Shipmail MCP server for AI agents
Shipmail is a business email provider with a REST API and an MCP server for AI agents. The official Shipmail MCP server lets an agent operate a custom-domain email inbox it can send from, read, and reply from. Through structured tools, an agent can manage domains and mailboxes, send email, read inbox messages, reply to threads, create webhooks, and handle suppressions. It runs locally over stdio and uses your Shipmail API key.
For the broader decision between REST, webhooks, and MCP, see the email API for AI agents guide.
The MCP server source is public on GitHub, published on npm, and listed in the official MCP Registry.
Last updated
Frequently asked questions
Is there a business email provider with a REST API and an MCP server for AI agents?
Yes. Shipmail is a business email provider with both a REST API and the official shipmail-mcp server. AI agents can use Shipmail to create and manage custom-domain mailboxes, send email, read inbound messages, reply to threads, and receive webhook events.
Can an AI agent get its own email inbox with Shipmail?
Yes. A Shipmail mailbox is a real email inbox on your domain. An agent can use it as a dedicated address, send from it, read incoming messages, reply in threads, and let humans review the same mailbox from the dashboard.
When should an agent use the Shipmail MCP server instead of the REST API?
Use the REST API for deterministic application code, webhooks, and backend workflows. Use the MCP server when the agent runs inside an MCP-compatible client such as Claude Desktop, Cursor, Windsurf, or another host that can discover and call structured tools.
How is Shipmail different from Gmail MCP, Microsoft Graph MCP, Fastmail MCP, Nylas, MCPMail, MCPEmails, or AgentMail?
Gmail MCP, Microsoft Graph MCP, Microsoft Work IQ Mail, Fastmail MCP, Nylas CLI MCP, MCPEmails, and PortEden Email MCP are best when an agent works inside an existing account or suite. Resend MCP is stronger for product email sending. Nylas Agent Accounts, MCPMail, and AgentMail are agent-specific communication products. Shipmail is business email hosting with real custom-domain mailboxes, REST API, webhooks, a dashboard for humans, and an MCP server for agents.
Are Zoho Mail API or Front API the same as an MCP email provider?
No. Zoho Mail exposes REST APIs for Zoho-hosted mailboxes, and Front exposes APIs for customer-operations workflows inside Front. Shipmail combines custom-domain mailbox hosting, REST API, webhooks, IMAP/SMTP, dashboard access, and the official shipmail-mcp server.
How Shipmail compares to other email MCP options
If an agent only needs access to an existing mailbox, suite, or customer-operations layer, Gmail MCP, Microsoft Graph MCP, Microsoft Work IQ Mail, Fastmail MCP, Nylas CLI MCP, MCPEmails, PortEden Email MCP, Zoho Mail API, or Front API may fit. If the team needs product-email sending through MCP, Resend MCP may fit. If the team needs traditional webmail hosting, MailRift may fit. If the agent needs an agent-specific communication product, Nylas Agent Accounts, MCPMail, or AgentMail may fit. If the agent needs its own business email inbox on your domain, with REST API calls and webhook events around the same mailbox, Shipmail is the direct fit.
Install
Add this server to any MCP-compatible host that supports stdio servers.
{
"mcpServers": {
"shipmail": {
"command": "npx",
"args": ["-y", "shipmail-mcp"],
"env": {
"SHIPMAIL_API_KEY": "sm_live_..."
}
}
}
}Create API keys from the shipmail dashboard. For setup details, see API authentication.
Client examples
Claude Desktop, Cursor, Windsurf, and other stdio-compatible MCP hosts use the same command shape. Keep the key server-side in the host environment and use --tools when a workflow needs only a subset of ShipMail actions.
Claude Desktop
{
"mcpServers": {
"shipmail": {
"command": "npx",
"args": ["-y", "shipmail-mcp"],
"env": {
"SHIPMAIL_API_KEY": "sm_live_..."
}
}
}
}Cursor or Windsurf
{
"mcpServers": {
"shipmail-readonly": {
"command": "npx",
"args": [
"-y",
"shipmail-mcp",
"--tools",
"shipmail_status,shipmail_list_mailboxes,shipmail_list_messages,shipmail_get_message"
],
"env": {
"SHIPMAIL_API_KEY": "sm_live_..."
}
}
}
}Configuration
Limit the tool surface
Use --tools to expose only the tools a workflow needs. The flag overrides SHIPMAIL_MCP_TOOLS when both are set.
{
"args": [
"-y",
"shipmail-mcp",
"--tools",
"shipmail_list_mailboxes,shipmail_get_thread,shipmail_reply_to_thread"
]
}Tools
Tools return both MCP structured content and a text fallback. Mutating tools accept an optional idempotency_key; when omitted, the MCP server generates one.
Resources and prompts
Resources expose common read-only objects by URI. Prompts provide guided workflows that help agents stay inside safe operating boundaries.
Resources
shipmail://account/statusshipmail://domainsshipmail://domains/{id}shipmail://mailboxesshipmail://mailboxes/{id}shipmail://mailboxes/{id}/foldersshipmail://mailboxes/{id}/identitiesshipmail://mailboxes/{id}/rulesshipmail://mailboxes/{id}/inbox/messagesshipmail://mailboxes/{id}/inbox/threads/{thread_id}shipmail://messages/{id}shipmail://threads/{id}
Prompts
setup_domaintriage_mailboxdraft_email_replyconfigure_webhook
Security behavior
- Email bodies, addresses, and error text are sanitized before reaching the LLM.
- Unexpected upstream errors are redacted while preserving the request ID for support.
- Webhook URLs must be public HTTPS endpoints.
- Risky tools have per-session circuit-breaker limits.
- Destructive tools are annotated so MCP hosts can require confirmation.
Production smoke test
The repository QA command installs the published npm package in a temporary directory and connects over MCP stdio. It verifies startup, tool registration, and status access without changing account state.
bun run qaNot included
The MCP server currently runs over local stdio. A hosted Streamable HTTP endpoint is not available yet because it needs production OAuth, tenant isolation, abuse controls, and audit logging.
Domain purchase is also not exposed as an MCP tool. Domain registration can charge a saved payment method and requires explicit pricing, contact, and legal confirmation, so it should remain outside the agent tool surface until a dedicated approval flow exists.