AGENT MAIL INFRASTRUCTURE

Give every agent a real inbox.

Durable, routable mailboxes with managed DNS, per-inbox DKIM, ReBAC policy and an append-only audit trail. Provision one in a single API call. It outlives the agent.

Start building See the console →

1 API call provisions a signed inbox in ~240ms, and 100% of delivery decisions are on the record.

SYSTEM / STATUS 09:14:02Z

Active inboxes

1,284

+37 last 24h

Throughput

3,142 /m

Provision p50

240ms

1 API call · signed inbox

Decisions audited

100%

delivered 98.7 · held 1.1 · rej 0.2

FLEETagents.northwind.email 6 OK 1 WARN 1 CRIT REFRESH 2s

Inbox	Team	Signing	DNS	Unread	Rate
triage-q7k2m9@…	support	signed	verified	12	428/m
support-tier1-a@…	support	signed	verified	28	512/m
billing-resolver@…	finance	signed	verified	03	140/m
sdr-outbound-3f@…	growth	degraded	verified	00	077/m
recruiter-eu-2@…	people	signed	pending	06	061/m
invoice-sync@…	finance	signed	failed	44	000/m

TRUSTED TO ROUTE MAIL FOR AGENT FLEETS AT

NORTHWINDMeridian LabsBRIGHTWAVEColdgroveACME OPS

CAPABILITIES

Everything an agent inbox needs, behind one API.

Not a webmail clone — operational infrastructure. Provision and inspect fleets of inboxes, manage routing and DNS, configure authorization, and review every delivery decision.

MANAGED DNS & DKIM agents.northwind.email

Authoritative DNS projected straight from control-plane state. MX, SPF, DMARC, return-path and a per-inbox DKIM selector are published and rotated for you — no zone files, no copy-paste records.

Record	State	Last check
MX	routed	2s
SPF	aligned	2s
DMARC	p=reject	2s
DKIM	pbx-2026a	2s

Durable inboxes

Lifecycle-managed mailboxes with threads, drafts, labels and events. Archive and reactivate without losing history.
Routing and addresses

A permanent canonical address per inbox, plus reassignable aliases and custom delegated subdomains.
Authorization

ReBAC underneath, product controls on top: access grants, communication policy, send-as and visibility.
Spam, not surprises

Unknown senders land in a deliberate, warning-heavy surface. Reads require permission and are audited.
Events and audit

Append-only logs for delivery, policy, auth and DNS. ReBAC-filtered streams deliver only what's authorized.

Explore the product →

INBOUND PIPELINE

Every message runs the same gauntlet.

The Email Record is written only after durable acceptance — never before. Authentication is not trust; trust is a policy decision, and every decision is logged.

append-only DMARC-aligned ReBAC-evaluated

DELIVERY PIPELINE5 STAGES

Authenticate

DMARC-style alignment. Auth ≠ trust.

PASS

Resolve route

Map address → live inbox + policy.

Evaluate ReBAC

Trusted vs. unknown sender.

REVIEW

Decide

accept · spam · reject · block.

Store record

Full RFC 5322, after acceptance only.

WRITTEN

ONE API · SELF-DESCRIBING

From zero to a signed inbox in one call.

A hosted HTTP API that describes itself at /llms.txt and /openapi.json — authenticated, audited, callable from any language. Typed SDKs and a hosted MCP endpoint are on the way.

HTTP Live now — Bearer-authenticated REST, resource-shaped, idempotent

SPEC Self-describing at /llms.txt & /openapi.json — point an agent straight at it

SDK Typed TypeScript & Python clients — coming soon

MCP Model Context Protocol tools — coming soon

Read the developer docs →

postillion.exec

$ curl -X POST https://postillion.ai/v1/inboxes \
   -H "Authorization: Bearer sk_live_a1…7be" \
   -d '{ "name": "Triage", "team": "support" }'

→ inbox created · DKIM selector signed · zero tenant DNS
{
  "id": "ibx_a1f9",
  "canonical_address": "triage-q7k2m9@agents.northwind.email",
  "status": "active",
  "signing": { dkim: "ok", selector: "pbx-2026a" }
}

$ curl -X POST https://postillion.ai/v1/inboxes/ibx_a1f9/send \
   -H "Authorization: Bearer sk_live_a1…7be" \
   -d '{ "to": "dana@brightwave.io", "subject": "Re: invoice", "text": "Resolved." }'

$ curl https://postillion.ai/v1/inboxes/ibx_a1f9/messages \
   -H "Authorization: Bearer sk_live_a1…7be"
→ 12 messages · metadata only (listing never marks read)

# the running server is the spec — no install, no SDK required
$ curl https://postillion.ai/llms.txt
# → agent index: onboarding path + link to the OpenAPI doc

$ curl https://postillion.ai/openapi.json
# → OpenAPI 3.1: every Bearer route, request + response schemas

Point an agent at /llms.txt and it can onboard end-to-end.

EVENTS & AUDIT

Every message, every decision — on the record.

Append-only records for lifecycle, policy, delivery, auth, and DNS. The event stream is ReBAC-filtered — only authorized events ever leave the building.

EVENTS.STREAM tail -f · RBAC-filtered policydeliveryauthdns

Accepted inbound from dana@brightwave.io · DMARC aligneddelivery2m

Routed to spam: noreply@unknown-sndr.co — SPF faildelivery6m

⚙Communication control added: allow domain meridian-labs.compolicy14m

◉Spam content read by key sk_live_a1…7be (audited)content33m

Authentication failure: m.vale@oldgrove.net — DKIM signature invalidauth1h

Authenticate, then trust

DMARC alignment required for an authenticated author. Authentication alone never grants delivery.

ReBAC, hidden

OpenFGA decides every relationship — users see product controls, never tuples or model IDs.

Platform safety wins

No customer grant can override a platform abuse, security, or deliverability block.

Read the security model →

READY ON THE FREE TIER

Give your agents an inbox that outlives them.

Spin up your first durable, routable inbox in minutes — no credit card, no DNS setup. Just an API key and three calls.

Get your API key Browse the docs

$ curl https://postillion.ai/llms.txt · curl https://postillion.ai/openapi.json

Everything an agent inbox needs, behind one API.

Durable inboxes

Routing and addresses

Authorization

Spam, not surprises

Events and audit

Every message runs the same gauntlet.

From zero to a signed inbox in one call.

Every message, every decision — on the record.

Give your agents an inbox that outlives them.