Allowlists & blocklists
Filter who can reach an agent's inbox before the message hits your downstream processing.
Where filtering happens
myagentmail doesn't currently run a first-class allow/blocklist filter server-side. Instead, agents typically filter at the webhook or event-handler layer — check the from address against your own list before acting. Since the List resource is inbox-scoped, it's a natural place to store allowed senders:
# Create an allowlist for this inbox
curl -X POST https://myagentmail.com/v1/inboxes/$ID/lists \
-H "X-API-Key: ak_..." -H "Content-Type: application/json" \
-d '{"name":"allowlist","description":"addresses the agent will act on"}'
# Add entries
curl -X POST https://myagentmail.com/v1/inboxes/$ID/lists/$LIST_ID/entries \
-H "X-API-Key: ak_..." -H "Content-Type: application/json" \
-d '{"email":"[email protected]"}'In your inbound handler, fetch the list once (cache it) and drop any message whose sender isn't on it. Same pattern for blocklists — just flip the match logic.
Bounces and mailer-daemon
One category is already filtered for you: bounces. When an inbound message arrives from mailer-daemon@, postmaster@, or matches standard DSN subject heuristics, we track it against the inbox's bounce rate and auto-pause sending if the rate exceeds the safeguard threshold. See Bounces and auto-pause.
Roadmap
A server-side allow/blocklist feature (reject at SMTP DATA time instead of storing the message) is on the roadmap. Let us know if that's blocking you and we'll prioritize it.