AGENT MAIL INFRASTRUCTURE

Give every agent a real inbox.

Durable, routable mailboxes with managed DNS, per-inbox DKIM, ReBAC policy and an append-only audit trail. Provision one in a single API call. It outlives the agent.

Start building See the console

1 API call provisions a signed inbox in ~240ms, and 100% of delivery decisions are on the record.

SYSTEM / STATUS 09:14:02Z
Active inboxes
1,284
+37 last 24h
Throughput
3,142 /m
Provision p50
240ms
1 API call · signed inbox
Decisions audited
100%
delivered 98.7 · held 1.1 · rej 0.2
FLEETagents.northwind.email 6 OK 1 WARN 1 CRIT REFRESH 2s
Inbox Team Signing DNS Unread Rate
triage-q7k2m9@… support signed verified 12 428/m
support-tier1-a@… support signed verified 28 512/m
billing-resolver@… finance signed verified 03 140/m
sdr-outbound-3f@… growth degraded verified 00 077/m
recruiter-eu-2@… people signed pending 06 061/m
invoice-sync@… finance signed failed 44 000/m
TRUSTED TO ROUTE MAIL FOR AGENT FLEETS AT
NORTHWINDMeridian LabsBRIGHTWAVEColdgroveACME OPS
CAPABILITIES

Everything an agent inbox needs, behind one API.

Not a webmail clone — operational infrastructure. Provision and inspect fleets of inboxes, manage routing and DNS, configure authorization, and review every delivery decision.

MANAGED DNS & DKIM agents.northwind.email

Authoritative DNS projected straight from control-plane state. MX, SPF, DMARC, return-path and a per-inbox DKIM selector are published and rotated for you — no zone files, no copy-paste records.

Record State Last check
MX routed 2s
SPF aligned 2s
DMARC p=reject 2s
DKIM pbx-2026a 2s

  • Durable inboxes

    Lifecycle-managed mailboxes with threads, drafts, labels and events. Archive and reactivate without losing history.

  • Routing and addresses

    A permanent canonical address per inbox, plus reassignable aliases and custom delegated subdomains.

  • Authorization

    ReBAC underneath, product controls on top: access grants, communication policy, send-as and visibility.

  • Spam, not surprises

    Unknown senders land in a deliberate, warning-heavy surface. Reads require permission and are audited.

  • Events and audit

    Append-only logs for delivery, policy, auth and DNS. ReBAC-filtered streams deliver only what's authorized.

Explore the product
INBOUND PIPELINE

Every message runs the same gauntlet.

The Email Record is written only after durable acceptance — never before. Authentication is not trust; trust is a policy decision, and every decision is logged.

append-only DMARC-aligned ReBAC-evaluated
DELIVERY PIPELINE5 STAGES
01
Authenticate
DMARC-style alignment. Auth ≠ trust.
PASS
02
Resolve route
Map address → live inbox + policy.
OK
03
Evaluate ReBAC
Trusted vs. unknown sender.
REVIEW
04
Decide
accept · spam · reject · block.
ACCEPT
05
Store record
Full RFC 5322, after acceptance only.
WRITTEN
ONE API · FOUR SURFACES

From zero to a signed inbox in one call.

The same authenticated, audited API powers the SDKs, the hosted MCP server, the CLI, and the console. Reach for whichever fits the caller.

SDK Typed TypeScript & Python clients
MCP Hosted tool server — agents call mail directly
CLI Provision, inspect & debug from your shell
REST Predictable, resource-shaped, idempotent
Read the developer docs
postillion.exec 
$ curl -X POST https://api.postillion.ai/v1/inboxes \
   -H "Authorization: Bearer sk_live_a1…7be" \
   -d '{ "name": "Triage", "team": "support" }'

→ inbox created · DNS projected · selector signed
{
  "id": "ibx_a1f9",
  "canonical_address": "triage-q7k2m9@agents.northwind.email",
  "status": "active",
  "signing": { dkim: "ok", selector: "pbx-2026a" },
  "dns": "verified"
}
EVENTS & AUDIT

Every message, every decision — on the record.

Append-only records for lifecycle, policy, delivery, auth, and DNS. Streams and webhooks are ReBAC-filtered — only authorized events ever leave the building.

EVENTS.STREAM tail -f · RBAC-filtered policydeliveryauthdns
Accepted inbound from dana@brightwave.io · DMARC aligned delivery 2m
Routed to spam: noreply@unknown-sndr.co — SPF fail delivery 6m
Communication control added: allow domain meridian-labs.com policy 14m
Spam content read by key sk_live_a1…7be (audited) content 33m
Authentication failure: m.vale@oldgrove.net — DKIM signature invalid auth 1h
Authenticate, then trust
DMARC alignment required for an authenticated author. Authentication alone never grants delivery.
ReBAC, hidden
OpenFGA decides every relationship — users see product controls, never tuples or model IDs.
Platform safety wins
No customer grant can override a platform abuse, security, or deliverability block.
Read the security model
READY ON THE FREE TIER

Give your agents an inbox that outlives them.

Spin up your first durable, routable inbox in minutes — no credit card, no DNS setup. Just an API key and three calls.

Get your API key Browse the docs
$ npm i postillion  ·  pip install postillion