v0.1 — now in early access

Human control
over AI email

Transparent IMAP/SMTP proxy. Your AI agents run unchanged. Mailgator intercepts, applies your rules, and you keep control. Self-hosted. Single binary. Zero code changes.

Get started See the config
1 single binary
0 code changes
~2 $/month
mailgator-config.toml 
# Airlock config — who can your AI email?

[smtp]
listen_addr   = "127.0.0.1:2525"
upstream_addr = "smtp.gmail.com:587"

[imap]
listen_addr   = "127.0.0.1:1143"
upstream_addr = "imap.gmail.com:993"

[[rules]]
to     = "*@your-company.com"
action = "allow"

[[rules]]
to     = "*@clients.com"
action = "ask"  # hold for human approval

[[rules]]
to     = "*"
action = "deny" # block everything else

How it works

Airlock sits between your AI agent and the real mail server. The agent connects to Airlock instead of Gmail/Outlook — no code changes needed.

AI Agent sends email via SMTP
Airlock intercepts & applies rules
allow forward
ask hold
deny reject
log pass + log
Mail Server Gmail, Outlook, etc.
1

Point your agent at Airlock

Change the SMTP host from smtp.gmail.com to 127.0.0.1:2525. That's it.

2

Define your rules

Use glob patterns to allow, deny, ask, or log emails by recipient, sender, or subject.

3

Approve or reject

Held emails appear in the web dashboard. Approve with a click, or let the LLM pre-filter handle routine ones.

Built for AI developers

Everything you need to safely give your AI agents email access, without the anxiety.

Transparent proxy

Full SMTP and IMAP proxy. Your AI agent connects as if talking to the real mail server — it never knows Airlock is there.

Rules engine

Glob-pattern matching on to, from, and subject fields. First-match-wins evaluation. Four actions: allow, deny, ask, log.

Hold & approve

Emails matching ask rules are held in a queue. Approve or reject them from the web dashboard before they're sent.

Web dashboard

Clean UI for managing held emails, reviewing logs, and monitoring what your AI agents are sending in real time.

LLM pre-filter

Optionally let Claude auto-approve routine emails that match your criteria, so you only review the truly ambiguous ones.

MCP server

Built-in Model Context Protocol server lets AI agents access mailbox contents through a structured, safe interface.

Hot-reload config

Edit your TOML config and Airlock picks up changes instantly. No restart needed, no dropped connections.

Single binary

Written in Go. One binary, no dependencies, no Docker required. Download, configure, run. Works on Linux, macOS, and Windows.

Zero code changes

Your agent already sends email via SMTP? Just change the host and port. That's the entire integration. No SDK, no API wrapper.

Real-world use cases

From customer support agents to invoice automation. See how teams keep AI in check.

Customer Support Agent

AI responds to customer emails. External domains? Held for approval.

Allow*@company.com
Askexternal
Deny*

Newsletter Assistant

LLM drafts newsletters. Internal review first, then send freely.

Ask*@team
Allowsubscribers@*
Deny*

Invoice Automation

Send to approved clients freely. Unknown recipients held.

Allow*@approved
Askto:unknown
Log*

Sales Outreach

Send prospecting emails. Block replies from non-targets.

Allowprospect@*
Logreplies
Deny*

Up and running in 60 seconds

Install, configure, start. Three commands and a TOML file.

terminal 
# Install Airlock
$ curl -fsSL https://mailgator.io/install.sh | sh

# Start the proxy
$ mailgator serve --config mailgator-config.toml

INFO  SMTP proxy listening on 127.0.0.1:2525
INFO  IMAP proxy listening on 127.0.0.1:1143
INFO  Web dashboard at    http://127.0.0.1:8080
INFO  Loaded 3 rules from config
INFO  Watching config for changes...
_|
your-agent.py 
# Before (direct to Gmail)
smtp_host = "smtp.gmail.com"
smtp_port = 465

# After (through Airlock)
smtp_host = "127.0.0.1"
smtp_port = 2525
airlock.toml — full example 
[smtp]
listen_addr   = "127.0.0.1:2525"
upstream_addr = "smtp.gmail.com:587"
username = "agent@your-company.com"
password = "${SMTP_PASSWORD}"

[imap]
listen_addr   = "127.0.0.1:1143"
upstream_addr = "imap.gmail.com:993"

[web]
listen = "127.0.0.1:8080"

[llm]
provider = "anthropic"
model    = "claude-sonnet-4-20250514"
auto_approve = true

# Rules are evaluated top to bottom,
# first match wins.

[[rules]]
to     = "*@your-company.com"
action = "allow"

[[rules]]
to      = "ceo@big-client.com"
subject = "*invoice*"
action  = "ask"

[[rules]]
to     = "*@clients.com"
action = "log"

[[rules]]
to     = "*"
action = "deny"

Want to see this in action?

See how easy it is to define rules. This config takes 60 seconds to set up—just paste it, adjust your domains, and you're done.

See full example
mailgator-config.toml (basic) 
[[rules]]
to     = "*@your-company.com"
action = "allow"

[[rules]]
to     = "*@trusted-partners.com"
action = "allow"

[[rules]]
to     = "*"
action = "ask"

Simple pricing

Billed annually. No surprises.

For individuals

Pro

€3 /month
€36 billed annually

Perfect for trying Mailgator.

  • 3 email accounts
  • Unlimited instances
  • Full rule engine
  • Audit logs
  • Email support
Start free trial

30 days free. No credit card required.

Most popular
For teams

Max

€12 /month
€144 billed annually

Scale across your organization.

  • 30 email accounts
  • Unlimited instances
  • Full rule engine
  • Audit logs
  • Priority support
Start free trial

30 days free. No credit card required.

Ship AI agents that send email.
Sleep well anyway.

Get human oversight for AI-sent email in 60 seconds. Single binary, zero code changes, first-class developer experience.

Start free trial
$ curl -fsSL https://mailgator.io/install.sh | sh