What exactly is mailbox.bot?

mailbox.bot gives AI agents the missing real-world postal layer: the ability to receive physical mail and eligible packages at a mailbox address they can use in workflows, publish where a business would list a mailing address, and share with other agents or counterparties. Limited reservations are open today, with agent mailing and package addresses issuing beginning August 31, 2026. Live today, mailbox.bot lets agents and software send certified mail, letters, notices, document packets, and postcards by dashboard, REST API, or MCP, and turn mail from an address you already use into structured context by forwarding photos, scans, PDFs, and notes.

What is an Agent Address?

An Agent Address is the public, machine-readable reachability layer for your agent. It can combine the postal address your agent uses in the physical world with email, SMS, webhooks, MCP, and outbound postal mail permissions. Today that postal address can be your business address, PO box, home business address, office, registered agent, or virtual mailbox. Beginning August 31, 2026, reserved mailbox.bot addresses can give approved agents a real mailing and package address for business correspondence, legal mail, eligible package receiving, and rules-based handling.

What can we automate today?

You can send letters, postcards, notices, and documents through the outbound API today. You can also forward inbound mail context, including photos, scans, PDFs, virtual mailbox notices, and notes, to a private alias for review and outbound follow-up.

Can I get a new mailing address for my AI agent?

Yes. Reserve a limited spot now; physical mailing and package addresses for AI agents begin issuing August 31, 2026. Expected pricing is $10/mo when the address is available. Before an address is issued, the human owner completes identity verification and a notarized USPS Form 1583 — the standard postal authorization for receiving mail through a commercial mail receiving agency. Your agent can then use that address on forms and workflows, publish or share it as its real-world postal endpoint, receive arrival notifications for new mail and eligible packages, and manage scans, forwarding, holds, routing, and handling rules through the dashboard, API, MCP, and webhooks. Outbound mail and existing-address inbound context are live now.

Why use the inbound loop if I already get mail somewhere else?

Because your existing address receives mail, but it does not automatically turn that mail into clean software context. mailbox.bot gives you a private forwarding alias so office staff, a virtual mailbox, or your team can forward envelope photos, document scans, PDFs, and notes into one record. OCR and extraction make the inbound item easier for an agent to reason about: who sent it, what it references, what deadline or reply may matter, and which outbound draft should stay linked to it.

Why is this better than a traditional mail house or portal?

Traditional mail tools usually end with a human uploading files and hoping for the best. mailbox.bot keeps the inbound scan, the outbound draft, the approval step, and the proof of mailing tied to the same workflow so the loop actually closes.

How does human oversight work?

Humans still handle identity, payment, and any approval gate you want. The agent can organize the workflow and prepare the next action, but outbound mail can pause until a person reviews it in the dashboard.

Integration Guide

Goose + mailbox.bot

Give Goose a postal operations desk for Square SMBs and local operators. Goose can use Square MCP for business location context, then use mailbox.bot MCP to draft, price, approve, sandbox-test, send, and track physical mail for inspections, permits, applications, license renewals, insurance requests, landlord packets, vendor negotiations, and other paper-heavy SMB operations.

Best first demo

"A restaurant gets a county health inspection correction notice. Goose pulls the Square location, drafts the agency follow-up, previews certified mail cost with mailbox.bot, asks for approval, then stores proof." The same pattern also works for mailed permit applications, landlord notices, insurance packets, signed document bundles, and negotiation follow-ups.

Current Goose Links

Goose is now an Agentic AI Foundation project at the Linux Foundation. Use the current Goose docs at goose-docs.ai, the AAIF project page at aaif.io/projects/goose, and the active GitHub repository at aaif-goose/goose.

Install As A Goose Extension

Goose can add MCP servers as extensions. Use the hosted Streamable HTTP endpoint when possible, or the command bridge when a local command is easier.

Goose Desktop

text

1. Open Goose Desktop.
2. Open Settings, then Extensions.
3. Choose Add custom extension.
4. Select Remote Extension (Streamable HTTP).
5. Name it mailbox.bot.
6. Set the endpoint URI to https://mailbox.bot/api/mcp.
7. Set timeout to 300 seconds.
8. Add Authorization: Bearer YOUR_MAILBOX_BOT_API_KEY as a custom header.
9. Ask Goose: "List the mailbox.bot tools you can use."

Remote Extension

text

Name: mailbox.bot
Type: Remote Extension (Streamable HTTP)
Endpoint URI: https://mailbox.bot/api/mcp
Timeout: 300
Custom header:
  Authorization: Bearer YOUR_MAILBOX_BOT_API_KEY

Command Bridge

bash

npx -y mcp-remote https://mailbox.bot/api/mcp \
  --header "Authorization: Bearer YOUR_MAILBOX_BOT_API_KEY"

Before You Run

Each Goose user needs their own mailbox.bot account and agent credential. The public recipe never includes a shared key.

text

1. Create a mailbox.bot account.
2. Create an agent in the dashboard.
3. Create an agent credential with mail.send and webhook.manage.
4. Start with the sk_agent_test_ sandbox key.
5. Export it as MAILBOX_BOT_API_KEY before running Goose.
6. Switch to a live sk_agent_ key only when ready to approve real mail.

Get an agent key from API keys, then ask Goose to list available mailbox.bot tools. Use sandbox/test keys or dry_run=true while developing.

Reusable Goose Recipe

The fastest path for a Goose user is the recipe file. It packages the SMB compliance-mail instructions, mailbox.bot MCP bridge, sandbox lifecycle tools, and approval-first operating policy.

bash

curl -O https://mailbox.bot/goose-square-compliance-mail.recipe.yaml
export MAILBOX_BOT_API_KEY=sk_agent_test_...
goose recipe validate goose-square-compliance-mail.recipe.yaml
goose run --recipe goose-square-compliance-mail.recipe.yaml

# Optional: open in Goose Desktop or create a shareable deeplink
goose recipe open goose-square-compliance-mail.recipe.yaml
goose recipe deeplink goose-square-compliance-mail.recipe.yaml

The public recipe is available at goose-square-compliance-mail.recipe.yaml. Use an sk_agent_test_ key first, then switch to a live agent key when the operator is ready to approve real mail.

ACP Clients

ACP is not a replacement for mailbox.bot MCP. ACP is the client-to-Goose layer: an editor or terminal client starts goose acp, talks to Goose over stdio JSON-RPC, and Goose keeps access to its configured extensions and tools. That means mailbox.bot should still be installed as a Goose MCP extension or as an MCP context server in the ACP client.

This matters for Zed, the Goose VS Code extension, terminal ACP workflows, and other ACP-capable clients. Postal actions should keep the same safety policy: test key first, dry_run=true, requires_approval=true for risky mail, and webhook metadata that lets the host client update the right task or thread.

Goose As An ACP Agent

json

{
  "agent_servers": {
    "goose": {
      "command": "goose",
      "args": ["acp"],
      "env": {
        "MAILBOX_BOT_API_KEY": "sk_agent_test_..."
      }
    }
  }
}

mailbox.bot MCP From An ACP Client

json

{
  "context_servers": {
    "mailbox-bot": {
      "command": "sh",
      "args": [
        "-lc",
        "npx -y mcp-remote https://mailbox.bot/api/mcp --header \"Authorization: Bearer $MAILBOX_BOT_API_KEY\""
      ],
      "env": {
        "MAILBOX_BOT_API_KEY": "sk_agent_test_..."
      }
    }
  },
  "agent_servers": {
    "goose": {
      "command": "goose",
      "args": ["acp"]
    }
  }
}

If the ACP client already exposes mailbox.bot through context_servers, Goose can load those tools alongside its own extensions when the client supports stdio or HTTP MCP servers. Avoid deprecated SSE transports for this path.

Why Square + Goose + Postal Workflows

Square gives Goose location, seller, staff, catalog, and operating context. The painful mail is usually outside Square: health department letters, city clerk follow-ups, permit applications, fire inspection notices, business license renewals, insurance requests, landlord correspondence, vendor packets, and negotiation letters. mailbox.bot gives Goose the real-world action: physical mail with approval, cost controls, certified options, sandbox testing, webhooks, and proof.

Food inspection correction follow-ups to county health departments.
Food service permit applications, renewals, business license packets, and city clerk correspondence.
Fire/safety inspection notices, signage permits, patio permits, and local operating approvals.
Insurance, landlord, vendor, grant, lease, and compliance packets that need a mailed record.
Negotiation follow-ups where email carries the conversation but postal mail carries the formal offer or paper trail.
Signed document bundles, notarized forms, applications, appeals, and renewal packets with required enclosures.
Certified proof and return-mail intelligence for agency correspondence.

Prompt: Health Inspection Follow-Up

text

You have the Square MCP extension, mailbox.bot MCP extension, and any available PDF/browser/email tools enabled.

A restaurant received a county health inspection correction notice.
Use Square to confirm the business location name, address, and operator context.
Use the notice text or attached PDF to extract the agency, inspection date, correction items,
deadline, and mailing address. Draft a concise follow-up letter and use mailbox.bot
dry_run=true to price certified mail before anything is sent.

Rules:
- Do not send live mail without approval.
- Include Square location id, agency, notice id, inspection date, and deadline in mailbox.bot metadata.
- Use certified mail for inspection corrections, permit deadlines, and agency disputes.
- Ask for missing notice fields instead of guessing.

Prompt: Permit Renewal Packet

text

Use mailbox.bot to prepare an approval-ready city permit follow-up for this Square SMB workflow:

Context:
- The business is a restaurant using Square POS.
- The city requested mailed follow-up for a food service permit renewal.
- The operator has a deadline and wants proof that the packet was sent.

Create the document text, run a mailbox.bot dry run, and return:
1. agency recipient and attention line
2. mail class
3. estimated cost
4. approval checklist
5. documents or facts still needed
6. metadata that should be stored on the mail job

Prompt: Application Or Negotiation Packet

text

Use mailbox.bot to prepare an approval-ready mailed application packet:

Context:
- The business is a Square-using SMB with location context available.
- The operator needs to mail an application, renewal, appeal, insurance packet,
  landlord packet, vendor compliance packet, or signed document bundle.
- The recipient may require a physical signature, check, notarized document,
  certified delivery, or proof that the packet was sent before a deadline.

Create the packet cover letter, choose first_class or certified based on risk,
run dry_run=true, and return:
1. recipient and attention line
2. required enclosures
3. signature/notary/check requirements
4. mail class and estimated cost
5. missing facts
6. metadata for the mail job

Recipe Shape

The public recipe uses this shape: a command bridge to mailbox.bot MCP, an environment variable for the user's key, sandbox tools, and approval-first instructions.

yaml

version: "1.0.0"
title: "Square SMB postal operations desk"
description: "Use Goose with mailbox.bot MCP to draft, price, approve, sandbox-test, send, and track health inspection, food permit, city notice, fire/safety, license, application, insurance, landlord, vendor, negotiation, and other paper-heavy mail for Square-using SMBs."

parameters:
  - key: business_name
    input_type: string
    requirement: optional
    default: "the Square SMB"
    description: "Business name, such as Acme Cafe."
  - key: business_location
    input_type: string
    requirement: optional
    default: "the relevant Square location"
    description: "Square location name, address, or location ID if known."
  - key: agency_name
    input_type: string
    requirement: optional
    default: "County Health Department"
    description: "Agency, department, landlord, insurer, or recipient organization."
  - key: notice_type
    input_type: select
    requirement: optional
    default: "health_inspection_follow_up"
    description: "Type of correspondence to prepare."
    options:
      - health_inspection_follow_up
      - food_permit_renewal
      - city_notice_response
      - fire_safety_follow_up
      - business_license_follow_up
      - application_packet
      - negotiation_follow_up
      - signed_or_notarized_packet
      - insurance_or_landlord_packet
  - key: notice_or_permit_number
    input_type: string
    requirement: optional
    default: "unknown"
    description: "Inspection notice, permit, license, case, policy, or reference number."
  - key: deadline
    input_type: string
    requirement: optional
    default: "unknown"
    description: "Response deadline from the notice, if known."
  - key: mail_class
    input_type: select
    requirement: optional
    default: "certified"
    description: "Use certified for inspection, permit, agency deadline, and dispute workflows."
    options:
      - first_class
      - certified
      - certified_return_receipt
  - key: use_sandbox
    input_type: boolean
    requirement: optional
    default: "true"
    description: "Create and advance a no-charge sandbox mail job before live mail."

extensions:
  - type: stdio
    name: mailbox-bot
    cmd: sh
    args:
      - "-lc"
      - "npx -y mcp-remote https://mailbox.bot/api/mcp --header \"Authorization: Bearer $MAILBOX_BOT_API_KEY\""
    timeout: 300
    env_keys:
      - MAILBOX_BOT_API_KEY
    description: "mailbox.bot MCP tools for postal mail cost preview, approval-gated sends, webhooks, proof, and sandbox lifecycle testing."
    available_tools:
      - get_mailbox_md
      - update_webhook
      - send_outbound_mail
      - list_outbound_mail
      - get_outbound_mail
      - create_test_outbound_mail
      - advance_test_outbound_mail

activities:
  - "message: Use this recipe when a Square SMB needs to respond to an inspection, permit, city notice, license renewal, application, insurance request, landlord packet, vendor packet, negotiation, signed packet, or other postal workflow. It is approval-first and sandbox-first."
  - "Prepare a health inspection correction follow-up for {{ business_name }} at {{ business_location }}."
  - "Prepare a food permit renewal follow-up for {{ agency_name }} with deadline {{ deadline }}."
  - "Sandbox-test a certified mail lifecycle and confirm submitted, mailed, and delivered webhook updates."

instructions: |
  You are an SMB postal operations agent. Your job is to help a Square-using SMB handle physical mail correspondence for health inspections, food permits, city notices, fire/safety inspections, business licenses, applications, appeals, insurance requests, landlord packets, vendor compliance packets, negotiation letters, signed document bundles, notarized forms, and similar paper-heavy operating workflows.

  Treat mailbox.bot as the physical-world execution and proof layer. Keep the operator in control of risky actions.

  Required safety behavior:
  - Do not send live postal mail until the human explicitly approves.
  - Use dry_run=true before any live send.
  - Use requires_approval=true for certified mail, agency deadlines, inspection responses, permit packets, applications, negotiations, signed/notarized document bundles, disputes, and anything with legal or compliance risk.
  - Prefer certified mail for inspection corrections, permit deadlines, agency disputes, required-response notices, appeals, formal offers, and mailed application packets.
  - Ask for missing agency address, attention line, notice number, deadline, enclosure list, signature/notary/check requirements, business legal name, or return-address details instead of guessing.
  - Store workflow metadata on every mailbox.bot mail job.

  Recommended metadata:
  - source: goose
  - integration: square
  - workflow: {{ notice_type }}
  - business_name: {{ business_name }}
  - square_location: {{ business_location }}
  - agency: {{ agency_name }}
  - notice_or_permit_number: {{ notice_or_permit_number }}
  - deadline: {{ deadline }}
  - correlation_id: goose-compliance-mail

  If use_sandbox is true:
  - Call create_test_outbound_mail first with representative metadata and mail_class={{ mail_class }}.
  - Call advance_test_outbound_mail until the test job reaches delivered.
  - Explain that this proves the webhook/status loop without billing or facility fulfillment.

  When preparing a real outbound mail draft:
  - Read available notice/PDF/email/user context.
  - Extract sender agency, recipient/attention line, notice number, inspection or permit date, correction items, deadline, mailing address, and required enclosures.
  - Draft a concise professional letter.
  - Use send_outbound_mail with dry_run=true to return cost, page count, and mail class.
  - Present an approval checklist before live send.

prompt: |
  Prepare an approval-ready postal mail workflow for {{ business_name }}.

  Business/location context: {{ business_location }}
  Recipient/agency: {{ agency_name }}
  Workflow type: {{ notice_type }}
  Notice or permit number: {{ notice_or_permit_number }}.
  Deadline: {{ deadline }}.
  Preferred mail class: {{ mail_class }}
  Use sandbox first: {{ use_sandbox }}

  Start by identifying missing facts. If enough information is present, create the draft letter, attach recommended mailbox.bot metadata, run a dry-run cost preview, and provide an approval checklist. If sandbox is enabled, create and advance a test outbound mail job before proposing live mail.

response:
  json_schema:
    type: object
    properties:
      summary:
        type: string
      missing_facts:
        type: array
        items:
          type: string
      draft_letter:
        type: string
      recommended_mail_class:
        type: string
      mailbox_metadata:
        type: object
      sandbox_result:
        type: object
      dry_run_result:
        type: object
      approval_checklist:
        type: array
        items:
          type: string
      next_action:
        type: string
    required:
      - summary
      - missing_facts
      - recommended_mail_class
      - mailbox_metadata
      - approval_checklist
      - next_action

Recommended Tool Policy

Keep the mailbox.bot Goose tool surface small and safe. Goose treats tools as functions inside extensions, so make postal actions explicit: call get_mailbox_md first, use send_outbound_mail with dry_run=true for previews, and require approval before live sends.

In Goose Desktop, CLI, ACP clients, or hosted workflows, use Goose tool permissions and mailbox.bot agent credentials together. Grant only the mailbox.bot tools needed for the workflow, prefer sk_agent_test_ while building, and keep live credentials scoped with approval and cost controls.

Preview

Use dry_run=true for generated mailpieces and show cost before committing.

Approval

Use requires_approval=true for certified mail, agency deadlines, health inspection responses, permit packets, mailed applications, and negotiation letters.

Metadata

Attach Square location ids, agency names, permit numbers, inspection dates, deadlines, document types, enclosure lists, and correlation ids to each outbound mail job.

Proof

After sending, use list_outbound_mail and get_outbound_mail to retrieve status and proof context.

Sandbox

Use create_test_outbound_mail and advance_test_outbound_mail to simulate submitted, ready, mailed, and delivered updates.

Delivery Updates Back To Goose

For a hosted Goose build, SMB copilot, or workflow app, configure a mailbox.bot webhook URL so outbound mail status updates can update the Goose task, compliance checklist, internal thread, or operator notification. The metadata Goose sends on the mail job is echoed back in each webhook.

http

PUT /api/v1/webhooks/settings
Authorization: Bearer sk_agent_...
X-Mailbox-MD-Version: 1
Content-Type: application/json

{
  "webhook_url": "https://your-goose-workflow.example.com/mailboxbot/webhook",
  "enabled": true,
  "event_types": [
    "mail.pending_approval",
    "mail.submitted",
    "mail.mailed",
    "mail.delivered",
    "mail.failed"
  ]
}

Use sandbox lifecycle testing before live mail. The MCP sandbox tools use the same webhook payload shape and signing path as production, but skip billing and facility fulfillment.

http

# MCP tool call: create_test_outbound_mail
{
  "mail_class": "certified",
  "page_count": 2,
  "recipient_zip": "94103",
  "metadata": {
    "source": "goose",
    "integration": "square",
    "workflow": "health_inspection_follow_up",
    "square_location_id": "L123",
    "agency": "County Health Department",
    "notice_id": "HD-2026-1042",
    "deadline": "2026-06-12",
    "correlation_id": "goose-task-abc123"
  }
}

# MCP tool call: advance_test_outbound_mail
{ "mail_id": "OUTBOUND_MAIL_ID_FROM_CREATE_STEP" }