Email Infrastructure Built for DevOps Pipelines

Connect AI email agents to your CI/CD system, alerting stack, and incident workflows. Programmable, observable, and resilient — without sacrificing operational control.

The problem

Why this matters

Generic mail APIs were designed for transactional messages, not operational workflows. They lack observable send queues, have no concept of agent-safe permissions, and give DevOps teams no way to distinguish a human-composed email from one generated by an automated agent. When a deployment fails at 2am and your incident response pipeline needs to notify stakeholders, route escalations, and log everything to your audit trail, you need infrastructure that behaves like infrastructure — not a marketing email service bolted onto a REST endpoint.

The solution

How MultiMail solves this

MultiMail provides a REST API and MCP server purpose-built for agents operating in production pipelines. Every send goes through an observable queue you can inspect and cancel. Every action produces a structured audit event. The monitored oversight mode is a natural fit for DevOps: agents send autonomously, but every delivery is visible to your team in real time. You can hook MultiMail into a Cloudflare Worker, a GitHub Actions step, or an existing alerting stack without changing your queue or on-call tooling.

1

Pipeline event triggers the agent

A deployment completion, failed health check, or PagerDuty escalation fires a webhook or queue message. Your agent receives the event payload — build SHA, environment, affected services, timing data — and begins composing context.

2

Agent generates the notification body

The agent calls your monitoring APIs to gather incident links, rollout timing, and health check results, then drafts a structured summary. No template required — the agent produces the message body from live data.

3

Send or gate based on severity

For routine deploy summaries, the agent calls send_email directly under monitored mode and the message goes out immediately. For high-severity incidents, you configure gated_send so a human approves before delivery to stakeholders outside your org.

4

Observe delivery and queue state

Every send produces a delivery event you can consume via webhook or poll with check_inbox. list_pending shows any messages still in queue. cancel_message lets you pull a queued send before delivery if the incident resolves.

5

Audit trail closes the loop

MultiMail logs every agent action — who sent, what oversight mode was active, delivery status, and any approval events — giving you a complete record for postmortems and compliance reviews.

Code examples

Implementation

Post-deploy notification from a CI/CD step
python
import httpx
import os

MM_API_KEY = os.environ["MM_API_KEY"]

def send_deploy_notification(env: str, sha: str, duration_s: int, health_checks: list[dict]):
    checks_text = "\n".join(
        f"  - {c[&"cm">#039;name']}: {'PASS' if c['ok'] else 'FAIL'}" for c in health_checks
    )
    body = f"""Deployment to {env} completed.

Commit: {sha}
Duration: {duration_s}s

Health checks:
{checks_text}

View run: https://github.com/your-org/your-repo/commit/{sha}
"""
    resp = httpx.post(
        "https://api.multimail.dev/v1/send_email",
        headers={"Authorization": f"Bearer {MM_API_KEY}"},
        json={
            "from": "[email protected]",
            "to": ["[email protected]"],
            "subject": f"Deployment completed for {env}",
            "body": body,
            "oversight_mode": "monitored",
            "tags": ["deploy", env, sha[:8]],
        },
    )
    resp.raise_for_status()
    return resp.json()["message_id"]

Send a deployment summary email from a GitHub Actions or generic CI pipeline step using the REST API.

Incident escalation with gated approval
python
import httpx
import os

MM_API_KEY = os.environ["MM_API_KEY"]

def escalate_incident(incident_id: str, severity: str, affected: list[str], summary: str):
    recipients = {
        "P0": ["[email protected]", "[email protected]"],
        "P1": ["[email protected]"],
    }
    mode = "gated_send" if severity == "P0" else "monitored"

    body = f"""Incident {incident_id} — {severity}

Affected services: {&"cm">#039;, '.join(affected)}

{summary}

This message was drafted by the incident-response agent and requires approval before delivery.
"""
    resp = httpx.post(
        "https://api.multimail.dev/v1/send_email",
        headers={"Authorization": f"Bearer {MM_API_KEY}"},
        json={
            "from": "[email protected]",
            "to": recipients.get(severity, ["[email protected]"]),
            "subject": f"[{severity}] Incident {incident_id}: {affected[0] if affected else &"cm">#039;unknown service'}",
            "body": body,
            "oversight_mode": mode,
            "tags": ["incident", severity.lower(), incident_id],
        },
    )
    resp.raise_for_status()
    data = resp.json()
    return data["message_id"], data.get("pending_approval", False)

For P0 incidents, route stakeholder notifications through gated_send so an on-call engineer approves before external delivery.

Queue inspection and cancellation
python
import httpx
import os

MM_API_KEY = os.environ["MM_API_KEY"]
BASE = "https://api.multimail.dev/v1"
HEADERS = {"Authorization": f"Bearer {MM_API_KEY}"}

def get_pending_for_incident(incident_id: str) -> list[dict]:
    resp = httpx.get(
        f"{BASE}/list_pending",
        headers=HEADERS,
        params={"tag": incident_id},
    )
    resp.raise_for_status()
    return resp.json()["messages"]

def cancel_if_resolved(incident_id: str, resolved: bool) -> int:
    if not resolved:
        return 0
    pending = get_pending_for_incident(incident_id)
    cancelled = 0
    for msg in pending:
        r = httpx.post(
            f"{BASE}/cancel_message",
            headers=HEADERS,
            json={"message_id": msg["message_id"]},
        )
        if r.status_code == 200:
            cancelled += 1
    return cancelled

Check what messages are queued and cancel a pending notification if the triggering incident resolves before delivery.

Cloudflare Worker: inbound alert routing
typescript
import { Hono } from 'hono';

const app = new Hono<{ Bindings: { MM_API_KEY: string; PAGERDUTY_KEY: string } }>();

app.post('/webhooks/multimail/inbound', async (c) => {
  const sig = c.req.header('x-multimail-signature');
  "cm">// verify HMAC signature from webhook secret here

  const event = await c.req.json();
  if (event.type !== 'email.received') return c.json({ ok: true });

  const { from, subject, body_text, mailbox } = event.data;

  "cm">// Route alert emails from monitoring systems to PagerDuty
  if (mailbox === '[email protected]' && subject.toLowerCase().includes('critical')) {
    await fetch('https://events.pagerduty.com/v2/enqueue', {
      method: 'POST',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({
        routing_key: c.env.PAGERDUTY_KEY,
        event_action: 'trigger',
        payload: {
          summary: subject,
          source: from,
          severity: 'critical',
          custom_details: { body: body_text },
        },
      }),
    });
  }

  return c.json({ ok: true });
});

export default app;

Receive inbound emails to a monitored mailbox and route them into your alerting pipeline from a Workers edge function.

Benefits

What you get

Observable send queue

Every outbound message enters a queue you can inspect with list_pending and cancel with cancel_message. If an incident resolves before your notification sends, you can pull the message. Generic SMTP relays offer no equivalent.

Severity-based oversight routing

Configure monitored mode for routine deploy summaries and gated_send for P0 escalations — in the same pipeline, using the same API. No separate tool for 'high-trust' vs 'low-trust' sends.

Structured audit trail

Every agent action produces a timestamped audit event: who sent, which oversight mode was active, whether approval was required, and delivery status. Feeds directly into postmortems and SOC 2 evidence collection.

Edge-native deployment

MultiMail's API runs on Cloudflare's global network. If you deploy your incident-response logic in Cloudflare Workers, your email calls stay on-network with sub-5ms routing latency in most regions.

Webhook-driven inbound routing

Receive alert emails from external monitoring systems into a dedicated MultiMail mailbox and route them into PagerDuty, Slack, or your own queue via webhook. check_inbox and read_email let agents poll and triage inbound ops mail programmatically.

Oversight

Recommended oversight mode

Recommended
monitored
DevOps notification email is high-volume and time-sensitive — deploy summaries, health check results, and routine alerts should go out immediately without blocking on human approval. Monitored mode lets the agent act autonomously while every send remains visible to your team in real time. Reserve gated_send for high-severity incidents where stakeholder communications outside your org warrant a human sign-off before delivery.
FAQ

Common questions

Can I use MultiMail inside a GitHub Actions workflow?
Yes. Add MM_API_KEY as a GitHub Actions secret and call the REST API from any step — Python, shell, or a dedicated action. The send_email endpoint is a single HTTPS POST. You can tag messages with the commit SHA and environment so they appear grouped in your MultiMail dashboard.
How does the cancel_message endpoint work if delivery has already started?
cancel_message cancels a message that is still in the MultiMail queue and has not yet been handed off to the downstream mail provider. Once delivery has been attempted, cancellation is no longer possible. Use list_pending to check queue state before calling cancel_message. For time-critical cancellation windows, call both in sequence immediately after the triggering condition resolves.
Can I route inbound alert emails from external services into my pipeline?
Yes. Create a dedicated mailbox (e.g., [email protected]) and configure a webhook on it. MultiMail will POST a structured event to your endpoint on every inbound message. From a Cloudflare Worker or any HTTP handler, you can parse the subject, body, and sender and route the alert into PagerDuty, Opsgenie, or a custom queue.
Does MultiMail support high send volumes typical in large infrastructure fleets?
MultiMail's queue-based architecture handles burst notification traffic without rate-limit errors on your end. The underlying delivery infrastructure scales horizontally. For very high volumes (thousands of deploy notifications per hour), contact us to discuss dedicated throughput allocation for your account.
How do I distinguish agent-sent emails from human-sent emails in my audit log?
Every API call includes the oversight_mode and, optionally, an agent identifier you set in the request. Audit events record both fields. You can filter your audit trail by agent, oversight mode, or tag to separate automated pipeline notifications from any human-composed mail sent through the same mailbox.
Can I use the MCP server instead of the REST API in an agentic CI workflow?
Yes. The MultiMail MCP server exposes all 50 tools including send_email, list_pending, cancel_message, and check_inbox to any MCP-compatible agent runtime. If your incident-response agent runs in Claude Desktop, Cursor, or a custom MCP client, the same tool interface works without switching to the REST API.
Related

Explore more use cases

Incident Reports

operations

View guide →

System Alerts & Monitoring

notifications

View guide →

Deployment Notifications

engineering

View guide →
Get started

The only agent email with a verifiable sender

Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a 50-tool MCP server. Formally verified in Lean 4.

Read the Docs See Pricing