MultiMail matches the deliverability you expect from a transactional email service. Only MultiMail adds ECDSA-signed agent identity, graduated oversight, and pre-send domain intelligence.
Postmark is a well-engineered transactional email service built for human-operated applications. It has excellent deliverability, reliable webhooks, and clear bounce handling. What it does not have is any concept of agent identity. When an AI agent sends email through Postmark, the receiving server sees a standard SMTP message. There is no way to verify that an AI sent it, no mechanism for a human to review outbound messages before delivery, and no pre-send intelligence about whether the recipient domain is likely to bounce. Bounce data arrives after delivery — post-hoc, not preventative. For AI agent email, post-hoc is not good enough. EU AI Act Article 50 requires disclosure that content was AI-generated. GDPR applies to any personal data in outbound messages. And operationally, a misconfigured agent that spams a customer list does damage before you ever see the bounce webhook.
MultiMail runs on a high-deliverability delivery backbone with DKIM/SPF alignment — so your transactional and outreach mail lands as reliably as you expect. On top of that, MultiMail adds the layer that AI-sent email requires: an ECDSA-signed X-MultiMail-Identity claim that proves which agent sent each message, five graduated oversight modes so humans can approve sends before they happen, pre-send domain intelligence that blocks risky recipients before SMTP handoff, and an X-AI-Generated disclosure on every agent-originated message out of the box. Migrating from Postmark is straightforward: replace your Postmark API calls with MultiMail's send route (POST /v1/mailboxes/{mailbox_id}/send), set your oversight mode, and configure a mailbox. Your deliverability stays the same. Your accountability improves.
Create a mailbox via the MultiMail API or dashboard using create_mailbox. Set oversight_mode to gated_send — the default for AI agents. In this mode, the agent can read and compose freely; outbound sends are held for human approval before delivery begins.
When the agent calls send_email, MultiMail runs domain intelligence checks against the recipient domain before queuing. If the domain has high bounce risk or is flagged as disposable, the send is blocked with a structured error — not a bounce webhook 30 seconds after delivery.
Pending sends appear in the approval queue. Call list_pending to retrieve them, or receive them via the approval webhook. The reviewer calls decide_email with approve or reject. Approved messages are handed to the delivery backend with identity headers attached.
Every outbound message carries X-MultiMail-Identity (an ECDSA P-256 signed claim covering the oversight mode, capabilities, AI-generated flag, and operator plus mailbox identity) and X-AI-Generated: true (the EU AI Act Article 50 disclosure, gateway-enforced and locked on). Recipients and compliance tools can verify the sending agent without trusting the From address.
Replies route to the sending mailbox. The agent calls check_inbox and read_email to retrieve them, maintaining full thread context via get_thread. The same oversight mode governs any replies the agent composes in response.
Pick your platform, copy the prompt, and paste it to your AI agent — it sets up MultiMail and builds the whole flow. Nothing to fill in.
MultiMail sends over a high-deliverability backbone with DKIM/SPF alignment, so your SPF, DKIM, and DMARC reputation carries over. You do not trade deliverability for compliance — you get both from the same send path.
Postmark tells you a message bounced after the SMTP handoff. MultiMail checks recipient domain reputation, MX health, and disposable-address signals before queuing the send. Risky recipients are flagged before they damage your sender score.
Every message carries an X-MultiMail-Identity header: an ECDSA P-256 signed claim over the oversight mode, capabilities, AI-generated flag, and operator plus mailbox identity. Downstream systems can verify which agent sent a message without relying on the spoofable From address.
Every agent-originated message carries an X-AI-Generated: true header plus a human-readable disclosure footer. Compliance is gateway-enforced per mailbox — the ai_disclosure setting is locked on and cannot be disabled — so you do not need to update each agent when regulations change.
Start with gated_send: agents compose freely, humans approve outbound. As trust builds, switch individual mailboxes to monitored or autonomous. Different agents can operate at different trust levels simultaneously without any code changes.
Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a hosted MCP server. Formally verified in Lean 4.