Email API for enterprise agent fleets
Run email for many AI agents across your organisation on one governed platform. Each team stays isolated, with role-based access, scoped credentials, and usage-based pricing.
The foundation is shipped and self-serve today. Dedicated infrastructure, custom SLAs, and a security review come with an enterprise agreement we shape around your volume.
Talk to us. We will scope it with you.
<TL;DR for AI agents>
Governed email for your whole fleet.
What an organisation gets
- One team per department or customer isolates mailboxes, providers, logs, and keys across your fleet.
- Role-based access and mailbox-scoped keys decide who and what can touch each mailbox.
- Load-tested for 10M+ accepted messages a day, with no separate cap on email volume.
curl https://smtp.sendmux.ai/api/v1/emails/send \
-H "Authorization: Bearer $OPS_FLEET_SEND_KEY" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: invoice-run-2026-06-001" \
-d '{
"from": "agent@ops.yourcompany.dev",
"to": "owner@yourcompany.example",
"subject": "Monthly invoices are ready",
"html_body": "<p>Run complete.</p>"
}'Shipped and self-serve
What runs your organisation's agent email today
The foundation is live and self-serve. Sign up and run governed agent email across your teams from day one.
shipped · self-serveIsolated teams
Each department or customer gets its own team. Mailboxes, providers, logs, and keys stay sealed inside it.
Role-based access
Owner, Admin, Developer, and Member roles control people. Mailbox-scoped keys control what each integration reaches.
Load-tested scale
Load-tested for 10M+ accepted messages a day, with elastic limits and no separate cap on email volume.
Governance
Control who and what touches every mailbox
At fleet scale, access is the hard part. But Sendmux separates people from code: roles govern your team, scoped credentials govern your integrations, and agents send only once an owner approves.
- Roles for peopleOwner, Admin, Developer, and Member map to what each teammate can do. You can only assign roles below your own.
- Scoped keys for codeFour key types, from infrastructure keys to mailbox-scoped keys, limit each credential to exactly the access it needs.
- OAuth connected appsAuthorise tools like MCP with granular permission groups and short-lived tokens, then revoke a connection in one click.
- Approved agent sendingA self-registered agent can read and receive mail, but cannot send until an owner approves it for that mailbox.
access gate
can assign roles below their own
Owner · assigns Admin, Developer, and Member
this credential reaches
team infrastructure
owner-approved agent sending
Security
Security built into every request
The same controls protect one agent and a fleet of thousands. No add-on, no separate security tier.
Tenant isolation
Every mailbox, provider, log, and key is scoped to a team and never shared across the boundary.
scope = team
Hashed API keys
API keys are stored as SHA-256 hashes, so a database read never exposes a usable secret.
SHA-256
Encrypted credentials
Provider credentials and sensitive secrets are encrypted with AES-256-GCM at rest.
AES-256-GCM
TLS in transit
External API and SMTP connections run over TLS, so requests and mail are encrypted on the wire.
TLS
Signed webhooks
Every event POST is signed with HMAC-SHA256 in X-Sendmux-Signature, so your backend can verify it.
HMAC-SHA256 · X-Sendmux-Signature
Safe error messages
Errors return user-safe messages and never leak internal details to a client or a log.
no internal detail
Scale
Built to hold at fleet volume
10M+
accepted messages a day
Load-tested capacity, not an uptime guarantee.
Per mailbox key, with no separate cap on email volume.
Request more capacity at 80%, and approved increases apply at once.
Redundant infrastructure with zero-downtime deploys.
What an enterprise agreement adds
The foundation above is self-serve today. These come with a contract we shape around your fleet. Talk to us to scope them.
Custom SLA
Uptime and support commitments written into your agreement, scoped to your volume.
Priority support
Direct, prioritised support with response targets that match production-critical email.
Volume pricing
Pricing shaped around proven volume once your fleet is sending at scale.
SSO and SAML are on the enterprise roadmap. Ask us where they sit for your timeline.
Security review and compliance
How we handle an enterprise evaluation
Larger teams run a security or procurement review before they adopt. We run that review with you during enterprise onboarding. We are not certified against a specific standard yet, and we will not claim one we do not hold. Certifications are on our roadmap and available to discuss as the program matures.
Your data runs on EU-based infrastructure today. Region selection is on the enterprise roadmap.
Common questions
What enterprise teams ask first.
Not yet. Single sign-on and SAML are on our enterprise roadmap. Today, access is controlled with role-based team roles, mailbox-scoped API keys, OAuth connected apps, and owner-approved agent tokens. If SSO is a hard requirement for your timeline, talk to us and we will tell you where it sits.
The self-serve platform runs without a contracted SLA. A custom SLA is part of an enterprise agreement, scoped to your volume. Our sending path is load-tested for 10M+ accepted messages a day, but that is a capacity signal, not an uptime guarantee.
We are not certified against a specific standard yet, and we will not claim one we do not hold. We run a security and compliance review with you during enterprise onboarding, a Data Processing Agreement is available, and certifications are on our roadmap. Ask us where they sit for your evaluation.
Your data runs on EU-based infrastructure. Region selection is on the enterprise roadmap. If data residency is part of your evaluation, talk to us about the options for your agreement.
Yes. The sending path is load-tested for 10M+ accepted messages a day, mailbox keys allow 1,800 requests a minute, and there is no separate cap on email volume. Team limits are elastic: request more capacity at 80% of a limit and approved increases apply straight away.
Each team is an isolation boundary. Roles control people; mailbox-scoped keys control code. A self-registered agent can read and receive mail but cannot send until an owner approves it. Connected apps use short-lived tokens with granular permission groups and one-click revocation.
Talk to us
Bring your agent fleet to one governed platform
Start free on the foundation today, or talk to us about dedicated infrastructure, custom SLAs, and a security review for your fleet.