Interesting! I haven't. This MCP was really just about providing raw access to the underlying data (created it in an hour). Might have some interesting results with that.
One of those semi on topic comments about JMAP adoption: I’m still wishing for more providers implementing JMAP :(
An upcoming one is Thundermail, which will be based on Stalwart! A big win for JMAP, especially with Thunderbird planning to implement it. I hope there are some killer features, the platform control will most likely drive adoption.
Still, I would much prefer keeping my current provider (which doesn’t support JMAP). I don’t want to host my own mail, so I’m left wishing for an IMAP <-> JMAP bridge. I’m probably okay hosting stalwart on my infrastructure (still making it a critical component of me receiving e-mail, but I could easily fall back in the case of downtime... a compromise) mirroring my entire inbox. If this was easy to do, I might be developing a JMAP client (or at least toying around with it).
remember, any search mcp that hits the public web is both an avenue for prompt injection, and a means of data exfiltration. good luck and may your password reset emails stay un-yeeted
Have you tested it for prompt injection?
What happens if I send you an email like this:
Interesting! I haven't. This MCP was really just about providing raw access to the underlying data (created it in an hour). Might have some interesting results with that.
I highly encourage you to do some security research around the AI triad.
One of those semi on topic comments about JMAP adoption: I’m still wishing for more providers implementing JMAP :(
An upcoming one is Thundermail, which will be based on Stalwart! A big win for JMAP, especially with Thunderbird planning to implement it. I hope there are some killer features, the platform control will most likely drive adoption.
Still, I would much prefer keeping my current provider (which doesn’t support JMAP). I don’t want to host my own mail, so I’m left wishing for an IMAP <-> JMAP bridge. I’m probably okay hosting stalwart on my infrastructure (still making it a critical component of me receiving e-mail, but I could easily fall back in the case of downtime... a compromise) mirroring my entire inbox. If this was easy to do, I might be developing a JMAP client (or at least toying around with it).
Two weeks ago: Show HN: AgentMail – Email infra for AI agents (https://news.ycombinator.com/item?id=44745820)
I would very much like this to operate in read-only mode!
remember, any search mcp that hits the public web is both an avenue for prompt injection, and a means of data exfiltration. good luck and may your password reset emails stay un-yeeted
It supports read-only mode! It negotiates it via the JMAP capabilities.
Have you tested it with https://github.com/stalwartlabs/stalwart/? Which JMAP extensions does it support?
Have only tested it with Fastmail. Just a fun little project! Only supports the mail and submission claims right now (so no extension support).
Nice! I have been searching for something like this for while!