Interesting take, but this feels like one of those tarpit ideas that YC discourages their portco to start attacking.
Guaranteed this is going to attract a ton of abusers who are looking to use this for signing up to services, spamming or other nefarious purposes, which then blacklists the doman. This is an infinite whack-a-mole.
do you guys have some ways of handling it?
pizzafeelsright 15 minutes ago [-]
The moat for SaaS is gone.
I am 99% certain I could build to parity in a weekend using Cloudflare without the the pricing limitations.
I am thinking it would be within the free tier of CF usage.
I am not certain I have the bandwidth to communicate over delivery and plain text inspection concerns.
ray_v 5 minutes ago [-]
Exactly this ... tools like Claude Code have flattened the complexity curve of building/maintaining things like this to practically zero.
christiangenco 4 minutes ago [-]
Perhaps you could, but you probably always could've built a clone of any SaaS app you wanted, it's just become faster.
I'm reminded of the infamous Dropbox Hacker News comment[1]. If you're looking at stuff like this thinking "what's the point? I could just make that myself" then you're not the target audience in the same sort of way Ikea isn't trying to sell stuff to carpenters.
This is true even when the barrier to entry in making these sorts of systems has gotten way lower.
A pricing thought: if you keep the volume limits but do 10x the amount of inboxes per plan, I think that could be more attractive. For If I have 100s of agents that send limited email each.
MattDaEskimo 2 hours ago [-]
I'm concerned that this fits in "using today's innovation to solve outdated paradigms".
Google has A2A: An Agent-to-Agent Protocol. SaaS is plumetting in value.
Arbitrary semantics made sense when communications were human-dominated.
If agents dominate these fields, why wouldn't they simply set their own protocols and methods to communicate both text, binary, and agreed data structures?
There's an assumption that email is somehow the best channel, when you've found yourself that the most popular, functional interfaces don't align with your expectations.
Then, ultimately I have a single agent that can sit in numerous communication platforms, such as email
mhykim 1 hours ago [-]
Fair concern, and I agree on the end state. Agents will eventually use native agent-to-agent protocols.
The question is the transition, because email is undoubtedly the most ubiquitous channel of communication in today. I would only give my agent an A2A integration if your agent has an A2A integration, but because you don't we are at a stalemate. I'd rather just give my agent an inbox where I know it can communicate with the other billions of people that already have an email address.
Email isn’t the final protocol for agents. It’s the bridge that lets them participate in today’s internet while native agent protocols/networks emerge.
Jayakumark 14 minutes ago [-]
If you know agents email address, it can still be Prompt Injected.. what prevention exists there ?
smpandya 3 hours ago [-]
Cool launch. Assuming you guys view email (and therefore SMTP) as becoming the de facto agent communication protocol in the long run. My question — why not something bespoke, similar to OpenAI’s Agentic Commerce Protocol or x402 from Coinbase?
Haakam21 3 hours ago [-]
Network effects - agents need to meet humans where they already work. Would rather use something standard than bespoke.
trollbridge 1 hours ago [-]
And how long will humans and agents be communicating over email?
We have strict rules for our customer service people not to respond to what seems to be a bot, since all the "agent" based communication we get is for conducting scams. It is never worthwhile to engage with or pursue.
If we lose a sale or two, that's okay.
mhykim 1 hours ago [-]
I think there will be bad actors in any field, and right now, a lot of agent-based outreach might fall into that bucket, so its rational to be initially skeptical.
The more interesting shift isnt whether humans will keep using email with agents, but whether agents can become distinguishable from noise. Historically, we ignored anonymous calls but we engaged with known vendors that had reputation, contracts, and consequences.
Once an agent has a persistent identity/a domain, trust becomes something that can be accumulated over time instead of being assumed per message.
biddit 2 hours ago [-]
> Agents that source quotes, negotiate prices, and get the best deals.
Didn't Alexa fail miserably with the "have AI buy something for me" theory?
There is a significant mental in allowing someone else make purchase decisions on my behalf:
- With a human, there is accountability.
- With deterministic software, there is reproducibility.
With an agent, you get neither.
FWIW - I am not anti-LLM. I work with them and build them full time.
gustrigos 2 hours ago [-]
We are using AgentMail for sourcing quotes here at scale with various top shippers. It’s not about letting the agent act in fully deterministic ways, it’s about setting up the right guardrails. The agents can now do most of the job, but when there’s low confidence on their output, we have human in the loop systems to act fast. At least in competitive industries like logistics, if you don’t leverage these types of workflows, you’re getting very behind, which ultimately costs you more money than being off by some dollars or cents when giving a quote back.
biddit 2 hours ago [-]
Okay that makes sense.
Do you see more pushback in specific industries? I did some quote/purchasing automation work in food mfg a decade ago, and those guys were super difficult to work with. Very opaque, guarded, old-school industry.
Haakam21 2 hours ago [-]
This refers to B2B use cases that are live in production. Finding, contacting, and negotiating with vendors is a tedious process in many industries. In the time a human reaches out to 10 vendors, an agent reaches out to 100 or 1000. So it finds deals that a human would not have.
trollbridge 1 hours ago [-]
Once vendors are getting AI spam sent to 1,000 of them and their competitors, they will stop responding and find other sales channels. This won't be sustainable.
fmbb 2 hours ago [-]
But if you hire ten or 100 real humans you have accountability and the same number of contacts per day?
Are logistics companies really that poor so they cannot afford to pay workers wages?
themanmaran 40 minutes ago [-]
By that logic why send email newsletters when I could hire 10 or 100 people email them manually instead? Obviously there's a cost tradeoff here where it's worth it to have email negotiation in an automated way, but not in a human call center way.
mhykim 1 hours ago [-]
The tradeoff isnt agents vs humans its where humans sit in the loop.
Sure hiring 10–100 humans gives accountability, but reality is it doesn't scale in any comparable way compared to agents in speed, coverage, or responsiveness. The sheer volume agents can pump out(more vendors, more quotes, faster cycles) is the benefit, while humans retain accountability at the decision boundary.
In practice the agent does the gruntwork, and the human gets looped in when confidence is low. Accountability doesnt dissapear, it gets concentrated where it matters most
jessechoe10 44 minutes ago [-]
This is super interesting. Interesting to see how I'll be able to use this to help my customers with handling email responses. Gmail sucks for this. Super excited to see what you guys develop this into. Will this be able to eventually expand to other forms of agent communication (i.e. payment or phone numbers)?
rippeltippel 3 hours ago [-]
Finally agents can spam other agents, instead of humans.
Haakam21 3 hours ago [-]
I think agentic email communication can be productive as well!
nerdsniper 2 hours ago [-]
How does this differentiate from a solution like AWS SES? (Which I assume AI Agents would be quite adept at using to send email)
I understand the differentiator vs GMail, but API-based scripted email access isn’t new.
Haakam21 2 hours ago [-]
Because we built the same inbox infrastructure as Gmail. Inboxes have threads, threads have messages, messages have attachments. You can search, label, filter, reply, forward. None of this comes out of the box with SES.
trollbridge 1 hours ago [-]
Couldn't someone just ask Claude Code to make an email system with threads/messages and handle attachments?
Doesn't seem like a particularly difficult problem to solve.
petervandijck 13 minutes ago [-]
The new HN “but why pay for this if I could build this in a weekend”!
themanmaran 37 minutes ago [-]
Harder than you would expect! Since we tried this ourselves before switching to Agentmail. Threads, attachments, ccing, DNS management, sending to gmail vs outlook vs yahoo, etc. It add up to be a major pain.
benswerd 2 hours ago [-]
I didn't get it until you said this
wild_egg 2 hours ago [-]
> Email is an optimal interface for long-running agents.
Long-running agents are themselves not optimal though. There are a ton of these coordination layers for long running agents now but they don't make any sense under other paradigms
themanmaran 33 minutes ago [-]
We build "long running" email agents. But it's not really long running in the sense of an agent taking 1000's of actions in a giant loop.
It's more "long running" because the agent takes 4 steps, then waits a week for the user to email it back. We might have a successful client exchange that takes a month, but for the Agent it's 99% just waiting for the next user reply.
Haakam21 2 hours ago [-]
Hmm why do you say that? Would love to hear your thoughts
lucasayb97 1 hours ago [-]
It’s a really nice idea actually. There will be some concerns, maybe some mistakes, but it really works as a mean to communicate much easier with an agent
throw03172019 3 hours ago [-]
The 2FA via email case is great. I recently had to build a browser automation workflow that required 2FA. I ended up using Zapier to monitor email inbox and then extract the code and send back to our API. It was a bit slow.
ckenst 2 hours ago [-]
Why didn't you just use something like Mailinator? They specialize in this exact thing. Gives you an API to grab links and everything. That's what I use.
Haakam21 3 hours ago [-]
Yup plus webhooks are overkill for this. Need to set up a public HTTP server and pass messages to your agents. With websockets you can open connection right from your agent and close it in seconds once the 2FA code is delivered.
trollbridge 1 hours ago [-]
... you had to use Zapier to extract an email from an inbox?
mrklol 1 hours ago [-]
Looks like SES + api access, isn’t Amazon offering that already?
ktanishqk 1 hours ago [-]
> Because we built the same inbox infrastructure as Gmail. Inboxes have threads, threads have messages, messages have attachments. You can search, label, filter, reply, forward. None of this comes out of the box with SES.
aws just gives you a low-level smtp + api service. we are the application layer they do not offer but your agents need to actually use email as first-class users.
mpeg 1 hours ago [-]
No offence, but this reads to me like the classic dropbox HN comment
The idea is pretty solid, automation platforms often provision a mailbox per flow for this reason, so it makes sense to make a generic service that can be used through MCP for agents
umrashrf 2 hours ago [-]
So AgentMail uses Mail Agent
mhykim 1 hours ago [-]
Nope AgentMail is its own infra. Not a single line of Gmail/Outlook code in the codebase
TacoCommander 1 hours ago [-]
whooosh
32 minutes ago [-]
chasd00 3 hours ago [-]
hah this is a great idea! sending email is such a common way to communicate and having agents with an inbox makes so much obvious sense. heh just don't let their addresses get out who knows how they'll respond to spam and phishing attempts.
Haakam21 3 hours ago [-]
This is a good point. We have anti-spam measures in place and allow users to configure allow/blocklists to mitigate attacks.
trollbridge 1 hours ago [-]
What about a concerted attack?
Spam doesn't matter for an agent mailbox, but sophisticated fraud does.
rootnod3 3 hours ago [-]
Can't wait for agents to change the code they are building to buy Amazon Point cards at Target and send the codes back.
ritomsen09 2 hours ago [-]
How do you think this will help with identity verification in the future?
mhykim 2 hours ago [-]
Email is already the internet’s identity layer. By giving agents their own inbox they don't need to borrow human identity rather act as first class actors on their own.
It lets agents plug into the same trust systems the web already uses! And this opens the door to new ways agents can do work and build credibility on the internet.
Haakam21 2 hours ago [-]
The nice thing about email is that identity verification is already built in. In fact online identity is based on email.
7 minutes ago [-]
pbronez 3 hours ago [-]
Very interesting. I have a lot of enterprise AI use cases that would really benefit from being email native.
We’re an O365 GCC shop. Appreciate that your enterprise options include Bring Your Own Cloud, that makes things much easier for us.
It would be nice to have integrations with n8n and Glean.
Haakam21 3 hours ago [-]
Thats why we built it :)
We have an integration with n8n, will build one for Glean
yup, hard to do that too. AgentMail actually gives agents email addresses and treats them as first class inbox owners with the capability of sending and receiving emails with any other email address.
the mcp agent mail project is agents getting their own identity in an internal messaging layer.
dbushell 2 hours ago [-]
Dead internet theory.
waynenilsen 3 hours ago [-]
amazing now do the same for voice and sms!
stronglikedan 3 hours ago [-]
Done. Texts can be sent to email addresses and texts can be sent via email, and you can dictate texts and have them read back to you with text-to-voice.
Haakam21 3 hours ago [-]
We have gotten a lot of requests for SMS. Seems like a natural next step.
waynenilsen 3 hours ago [-]
i think when someone makes the cli like this they're going to win
$ phone call bill
ok call_id=3f2a
$ phone status 3f2a
dialing
$ phone status 3f2a
answered
bill: hello
$ phone say 3f2a "hey, quick question"
ok
singpolyma3 3 hours ago [-]
Good luck getting this past A2P campaign registration rules...
Just trying to provide you some helpful feedback. This reply comes off pretty rude, bitter, and immature. Probably not the look you want if you're trying to get funding.
trollbridge 1 hours ago [-]
Or we could just accept reality that there is no moat around this kind of stuff.
This seems like an afternoon or weekend project to build, particularly with the promises made about how much more efficient coding is with AI tools now.
blobber2001 2 hours ago [-]
[dead]
rootnod3 3 hours ago [-]
"Application error: a client-side exception has occurred while loading www.agentmail.to (see the browser console for more information)."
> Looks at developer console...
- "Failed to create WebGL context: WebGL is currently disabled."
Dafuq does an email website need WebGL for?
- "Cookie “dmn_chk_xxxxxxxx-yyyy-dead-beef-123456789ABC” has been rejected for invalid domain."
Let me guess...vibe-coded?
rootnod3 3 hours ago [-]
Love getting downvoted for mentioning that the website doesn't properly load and reeks of vibe coding :D
If that's the quality y'all can live with and accept, no wonder the web turned to shit.
Guaranteed this is going to attract a ton of abusers who are looking to use this for signing up to services, spamming or other nefarious purposes, which then blacklists the doman. This is an infinite whack-a-mole.
do you guys have some ways of handling it?
I am 99% certain I could build to parity in a weekend using Cloudflare without the the pricing limitations.
I am thinking it would be within the free tier of CF usage.
I am not certain I have the bandwidth to communicate over delivery and plain text inspection concerns.
I'm reminded of the infamous Dropbox Hacker News comment[1]. If you're looking at stuff like this thinking "what's the point? I could just make that myself" then you're not the target audience in the same sort of way Ikea isn't trying to sell stuff to carpenters.
This is true even when the barrier to entry in making these sorts of systems has gotten way lower.
1. https://news.ycombinator.com/item?id=9224
Google has A2A: An Agent-to-Agent Protocol. SaaS is plumetting in value.
Arbitrary semantics made sense when communications were human-dominated.
If agents dominate these fields, why wouldn't they simply set their own protocols and methods to communicate both text, binary, and agreed data structures?
There's an assumption that email is somehow the best channel, when you've found yourself that the most popular, functional interfaces don't align with your expectations.
Then, ultimately I have a single agent that can sit in numerous communication platforms, such as email
The question is the transition, because email is undoubtedly the most ubiquitous channel of communication in today. I would only give my agent an A2A integration if your agent has an A2A integration, but because you don't we are at a stalemate. I'd rather just give my agent an inbox where I know it can communicate with the other billions of people that already have an email address.
Email isn’t the final protocol for agents. It’s the bridge that lets them participate in today’s internet while native agent protocols/networks emerge.
We have strict rules for our customer service people not to respond to what seems to be a bot, since all the "agent" based communication we get is for conducting scams. It is never worthwhile to engage with or pursue.
If we lose a sale or two, that's okay.
The more interesting shift isnt whether humans will keep using email with agents, but whether agents can become distinguishable from noise. Historically, we ignored anonymous calls but we engaged with known vendors that had reputation, contracts, and consequences.
Once an agent has a persistent identity/a domain, trust becomes something that can be accumulated over time instead of being assumed per message.
Didn't Alexa fail miserably with the "have AI buy something for me" theory?
There is a significant mental in allowing someone else make purchase decisions on my behalf:
- With a human, there is accountability.
- With deterministic software, there is reproducibility.
With an agent, you get neither.
FWIW - I am not anti-LLM. I work with them and build them full time.
Do you see more pushback in specific industries? I did some quote/purchasing automation work in food mfg a decade ago, and those guys were super difficult to work with. Very opaque, guarded, old-school industry.
Are logistics companies really that poor so they cannot afford to pay workers wages?
Sure hiring 10–100 humans gives accountability, but reality is it doesn't scale in any comparable way compared to agents in speed, coverage, or responsiveness. The sheer volume agents can pump out(more vendors, more quotes, faster cycles) is the benefit, while humans retain accountability at the decision boundary.
In practice the agent does the gruntwork, and the human gets looped in when confidence is low. Accountability doesnt dissapear, it gets concentrated where it matters most
I understand the differentiator vs GMail, but API-based scripted email access isn’t new.
Doesn't seem like a particularly difficult problem to solve.
Long-running agents are themselves not optimal though. There are a ton of these coordination layers for long running agents now but they don't make any sense under other paradigms
It's more "long running" because the agent takes 4 steps, then waits a week for the user to email it back. We might have a successful client exchange that takes a month, but for the Agent it's 99% just waiting for the next user reply.
aws just gives you a low-level smtp + api service. we are the application layer they do not offer but your agents need to actually use email as first-class users.
The idea is pretty solid, automation platforms often provision a mailbox per flow for this reason, so it makes sense to make a generic service that can be used through MCP for agents
Spam doesn't matter for an agent mailbox, but sophisticated fraud does.
It lets agents plug into the same trust systems the web already uses! And this opens the door to new ways agents can do work and build credibility on the internet.
We’re an O365 GCC shop. Appreciate that your enterprise options include Bring Your Own Cloud, that makes things much easier for us.
It would be nice to have integrations with n8n and Glean.
the mcp agent mail project is agents getting their own identity in an internal messaging layer.
$ phone call bill
ok call_id=3f2a
$ phone status 3f2a
dialing
$ phone status 3f2a
answered
bill: hello
$ phone say 3f2a "hey, quick question"
ok
Second time at least HN is launching YC on one of my products:
BrowserBox - hyperbeam
Mailpilot/AI-chat.email - agentnail
My Show from 14 days ago: https://news.ycombinator.com/item?id=46629191 - hmm, why didn't it get into YC?
This seems like an afternoon or weekend project to build, particularly with the promises made about how much more efficient coding is with AI tools now.
> Looks at developer console...
- "Failed to create WebGL context: WebGL is currently disabled." Dafuq does an email website need WebGL for?
- "Cookie “dmn_chk_xxxxxxxx-yyyy-dead-beef-123456789ABC” has been rejected for invalid domain."
Let me guess...vibe-coded?
If that's the quality y'all can live with and accept, no wonder the web turned to shit.
https://www.agentmail.to/enterprise
the cutesy ASCII art is rendered in a proportional, not monospace, font, so it looks terrible.