Pre-release · AGPL

Email intelligence you can read, run, and trust.

A local-first Rust application for IMAP mailboxes. Ingest mail, analyze it with local or frontier models, detect risk, recommend folders, and file messages through an auditable agent pipeline. Built for people who want to understand the code that touches their inbox.

Simulated MailSubsystem Core data, knowledge, and TUI review components
Simulated Core data, knowledge, and TUI review components
The OSS core

Inbox automation that stays on your hardware.

MailSubsystem Core is the intelligence layer: LLM workflows, RAG context, classification, threat detection, summarization, and filing. Email content stays local unless you explicitly route to a hosted model.

Local-first inference

Run with LM Studio or Ollama. Frontier escalation is opt-in and per-message.

Declarative agents

Behavior lives in Markdown specs backed by a tool registry, scratchpad, and durable queues.

PostgreSQL memory

Mailbox state, analysis output, embeddings, and action history are queryable and auditable.

Runtime model

From raw mail to accountable action.

Each stage fails independently, logs what happened, retries when appropriate, and leaves enough evidence for a human to understand the decision.

01Sync
02Analyze & embed
03Locate
04File
Simulated MailSubsystem pipeline from IMAP IDLE through filing
Simulated pipeline: IMAP IDLE to filing
Human review

Review the risky messages before anything moves.

The TUI is designed for the moments where an agent should slow down: payment changes, sender mismatches, suspicious links, and folder recommendations that deserve a human look before filing.

Simulated MailSubsystem TUI reviewing a suspicious invoice message
Simulated TUI message review for a suspicious invoice
Managed service

Don't want to run the database yourself?

The Managed Service is the same engine, hosted and looked after. It's designed for the people in your life who should not have to build the binary to read their email safely — with the operational care that goes around it: review queues, audit trails, support workflows, and onboarding.

Core owns the intelligence. The service owns the experience.

No fork of the agent logic. The service orchestrates the Core, adds tenancy and operational policy, and applies the care needed to put it in front of non-technical users.

  • Strict tenant boundaries for account, authorization, and audit data.
  • Caregiver-aware workflows so a family member can see risk without sharing the inbox.
  • Operational controls for support access, destructive actions, and incident review.