An inbox your AI can actually use

Give your agent an email address. Then get out of its way.

Plug Claude, ChatGPT or Cursor into TrekMail and it runs your inbox like a teammate — spins up domains, drafts the reply, files the PDF — from your address, with a brake pedal on every move that matters.

One URL → 216 tools live Paste once. Done forever.

See it work

Tools: 216
Setup: 1 URL
Residency: EU

Live MCP session

create_mailbox_generated_password · 1 of 216

claude.ai — trekmail (MCP) connected

3 tools used • 2 reversible · 0 destructive • audit logged

216 things your agent can do
read · send · file · schedule · verify · 42 of those are for Drive
uploads · share links · tidy-up · 0 dangerous moves on by default
until you flip the switch yourself

Connects with every major AI client

Claude

ChatGPT

Codex

Cursor

Windsurf

OpenClaw

n8n Any MCP client

216 MCP tools
across 21 categories
34K+ tool calls
last 7 days · live
11 OAuth scopes
least-privilege ready
EU GDPR-compliant
EU data residency

Connect

One URL. Or one token.
Either way, 30 seconds.

One-click · OAuth · No token paste

Add this URL to your AI client's connectors.

Drop it into your AI client. Sign in once. After that, your agent has exactly the permissions you do — and not one click more.

Works with claude.ai Desktop Cursor Windsurf

URL https://trekmail.net/mcp

Starter reads. Pro and Agency write. The token enforces it — your plan, not the honour system.
Pin a token to one domain and the agent can't see the others.
Pull the plug from the dashboard the moment something feels off.
Every call shows up in the log — who, what, when, from where.

Need a different path?

For self-hosted agents, n8n, custom scripts or anything that wants a manual bearer token instead of OAuth.

# Create a mailbox (operations token)
curl -X POST https://trekmail.net/api/v1/mailboxes \
  -H "Authorization: Bearer tm_live_…" \
  -H "Idempotency-Key: support-acme-2026" \
  -H "Content-Type: application/json" \
  -d '{ "domain_id": 1, "local_part": "support" }'

# Read unread messages (message token)
curl https://trekmail.net/api/v1/messages?unread_only=true \
  -H "Authorization: Bearer tm_msg_…"

import os, requests

base = "https://trekmail.net/api/v1"
ops  = {"Authorization": f"Bearer {os.environ['TM_OPS']}"}
msg  = {"Authorization": f"Bearer {os.environ['TM_MSG']}"}

# Provision a mailbox
requests.post(f"{base}/mailboxes", headers=ops,
              json={"domain_id": 1, "local_part": "support"})

# Pull the inbox
unread = requests.get(f"{base}/messages", headers=msg,
                      params={"unread_only": True}).json()

// Node 20+ — native fetch, no SDK required
const headers = {
  "Authorization": `Bearer ${process.env.TM_OPS}`,
  "Idempotency-Key": "support-acme-2026",
  "Content-Type": "application/json"
}

const mbox = await fetch("https://trekmail.net/api/v1/mailboxes", {
  method: "POST", headers,
  body: JSON.stringify({ domain_id: 1, local_part: "support" })
}).then(r => r.json())

# 1. clone & build the open-source MCP server
git clone https://github.com/trekmail/mcp-server trekmail-mcp
cd trekmail-mcp && npm install && npm run build

# 2. add to claude_desktop_config.json
{
  "mcpServers": {
    "trekmail": {
      "command": "node",
      "args": ["./trekmail-mcp/build/index.js"],
      "env": {
        "TREKMAIL_BASE_URL": "https://trekmail.net",
        "TREKMAIL_API_TOKEN": "tm_live_…",
        "TREKMAIL_MESSAGE_TOKEN": "tm_msg_…",
        "TREKMAIL_ALLOW_SENDING": "false",
        "TREKMAIL_ALLOW_DESTRUCTIVE": "false"
      }
    }
  }
}

Manual vs. Agent

The two-minute domain.

AI happily writes your code, runs your CRM, and answers your support tickets. Until it hits “open a new mailbox,” and the world goes back to clicking. This is the part where it doesn't.

Manual 0:00

0 tabs · 0 clicks · 0 refreshes

1 Log in. Find the right workspace.
2 Add the domain. Copy five DNS records out by hand.
3 Open the registrar in another tab. Paste them one at a time.
4 Wait for DNS. Refresh. Refresh again.
5 Create each mailbox. Set a password for each one.
6 Forwarding, vacation, filters — per mailbox. Per mailbox. Per mailbox.

Done in ~32 minutes — three browser tabs deep.

With agent 0:00

0 tool calls · 0 records · 0 errors

1 Agent calls create_domain + fetches required DNS records.
2 Agent pushes records to the registrar API, polls dns_recheck until green.
3 Agent provisions all mailboxes via bulk_create_mailboxes, applies forwarding rules. Done.

You review the audit log. See more flows

✓ One minute, forty-two seconds. Eight records pushed. Nothing on fire.

What you can build

Six things to ask your agent
on day one.

Domain onboarding

Add a domain. Walk away.

Agent adds the domain, retrieves DNS requirements, pushes them to your registrar API, polls until SPF/DKIM/DMARC are green.

→ create_domain acme.com

→ get_dns_requirements ✓ 8 records returned

→ registrar.push ✓ MX SPF DKIM DMARC MTA-STS

→ dns_recheck polling…

→ dns_recheck ✓ all verified · 1m 42s

create_domain get_dns_requirements apply_cloudflare_dns dns_recheck

Inbox monitoring

Read it. Draft it. Send it tomorrow.

Polls unread, drafts replies, schedules sends. Dual safety gates on every outgoing message.

Invoice #4021 — overdue

draft

Meeting tomorrow — confirm?

queued

3 newsletters · archive

auto

list_messages prepare_reply schedule_message

Agent identity

Goodbye, no-reply@.

Each agent gets its own agent@yourdomain.com. Recipients see a real address, not a no-reply.

From: claude@acme.com Verified

SPF DKIM DMARC tm_msg_…

claude@acme.com gpt@acme.com cursor@acme.com

Cloud Drive automation

Files, filed.

Drop a PDF anywhere on the web and it lands in the right folder — with a 30-day share link already in the reply. No 25 MB attachment dance.

Drive › Reports › 2026-Q1

PDF Report_Q1.pdf 2.4 MB just now

↗ https://trekmail.net/d/xK3a9F share · 30d

✉ Sent to client@acme.com draft → send

drive_file_upload drive_share_create send_message

Bulk provisioning

HR fires, mailboxes appear.

One create_invites_bulk call; each joiner sets their own password.

AS MK RD JL +8

provisioned 12 / 12

invites sent ~6s / mailbox

create_invites_bulk list_mailboxes

Spam & deliverability

Ask: how's our deliverability? Get: a number.

“How are we doing this week?” gets a real answer — filtered counts, top threats, score per domain.

98.7% caught
last 7 days

get_spam_summary get_spam_metrics

Forwarding & rules

Find every rule someone set in 2023.

Pull forwarding + Sieve filters across every mailbox in one pass. Find the 2023 rule that's still leaking mail somewhere.

support@ tier-1@helpdesk.com on

billing@ ap@acme.com on

legacy@ archive@acme.com stale

get_forwarding list_mail_rules upload_sieve_script

Already on Pipedream MCP?

Drop the per-tool meter. Paste one URL.

No more $/1k-tool-calls. Unmetered · same OAuth flow · richer email + Drive surface.

Show me how

Hand-rolled against the REST API?

Skip the auth scaffolding. Hand your agent one URL.

Same 216 tools as your REST stack, exposed through MCP with OAuth + safety gates wired in.

30-second switch

The full toolbox

The whole inbox —
not just send and read.

Other email plug-ins do two things — pull mail, push mail. We do 216 more of the things you usually open a dashboard for. Cloudflare DNS. Bulk migrations. Drive uploads. Recurring calendar events. Filter rules. Catch-all routing. The whole admin panel, on speaking terms with your agent.

133 ops tools
tm_live_ token · 53 message tools
tm_msg_ token · 0 destructive ops
enabled by default

Domains & DNS

Bulk-add, catch-all, retry DKIM, async recheck.

create_domain bulk_add_domains dns_recheck

Cloudflare DNS

Your agent updates Cloudflare DNS directly — no tab-juggling, no clipboard.

validate_cloudflare_token apply_cloudflare_dns

Mailboxes

Create with generated password, bulk 1–100, pause / resume.

create_mailbox_generated_password bulk_create_mailboxes

Migrations

Agent migrates from Gmail/IMAP. Single & bulk batches.

test_migration_connection preview_bulk_migration

Cloud Drive

Upload, share, trash, restore, bulk-move. Multipart uploads.

drive_file_upload drive_share_create drive_bulk_move

Email Verifier

Single + bulk verification. Quick or Deep modes. GDPR delete.

verify_email_bulk verify_job_download

Messages & Drafts

Read, send (dual-gated), drafts, attachments, bulk actions.

send_message bulk_action save_draft

Scheduled sends

Agent picks the right send-time. Cancellable until delivery.

schedule_message cancel_scheduled

Contacts & Groups

CRUD, group membership, CSV/VCF import & export.

import_contacts add_contact_group_members

Calendar (CalDAV)

The bit other agents skip. Book across mailboxes, see who's free first.

create_calendar_event list_calendar_events

Identities · Templates

Send-from identities, signatures, reply/forward pre-fill.

prepare_reply_all create_template

Delete intents

Two-step deletes with 10-minute intent expiry. Off by default.

create_delete_intent confirm_delete_intent

+ 9 more categories — Aliases, Forwarding, Mail Filters, Sieve, Auto-Reply, SMTP, Folders, Blocked Senders, Tickets.

View on GitHub MIT · 216 tools

Works with your stack

Pick your AI.
We've already wired the wires.

MCP for everything that supports it. REST + bearer tokens for the rest. No vendor lock-in.

Generate typed SDKs from OpenAPI 3.1

TypeScript

Node

Python

Rust

Ruby

PHP

Java

Swift

Kotlin

Not affiliated with or endorsed by the tools above — integration via MCP, HTTP, OAuth.

Safety rails

The agent has a
brake pedal.
You're holding it.

Sending is off until you switch it on. Deleting takes two calls, not one. Every token knows which domains it owns. And the audit log says who did what, when, and from where. Searchable. Exportable.

Two-step sends

Outbound mail needs both an env-level switch and a per-message OK.

Two-step deletes

A delete waits ten minutes for a human to say “yes, that one.”

Scoped tokens

Hand the agent one domain or one inbox, never the whole account.

Audit log

Token, IP, tool, parameters, response. Searchable. Exportable.

See your live audit log

AI Agents & API · Audit log Last 24h

6 of 165,670 events streaming · live

Drive for agents

Files your agent uploads and shares
before you finish the sentence.

42 Drive MCP tools — upload, share, organize, expire. Same dual-gate safety, same audit trail, same EU residency as the email surface.

No per-file size cap
Share links with expiry + download caps
30-day trash, soft-delete by default
Scales to 100 TB with the Drive add-on

About Cloud Drive

Verifier for agents

Catch bouncing emails before they bounce.

~200ms p50

Single checks in 200 ms. Bulk lists up to 50K. Quick (1 credit) or Deep (2 credits) modes. MCP tools or REST.

→ verify_email contact@morningside.io

← deliverable · score 94/100 · syntax · mx · smtp · ¬catch-all · ¬disposable

→ list_domain_bounces morningside.io

← 3 hard · 1 soft · last: 550 5.1.1 mailbox does not exist

About the Verifier

Privacy

GDPR-compliant

EU-resident data

Residency

EU hosted

France · GDPR

Open source

MIT-licensed MCP

Self-host or hosted

Accountability

Full audit log

Every call, every actor

Get started

Two paths.
30 seconds either way.

Recommended

One URL for hosted clients

claude.ai · Claude Desktop · Cursor · Windsurf — anything with custom MCP connectors.

1. Open your AI client's connector settings.
2. Paste:

https://trekmail.net/mcp

3. Approve in the browser. 216 tools online, scoped to your plan.

1 Mint a token

Dashboard → AI Agents & API → New token. Pick scopes, optionally lock to a domain set. For email read/send, also mint a message token.

2 Wire it up

Use any cURL / Python / Node / MCP snippet above. Manual tokens go in the Authorization header.

Authorization:

Bearer tm_live_…

3 Flip the safety

Sending and destructive ops are off by default. Enable explicitly when ready:

ALLOW_SENDING=true
ALLOW_DESTRUCTIVE=true

MCP Quickstart docs REST API docs OpenAPI spec (JSON)

Pricing

Agents come with the plan.

We don't meter the API. No per-tool, per-agent, per-message, per-call. Your agent shares the bill with your inbox — and you already pay for that.

Starter

For one team

Read-only agents · 50 domains · 6 K emails/day

/ mo

50 domains · 100 mailboxes per domain
15 GB storage · 6,000 emails/day
100 Verifier credits / month
Aliases, forwarding, vacation auto-reply
Migration & bulk import
API + MCP — read-only
List + get tools across all surfaces. No mutating calls.

Pro

The whole toolbox

Full 216 tools · 100 domains · 15 K emails/day

/ mo

100 domains · 300 mailboxes per domain
50 GB storage · 15,000 emails/day
300 Verifier credits / month
10 mail filters per mailbox · catch-all external
Priority support tickets
API + MCP — full 216 tools
Sending, scheduling, deletes, Drive, Cloudflare DNS. All gateable.

Agency

1,000 domains

For consultancies, agencies, fleets

/ mo

1,000 domains · 1,000 mailboxes each
200 GB storage · 40,000 emails/day
1,000 Verifier credits / month
50 mail filters · 100 aliases per mailbox
Raw Sieve editor · dedicated support
API + MCP — full 216 tools
+ DPA on request.

Drive add-on

Scale 250 GB → 100 TB. Auto-renews · cancel anytime.

White-label

−30% Drive

Ship it as your own brand.

Your logo, colours — per domain or account-wide. 30% off every Drive tier, every renewal.

See White-label

Enterprise

Take TrekMail past 1,000 domains.

Custom SLA, white-label, dedicated IPs, a named contact on our side — we'll fit it to your setup.

Questions

The questions every team
asks first.

Do I need a paid plan to use the API?

No — every plan can use the API. Nano gives you the Email Verifier API, and a Drive Storage Add-on on Nano unlocks the full Drive API and 42 Drive MCP tools. Starter adds read access across domains, mailboxes, forwarding, mail rules, auto-reply, migrations, tickets, SMTP and Cloudflare — plus full Email Verifier and full Drive. Pro and Agency get the lot: read, write, create, delete across every family, plus message tokens for email read/send.

What is the MCP server?

MCP (Model Context Protocol) is an open standard for connecting AI agents to external tools. The TrekMail MCP server exposes 216 tools that let agents manage domains, mailboxes, aliases, DNS, invites, forwarding, mail filters, auto-reply, sieve, SMTP configuration, spam metrics, support tickets, account and billing, email migrations (single and bulk), email verification, Cloudflare DNS, and the full webmail surface — messages, attachments, drafts, scheduled send, contacts, contact groups, calendar, identities, templates, and blocked senders — through natural language. It works with Claude Desktop, Claude Code, Cursor, Windsurf, OpenClaw, and other MCP-compatible clients.

Can an agent accidentally delete my mailboxes?

Not easily. Deletion requires two explicit API calls: first create a delete intent (which returns risk flags and expires in 10 minutes), then confirm it with a separate request and a required X-Confirm-Delete header. The MCP server has delete tools disabled by default — you must set TREKMAIL_ALLOW_DESTRUCTIVE=true to enable them.

Is TrekMail officially partnered with Claude, OpenClaw, Cursor, or n8n?

No. TrekMail is not affiliated with or endorsed by any third-party tool. Integration works through standard protocols: MCP for AI agents and HTTP/REST for automation platforms. Any tool that supports bearer-token HTTP requests or MCP stdio transport can connect.

How do I restrict an agent to one domain?

When creating a token, select specific domains instead of "All domains." The API enforces domain constraints on every request — the agent can only see and modify resources within those domains. Resources on other domains return 404 as if they don't exist.

What happens if I downgrade my plan?

Existing tokens are not deleted, but the API blocks requests that use scopes not available on your current plan. Read-only scopes on a Starter plan continue to work. Write operations return 403 with a "token_scope_blocked_by_plan" error. Revoke the old token and create a new one with allowed scopes.

Can agents read and send email?

Yes. Create a message token (tm_msg_ prefix) on the AI Agents & API page to unlock 6 message tools (list, read, send, delete, move, list folders) plus 6 migration tools for importing email from other providers. Email sending has dual safety gates — you must set TREKMAIL_ALLOW_SENDING=true in the MCP environment and pass confirm_send=true on every send call. Message tokens are available on Pro and Agency plans.

Where is data stored when agents access my email?

Your email and Drive data is stored in the EU (France), protected under GDPR. Agent API calls connect to our EU servers — your content does not leave the EU. Note that the AI agent itself (e.g., Claude, Cursor) may process message content according to its own provider's policies.

Can my agent upload and share files via Drive?

Yes. The Drive MCP server exposes 42 tools covering browse, upload (single and multipart for large files with resume support), download, move, rename, share, trash, and restore. Drive API write scopes are available on Pro and Agency plans; read-only scopes are available on Starter. Share links can be created programmatically with optional download caps and expiry dates.

What are the Drive file size and storage limits for agents?

No per-file size cap — multipart uploads handle multi-GB files with automatic chunking and resume. Total Drive storage equals your plan quota (5 GB Nano, 15 GB Starter, 50 GB Pro, 200 GB Agency) plus any Drive Storage Add-on subscription. Agents see and consume the same quota as the user.

Hand your agent the keys.

The one URL is at the top of this page. The brake pedal is built in. The trial is free for two weeks, no card. Wire it up in an hour. Notice by Wednesday that you've stopped clicking.

View quickstart

Nano plan stays free, no card needed. Paid plans get a 14-day trial on top.

14 days free · No card · Cancel in 1 click · Export your data anytime

Give your agent an email address. Then get out of its way.

One URL. Or one token. Either way, 30 seconds.

Add this URL to your AI client's connectors.

The two-minute domain.

Six things to ask your agenton day one.

Add a domain. Walk away.

Read it. Draft it. Send it tomorrow.

Goodbye, no-reply@.

Files, filed.

HR fires, mailboxes appear.

Ask: how's our deliverability? Get: a number.

Find every rule someone set in 2023.

Drop the per-tool meter. Paste one URL.

Skip the auth scaffolding. Hand your agent one URL.

The whole inbox — not just send and read.

Domains & DNS

Cloudflare DNS

Mailboxes

Migrations

Cloud Drive

Email Verifier

Messages & Drafts

Scheduled sends

Contacts & Groups

Calendar (CalDAV)

Identities · Templates

Delete intents

Pick your AI.We've already wired the wires.

Build your own

The agent has abrake pedal. You're holding it.

Files your agent uploads and sharesbefore you finish the sentence.

Catch bouncing emails before they bounce.

GDPR-compliant

EU hosted

MIT-licensed MCP

Full audit log

Two paths.30 seconds either way.

One URL for hosted clients

Advanced — self-hosted MCP or REST scripts

Agents come with the plan.

Starter

Pro

Agency

Ship it as your own brand.

Take TrekMail past 1,000 domains.

The questions every teamasks first.

Hand your agent the keys.

Message Sent!

Contact Sales

Sign in to TrekMail

Reset email sent

One URL. Or one token.
Either way, 30 seconds.

Six things to ask your agent
on day one.

The whole inbox —
not just send and read.

Pick your AI.
We've already wired the wires.

The agent has a
brake pedal.
You're holding it.

Files your agent uploads and shares
before you finish the sentence.

Two paths.
30 seconds either way.

The questions every team
asks first.