MS MailSubsystem
Upcoming AGPL release

Email intelligence you can read, run, and trust.

A local-first Rust application for IMAP mailboxes. Ingest mail, analyze it with local or frontier models, detect risk, recommend folders, and file messages through an auditable agent pipeline.

Your mom and dad shouldn't be scammed.

Read the docs View on GitHub
Simulated MailSubsystem Core terminal and analysis queue
Simulated Core terminal and analysis queue
The OSS core

Inbox automation that stays on your hardware.

MailSubsystem Core is the intelligence layer: LLM workflows, RAG context, classification, threat detection, summarization, and filing. Email content stays local unless you explicitly route to a hosted model.

Local-first inference

Run with LM Studio or Ollama. Frontier escalation is opt-in and per-message.

Declarative agents

Behavior lives in Markdown specs backed by a tool registry, scratchpad, and durable queues.

PostgreSQL memory

Mailbox state, analysis output, embeddings, and action history are queryable and auditable.

Runtime model

From raw mail to accountable action.

Each stage fails independently, logs what happened, retries when appropriate, and leaves enough evidence for a human to understand the decision.

01Sync
02Analyze & embed
03Locate
04File
Simulated MailSubsystem pipeline from IMAP IDLE through filing
Simulated pipeline: IMAP IDLE to filing
Managed service

A managed service for families and small teams.

The upcoming service brings Core's intelligence into a managed experience with tenant isolation, audit trails, support workflows, and guided onboarding. Core owns the intelligence. The service owns the product experience.

Explore the SaaS See the boundary

Your mom and dad shouldn't be scammed.

The consumer-ready expression of the same idea: help ordinary people defend their inboxes from phishing, fraud, and manipulation without running PostgreSQL or a local model server.

  • Strict tenant boundaries for account, authorization, and audit data.
  • No duplicated intelligence — the service orchestrates the agent logic, it doesn't fork it.
  • Operational controls for support access, destructive actions, and incident review.
Documentation

Start where you are.

The Core docs cover what the OSS application does today, how to set it up, and what is hardening next.

Overview

Purpose, audience, status, and what to expect before the AGPL release.

/docs/overview

Quick start

Build, database, environment, and the first commands to run safely.

/docs/quick-start

Command reference

Sync, analyze, locate, file, and maintenance commands.

/docs/commands

Safety notes

Sandbox mailboxes, dry-runs, and what not to point at production accounts.

/docs/safety