A governed email worker for regulated operations
Mailbuttons puts an AI worker in your inbox to triage, draft and send the routine flow, inside limits your compliance team sets. It handles the repetitive mail end-to-end, escalates anything unfamiliar to a person, and writes a tamper-evident record of every decision — the audit trail that lets you put AI on the inbox at all.
One automated end-to-end test, recorded: an agent tries to send to the wrong counterparty, and the policy gate refuses it before anything leaves.
The agent tries to send a document to a counterparty it isn't cleared to email. It doesn't go out — the send is stopped before it leaves, and the attempt stays on the record. The costly mistake simply can't happen.
Nominations, certificates, sampling instructions, terminal queries — the work arrives by email and leaves by email. AI could handle most of it today. But “most of it” isn't good enough when one wrong recipient, one wrong figure, or one unauthorised confirmation is commercial and legal exposure. Generic AI email tools optimise for autonomy — the agent signs itself up and starts sending. Mailbuttons is built for the opposite case: where mistakes are expensive and a named person is accountable for every message sent.
I spent a decade building trading systems and market-risk platforms at Morgan Stanley, Deutsche Bank and Credit Suisse — where a wrong figure costs real money and a regulator is watching. I then led PE-backed technology companies as CTO and CEO, and today I advise PE firms on M&A technology due diligence, so I know exactly what a security and procurement review asks before it lets AI near a system of record. I still write production Rust, I run my own mail infrastructure, and Mailbuttons is the governance I'd want to see in that review.
You're not being sold a platform by a growth team. You're talking to the person who built it.
Richard Halldearn — Morgan Stanley · Deutsche Bank · Credit Suisse · PE-backed CTO/CEO · M&A technology due diligence · Imperial College CS
The outcome, not a feature list.
Acknowledgements, status updates, document requests, chasing what's outstanding — drafted in your house style, sent within scoped limits or held for human approval.
Certificates and reports go only to counterparties on the mailbox's approved list. A document cannot be sent to a party you haven't allowed.
Commercial commitments, disputes, unfamiliar senders — escalated by default. The assistant knows what it isn't allowed to decide.
Every decision — what arrived, what was sent, what was blocked, who allowed it — tamper-evident and exportable. When a counterparty disputes what was said, you have it.
The permission slip that lets a regulated buyer put AI on the inbox at all.
Human-granted capabilities — no agent provisions its own access or expands its own permissions.
How the governance works →
A policy gate on every send, enforced server-side, outside the AI.
How the governance works →
Inbound verified and screened for prompt injection before the AI reads a word.
How the governance works →
A tamper-evident audit log of every decision the assistant makes.
How the governance works →
UK company. EU/UK data residency. Your data is never used to train models.
Start with proof, not a contract
Start with a free shadow-mode assessment: your IT sets one forwarding rule, nothing migrates, nothing is ever sent. For three to four weeks the assistant reads your real traffic and drafts what it would have done. You get the Inbox Assessment Report — how much of your routine mail it can handle end-to-end, the hours it returns, and what the guards caught. Then, if the number is worth it, go live from £2,000/mo per site: supervised sending first, autonomy earned category by category, cancel anytime.
We're taking a small number of design partners in testing, inspection & certification — a named engineer, priority influence on the roadmap, and we measure three things together: handled rate, hours returned, misdirected documents (target: zero).
Book a shadow-mode assessmentHere are four we run ourselves, every day, to operate Mailbuttons. Each one is just an email address with a job — and a person can tell you what it does in a sentence.
Writes our newsletter
Send it a brief by email and it drafts the next edition, ready to go out.
Runs our mailing list
Join a mailing list run entirely by an agent. When you subscribe, your address simply joins the live policy allowlist it's allowed to write to. Subscribing is the demo — see for yourself.
Staffs our front desk
Every message through our contact form is read by an agent, acknowledged, and remembered — no form-to-inbox-to-nowhere.
Keeps our books
We email it a question and it replies. We pointed it at our own dashboards — that data hookup is the part you'd wire up for yours.
None of these is a demo environment — it's our real email running on the same platform you'd use. We run our crew on it; you run yours.
Notes on giving AI agents an email address your security and compliance teams can sign off on.
14 July 2026
A step-by-step walkthrough of a governed mailbox blocking a misdirected send: the policy, the refusal, the audit row, and the owner's view. Every step is a passing CI test.
9 July 2026
TIC firms run on process control — accreditation to ISO/IEC 17020, 17025 and 17065 is the licence to operate. When email automation reaches the operations inbox, an assessor will want to see the controlled process behind it. Here's what a defensible answer looks like.
See the policy file your AI agent runs behind — full schema, threat model, and a 60-second integration recipe.
For developers →