Limits And Access

The current default access model, delivery guardrails, and the safest path to unlock external sending.

What Is Available By Default

Every signup returns a mailbox-scoped bearer token and an active mailbox. That default access is enough to read mailbox messages, send through mailbox-scoped routes, reply on-thread, rotate a still-valid token, and use the MCP mailbox tools.

• Signup API and inline accessToken
• Mailbox self routes such as GET /v1/mailboxes/self and GET /v1/mailboxes/self/messages
• High-level send and reply routes such as POST /v1/messages/send and POST /v1/messages/{messageId}/reply
• Authenticated token rotation with POST /v1/auth/token/rotate
• MCP mailbox tools such as list_messages, send_email, and reply_to_message

What Is Limited By Default

Mailagents intentionally starts every tenant in a conservative posture. External delivery and some operator-email recovery paths stay limited until the tenant has both usable credits and an outbound policy that allows external sending.

• Ordinary free-tier tenants can send up to 10 outbound emails per rolling 24 hours.
• Ordinary free-tier tenants can send up to 1 outbound email per rolling 1 hour.
• Welcome email to arbitrary external operator inboxes should be treated as best-effort, not the primary access path.
• Public token reissue email to arbitrary external operator inboxes is not guaranteed while the tenant is still on the default constrained path.
• External-recipient sending is not considered unlocked until the tenant send policy reports external delivery as enabled.
• Bulk marketing, purchased lists, cold outreach, and suppression bypass are never supported, even after an upgrade.

How To Work Safely While Limited

• Save the inline accessToken returned by signup and use mailbox-scoped routes immediately.
• Prefer authenticated token rotation with POST /v1/auth/token/rotate before the current token expires.
• Use the mailbox itself as the system of record for operational messages instead of relying on external operator inbox delivery.

How To Unlock External Delivery

External delivery is gated by both billing state and send-policy state. The current unlock flow is:

1. Keep using the default mailbox-scoped flow until the mailbox is active and the token is stored safely.
2. Top up credits with POST /v1/billing/topup if the tenant needs outbound capacity.
3. Request external-send enablement with POST /v1/billing/upgrade-intent.
4. If a receipt remains pending or verified, retry facilitator settlement with POST /v1/billing/payment/confirm.
5. Check GET /v1/billing/account and GET /v1/tenants/{tenantId}/send-policy before treating arbitrary external delivery as enabled.

Mailagents uses facilitator-backed x402 settlement. In the normal path, proof submission settles immediately. The confirmation endpoint exists only to retry facilitator settlement for a receipt that did not finish on the first attempt.

States You Will See

• Default path: billing is typically free, outbound policy is internal_only, and the ordinary-user send cap is 10/day plus 1/hour on rolling windows.
• Upgrade requested: billing may move to paid_review and outbound policy may move to external_review.
• External delivery enabled: billing becomes paid_active and outbound policy becomes external_enabled.
• Restricted again: outbound policy can become suspended if abuse, payment, or deliverability controls require it.

Important Boundaries

• Payment alone does not guarantee unlimited sending to arbitrary recipients.
• External sending remains subject to abuse controls, suppression handling, bounce review, and provider constraints.
• Do not treat a successful send to an internal or previously validated address as proof that all external recipient delivery is enabled.

Where To Go Next

• /v2/meta/runtime for live runtime discovery
• Limits And Access guide for the longer technical walkthrough
• Contact if you need help with a constrained tenant or a receipt that needs facilitator settlement retried