Scoped Email Gateway · For CI Tests & AI Agents

Email access, scoped.

A scoped-token email gateway for two adjacent jobs: asserting that an email arrived in CI tests of authentication flows, and letting AI agents send and read mail without holding SMTP credentials. Same REST API, same per-action token scopes, two markets. In production at obseed.me (since 2020) and linubra.com (since October 2025). See the full release history.

Hosted in Switzerland · In production · Limited beta

Join the waitlist Read the docs
two jobs · one api 
# Use case 1 — assert an email arrived in a CI test (Playwright)
test('password reset email arrives', async () => {
  await app.requestReset('qa@your-app.test');
  const msgs = await squibble.list({
    to: 'qa@your-app.test',
    subject: /reset your password/i,
  });
  expect(msgs).toHaveLength(1);
});

# Use case 2 — let an AI agent send mail (LangChain / plain HTTP)
await squibble.send({
  from: 'assistant@your-app.com',
  to:   ['customer@example.com'],
  subject:        'Re: your support ticket',
  body_text:      'Update on your request...',
  idempotency_key: ticket.id,
});

RFC 9457

Problem JSON

RFC 3464

Bounce VERP

RFC 8058

List-Unsub

The Problem

Why neither tests nor agents should hold
raw IMAP/SMTP credentials.

Most teams reach for the same shortcut twice: an IMAP password pasted into a CI secret store so tests can read mail, and an SMTP service account handed to autonomous code. Both work — until something leaks, spoofs a domain, or quietly sends to a suppressed address.

These are the failure modes we kept hitting first in CI test pipelines (originally during a 2023–2024 mandate at one of Switzerland's largest retailers, asserting auth flows end-to-end) and then again in agent integrations. Same primitives fix both.

What we keep seeing

  • IMAP passwords pasted into CI secret stores so test runners can read inboxes — full account access for one assertion.
  • SMTP credentials shared with autonomous agents — no scope, no expiry, no audit trail.
  • No way to bind sender identity to a mailbox — a leaked token can spoof anyone.
  • Mocked email tests pass while production fails — the IMAP path is never exercised end-to-end.
  • Bounces handled silently, suppressions never honored, sending reputation eroded.

Email shouldn't be the weakest scope your test runner or agent owns.

Before you let it send (or read), decide exactly what it can.

Capabilities

Everything you need.
Nothing you don't.

Built for the narrow problem of giving test runners and autonomous code safe access to mail — and nothing wider.

JWT-scoped tokens

Each agent gets a token bound to one mailbox and a precise set of actions — messages:send, messages:index, attachments:show. Grant only what the agent actually needs.

Sender binding

From, Reply-To, and envelope-sender are always rewritten to the authenticated mailbox. A stolen token cannot spoof an arbitrary domain.

IMAP inbox access

Read and search the inbox over a clean JSON API. Selective BODYSTRUCTURE fetch keeps attachments out of your agent's context window.

Bounce & suppression

VERP-authenticated bounce processing per RFC 3464. Permanent bounces and unsubscribes are suppressed automatically — no silent skips.

File attachments

Send files with any message: base64-encode the content, declare a filename and MIME type, and the API handles MIME assembly. Up to 20 files, 10 MiB each, 25 MiB total per send.

Open & click tracking

HTML emails get a tracking pixel and rewritten links on send. opened_at and clicked_at are recorded on first hit, never on subsequent.

Sent history & events

Every send is queryable. Drill into queued, delivered, bounced, opened, and clicked events per message — no log scraping, no audit gaps.

One image. One API. One token per agent — revoked in one call.

Integration

Three steps from zero to sending.

No SDK to install. No SMTP library to wire up. Plain HTTP and a Bearer token.

01

Join the waitlist

Tell us the mailbox address you want to send from or test against, and what you are building. We onboard a small batch of teams each week.

# Scroll to the form below
# We reply within one business day.
02

We onboard your mailbox

We provision the mailbox on our infrastructure, configure DNS for you, and issue your first JWT scoped to one set of actions.

mailbox: agent@yourapp.com
scopes:  messages:send
         messages:index
03

Call the API

Your agent calls the REST API with the Bearer token. No SMTP library, no credentials, no rotation headache.

POST /api/v1/messages/send
Authorization: Bearer <token>

From waitlist to your agent's first delivered message: usually within a business day.

Security

Hardened
by default.

The defaults assume the token is already breached. Everything is scoped, encrypted, audited.

  • Fernet-encrypted SMTP credentials in Postgres (AES-128-CBC + HMAC-SHA256) — decrypted in memory only at dispatch time.
  • Strict TLS, fail-closed — per RFC 3207, a failed STARTTLS upgrade aborts before AUTH. No plaintext credential leak.
  • Idempotency-Key with a 24-hour dedup window — safe-to-retry semantics following the same pattern Stripe uses for payment APIs.
  • Per-token send quotas and domain allowlists — lock down exactly who can send to what.
  • PII-scrubbed error_log — recipient addresses are redacted before being persisted, in line with GDPR Article 5(1)(c) data minimisation.
  • Instant token revocation by JTI per RFC 7519 — compromise a token, revoke it in one CLI call. No key rotation delay.

Every default is the safe one. Insecure operation requires an explicit decision.

Get started

Ready to scope your
email access?

Join the waitlist. We onboard a small batch of teams each week and reply within one business day.

Hosted in Switzerland · In production at obseed.me since 2020 · linubra.com since 2025