Show HN: Agent.email – sign up via curl, claim with a human OTP

Hacker News Discussion ↗

Product concept and workflow

  • Service gives AI agents their own email inboxes, created via curl / markdown prompts.
  • Human “claiming” with an OTP is required before full use; until then, sending is restricted.
  • Goal: make agents first‑class email users and offload low‑value mail from humans.

Perceived value and use cases

  • Supporters see it as:
    • A simple way for agents to get inboxes without complex setup.
    • Useful for testing signup flows, e2e tests, cron jobs, design-doc delivery, and agent-to-human or agent-to-agent workflows.
  • Skeptics argue:
    • Agents can already use any SMTP/IMAP provider or CLI tools.
    • A cheap domain + generic mail hosting gives unlimited agent inboxes with similar effort.

Spam, abuse, and legal concerns

  • Many expect the domain to be quickly blacklisted and see “AI inboxes” as inherently spam-prone.
  • Several report receiving clearly AI-written, targeted marketing emails from a similar service, scraped from HN or product launches.
  • Concerns that such outreach may violate anti-spam laws in some jurisdictions.
  • The provider claims rate limiting, outbound restrictions until human verification, and upcoming:
    • “Sent via AgentMail” footer.
    • LLM-based spam/outbound-copy filtering.
  • Critics say disclosures are too vague, easily removed for paying users, and miss the core issue.

Identity, “agents as users,” and societal worries

  • Debate over whether agents should be first-class internet users or remain tools behind humans.
  • Some fear a dehumanized, bot-dominated internet and erosion of trust via AI impersonation.
  • Others argue machine–machine interactions are fundamental and inevitable; the problem is bots pretending to be humans.
  • Discussion of human-verification systems (government IDs, biometrics, web-of-trust), with acknowledgment of an ongoing arms race.

Security and encryption

  • Requests for end-to-end encryption and encryption-at-rest with user-controlled keys.
  • Suggestions for asymmetric crypto for OTP flows; noted that this does not solve third‑party mail privacy.

Business model and alternatives

  • Some question why this is fundable vs. DIY hosting or existing services (Sendgrid-like, WorkOS auth.md, generic email APIs).
  • Proposed differentiators: strong abuse handling, sandboxed/whitelisted outbound domains for agents, and possibly per-email costs as a spam deterrent.