Submail
Provides email translation using Google-compatible translation services.
Provides email translation using LibreTranslate.
Provides AI-assisted email composition, summaries, and suggested replies using OpenAI-compatible providers.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Submailshow my unread emails"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.

Submail is not a mail server and does not replace Gmail, Outlook, QQ Mail, or your existing provider. It connects existing IMAP/POP3 mailboxes, sends through their SMTP servers, and gives people and agents one controlled workspace.
Why Submail
One inbox, many accounts | Search, read, reply, forward, star, archive, delete, and manage attachments across multiple mailboxes. |
Built for agents | Use local stdio MCP, remote Streamable HTTP MCP, or a direct HTTP send API without maintaining separate integrations. |
Permissioned by default | Scope every key by capability, mailbox, expiry time, and daily send quota. New keys start with read-only permissions. |
Your data, your deployment | Run locally with SQLite or deploy with Docker, Redis/BullMQ, and SQLite or MySQL. |
Related MCP server: mail-cal-drive-mcp
Features
Mail accounts: IMAP or POP3 receive, SMTP send, connection tests, provider presets, app-password guidance, and verified Send As aliases.
Incremental sync: IMAP UID and POP3 UIDL cursors, remote read/star reconciliation, discoverable special folders, scheduled jobs, bounded retries, concurrency limits, and sync history.
Unified workflow: Inbox, sent, drafts, starred, archived, trash, conversation threading, advanced search, and bulk actions.
Attachments: Centralized storage after sync, on-demand browser retrieval,
.emlparsing, retention settings, and broad in-browser preview support.AI assistance: OpenAI-compatible providers for summaries, suggested replies, and email composition. Generated content is placed in the editor and is never sent automatically.
Translation: Google-compatible, LibreTranslate, or custom HTTP providers with long-message chunking, a configurable default language, and opt-in automatic translation for clearly detected English email.
MCP and API: Eight MCP tools plus a direct send endpoint, sharing the same authorization and delivery service.
Operations: Health checks, least-privilege containers, durable Redis queues, audit retention, SQLite online backup, and atomic restore.
Screenshots
All screenshots use a temporary SQLite database and synthetic .local addresses. No production mailbox data is included.
Quick start
Docker deployment
Install Docker Engine with the Compose plugin, then run:
git clone https://github.com/guozhijian611/submail.git
cd submail
./deploy.shThe setup script lets you choose SQLite, bundled MySQL, or external MySQL. It generates secrets, starts Redis and all services, builds the images, and waits for health checks.
The gateway binds to 127.0.0.1:8080 by default. Put Caddy, Nginx, Traefik, or a load balancer with HTTPS in front of it before exposing Submail to the internet.
See the full deployment and operations guide for first-admin setup, database modes, backup/restore, and upgrades.
Local development
Requirements: Node.js 22+.
npm ci
npm run secure:local
npm run devWeb UI:
http://localhost:5173API:
http://localhost:8787Local database:
apps/api/data/submail.sqliteQueue: in-memory by default; set
SUBMAIL_QUEUE_DRIVER=redisandSUBMAIL_REDIS_URLto test Redis
npm run secure:local creates an apps/api/.env file with mode 600 and a dedicated master key. If an older local database still uses the development key, the script backs it up and re-encrypts stored mailbox and integration credentials without printing secrets.
Quality checks:
npm run typecheck
npm test
npm run buildMCP and send API
Create a key in Settings → MCP & Admin, select its scopes and allowed mailboxes, then use the remote endpoint:
https://mail.example.com/mcpEvery request carries the key:
Authorization: Bearer sk_submail_xxxAvailable tools:
Group | Tools |
Read |
|
Send |
|
AI |
|
Translation |
|
Local stdio mode:
SUBMAIL_API_URL=http://127.0.0.1:8787 \
SUBMAIL_MCP_API_KEY=sk_submail_xxx \
npm run dev:mcpDirect send API:
curl --fail-with-body 'https://mail.example.com/api/send' \
-H 'Authorization: Bearer sk_submail_xxx' \
-H 'Content-Type: application/json' \
-H 'Idempotency-Key: order-20260710-0001' \
--data '{
"accountId": "mailbox-account-id",
"to": ["receiver@example.com"],
"subject": "Hello from Submail",
"text": "Sent through the Submail API"
}'The API supports text, HTML, CC/BCC, attachments, thread headers, idempotency keys, and optional verified aliases. MCP send_mail uses the same delivery path.
Security model
Email and attachments are untrusted input. Deploy behind HTTPS, grant the smallest possible scopes, keep send quotas low, and use app-specific mailbox passwords whenever the provider supports them.
Mailbox credentials and third-party API keys are encrypted at rest with AES-GCM using
SUBMAIL_SECRET.Admin passwords and MCP/API keys are stored as one-way hashes; a new key is displayed only once.
Keys can be restricted by capability, mailbox, expiry, and daily send quota.
AI output never sends automatically; it enters the composer for human review.
Audit logs record metadata rather than message bodies, prompts, email addresses, attachment Base64, or idempotency keys.
SUBMAIL_SECRETis tied to encrypted data. Back it up separately and never rotate it casually after storing credentials.
Please report vulnerabilities privately through GitHub Security Advisories. Read SECURITY.md before reporting.
Architecture
flowchart LR
Browser["Browser"] --> Web["React + Vite / Nginx"]
Agent["AI / MCP client"] --> MCP["MCP server"]
Web --> API["Express API"]
MCP --> API
API --> DB["SQLite / MySQL"]
API --> Queue["Memory / Redis + BullMQ"]
API --> Mail["IMAP / POP3 / SMTP"]
API --> Services["AI and translation providers"]Path | Responsibility |
| React mail client and administration UI |
| Authentication, mail sync/send, storage, queueing, AI, translation, backup and restore |
| stdio and Streamable HTTP MCP transports |
| Local secret hardening and real-provider integration checks |
| API, POP3, HTTP MCP, runtime-lock, and restore integration tests |
| Deployment operations and feature-gap documentation |
Current boundaries
IMAP synchronizes INBOX plus discoverable Sent, Drafts, Trash, and Archive folders, including remote read/star flags. Gmail archives are derived from All Mail labels when available. POP3 can read INBOX only.
Read, star, archive, and delete state is currently local and is not written back to IMAP.
Gmail and Microsoft OAuth, DKIM signing, DSN bounce processing, and a queue dashboard are not implemented yet.
SQLite and MySQL data are not automatically migrated between drivers.
The default free Google translation path is best-effort and is not appropriate for confidential email or strict SLAs. Automatic translation is disabled by default because enabling it sends opened English email content to the configured provider.
The detailed implementation review and roadmap live in docs/gap-review.md.
Contributing
Issues and pull requests are welcome. Start with CONTRIBUTING.md, keep changes focused, and include the relevant tests or rendered UI evidence.
Project status and licensing
Submail is an early-stage 0.1.x project. A project-wide license has not yet been selected because optional document-viewer dependencies include components with copyleft licenses. Public repository access does not grant redistribution rights until a LICENSE file is added; dependency licenses continue to apply independently.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/guozhijian611/submail'
If you have feedback or need assistance with the MCP directory API, please join our Discord server