailbox level, not the application level. This means compliance officers can evaluate a deployment by reviewing its mailbox configuration rather than auditing every codebase that sends email through it. The gated_send oversight mode is designed for compliance-sensitive deployments: agents can read and draft autonomously, but every outbound message is held for human review before delivery. Reviewers see full message content, the agent's metadata, and the compliance tags associated with the mailbox. Approval and rejection decisions are stored as immutable records with reviewer identity, timestamp, and notes — exportable for GDPR Article 30 records of processing and SOC 2 Type II evidence packages.
Create a dedicated mailbox for each email program so its oversight mode, disclosure behavior, and audit trail are scoped and reviewable in one place. AI disclosure (EU AI Act Article 50) is enforced at the send gateway for every mailbox, and suppression/unsubscribe handling runs at the infrastructure level — neither requires per-message application code.
AI disclosure is locked on for every mailbox and enforced at the send gateway — it cannot be disabled (a request to set ai_disclosure to false is rejected with 400). MultiMail injects a human-readable disclosure footer into the message body and sets the X-AI-Generated: true header on every send. This provides the technical disclosure mechanism required under EU AI Act Article 50(1) for AI-generated content directed at natural persons.
Set the mailbox oversight_mode to gated_send. Every outbound message the agent queues is held in a review queue accessible via the API and the MultiMail dashboard. Compliance officers or designated reviewers approve or reject each message before delivery. The review decision, reviewer identity, and timestamp are stored as immutable audit records.
Use GET /v1/oversight/pending to retrieve held messages and GET /v1/mailboxes/{mailbox_id}/emails/{email_id} to inspect full message content and headers. Tag reviewed messages via PUT /v1/mailboxes/{mailbox_id}/emails/{email_id}/tags to record compliance status. The audit trail (GET /v1/audit-log) is queryable for evidence gathering.
MultiMail audit log exports provide timestamped records of every send attempt, review decision, disclosure injection, and oversight mode change. These records export in structured JSON and CSV formats suitable for GDPR Article 30 records of processing activities and SOC 2 Type II evidence packages.
Pick your platform, copy the prompt, and paste it to your AI agent — it sets up MultiMail and builds the whole flow. Nothing to fill in.
AI disclosure under EU AI Act Article 50 is enforced at the send gateway and locked on for every mailbox. Every agent routing through MultiMail gets the required disclosure injected automatically — no per-agent code changes, no risk of disclosure being omitted when application code is updated, and no way to switch it off.
Every approve and reject decision on a gated message is stored as an immutable record with reviewer identity, timestamp, and reviewer notes. Records are exportable in structured JSON and CSV for GDPR Article 30 records of processing and SOC 2 Type II evidence packages.
Oversight mode and disclosure enforcement are set at the mailbox level. Compliance officers review the mailbox configuration once rather than auditing every agent codebase. New agents that route through the same mailbox inherit the same controls automatically.
Unsubscribe header injection, sender identification, and opt-out link enforcement are handled by MultiMail before message delivery. CAN-SPAM and GDPR Article 21 requirements are enforced at the infrastructure layer, not dependent on individual agent behavior.
MultiMail's oversight, identity, and authorization models are proven correct in Lean 4 and verified in CI on every push. The gated_send mode cannot be bypassed by application code — the guarantee is mathematical, not just tested.
Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a hosted MCP server. Formally verified in Lean 4.