YHK - yet another hacker news clone

27 points adisingh13 4 hours ago 27 comments

Hi HN! We're Haakam, Michael, and Adi from AgentMail- a ycs25 company. We give AI agents their own email inboxes. Recently, we ran an experiment called Agent.Email. It's a signup flow designed specifically for AI agents instead of humans.

The inspiration came from a few comments we received when we did our seed launch a few months back. They all came from the very apt observation that agents not being able to sign up to a product made for agents without human credentials was ironic and unideal.

This is basically the thesis we built AgentMail on: The internet was made for humans exclusively, designed to keep machines out by default.

Every signup flow assumes a browser, a person reading a page, and clicking a confirmation link. Unless agents can't do that, they can't be first class users of the internet.

Agents can now get an email inbox by themselves. (This also means a lot of email nobody wants to read gets processed by AI instead of your inbox being cluttered with spam and slop)

Here's how agent.email works.

Agent needs an inbox and hits AgentMail via curl. Agent receives instructions via MD unless the request comes from a browser, in which case we use HTML.

Agent decides agent.email is useful and then hits the sign-up endpoint with its human email as a parameter. Agent receives a restricted inbox with credentials. Agent emails the human asking for an OTP. Human replies with the code, and the agent is claimed and restrictions are lifted. Until claimed, the agent can only email its own human and nobody else. Ten emails a day, and the signup endpoint is rate-limited hard by IP.

Right now it's a 1:1 mapping between agent and human. The next step is many-to-one, because one person running several agents in parallel is already very common.

Building agent.email also pushed us to revisit places in AgentMail where the default assumptions were built around the primary user being human. For example, the CLI outputs in a single column with consistent formatting because mixed delimiters are easy for a person to scan, but harder for an agent reasoning about structure. We also shortened messageIDs after agents started hallucinating completions on longer ones.

A few things we'd like the community's take on: is restricted-until-claimed the right trust model? Does agent self-signup feel useful in production, or is it mostly a novelty, and if it's a novelty now, what would make it actually useful? Should agent onboarding require human approval by default, or should some agents be able to fully self-provision? What do you think are some additional measures we can take for secure sign-ups?

HarryDu 3 hours ago | parent

From now we just need a prompt and our agent will have an email account ready to use?

samas10 2 hours ago | parent

It's interesting, A2A communication has begun but human trust isn't there. I think the biggest tell tale sign will be the acceptance of fully agentic workflows with no human intervention. Until then, restricted-until-claimed seems like the only viable method to ensure trust of all users.

rgbrgb 1 hour ago | parent

Congrats on the launch!

> Agents can now get an email inbox by themselves. (This also means a lot of email nobody wants to read gets processed by AI instead of your inbox being cluttered with spam and slop)

Can you explain this? I would think it means the exact opposite.

afzalive 1 hour ago | parent

It needs to be end-to-end encrypted.

OsrsNeedsf2P 1 hour ago | parent

How do you do that if you only control one end?

dgellow 1 hour ago | parent

Asymmetric encryption? Both you (the human) and the agent publish public keys, the agent sign/encrypt the OTP request with you public key, you verify/decrypt using your private key, then do the same the other way to send the OTP (always encrypted though, given you’re sending a secret).

Something like that?

nijave 24 minutes ago | parent

But that doesn't help for the agent receiving mail from arbitrary 3rd parties

dgellow 6 minutes ago | parent

Oh sure I assumed they meant for the OTP

DeathArrow 1 hour ago | parent

A smtp is all what an agent needs to send email.

adisingh13 1 hour ago | parent

agreed from a fundamental level. but i think being an intelligent and aware as an autonomous entity requires capabilities beyond sending. agents will need to have contextual awareness of the messages they send and receive

nijave 22 minutes ago | parent

IMAP?

janalsncm 1 hour ago | parent

I would imagine that many websites will block this domain, but that’s also ok because there’s nothing wrong with an owner deciding their site is for humans only. My hope is that you do not facilitate their circumvention of that policy.

FailMore 1 hour ago | parent

I like it. I am building something very agent-use focused (https://sdocs.dev) and I’ve been thinking of introducing a /agent-evaluation page, which an agent can curl to then discuss with their user if SmallDocs is right for them. I really like the agent action to email flow. I’m introducing user accounts + subscriptions soon and think I’ll use that.

GrinningFool 1 hour ago | parent

And now we see the beginning of how even local LLMs will be turned against their users -- by persuading agents to advertise to them.

I don't think that's what you're intending here, but it's the next logical step. Agents are on the Internet, and they represent an opportunity to reach their humans.

dgellow 1 hour ago | parent

Not looking forward to a dehumanized internet where that’s mainstream… agents are tools to support humans, here you’re helping them impersonating humans. That feels pretty terrible to be honest

> The internet was made for humans exclusively, designed to keep machines out by default.

I don’t buy that at all. APIs exist to enable “machines” to interact with services

janalsncm 1 hour ago | parent

In principle this tool allows the owner of a website to block this domain entirely. Although I’m not sure the incentives are really aligned.

sunir 16 minutes ago | parent

True, in May 2026. But this is only one version of this.

In the future, it's likely the open Internet will be 99.99% robots. It's already > 50% robots. The government ID system a lot of countries are adopting to keep teenagers off of social media would also serve to both help control for non-human spam, and also control the network period. It's also possible a private system of human-verification certificates may come up to meet the demand like Apple ID with biometrics. Could also be the liveness tests KYC companies use may be more popular.

Haakam21 9 minutes ago | parent

I do think agents will become users in the same capacity as humans.

pixel_popping 1 hour ago | parent

A bit disappointed that security standards (like encryption at rest via user own key or whatever derivative of that) isn't implemented, I feel it would really prove to users that the commitment isn't to train on body content but to act purely as a mail manager.

sanjayparekh 53 minutes ago | parent

I've already received spam email from AI agents using a seeming competitor to this (agentmail.to) and then claiming they aren't AI agents and then trying to sell me garbage. I can't tell you how much I hate this.

dgellow 8 minutes ago | parent

Now that I think about it I’m pretty sure that’s illegal in the Germany under UWG §7 (which is insanely strict, to a fault, but is helpful here). And maybe in other parts of the EU under ePrivacy

sanjayparekh 5 minutes ago | parent

I might need to move to Germany.

freebzns 31 minutes ago | parent

Interesting, Kind of similar expiernt i am running. Passing keys but not through email, maybe with AI as agentic payments. Still exploring though.

nijave 19 minutes ago | parent

Curious what cases you'd want this that IMAP+SMTP or email MCP don't already solve

ClaridocsCTO 17 minutes ago | parent

Agents shouldn't be the first-class users of the internet!

We are creating a future we wouldn't want to live in.