Skip to main content
Glama
ActiveCampaign

Postmark MCP Server

Official Postmark MCP Server   NPM Version  MIT licensed

Send emails with Postmark using Claude and other MCP-compatible AI assistants.

Features

  • Exposes a Model Context Protocol (MCP) server backed by your Postmark account

  • 24 tools spanning email sending (single + batch), templates (CRUD + validation), message search, delivery diagnostics, bounces, suppressions, stats, server info, and webhooks

  • MCP tool annotations (readOnlyHint, destructiveHint) let supporting clients auto-approve safe reads and require confirmation before mutating or destructive operations

  • Simple configuration via environment variables

  • Comprehensive error handling and graceful shutdown

  • Structured JSON logging to stderr with optional log-file persistence; email addresses are partially masked by default

  • HTTPS enforcement and optional domain allowlist for webhook registration

  • Automatic open/click tracking on every send

Related MCP server: MailPace MCP Server

Useful Docs

Feedback

We'd love to hear from you! Please share your feedback and suggestions using our feedback form.

Follow us on X - @postmarkapp


Setup

Requirements

Installation (Local Development)

Clone the repository:

git clone https://github.com/ActiveCampaign/postmark-mcp
cd postmark-mcp

Install dependencies:

npm install
# or
yarn
# or
bun install

Configuration (Local Development)

Create your own environment file from the example

cp .env.example .env

Edit your .env to contain your Postmark credentials and settings.

Important: This is intended for local development purposes only. Secrets should never be stored in version control and .env type files should be added to .gitignore.

Required

Variable

Description

POSTMARK_SERVER_TOKEN

Your Postmark server API token

DEFAULT_SENDER_EMAIL

Default sender email address (must be a verified sender in Postmark)

DEFAULT_MESSAGE_STREAM

Postmark message stream (e.g., outbound)

Optional

Variable

Default

Description

AGENT_LABEL

β€”

A label for this instance (e.g., prod, staging). Sent as X-Agent-Label on every Postmark API request, useful for identifying traffic sources in logs or support tickets.

WEBHOOK_URL_ALLOWLIST

β€”

Comma-separated list of HTTPS URL prefixes that createWebhook will accept (e.g., https://hooks.yourapp.com,https://inbound.corp.io). When unset, any valid HTTPS URL is accepted.

LOG_FILE

β€”

Path to a file where structured JSON logs are appended in addition to stderr. The file is created if it does not exist. No rotation or size cap is applied β€” use an external tool such as logrotate to manage the file in long-running deployments.

LOG_EMAIL_FULL

false

Set to true to log email addresses without masking. By default the mailbox portion is partially masked in logs (u**r@example.com).

Run the server:

npm start
# or
yarn start
# or
bun start

Smoke test (requires valid .env):

The repo ships two smoke-test example files. Copy each to its non-example name (which is gitignored) before running, so your local edits β€” including any verified-sender addresses β€” never end up committed.

# Read-only suite (25 checks). Optionally edit RECIPIENT_WITH_HISTORY.
cp smoke-test.example.mjs smoke-test.mjs
npm run smoke

# Mutating suite (full lifecycles + real email sends).
# REQUIRED: edit SENDER and RECIPIENT to two of your verified addresses.
cp smoke-test-mutating.example.mjs smoke-test-mutating.mjs
node smoke-test-mutating.mjs

The read-only suite spawns the server over stdio and exercises every read tool against your Postmark account, plus the validation paths for editTemplate and createWebhook. Does not send mail or mutate state.

The mutating suite runs full create→edit→delete lifecycles for templates (including layout binding), webhooks, and suppressions, and sends real emails between the two addresses you configure. It cleans up after itself. The script refuses to run while the placeholder values are still in place.

Cursor Quick Install

After installing the MCP, update your configuration to set:

  • POSTMARK_SERVER_TOKEN

  • DEFAULT_SENDER_EMAIL

  • DEFAULT_MESSAGE_STREAM (default: outbound)

MCP Client Configuration

Install directly from npm without managing a local copy:

{
  "mcpServers": {
    "postmark": {
      "command": "npx",
      "args": ["-y", "@activecampaign/postmark-mcp"],
      "env": {
        "POSTMARK_SERVER_TOKEN": "your-postmark-server-token",
        "DEFAULT_SENDER_EMAIL": "your-sender-email@example.com",
        "DEFAULT_MESSAGE_STREAM": "outbound"
      }
    }
  }
}

Using a local clone

{
  "mcpServers": {
    "postmark": {
      "command": "node",
      "args": ["/absolute/path/to/postmark-mcp/index.js"],
      "env": {
        "POSTMARK_SERVER_TOKEN": "your-postmark-server-token",
        "DEFAULT_SENDER_EMAIL": "your-sender-email@example.com",
        "DEFAULT_MESSAGE_STREAM": "outbound"
      }
    }
  }
}

Both snippets work with Claude Desktop (~/Library/Application Support/Claude/claude_desktop_config.json), Cursor (.cursor/mcp.json), and any other MCP client that accepts the standard JSON configuration format.

Tools

This section provides a complete reference for the Postmark MCP server tools including example prompts and payloads. The server registers 24 tools organized into eight categories.

Table of Contents


Email

sendEmail

Sends a transactional email to one recipient or up to 50 recipients.

Example Prompt:

Send an email using Postmark to recipient@example.com with the subject "Meeting Reminder" and the message "Don't forget our team meeting tomorrow at 2 PM."

Expected Payload:

{
  "to": "recipient@example.com",
  "subject": "Meeting Reminder",
  "textBody": "Don't forget our team meeting tomorrow at 2 PM.",
  "htmlBody": "<p>Don't forget our team meeting tomorrow at 2 PM.</p>",
  "from": "sender@example.com",
  "cc": "manager@example.com",
  "bcc": "archive@example.com",
  "replyTo": "support@example.com",
  "tag": "meetings"
}

to accepts a single address or an array of up to 50 addresses. htmlBody, from, cc, bcc, replyTo, and tag are optional. If from is omitted, DEFAULT_SENDER_EMAIL is used.

Response:

Email sent successfully!
MessageID: 0a1b2c3d-...
To: recipient@example.com
Subject: Meeting Reminder

sendEmailWithTemplate

Sends an email using a Postmark template.

Example Prompt:

Send the "welcome" template to customer@example.com with name "John Doe" and login_url "https://myapp.com/login".

Expected Payload:

{
  "to": "customer@example.com",
  "templateAlias": "welcome",
  "templateModel": {
    "name": "John Doe",
    "login_url": "https://myapp.com/login"
  },
  "from": "sender@example.com",
  "tag": "onboarding"
}

Provide either templateId (number) or templateAlias (string), not both.

Response:

Template email sent successfully!
MessageID: 0a1b2c3d-...
To: customer@example.com
Template: welcome

sendBatch

Sends up to 500 emails in a single API call. Each message is fully independent β€” its own recipient, subject, and body. This wraps Postmark's synchronous batch endpoint (POST /email/batch), which returns immediate per-message results.

Note: Postmark also offers an asynchronous bulk email API (POST /email/bulk) for large-volume jobs with no message-count cap and a 50 MB payload limit. That endpoint uses a submit-and-poll workflow and is not currently wrapped by this MCP server.

Expected Payload:

{
  "messages": [
    {
      "to": "alice@example.com",
      "subject": "Order #1234 confirmed",
      "textBody": "Thanks Alice β€” your order is on its way.",
      "tag": "order-confirmation"
    },
    {
      "to": "bob@example.com",
      "subject": "Order #1235 confirmed",
      "textBody": "Thanks Bob β€” your order is on its way.",
      "tag": "order-confirmation"
    }
  ]
}

Per-message fields: to, subject, textBody are required. htmlBody, from, cc, bcc, replyTo, and tag are optional. If from is omitted on a message, DEFAULT_SENDER_EMAIL is used.

Response:

Sent 2/2 successfully

Successes:
  - alice@example.com β€” abc-123-def
  - bob@example.com β€” abc-456-ghi

When some messages fail at submission (e.g., suppressed recipients), failures are listed first with their ErrorCode and reason:

Sent 8/10 successfully (2 failed)

Failures:
  - blocked@example.com β€” 406: Address has been suppressed.
  - bad@example.com β€” 300: Inactive recipient
...

sendBatchWithTemplate

Sends up to 500 templated emails β€” same template, per-recipient template models. Ideal for "render this onboarding template for each new user" flows.

Expected Payload:

{
  "templateAlias": "welcome",
  "from": "hello@yourapp.com",
  "tag": "onboarding",
  "recipients": [
    { "to": "alice@example.com", "templateModel": { "name": "Alice", "plan": "Pro" } },
    { "to": "bob@example.com", "templateModel": { "name": "Bob", "plan": "Free" } }
  ]
}

Provide either templateId (number) or templateAlias (string). Top-level from and tag apply to all recipients but can be overridden per-recipient. Each recipient also accepts optional cc, bcc, and replyTo.

Response: same format as sendBatch.


Templates

listTemplates

Lists saved templates on this server. Returns the first 100 templates; if a server has more than 100, pagination is not yet supported and the response will indicate that results are truncated.

Response:

Found 2 templates:

β€’ **Welcome**
  - ID: 12345678
  - Alias: welcome
  - Subject: Welcome to {{product_name}}

getTemplate

Retrieves a single template's full content (HTML body, text body, subject, type).

Payload: { "templateIdOrAlias": "welcome" } β€” accepts numeric ID or string alias.

createTemplate

Creates a new template. Requires name. At least one of htmlBody or textBody must be provided.

subject is required for Standard templates and must be omitted for Layout templates β€” Postmark rejects the field on Layouts.

layoutTemplate (Standard only) binds the new template to an existing Layout by alias. Without it, the new template renders unwrapped (no chrome from any layout).

Expected Payload:

{
  "name": "Order Confirmation",
  "subject": "Your order #{{order_id}} is confirmed",
  "htmlBody": "<h1>Thanks {{name}}</h1>",
  "textBody": "Thanks {{name}}",
  "alias": "order-confirmation",
  "templateType": "Standard",
  "layoutTemplate": "basic"
}

templateType may be "Standard" (default) or "Layout".

editTemplate

Updates an existing template. Requires templateIdOrAlias plus at least one updated field (name, subject, htmlBody, textBody, alias, or layoutTemplate).

Pass "layoutTemplate": null to unbind a template from its current Layout (the MCP translates this to the empty-string the Postmark API requires for clearing the association).

deleteTemplate

Permanently deletes a template by ID or alias. Layout templates cannot be deleted while Standard templates are still bound to them β€” unbind via editTemplate first.

Payload: { "templateIdOrAlias": "order-confirmation" }

validateTemplate

Validates template content (Mustachio syntax, undefined variables) without saving. At least one of subject, htmlBody, or textBody is required.

Expected Payload:

{
  "subject": "Order #{{order_id}}",
  "htmlBody": "<p>Thanks {{name}}</p>",
  "textBody": "Thanks {{name}}",
  "testRenderModel": { "order_id": 42, "name": "John" },
  "templateType": "Standard"
}

Messages

searchOutboundMessages

Searches the outbound message history.

Expected Payload (all filters optional):

{
  "recipient": "user@example.com",
  "fromEmail": "sender@example.com",
  "tag": "marketing",
  "subject": "Welcome",
  "status": "sent",
  "messageStream": "outbound",
  "fromDate": "2025-05-01",
  "toDate": "2025-05-15",
  "count": 50,
  "offset": 0
}

status is one of queued, sent, processed. count is 1–500 (default 50).

getMessageDetails

Retrieves full details and event timeline for a single outbound message.

Payload: { "messageId": "0a1b2c3d-..." }


Diagnostics

diagnoseDelivery

Composite triage tool. Answers "did my email reach X, and if not, why?" by running message search, suppression check, and bounce history lookups in parallel against a recipient address, then synthesizing a plain-English recommendation.

This is a diagnostic tool: it composes multiple Postmark API calls into a single coherent answer rather than mirroring a single endpoint.

Example Prompt:

Did my email to recipient@example.com get delivered? If not, what should I do?

Expected Payload:

{
  "recipient": "recipient@example.com",
  "messageId": "0a1b2c3d-...",
  "fromDate": "2026-04-21",
  "toDate": "2026-04-28",
  "messageStream": "outbound"
}

All fields except recipient are optional. If messageId is omitted, the most recent message to the recipient is used. The default search window is the last 7 days.

Sample response:

Delivery Diagnosis: recipient@example.com
────────────────────────────────────────────────

Suppression: not suppressed on stream "outbound"

Most recent message:
  MessageID: fadeae4e-fb04-4102-9303-9876078c7b81
  Subject:   Welcome to MyApp
  Sent:      2026-04-27T18:42:19.0000000-04:00
  Status:    Sent
  Events:    Delivered, OpenedΓ—2, Clicked

Bounce history: none

Recommended action:
  Email was delivered. If recipient says they didn't see it, check their
  spam folder or ask them to whitelist the sender domain.

When the recipient is suppressed, the recommendation differs based on reason: SpamComplaint is permanent, HardBounce may be reactivatable, ManualSuppression can be deleted via deleteSuppressions.


Bounces

searchBounces

Searches the bounce log with optional filters by type, recipient, tag, message ID, message stream, date range, and active/inactive status.

Expected Payload (all optional):

{
  "type": "HardBounce",
  "inactive": true,
  "emailFilter": "@example.com",
  "tag": "marketing",
  "messageID": "0a1b2c3d-...",
  "messageStream": "outbound",
  "fromDate": "2025-05-01",
  "toDate": "2025-05-15",
  "count": 50,
  "offset": 0
}

Supported type values (matches Postmark's BounceType enum β€” 22 values): AddressChange, AutoResponder, BadEmailAddress, Blocked, ChallengeVerification, DMARCPolicy, DnsError, HardBounce, InboundError, ManuallyDeactivated, OpenRelayTest, SMTPApiError, SoftBounce, SpamComplaint, SpamNotification, Subscribe, TemplateRenderingFailed, Transient, Unconfirmed, Unknown, Unsubscribe, VirusNotification.

getBounceDump

Returns the raw SMTP dump for a bounce. Bounce dumps are retained for 30 days.

Payload: { "bounceId": 123456 }

activateBounce

Reactivates a deactivated email address (only bounces where CanActivate: true).

Payload: { "bounceId": 123456 }


Suppressions

listSuppressions

Lists suppressions for a message stream.

Expected Payload (all optional):

{
  "messageStream": "outbound",
  "suppressionReason": "HardBounce",
  "origin": "Recipient",
  "emailAddress": "user@example.com",
  "fromDate": "2025-05-01",
  "toDate": "2025-05-15"
}

suppressionReason ∈ HardBounce, SpamComplaint, ManualSuppression. origin ∈ Recipient, Customer, Admin. If messageStream is omitted, DEFAULT_MESSAGE_STREAM is used.

createSuppressions

Suppresses up to 50 email addresses on a message stream.

Payload: { "emailAddresses": ["a@example.com", "b@example.com"], "messageStream": "outbound" }

deleteSuppressions

Removes up to 50 addresses from the suppression list. Note: SpamComplaint suppressions cannot be deleted.

Payload: { "emailAddresses": ["a@example.com"], "messageStream": "outbound" }


Stats & Server

getDeliveryStats

Unified stats tool. Default behavior returns a friendly headline summary; pass an optional stat for a focused breakdown.

Expected Payload (all optional):

{
  "stat": "summary",
  "tag": "marketing",
  "fromDate": "2025-05-01",
  "toDate": "2025-05-15",
  "messageStream": "outbound"
}

Supported stat values:

stat

What it returns

summary (default)

Headline open / click / bounce / spam rates

overview

All overview counts (sent, tracked, opens, clicks, bounces, …)

sent

Sent count

bounces

Bounce breakdown by type

spam

Spam complaint count

tracked

Tracked email count

opens

Total + unique opens

openPlatforms

Open platform breakdown (Desktop / Mobile / WebMail / Unknown)

openClients

Top 10 email clients (Apple Mail, Gmail, …)

openReadTimes

Read-time histogram

clicks

Total + unique link clicks

clickBrowsers

Top 10 browsers used to click

clickPlatforms

Click platform breakdown (Desktop / Mobile / WebMail / Unknown)

clickLocation

HTML vs. plain-text click location

Default summary response:

Email Delivery Summary

Sent:        74
Tracked:     33  (44.6% of sent)
Open rate:   93.9%  (31/33 unique opens)
Click rate:  4.8%  (10/207 unique links clicked)
Bounced:     1  (1.4%)
Spam:        0  (0.0%)

Period: 2025-05-01 β†’ 2025-05-15
Tag: marketing

Sample stat: "openPlatforms" response:

Open Platform Usage

  Desktop        20  (64.5%)
  Mobile          0  (0.0%)
  WebMail        11  (35.5%)
  Unknown         0  (0.0%)

getServerInfo

Returns the Postmark server's name, color, tracking settings, and webhook URLs.

Payload: {}


Webhooks

listWebhooks

Lists configured webhooks. Optional messageStream filter.

createWebhook

Creates a webhook subscription. Requires a url and at least one trigger.

Security note: Webhooks are persistent β€” once registered, Postmark will POST event data (opens, clicks, bounces, spam complaints, etc.) to the target URL for all future matching events on that server, until the webhook is deleted. Only register webhooks pointing to URLs you control. Use WEBHOOK_URL_ALLOWLIST to restrict accepted URLs to known prefixes.

The url must use HTTPS. HTTP URLs are rejected. If WEBHOOK_URL_ALLOWLIST is set, the URL must also match one of the configured prefixes.

Expected Payload:

{
  "url": "https://hooks.yourapp.com/postmark",
  "messageStream": "outbound",
  "openEnabled": true,
  "clickEnabled": true,
  "deliveryEnabled": false,
  "bounceEnabled": true,
  "spamComplaintEnabled": true,
  "subscriptionChangeEnabled": false
}

deleteWebhook

Deletes a webhook by ID.

Payload: { "webhookId": 1234567 }

Implementation Details

API Request Headers

All requests to the Postmark API include the following headers for client identification:

Header

Description

X-Postmark-Client

Always postmark-mcp β€” identifies this server as the request origin

X-Postmark-Client-Version

Version of this MCP server, matching the package version

X-Postmark-MCP-Client

Name and version of the MCP host application (e.g., claude-desktop/1.0), captured from the MCP initialize handshake. Omitted if the client does not provide this information.

X-Agent-Label

Value of the AGENT_LABEL environment variable. Omitted when not set.

This server uses its own HTTP client (no postmark npm package) so that MCP traffic is identifiable as postmark-mcp in Postmark logs and support tickets.

Automatic Configuration

All emails are automatically configured with:

  • TrackOpens: true

  • TrackLinks: "HtmlAndText"

  • Message stream from DEFAULT_MESSAGE_STREAM environment variable

Error Handling

The server implements comprehensive error handling:

  • Validation of all required environment variables

  • Graceful shutdown on SIGTERM and SIGINT

  • Proper error handling for API calls

  • No exposure of sensitive information in logs

  • Consistent error message formatting

Logging

Every tool invocation emits a structured JSON line to stderr. If LOG_FILE is set, the same line is also appended to that file.

Log entry shape:

{
  "timestamp": "2026-06-16T20:34:01.123Z",
  "tool": "sendEmail",
  "clientName": "claude-desktop",
  "clientVersion": "1.0",
  "args": {
    "to": "u**r@example.com",
    "subject": "Meeting Reminder",
    "textBody": "[312ch]"
  },
  "status": "ok",
  "durationMs": 243
}

On error, status is "error" and an error field contains the message.

What is and isn't logged:

Data

Logged as

Email addresses

Partially masked: u**r@example.com (set LOG_EMAIL_FULL=true to disable)

htmlBody / textBody

Byte count only: [312ch]

templateModel and other data objects

Key names only: { "_keys": ["name", "plan"] }

Batch messages / recipients arrays

Count + recipient list: { "_count": 2, "_recipients": ["u**r@…", "a*b@…"] }

Fields matching password, secret, token, apikey

[redacted]

Tool name, duration, MCP client identity, status

Logged in full

Unstructured operational messages (startup, shutdown, API connectivity) continue to write to stderr as plain text alongside the JSON tool logs.


Security Considerations

Access scope

This MCP server acts with the full permissions of the configured POSTMARK_SERVER_TOKEN. It exposes 24 tools β€” including bulk email sends, template management, webhook registration, and suppression list edits β€” to any MCP client that connects.

Postmark has two token types: a Server Token (used here) and an Account Token. Neither supports sub-scoped permissions β€” a Server Token grants full access to all operations on the server it belongs to. The practical way to limit exposure is structural:

  • Create a dedicated Postmark server used exclusively for MCP traffic. A compromise is then limited to that server's data and settings rather than your entire account.

  • Configure that server with only the message streams and verified sender signatures it actually needs.

  • Rotate the token if it is ever exposed.

Tool blast radius

The 24 tools include several high-impact operations. Below is the breakdown by risk level:

Category

Tools

Destructive (irreversible)

editTemplate, deleteTemplate, deleteWebhook, deleteSuppressions

Sending (outbound email)

sendEmail, sendEmailWithTemplate, sendBatch, sendBatchWithTemplate

Additive (account-state changes)

createTemplate, createSuppressions, createWebhook, activateBounce

Read-only

All remaining 12 tools

All tools carry MCP annotations (readOnlyHint, destructiveHint, idempotentHint). MCP clients that respect annotations β€” including Cursor and Claude Desktop β€” can auto-approve safe read-only lookups (readOnlyHint: true) and will surface confirmation prompts for anything that isn't a read: sends, template edits, suppression changes, and webhook management. Tools that permanently delete data additionally carry destructiveHint: true for clients that distinguish destructive from merely mutating actions.

Webhook URL policy

createWebhook enforces HTTPS on all URLs. Once a webhook is registered, Postmark will POST event data (opens, clicks, bounces, spam complaints) to that URL on an ongoing basis until the webhook is deleted. To prevent a compromised or misdirected tool call from registering a callback you don't control, set WEBHOOK_URL_ALLOWLIST to the HTTPS prefixes you own. Audit registered webhooks regularly with listWebhooks or via the Postmark dashboard.

To secure your webhook receiver, whitelist Postmark's published sending IPs at the network or firewall level so only Postmark can POST to your endpoint.

Prompt injection risk

Because this MCP server can send email and register webhooks, it is a potential target for prompt injection β€” where malicious content in an email, template, or repository tricks the AI into invoking a tool with unintended arguments. The mitigations above (dedicated token, tool approval in your MCP client, WEBHOOK_URL_ALLOWLIST) reduce the blast radius if this occurs. Never configure auto-approval for sending or destructive tools in untrusted environments.


For more information about the Postmark API, visit Postmark's Developer Documentation.

License

MIT Β© ActiveCampaign

A
license - permissive license
-
quality - not tested
C
maintenance

Maintenance

–Maintainers
–Response time
1wRelease cycle
3Releases (12mo)
Commit activity
Issues opened vs closed

Resources

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ActiveCampaign/postmark-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server