SendGrid is built for human senders at scale. MultiMail is built for AI agents that need cryptographic identity, graduated oversight, and EU AI Act compliance baked in.
SendGrid is a mature, reliable platform for transactional and marketing email. It handles billions of messages, has strong deliverability, and integrates with virtually everything. But it was designed for human-operated systems — marketing teams, SaaS apps, notification pipelines. When you put an AI agent behind a SendGrid account, you inherit every problem that comes with that mismatch. There is no concept of agent identity in SendGrid. An email sent by a GPT-4 agent looks identical to one sent by a human rep. There is no way to cryptographically sign the message to prove which model sent it, under which version, with which system prompt. Regulators in the EU are beginning to require AI disclosure on automated communications — SendGrid has no mechanism for this. There are no oversight modes. Either your agent can send, or it can't. There is no built-in approval queue, no gated-send flow, no way to let a human review outbound messages before delivery without building that infrastructure yourself. SendGrid will faithfully deliver whatever your agent tells it to, including mistakes. SendGrid also has no pre-send domain intelligence. Your agent can send to a bad address, a role account, a disposable inbox, or a honeypot — and the first signal you get is a bounce or a spam complaint that damages your sender reputation. There is no layer between compose and deliver. For teams that already run SendGrid for human-authored email, adding an AI agent to that same account creates accountability gaps that are increasingly difficult to defend — to your users, your legal team, and regulators.
MultiMail provides the infrastructure layer that SendGrid does not: cryptographic agent identity, graduated human oversight, pre-send intelligence, and EU AI Act compliance — all exposed through a REST API and an MCP server designed around how agents actually work. Every message sent through MultiMail carries a cryptographic signature linking it to a specific agent identity — model, version, system prompt hash. Recipients and regulators can verify who sent what. The `gated_send` oversight mode lets your agent compose and read autonomously while routing all outbound sends to a human approval queue. You can tighten or loosen oversight per mailbox, per agent, or per action type without rebuilding your pipeline. Migrating from SendGrid means replacing `sgMail.send()` with a single `POST /v1/mailboxes/{mailbox_id}/send` call. The API surface is comparable in complexity; the accountability guarantees are not.
Provision a mailbox via `POST /v1/mailboxes` (admin scope). Each mailbox is bound to the operator's signing identity, and every outbound message carries a signed X-MultiMail-Identity claim. Recipients receive a verifiable header indicating the oversight mode and operator behind the message. This replaces the anonymous 'sent from our platform' pattern that SendGrid allows.
Configure the mailbox with `oversight_mode: gated_send`. Your agent can read the inbox and compose drafts autonomously. Any call to `send_email` or `reply_email` creates a pending approval item instead of delivering immediately. A human reviewer sees the composed message and approves or rejects it via the approval API or MCP tool.
Before queueing a send, MultiMail checks the recipient domain and address against deliverability signals — disposable inbox detection, role account identification, domain reputation, and MX record validation. Sends to high-risk addresses are flagged or blocked before they can damage your sender reputation. This check runs automatically; you do not need to integrate a separate validation service.
Use `list_pending` (GET /v1/oversight/pending) to retrieve all emails awaiting approval. Each item includes the composed body, recipient, direction, and status. Call `decide_email` (POST /v1/oversight/decide) with `action: "approve"` or `action: "reject"` to release or discard the message. Webhook events fire on email lifecycle changes.
MultiMail automatically attaches an X-AI-Generated: true header plus a human-readable disclosure footer, the transparency required under EU AI Act Article 50 for AI-generated communications. This is gateway-enforced per mailbox — the ai_disclosure setting is locked on and cannot be disabled — and runs on every outbound message without additional configuration.
Pick your platform, copy the prompt, and paste it to your AI agent — it sets up MultiMail and builds the whole flow. Nothing to fill in.
Every email MultiMail sends carries a verifiable X-MultiMail-Identity claim — an ECDSA P-256 signature over the oversight mode, capabilities, AI-generated flag, and operator plus mailbox identity. SendGrid has no equivalent. When a recipient or regulator asks 'did an AI write this?', you have a cryptographic answer, not a policy statement.
SendGrid delivers what you tell it to. MultiMail gives you five oversight modes — from read-only to fully autonomous — that you configure per mailbox. The `gated_send` default lets agents compose freely while humans review before delivery. No approval queue to build, no webhook plumbing to maintain.
EU AI Act Article 50 requires disclosure when AI generates communications to natural persons. MultiMail attaches compliant disclosure metadata to every outbound message automatically. SendGrid does not implement this. Teams shipping to EU users need this handled at the infrastructure layer, not bolted on later.
MultiMail checks recipient addresses for disposable inboxes, role accounts, MX record validity, and domain reputation before queuing a send. Bad sends damage deliverability. Catching them before delivery — not after the bounce — keeps your sender score intact. SendGrid has no equivalent pre-send gate.
SendGrid's API is designed for applications that know what they want to send. MultiMail's API is designed for agents that compose, read replies, classify threads, tag messages, and decide whether to send — with `check_inbox`, `read_email`, `get_thread`, `set_tags`, and `add_contact` as first-class operations alongside `send_email`.
Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a hosted MCP server. Formally verified in Lean 4.