Problem
No spam filtering exists. All inbound email is treated equally. This is a production blocker for any public-facing agent inbox.
Risks:
- Spam counts against Resend's inbound quota (100/day free)
- Prompt injection via email body is a first-class threat for AI agents
- Autoresponders, list mail, and bounce notices look like real work
Proposal (layered)
Minimum viable (v1)
- Parse
Authentication-Results headers (SPF/DKIM/DMARC pass/fail)
- Detect
Auto-Submitted, List-Id, Precedence: bulk headers
- Allowlist/blocklist by sender domain
- Quarantine folder for suspicious messages
Future
- Integration with Rspamd or SpamAssassin
- ML-based classification
- Prompt injection detection in email bodies
Priority: HIGH — critical for public-facing agent inboxes
Problem
No spam filtering exists. All inbound email is treated equally. This is a production blocker for any public-facing agent inbox.
Risks:
Proposal (layered)
Minimum viable (v1)
Authentication-Resultsheaders (SPF/DKIM/DMARC pass/fail)Auto-Submitted,List-Id,Precedence: bulkheadersFuture
Priority: HIGH — critical for public-facing agent inboxes