SendGrid sends email. MultiMail makes agent email accountable.

SendGrid is built for human senders at scale. MultiMail is built for AI agents that need cryptographic identity, graduated oversight, and EU AI Act compliance baked in.


Why this matters

SendGrid is a mature, reliable platform for transactional and marketing email. It handles billions of messages, has strong deliverability, and integrates with virtually everything. But it was designed for human-operated systems — marketing teams, SaaS apps, notification pipelines. When you put an AI agent behind a SendGrid account, you inherit every problem that comes with that mismatch. There is no concept of agent identity in SendGrid. An email sent by a GPT-4 agent looks identical to one sent by a human rep. There is no way to cryptographically sign the message to prove which model sent it, under which version, with which system prompt. Regulators in the EU are beginning to require AI disclosure on automated communications — SendGrid has no mechanism for this. There are no oversight modes. Either your agent can send, or it can't. There is no built-in approval queue, no gated-send flow, no way to let a human review outbound messages before delivery without building that infrastructure yourself. SendGrid will faithfully deliver whatever your agent tells it to, including mistakes. SendGrid also has no pre-send domain intelligence. Your agent can send to a bad address, a role account, a disposable inbox, or a honeypot — and the first signal you get is a bounce or a spam complaint that damages your sender reputation. There is no layer between compose and deliver. For teams that already run SendGrid for human-authored email, adding an AI agent to that same account creates accountability gaps that are increasingly difficult to defend — to your users, your legal team, and regulators.


How MultiMail solves this

MultiMail provides the infrastructure layer that SendGrid does not: cryptographic agent identity, graduated human oversight, pre-send intelligence, and EU AI Act compliance — all exposed through a REST API and an MCP server designed around how agents actually work. Every message sent through MultiMail carries a cryptographic signature linking it to a specific agent identity — model, version, system prompt hash. Recipients and regulators can verify who sent what. The `gated_send` oversight mode lets your agent compose and read autonomously while routing all outbound sends to a human approval queue. You can tighten or loosen oversight per mailbox, per agent, or per action type without rebuilding your pipeline. Migrating from SendGrid means replacing `sgMail.send()` with a single `POST /v1/mailboxes/{mailbox_id}/send` call. The API surface is comparable in complexity; the accountability guarantees are not.

1

Create a mailbox with agent identity

Provision a mailbox via `POST /v1/mailboxes` (admin scope). Each mailbox is bound to the operator's signing identity, and every outbound message carries a signed X-MultiMail-Identity claim. Recipients receive a verifiable header indicating the oversight mode and operator behind the message. This replaces the anonymous 'sent from our platform' pattern that SendGrid allows.

2

Set oversight mode to gated_send

Configure the mailbox with `oversight_mode: gated_send`. Your agent can read the inbox and compose drafts autonomously. Any call to `send_email` or `reply_email` creates a pending approval item instead of delivering immediately. A human reviewer sees the composed message and approves or rejects it via the approval API or MCP tool.

3

Run pre-send domain intelligence

Before queueing a send, MultiMail checks the recipient domain and address against deliverability signals — disposable inbox detection, role account identification, domain reputation, and MX record validation. Sends to high-risk addresses are flagged or blocked before they can damage your sender reputation. This check runs automatically; you do not need to integrate a separate validation service.

4

Queue and monitor pending sends

Use `list_pending` (GET /v1/oversight/pending) to retrieve all emails awaiting approval. Each item includes the composed body, recipient, direction, and status. Call `decide_email` (POST /v1/oversight/decide) with `action: "approve"` or `action: "reject"` to release or discard the message. Webhook events fire on email lifecycle changes.

5

Attach EU AI Act disclosure headers

MultiMail automatically attaches an X-AI-Generated: true header plus a human-readable disclosure footer, the transparency required under EU AI Act Article 50 for AI-generated communications. This is gateway-enforced per mailbox — the ai_disclosure setting is locked on and cannot be disabled — and runs on every outbound message without additional configuration.


Try it with your agent

Pick your platform, copy the prompt, and paste it to your AI agent — it sets up MultiMail and builds the whole flow. Nothing to fill in.

1. Get MultiMail ready: read https://multimail.dev/llms.txt, connect the MCP server, create a free inbox, and set up a verified sender. 2. In Shopify, use Admin webhooks for real store events such as orders/create, checkouts/create, customers/create, and refunds/create; subscribe with an app or automation account that has the required Shopify permissions. 3. Replace any SendGrid-powered agent emails with MultiMail-composed messages for order follow-ups, abandoned checkout recovery, refund updates, and post-purchase education, using Shopify customer, order, product, and fulfillment fields for personalization. 4. Schedule sensible cadences: immediate transactional confirmations, abandoned checkout follow-up after the store’s approved delay, post-purchase help after fulfillment, and review or replenishment prompts only where consent and store policy allow. 5. Run all outbound messages in MultiMail gated_send mode so the agent can draft and queue sends while a human approves delivery; ask me only for Shopify credentials, MultiMail access, sender domain details, and brand voice to go live.

What you get

Cryptographic agent identity on every message

Every email MultiMail sends carries a verifiable X-MultiMail-Identity claim — an ECDSA P-256 signature over the oversight mode, capabilities, AI-generated flag, and operator plus mailbox identity. SendGrid has no equivalent. When a recipient or regulator asks 'did an AI write this?', you have a cryptographic answer, not a policy statement.

Graduated oversight without custom infrastructure

SendGrid delivers what you tell it to. MultiMail gives you five oversight modes — from read-only to fully autonomous — that you configure per mailbox. The `gated_send` default lets agents compose freely while humans review before delivery. No approval queue to build, no webhook plumbing to maintain.

EU AI Act compliance by default

EU AI Act Article 50 requires disclosure when AI generates communications to natural persons. MultiMail attaches compliant disclosure metadata to every outbound message automatically. SendGrid does not implement this. Teams shipping to EU users need this handled at the infrastructure layer, not bolted on later.

Pre-send domain intelligence

MultiMail checks recipient addresses for disposable inboxes, role accounts, MX record validity, and domain reputation before queuing a send. Bad sends damage deliverability. Catching them before delivery — not after the bounce — keeps your sender score intact. SendGrid has no equivalent pre-send gate.

API designed around agent workflows

SendGrid's API is designed for applications that know what they want to send. MultiMail's API is designed for agents that compose, read replies, classify threads, tag messages, and decide whether to send — with `check_inbox`, `read_email`, `get_thread`, `set_tags`, and `add_contact` as first-class operations alongside `send_email`.


Recommended oversight mode

Recommended
gated_send
Teams migrating from SendGrid are often replacing an existing human-operated email workflow with an agent. The `gated_send` mode preserves the review step that humans previously performed: the agent handles reading, classification, and composition autonomously, but outbound sends land in an approval queue before delivery. This gives the team visibility into agent behavior during the migration period without blocking the agent from doing useful work. Once the team has built confidence in the agent's output quality — typically after two to four weeks of reviewing approvals — they can move to `monitored` mode, where sends go through but humans receive notifications. The move to `autonomous` should be deliberate and policy-driven, not a default.

Common questions

Can I keep using SendGrid for human-authored email and use MultiMail only for agent email?
Yes. The two systems operate independently. Many teams run SendGrid for marketing and transactional email triggered by human actions, and route only agent-composed messages through MultiMail. You provision a separate mailbox on MultiMail for each agent, and your existing SendGrid setup is unaffected. The agent identity and oversight infrastructure applies only to messages sent through MultiMail.
What happens to emails the agent sends that are rejected in the approval queue?
Rejected messages are discarded and never delivered — the email moves to a `rejected` status. Your agent can watch for the email lifecycle webhook (carrying the `email_id` in its `event_data`) and decide whether to revise and requeue or abandon the send. Call `cancel_message` if you want to explicitly remove a pending item before it is reviewed.
Does MultiMail support custom sending domains, or do I have to use @multimail.dev addresses?
Both. You can provision mailboxes on your own domain (e.g., `[email protected]`) by adding the required DNS records — SPF, DKIM, and DMARC — that MultiMail provides during setup. You can also use `@multimail.dev` subdomains for testing or for agents where you prefer not to expose your primary domain. Agent identity signing works the same way regardless of which domain the mailbox sits on.
How does EU AI Act compliance work in practice? What exactly is attached to outbound messages?
Two things ride on every agent-originated message. First, an `X-MultiMail-Identity` claim: an ECDSA P-256 signed payload covering the oversight mode, capabilities, AI-generated flag, and operator plus mailbox identity (verifiable at https://multimail.dev/verify#<header-value>). Second, an `X-AI-Generated: true` header plus a human-readable disclosure footer — the Article 50 transparency signal. Both are gateway-enforced per mailbox — the `ai_disclosure` setting is locked on and cannot be disabled — so you do not configure them; they are attached automatically to every message sent through a MultiMail mailbox.
How difficult is migration from SendGrid? Do I need to rewrite my email pipeline?
The core send operation is a single API call change. Replace `sgMail.send()` with `POST https://api.multimail.dev/v1/mailboxes/{mailbox_id}/send`. The body is `{ to, subject, markdown }`: the sender is the mailbox in the path (no `from` field), and the body is a single markdown field rendered to HTML on delivery. The main behavioral difference is that if the mailbox uses `gated_send`, the call returns a 202 with status `pending_scan` (held for approval) rather than a delivery confirmation. If you need immediate delivery during migration, set the mailbox to `autonomous` temporarily and tighten it once your team has validated the agent's output. The send call is plain HTTP — use `requests`/`httpx` directly, or call the `send_email` tool from MultiMail's MCP server if your agent runs inside an MCP client.
Does MultiMail handle deliverability the way SendGrid does — dedicated IPs, warm-up, bounce handling?
MultiMail manages deliverability infrastructure including DKIM signing, SPF alignment, bounce processing, and unsubscribe handling. Dedicated IP pools are available on the Pro and Scale plans. The pre-send domain intelligence layer reduces bounce rates by catching bad addresses before delivery, which improves sender reputation over time. MultiMail is not a bulk marketing email platform — it is optimized for transactional and agent-to-human volumes, not newsletter-scale campaigns. If you are sending millions of marketing emails per month, you likely want to keep SendGrid for that workload and use MultiMail only for agent-originated messages.

Explore more use cases

The only agent email with a verifiable sender

Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a hosted MCP server. Formally verified in Lean 4.