Mailgun MCP Server
OfficialThe Mailgun MCP Server provides an AI-agent-friendly interface to Mailgun's email delivery, analytics, and account management services.
Messaging: Send emails (HTML, text, AMP, attachments, templates, scheduling, batch personalization), retrieve stored messages, and resend them.
Domains: List domains, view details, verify DNS, check sending queues, and manage click/open/unsubscribe tracking settings.
Webhooks: List, create, update, and delete event webhooks (delivered, opened, clicked, bounced, complained, etc.).
Routes: List, view, and update inbound email routing rules (forward, store, notify).
Mailing Lists: Create, view, and update mailing lists and their members.
Templates: Create, update, and manage email templates with versioning and activation support.
Analytics: Query detailed metrics (delivery rates, opens, clicks, bounces), usage metrics, and filter/paginate event logs.
Stats: View aggregate statistics by domain, tag, provider, device, and country with configurable time ranges.
Suppressions: Look up and list bounces, unsubscribes, complaints, and allowlist entries.
IPs & IP Pools: List account IPs, get IP details, manage dedicated IP pools, and check pool-domain links.
Bounce Classification: Analyze bounce stats grouped by category/severity with detailed metrics.
Account Limits: View current custom monthly sending limits.
Provides email sending capabilities and allows fetching and visualizing email delivery statistics from the Mailgun service.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Mailgun MCP Serversend a welcome email to newuser@example.com with our onboarding template"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Mailgun MCP Server
Overview
A Model Context Protocol (MCP) server for Mailgun that gives AI agents a practical, workflow-oriented interface to send email, diagnose deliverability, and manage account operations.
This MCP server runs locally on your machine and communicates over stdio. Mailgun does not currently offer a hosted version of this server.
Capabilities
Messaging — Send emails, retrieve stored messages, resend messages
Domains — View domain details, verify DNS configuration, manage tracking settings (click, open, unsubscribe)
Webhooks — List, create, and update event webhooks
Routes — View and update inbound email routing rules
Mailing Lists — Create, view, and update mailing lists and their members
Templates — Create, view, and update email templates with versioning
Analytics — Query sending metrics, usage metrics, and logs
Stats — View aggregate statistics by domain, tag, provider, device, and country
Suppressions — View bounces, unsubscribes, complaints, and allowlist entries
IPs & IP Pools — View IP assignments and dedicated IP pool configuration
Bounce Classification — Analyze bounce types and delivery issues
Validation — Validate email address deliverability and syntax before sending (
validate)Optimize (Inbox Placement) — Retrieve inbox placement / seed test results to gauge deliverability (
optimize)Inspect (Email Preview) — Retrieve email rendering and preview test results across clients (
inspect)Account Limits — View custom monthly sending limits
The parenthetical labels above (validate, optimize, inspect) are the product tags used by tag filtering. Every other capability is registered under the send tag.
Tools are limited to read and update operations — no delete operations are exposed, which keeps the blast radius of an unintended action small. SeeSecurity Considerations.
How it works
The server is OpenAPI driven. At startup it parses a bundled Mailgun OpenAPI spec and registers a curated allowlist of endpoints as MCP tools, generating each tool's input schema (via Zod) from the spec. Every tool is annotated with a Mailgun product tag (send, validate, optimize, or inspect). All matching tools are registered up front — there is no lazy or on demand loading. Tag filtering is applied at startup to scope which tools get registered, so a given workflow can expose only the products it needs.
Related MCP server: Enhanced Gmail MCP Server
Prerequisites
Node.js (v20.12 or higher)
Mailgun account and API key
Installation
The server is published to npm as @mailgun/mcp-server and runs over stdio. Most clients can launch it on demand with npx, so there's nothing to install globally. In each snippet below, replace YOUR-mailgun-api-key with a key from your Mailgun API security settings.
If your account is hosted in Mailgun's EU region, add"MAILGUN_API_REGION": "eu" to the env block (or -e MAILGUN_API_REGION=eu on the CLI). It defaults to us.
Claude Code
claude mcp add mailgun -e MAILGUN_API_KEY=YOUR-mailgun-api-key -- npx -y @mailgun/mcp-serverThen run /mcp in Claude Code to confirm the mailgun server is connected.
Claude Desktop
Open Settings → Developer → Edit Config, or edit the file directly:
macOS:
~/Library/Application Support/Claude/claude_desktop_config.jsonWindows:
%APPDATA%/Claude/claude_desktop_config.json
{
"mcpServers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key",
"MAILGUN_API_REGION": "us"
}
}
}
}Cursor
Open the command palette and choose Cursor Settings → MCP → Add new global MCP server, then add:
{
"mcpServers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}Codex
codex mcp add mailgun \
--env MAILGUN_API_KEY=YOUR-mailgun-api-key \
-- npx -y @mailgun/mcp-serverVS Code (GitHub Copilot)
Add the following to your settings.json:
{
"mcp": {
"servers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}
}Windsurf
{
"mcpServers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}Gemini CLI
Add to ~/.gemini/settings.json:
{
"mcpServers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}Configuration
Environment variables
Variable | Required | Default | Description |
| Yes | — | Your Mailgun API key |
| No |
| API region: |
| No | (derived from region) | Override the API hostname (e.g. |
| No | (all) | Comma-separated product tags to enable. Equivalent to |
CLI options
Pass flags after the package name in your client's args (e.g. ["-y", "@mailgun/mcp-server", "--tags", "validate,inspect"]).
Flag | Description |
| Comma-separated product tags to enable (default: all). Valid: |
| Print the valid tag values and exit. |
| Show usage and exit. |
Tag filtering
You can scope which tools the server registers to one or more Mailgun product tags. This is useful for narrowing the toolset shown to the model — for example, only exposing validation tools to a workflow that doesn't need send capabilities.
Valid tags: send, validate, optimize, inspect. When unspecified, every tool is registered (today's default).
Filtering uses OR semantics: a tool is registered if any of its tags appears in the active set.
Via CLI flag — pass --tags in your MCP client config's args:
{
"mcpServers": {
"mailgun": {
"command": "npx",
"args": ["-y", "@mailgun/mcp-server", "--tags", "validate,inspect"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}Via environment variable — set MAILGUN_MCP_TAGS (CLI flag wins if both are present):
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key",
"MAILGUN_MCP_TAGS": "validate,inspect"
}Run the binary with--list-tags to print supported tag values, or --help for full usage. Unknown tags are rejected at startup with a clear error message.
Sample Prompts
Send an Email
Can you send an email to EMAIL_HERE with a funny email body that makes it sound
like it's from the IT Desk from Office Space? Please use the sending domain
DOMAIN_HERE, and make the email from "postmaster@DOMAIN_HERE"!Some MCP clients require a paid plan to invoke tools that send data. If sending fails silently, check your client's plan.
Fetch and Visualize Sending Statistics
Would you be able to make a chart with email delivery statistics for the past week?Manage Templates
Create a welcome email template for new signups on my domain DOMAIN_HERE.
Include a personalized greeting and a call-to-action button.Investigate Deliverability
Can you check the bounce classification stats for my account and tell me
what the most common bounce reasons are?Troubleshoot DNS
Check the DNS verification status for my domain DOMAIN_HERE and tell me
if anything needs fixing.Review Suppressions
Are there any unsubscribes or complaints for DOMAIN_HERE? Summarize the
top offenders.Manage Routing Rules
List all my inbound routes and explain what each one does.Create a Mailing List
Create a mailing list called announcements@DOMAIN_HERE and add these
members: alice@example.com, bob@example.com.Compare Domains
Compare my sending volume and delivery rates across all my domains for
the past month.Engagement by Region
Break down my email engagement by country and device for DOMAIN_HERE.Review Tracking Settings
List all my domains and show which ones have tracking enabled for clicks
and opens.Validate an Email Address
Validate the email address EMAIL_HERE and tell me whether it's safe to send to.Check Inbox Placement (Optimize)
Pull the inbox placement results for seed test RESULT_ID_HERE and summarize
where my message landed (inbox, spam, or missing) by provider.Preview an Email (Inspect)
Get the email preview results for test TEST_ID_HERE and tell me if the email
renders correctly across clients.Development
Run from source
The server is written in TypeScript. Clone, install, build, and test:
git clone https://github.com/mailgun/mailgun-mcp-server.git
cd mailgun-mcp-server
npm install
npm run build
npm testnpm run build compiles src/ to dist/ and copies the bundled OpenAPI spec. Point your MCP client at the built entry instead of npx (use an absolute path):
{
"mcpServers": {
"mailgun": {
"command": "node",
"args": ["/absolute/path/to/mailgun-mcp-server/dist/mailgun-mcp.js"],
"env": {
"MAILGUN_API_KEY": "YOUR-mailgun-api-key"
}
}
}
}Live testing while you edit
MCP servers are long-lived stdio processes that don't hot-reload, so the loop is: rebuild on save, then reconnect the client to pick up changes.
Run
npm run buildonce sodist/openapi.yamlis in place.Keep the TypeScript compiler running to rebuild
dist/on every save:npx tsc --watchPoint a separate MCP client (or MCP Inspector, below) at
dist/mailgun-mcp.js. After a change, restart the MCP client session to load the new build.
Testing with MCP Inspector
The MCP Inspector lets you exercise tools without a full client. Build first, then launch it against the built server:
npm run build
MAILGUN_API_KEY=YOUR-mailgun-api-key npx @modelcontextprotocol/inspector node dist/mailgun-mcp.jsOpen the Inspector UI, click Connect, then use List Tools to verify the server is working. To test a filtered toolset, append flags after the server path:
MAILGUN_API_KEY=YOUR-mailgun-api-key npx @modelcontextprotocol/inspector node dist/mailgun-mcp.js --tags validate,inspectPre-commit hooks
npm install installs a git pre-commit hook (via husky) that runs oxlint --fix and oxfmt on staged TypeScript/JavaScript files and runs npm run check:versions. Fixable issues are auto-fixed and re-staged; commits that introduce unfixable lint errors or version-sync mismatches are rejected. If you already had a local clone before this change, run npm install once to install the hook.
Note on adding endpoints
When adding a new endpoint if you use a plain string for it's definition it will default to being tagged with the send product type in the _meta field. If you would like to tag it as a different product use the object version of the EndpointEntry type.
Security Considerations
API key isolation
Your Mailgun API key is passed as an environment variable and is never exposed to the AI model itself — it is only used by the MCP server process to authenticate requests. The server does not log API keys, request parameters, or response data.
Local execution
The server runs locally on your machine. All communication with the Mailgun API is over HTTPS with TLS certificate validation enforced. No data is sent to third-party services beyond the Mailgun API.
API key permissions
Use a dedicated Mailgun API key with permissions scoped to only the operations you need. The server exposes read and update operations but does not expose any delete operations, which limits the blast radius of unintended actions.
Rate limiting
The server does not implement client-side rate limiting. Each tool call from the AI translates directly into a Mailgun API request. The server relies on Mailgun's server-side rate limits to prevent abuse — requests that exceed those limits will return an error to the AI assistant.
Prompt injection
As with any MCP server, a crafted or adversarial prompt could trick the AI assistant into calling operations you did not intend — for example, modifying tracking settings or reading mailing list members. Review your AI assistant's tool-call confirmations before approving actions, especially in untrusted prompt contexts.
Webhook URLs
Webhook create and update operations accept arbitrary URLs provided through the AI assistant. The MCP server passes these URLs to the Mailgun API without additional validation. Mailgun is responsible for validating webhook destinations. Ensure your AI assistant does not set webhook URLs to unintended internal or sensitive addresses.
Input validation
All tool parameters are validated against the Mailgun OpenAPI specification using Zod schemas. However, validation depends on the accuracy of the OpenAPI spec, and some edge-case parameters may fall back to permissive validation. The Mailgun API performs its own server-side validation as an additional layer of protection.
Debugging
The MCP server communicates over stdio. Refer to the MCP Debugging Guide for troubleshooting.
License
Apache 2.0 — see LICENSE for details.
Contributing
We welcome contributions! Please feel free to submit a Pull Request or open an Issue.
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/mailgun/mailgun-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server