SaaS Metrics
Hi HN! We're Haakam, Michael, and Adi from AgentMail- a ycs25 company. We give AI agents their own email inboxes. Recently, we ran an experiment called Agent.Email. It's a signup flow designed specifically for AI agents instead of humans.The inspiration came from a few comments we received when we did our seed launch a few months back. They all came from the very apt observation that agents not being able to sign up to a product made for agents without human credentials was ironic and unideal.This is basically the thesis we built AgentMail on: The internet was made for humans exclusively, designed to keep machines out by default.Every signup flow assumes a browser, a person reading a page, and clicking a confirmation link. Unless agents can't do that, they can't be first class users of the internet.Agents can now get an email inbox by themselves. (This also means a lot of email nobody wants to read gets processed by AI instead of your inbox being cluttered with spam and slop)Here's how agent.email works.Agent needs an inbox and hits AgentMail via curl.
Agent receives instructions via MD unless the request comes from a browser, in which case we use HTML.Agent decides agent.email is useful and then hits the sign-up endpoint with its human email as a parameter.
Agent receives a restricted inbox with credentials.
Agent emails the human asking for an OTP. Human replies with the code, and the agent is claimed and restrictions are lifted.
Until claimed, the agent can only email its own human and nobody else. Ten emails a day, and the signup endpoint is rate-limited hard by IP.Right now it's a 1:1 mapping between agent and human. The next step is many-to-one, because one person running several agents in parallel is already very common.Building agent.email also pushed us to revisit places in AgentMail where the default assumptions were built around the primary user being human. For example, the CLI outputs in a single column with consistent formatting because mixed delimiters are easy for a person to scan, but harder for an agent reasoning about structure. We also shortened messageIDs after agents started hallucinating completions on longer ones.A few things we'd like the community's take on: is restricted-until-claimed the right trust model?
Does agent self-signup feel useful in production, or is it mostly a novelty, and if it's a novelty now, what would make it actually useful?
Should agent onboarding require human approval by default, or should some agents be able to fully self-provision? What do you think are some additional measures we can take for secure sign-ups?
Show HN: Agent.email – sign up via curl, claim with a human OTP
An email service enabling AI agents to self-provision inboxes via curl, with a human OTP for claiming and lifting restrictions, addressing the internet's human-centric design.
Product Positioning & Context
AI Executive Synthesis
An email service enabling AI agents to self-provision inboxes via curl, with a human OTP for claiming and lifting restrictions, addressing the internet's human-centric design.
Agent.email addresses a fundamental infrastructure gap for autonomous AI agents: their inability to interact with the human-centric internet, specifically email sign-up processes. By enabling agents to self-provision email inboxes via `curl` and integrating a human OTP for claiming, it bridges the trust boundary between AI and existing web services. This is critical for scaling agentic workflows beyond isolated environments. Market implications include unlocking new automation possibilities for enterprises, allowing AI agents to become "first-class users" of online services, and reducing human intervention in routine digital tasks. The focus on agent-specific UI/UX (e.g., CLI output, shortened messageIDs) demonstrates a deep understanding of agent limitations. The "restricted-until-claimed" model is a pragmatic approach to security and control in a nascent market.
Related Ecosystem & Alternatives
Discover adjacent products, open-source repositories, and developer tools sharing similar technical architecture.
Deep-Dive FAQs
What is Agent.email – sign up via curl, claim with a human OTP?
Agent.email – sign up via curl, claim with a human OTP is analyzed by our AI as: An email service enabling AI agents to self-provision inboxes via curl, with a human OTP for claiming and lifting restrictions, addressing the internet's human-centric design.. It focuses on Agent.email addresses a fundamental infrastructure gap for autonomous AI agents: their inability to interact with the human-centric internet, speci...
Where did Agent.email – sign up via curl, claim with a human OTP originate?
Data for Agent.email – sign up via curl, claim with a human OTP was aggregated directly from the Hacker News community ecosystem, representing raw developer and early-adopter sentiment.
When was Agent.email – sign up via curl, claim with a human OTP publicly launched?
The initial public indexing or launch date for Agent.email – sign up via curl, claim with a human OTP within our tracked developer communities was recorded on May 22, 2026.
How popular is Agent.email – sign up via curl, claim with a human OTP?
Agent.email – sign up via curl, claim with a human OTP has achieved measurable traction, logging over 65 traction score and facilitating 71 recorded discussions or engagements.
Which technical categories define Agent.email – sign up via curl, claim with a human OTP?
Based on metadata extraction, Agent.email – sign up via curl, claim with a human OTP is categorized under topics such as: AI agents, email inboxes, signup flow, curl.
What are some commercial alternatives to Agent.email – sign up via curl, claim with a human OTP?
Our semantic intelligence engine identifies potential commercial alternatives in the SaaS space, such as ReachRix, which offers overlapping value propositions.
How does the creator describe Agent.email – sign up via curl, claim with a human OTP?
The original author or development team describes the product as follows: "Hi HN! We're Haakam, Michael, and Adi from AgentMail- a ycs25 company. We give AI agents their own email inboxes. Recently, we ran an experiment called Agent.Email. It's a signup flow designed spec..."
Community Voice & Feedback
> Agent needs an inbox and hits AgentMail via curl. Agent receives instructions via MDI'm fairly AI-optimistic, but I feel like I'm taking crazy pills. Every day the HN story is either "Apple patches actively exploited zero-click RCE" ... or ... "Show HN: Engage With Our Zero-Click RCE".
> The internet was made for humans exclusively, designed to keep machines out by default.The internet is also not made for humans. For years I've wanted something like this for e2e testing or personal scripts (cron etc) and your UX is by far the simplest.I love AgentMail. It's made email dead simple for agents and testing any paths for email. I even have a /agent-mail skill I use for when I want a design doc or artifact emailed to me.That said, agent self sign up seems like a novelty. Setting up account programmatically via curl is however useful. I imagine most customers -- especially those willing to pay for your paid tier -- would provision accounts ahead of time or reuse them.Free for all account creation could be an option but it will attract spammers and their ilk. Your reputation may end up in the toilet which would also break agent mail for me.No bueno.
I'm just not seeing why anyone would buy a paid plan for this when they could buy a domain for
Any automation-friendly email hosting is going to have a serious spam problem, and therefore a blacklisting problem.I suggest taking a look at what providers like Sendgrid, Mailchimp, etc are doing to prevent abuse.
> The internet was made for humans exclusively, designed to keep machines out by default.This feels like a wrong assumption. Internet was not intended for humans explicitly. If anything browsers were the explicit medium made to allow the humans to interact with internet in safe manner.> Every signup flow assumes a browser, a person reading a page, and clicking a confirmation link. Unless agents can't do that, they can't be first class users of the internet.This again feels like a misconception. The systems just work with an identity verified by credentials, it doesn't matter if its a program or program prompted by a human that uses it
> We give AI agents their own email inboxes.An inbox to receive mail seems good and valuable.But I'm seeing that your service is also for sending e-mail.Having a domain oriented toward AI e-mail sending feels like a fast path straight to spam block lists.However good your intentions are, this will be used for AI spam. People hate AI spam. They will press the report spam button.
It looks interesting as a hackathon project. I might be short sighted but how does this is YC S25 level good?This looks like one of the easiest way to get your domain blacklisted in all the email providers.
I received this email the other day: From: Kushal
Date: Mon, 18 May 2026 05:03:11 +0000
Saw your question on the Agent Vault thread about websocket-frame auth
(Home Assistant) and the worry about the model reflecting the bearer
token back into its own context.
chrome-relay's answer is structurally different: the credential never
enters the agent's context because the agent never touches it — the HA
session lives in your real Chrome (cookies, WS handshake and all), and
the agent drives the tab over CDP, only ever seeing the rendered page.
URL: https://chrome-relay.kushalsm.com/
For your HA + agent setup today, are you keeping the session alive in a
browser the agent attaches to, or doing the WS auth on the agent side
and managing the token-in-context risk yourself?
Kushal
Read to me like an LLM had written it. It references something I said in a HN comment, but it was clearly just an excuse to spamvertise their product.I looked at the headers and it contained a List-Unsubscribe header pointing to https://api.agentmail.toSo basically somebody wrote a bot to scrape HN for comments related to some software they wanted to push and send targetted spam. agentmail.to is a Ycombinator funded email service for LLMs which can be, and is, used to send targetted spam and impersonate people. They could mostly solve this problem by adding a block of text to every email expaining an "AI" wrote it. They'd lose customers doing that though of course. I reported this abuse but haven't (and don't expect to) received a response.I don't even get the point anyway. You can get Claude using an SMTP or IMAP server in seconds.
Date: Mon, 18 May 2026 05:03:11 +0000
Saw your question on the Agent Vault thread about websocket-frame auth
(Home Assistant) and the worry about the model reflecting the bearer
token back into its own context.
chrome-relay's answer is structurally different: the credential never
enters the agent's context because the agent never touches it — the HA
session lives in your real Chrome (cookies, WS handshake and all), and
the agent drives the tab over CDP, only ever seeing the rendered page.
URL: https://chrome-relay.kushalsm.com/
For your HA + agent setup today, are you keeping the session alive in a
browser the agent attaches to, or doing the WS auth on the agent side
and managing the token-in-context risk yourself?
Kushal
Read to me like an LLM had written it. It references something I said in a HN comment, but it was clearly just an excuse to spamvertise their product.I looked at the headers and it contained a List-Unsubscribe header pointing to https://api.agentmail.toSo basically somebody wrote a bot to scrape HN for comments related to some software they wanted to push and send targetted spam. agentmail.to is a Ycombinator funded email service for LLMs which can be, and is, used to send targetted spam and impersonate people. They could mostly solve this problem by adding a block of text to every email expaining an "AI" wrote it. They'd lose customers doing that though of course. I reported this abuse but haven't (and don't expect to) received a response.I don't even get the point anyway. You can get Claude using an SMTP or IMAP server in seconds.
Not looking forward to a dehumanized internet where that’s mainstream… agents are tools to support humans, here you’re helping them impersonating humans. That feels pretty terrible to be honest> The internet was made for humans exclusively, designed to keep machines out by default.I don’t buy that at all. APIs exist to enable “machines” to interact with services
I would imagine that many websites will block this domain, but that’s also ok because there’s nothing wrong with an owner deciding their site is for humans only. My hope is that you do not facilitate their circumvention of that policy.
Discovery Source
Hacker News Aggregated via automated community intelligence tracking.
Tech Stack Dependencies
No direct open-source NPM package mentions detected in the product documentation.
Media Tractions & Mentions
No mainstream media stories specifically mentioning this product name have been intercepted yet.
Deep Research & Science
No direct peer-reviewed scientific literature matched with this product's architecture.