Agent Email Setup

Set up dedicated email accounts for AI agents with proper workflows. Use when agents need external communications (Lourens for sysadmin, Ace for competitions...

copies: implexa run clawhub/agent-email-setup

view source

installs

stars

karma

SkillRank score ↗

7.6/ 10

evaluated by implexa, claude-haiku-4-5 · 2026-05-26

agent-email-setup configures dedicated email accounts for external-facing ai agents with role separation, approval workflows, and human oversight. covers sandbox testing, production deployment, templates, and migration procedures.

structure

9.0

trigger phrases

8.0

procedure

8.0

edge cases

7.0

documentation

7.0

strengths

view original SKILL.md from clawhubclick to expand

---
name: agent-email-setup
description: Set up dedicated email accounts for AI agents with proper workflows. Use when agents need external communications (Lourens for sysadmin, Ace for competitions). Always test in sandbox first, document configuration, then deploy to production.
---

# Agent Email Setup

## Purpose

Provide dedicated email accounts for AI agents with clear role separation and approval workflows. Prevents mixing of responsibilities (e.g., Ace shouldn't handle Contabo support tickets).

## When to Use

**Set up email for agent when:**
- Agent needs external communications (Lourens, Ace)
- Role separation is important
- Audit trail needed for communications
- Professional identity required

**Do NOT set up email for:**
- Internal-only agents (Bob, Scout)
- Agents without external communication needs
- Temporary/task-specific agents

## Architecture

### Email Address Strategy
```
@supplystoreafrica.com domain:
- lourens@      → SysAdmin (infrastructure, support tickets)
- ace@          → Competitions (entries, prize notifications)
- facet@        → CAD (manufacturer communications) - if needed
```

### Forwarding Rules
- All agent emails forward to: `stef.personal@gmail.com`
- CC on all sent emails: `stef.personal@gmail.com`
- Maintain separate sent folders per agent

### Role Separation
| Agent | Email | Purpose | External Comms |
|-------|-------|---------|----------------|
| Lourens | lourens@ | Infrastructure, support tickets, system issues | ✅ Required |
| Ace | ace@ | Competition entries, prize notifications | ✅ Required |
| Facet | facet@ | Manufacturer inquiries, technical specs | ⚠️ Optional |
| Bob | - | Internal coordination only | ❌ Not needed |
| Scout | - | Research, no external comms | ❌ Not needed |

## Workflow

### 1. Sandbox Testing (ALWAYS FIRST)
```bash
# Create sandbox environment
python3 /root/.openclaw/workspace/sandbox_lourens_email.py

# Test configuration
cd /tmp/lourens_email_sandbox_*/ && python3 test_email_workflow.py
```

### 2. Production Setup

#### Step 1: Create Email Account
1. Log into hosting control panel
2. Create email account: `agentname@supplystoreafrica.com`
3. Set strong password (store in Bitwarden)
4. Configure forwarding to `stef.personal@gmail.com`

#### Step 2: Configure IMAP/SMTP
```json
{
  "imap_server": "mail.supplystoreafrica.com",
  "imap_port": 993,
  "smtp_server": "mail.supplystoreafrica.com", 
  "smtp_port": 587,
  "username": "agentname@supplystoreafrica.com",
  "password": "{{BITWARDEN_PASSWORD}}"
}
```

#### Step 3: Agent Configuration
Add to agent's workspace:
```bash
# Create email config
mkdir -p /root/.openclaw/agents/{agent}/workspace/email/
cat > /root/.openclaw/agents/{agent}/workspace/email/config.json << 'EOF'
{{
  "email": "{agent}@supplystoreafrica.com",
  "display_name": "{Agent Name} {Role}",
  "signature": "Best regards,\\n\\n{Agent Name}\\n{Role} Agent\\nSupply Store Africa\\n{agent}@supplystoreafrica.com",
  "forward_to": ["stef.personal@gmail.com"],
  "auto_cc": ["stef.personal@gmail.com"]
}}
EOF
```

#### Step 4: Update OpenClaw Configuration
```bash
# Add email tools to agent
openclaw config set agents.list[{index}].tools.allow+=email_send
openclaw config set agents.list[{index}].tools.allow+=email_check
```

### 3. Email Templates

#### Generic Template
```markdown
TO: {recipient}
FROM: {Agent Name} {Role} <{agent}@supplystoreafrica.com>
CC: Stef Ferreira <stef.personal@gmail.com>
SUBJECT: {subject}
DATE: {date}

{greeting},

{body}

{signature}
```

#### Contabo Support Template (Lourens)
```markdown
TO: support@contabo.com
FROM: Lourens SysAdmin <lourens@supplystoreafrica.com>
CC: Stef Ferreira <stef.personal@gmail.com>
SUBJECT: {ticket_subject}
DATE: {date}

Dear {support_agent},

{content}

Current system status:
- VPS: 161.97.110.234
- Ticket: {ticket_number}
- Issue: {issue_description}

We appreciate your assistance.

Best regards,

Lourens
SysAdmin Agent
Supply Store Africa
lourens@supplystoreafrica.com
```

#### Competition Entry Template (Ace)
```markdown
TO: competitions@company.com
FROM: Ace Competitions <ace@supplystoreafrica.com>
CC: Stef Ferreira <stef.personal@gmail.com>
SUBJECT: Entry: {competition_name}
DATE: {date}

Dear Competition Team,

Please accept my entry for {competition_name}.

{entry_details}

Thank you for this opportunity.

Best regards,

Ace
Competitions Agent
Supply Store Africa
ace@supplystoreafrica.com
```

### 4. Approval Workflow

**ALL external emails require approval:**
1. Draft created in `/root/.openclaw/workspace/drafts/`
2. Presented to Stef in chat interface
3. Wait for explicit "approved" or "send it"
4. Send only after approval
5. Log sent email

**Approval triggers:**
- "Approved"
- "Send it" 
- "Go ahead"
- "Yes, send that"

**NOT approved by:**
- "Looks good" (ambiguous)
- "OK" (ambiguous)
- Silence (never assume)

### 5. Migration Process

**When moving communications between agents:**
1. Set up new agent email
2. Forward thread to new agent email
3. Send notification: "Future communications: newagent@supplystoreafrica.com"
4. Update contact information with external party
5. Archive old agent's involvement

**Example: Contabo migration from Ace to Lourens**
1. Create `lourens@supplystoreafrica.com`
2. Forward Contabo thread to Lourens
3. Email Contabo: "Future updates: lourens@supplystoreafrica.com"
4. Ace focuses only on competitions

## Testing Checklist

### Sandbox Test
- [ ] Configuration files created
- [ ] Templates work correctly
- [ ] Draft generation tested
- [ ] Approval workflow simulated
- [ ] No syntax errors

### Production Test
- [ ] Email account created
- [ ] IMAP/SMTP connectivity
- [ ] Send test email (to self)
- [ ] Receive test email
- [ ] Forwarding to stef.personal@gmail.com works
- [ ] CC on sent emails works

### Integration Test
- [ ] Agent can access email
- [ ] Draft creation works
- [ ] Approval workflow functional
- [ ] Sent emails logged
- [ ] Error handling works

## Error Handling

### Common Issues
1. **IMAP connection failed**: Check credentials, firewall, port
2. **SMTP rejected**: Check authentication, port 587 vs 465
3. **Email not forwarding**: Check hosting panel settings
4. **CC not working**: Check email client configuration

### Recovery Procedures
```bash
# Test IMAP
openssl s_client -connect mail.supplystoreafrica.com:993 -crlf

# Test SMTP
openssl s_client -connect mail.supplystoreafrica.com:587 -starttls smtp

# Check logs
tail -f /var/log/mail.log
```

## Security

### Credential Management
- Store passwords in Bitwarden
- Never hardcode in scripts
- Use environment variables
- Rotate passwords periodically

### Access Control
- Agents only access their own email
- No cross-agent email access
- All emails CC'd to human oversight
- Sent items archived for audit

### Monitoring
- Failed login attempts logged
- Unusual sending patterns flagged
- Regular access review
- Password rotation schedule

## Maintenance

### Daily
- Check sent items logged
- Verify forwarding working
- Monitor for failed sends

### Weekly
- Review email logs
- Check storage quotas
- Update templates if needed

### Monthly
- Password rotation
- Audit access logs
- Review security settings

## Related Skills
- `email-approval-workflow` - Draft and approval process
- `gmail-gog-setup` - Alternative email configuration
- `secure-secret-sharing` - For credential sharing if needed
- `agent-lourens` - Lourens-specific configuration
- `ace-competitions` - Ace-specific configuration

## Critical: Agent Knowledge Transfer Protocol

**Issue Discovered (March 31, 2026):** Facet reported "I have no skills, haven't learned anything yet"  
**Root Cause:** Agents configured but had empty workspaces - no knowledge transfer

### What MUST Be Transferred When Creating Agents
1. **Identity** - Who they are (IDENTITY.md, SOUL.md)
2. **User Context** - Who Stef is (USER.md)  
3. **System Knowledge** - What we've built (MEMORY.md, AGENTS.md)
4. **Skills & Learning** - What they can do (skill-specific docs)
5. **Memory & History** - What we've learned (memory/ files)
6. **Tool Access** - read tool required to access workspace

### Knowledge Transfer Procedure
```bash
# Run knowledge transfer script
python3 /root/.openclaw/workspace/setup_agent_knowledge.py --agent {agent_name}

# Verify transfer
ls -la /root/.openclaw/agents/{agent}/workspace/
cat /root/.openclaw/agents/{agent}/workspace/IDENTITY.md
```

### Protocol Document
- `AGENT_TRANSFORMATION_PROTOCOL.md` - Complete transfer procedure
- `setup_agent_knowledge.py` - Automation script

**Result:** All agents (Lourens, Ace, Scout, Facet) now have complete knowledge and are proper assistants.

## Lessons Learned

### From Contabo Experience:
1. **Role confusion**: Ace shouldn't handle infrastructure emails
2. **Email identity**: Professional email addresses matter
3. **Approval workflow**: Essential for external communications
4. **Migration planning**: Need clear handover process

### From Knowledge Transfer Issue:
1. **Empty workspaces**: Agents need complete knowledge transfer
2. **Identity files**: Must include IDENTITY.md, SOUL.md, USER.md
3. **System context**: MEMORY.md and AGENTS.md essential
4. **Tool access**: read tool required to access workspace files

### Best Practices:
1. Always sandbox test first
2. Document configuration thoroughly
3. Maintain role separation
4. Human oversight on all external comms
5. Regular security reviews
6. Complete knowledge transfer for new agents

don't have the plugin yet? install it then click "run inline in claude" again.

restructured into implexa's six components, extracted decision logic into explicit branches including sandbox vs production, imap/smtp failures, approval phrase ambiguity, and knowledge transfer fallbacks, added external connections documentation, specified all file paths and formats, documented edge cases like connection timeouts and forwarding failures, preserved original procedure faithfully while clarifying inputs and outputs for each step.

Agent Email Setup

Item: Agent Email Setup
Rating: 7.6
Author: Implexa

intent

set up dedicated email accounts for AI agents when they need external communications. use this skill to create role-separated email identities (e.g., lourens@supplystoreafrica.com for infrastructure, ace@supplystoreafrica.com for competitions) with approval workflows and audit trails. this prevents responsibility mixing, maintains professional identity, and ensures human oversight on all external comms. always sandbox test first, document the configuration, then deploy to production.

inputs

hosting control panel access

domain: supplystoreafrica.com
credentials stored in Bitwarden
access required to create email accounts

email server configuration

imap_server: mail.supplystoreafrica.com, port 993
smtp_server: mail.supplystoreafrica.com, port 587
tls/ssl required on both

bitwarden integration

secure password storage for email credentials
environment variable: BITWARDEN_PASSWORD
do not hardcode passwords in scripts

openclaw system

agent workspace: /root/.openclaw/agents/{agent}/workspace/
config access to add email tools (email_send, email_check)
draft directory: /root/.openclaw/workspace/drafts/

human approval channel

stef.personal@gmail.com receives all sent emails as CC
chat interface for approval requests
explicit approval required before sending external emails

external connections

forwarding destination: stef.personal@gmail.com
any external email recipients (contabo, competition organizers, etc.)

procedure

step 1: sandbox test configuration

input: agent name, role description
run sandbox environment script: python3 /root/.openclaw/workspace/sandbox_{agent}_email.py
change to sandbox directory and run test: cd /tmp/{agent}email_sandbox*/ && python3 test_email_workflow.py
verify all configuration syntax without touching production
output: confirmation sandbox tests pass, no errors logged

step 2: create email account in hosting panel

input: agent name, agent role, hosting credentials
log into hosting control panel (supplier store africa domain manager)
create new email account: {agent}@supplystoreafrica.com
generate strong password (minimum 16 characters, mixed case, numbers, symbols)
store password in Bitwarden under agents/{agent}/email
output: email account created, password stored securely

step 3: configure forwarding and server settings

input: hosting panel email account, stef.personal@gmail.com
set up automatic forwarding: all incoming email to stef.personal@gmail.com
set up auto-cc: all sent emails automatically cc stef.personal@gmail.com
test imap connectivity: openssl s_client -connect mail.supplystoreafrica.com:993 -crlf
test smtp connectivity: openssl s_client -connect mail.supplystoreafrica.com:587 -starttls smtp
output: forwarding rules confirmed, smtp and imap ports responding

step 4: create agent email configuration file

input: agent name, agent display name, agent role, signature text
create directory: mkdir -p /root/.openclaw/agents/{agent}/workspace/email/
write config.json with imap/smtp servers, credentials from bitwarden, display name, signature block
include forward_to and auto_cc fields pointing to stef.personal@gmail.com
output: config.json file created at /root/.openclaw/agents/{agent}/workspace/email/config.json

step 5: update openclaw agent configuration

input: agent name, openclaw config location
add email_send tool permission: openclaw config set agents.list[{index}].tools.allow+=email_send
add email_check tool permission: openclaw config set agents.list[{index}].tools.allow+=email_check
verify agent configuration syntax: openclaw config validate
output: agent email tools enabled and validated

step 6: transfer agent knowledge base

input: agent name, knowledge transfer script path
run knowledge transfer automation: python3 /root/.openclaw/workspace/setup_agent_knowledge.py --agent {agent_name}
verify knowledge files exist: ls -la /root/.openclaw/agents/{agent}/workspace/
confirm identity files present: IDENTITY.md, SOUL.md, USER.md, MEMORY.md, AGENTS.md
output: agent workspace populated with complete knowledge transfer

step 7: send test email

input: agent email account, test recipient (self or test address)
agent sends test email to own email address
verify test email arrives within 60 seconds
verify forwarding: check stef.personal@gmail.com receives copy
verify cc applied: check stef.personal@gmail.com receives cc
output: test email sent and received with all forwarding rules working

step 8: configure email templates

input: agent role, external recipients, email purpose
create template directory: /root/.openclaw/agents/{agent}/workspace/email/templates/
save role-specific templates: generic.txt, {role}_specific.txt
include TO, FROM, CC, SUBJECT, and body with {placeholder} variables
output: email templates available for agent draft generation

step 9: verify approval workflow

input: draft email, approval trigger words
agent creates draft email in /root/.openclaw/workspace/drafts/{agent}_{timestamp}.eml
present draft to stef via chat interface
wait for explicit approval phrase: "approved", "send it", "go ahead", "yes, send that"
do not send on ambiguous phrases: "looks good", "ok", silence
output: approval received and logged before sending

step 10: log sent email

input: sent email metadata (to, from, subject, timestamp, approval timestamp)
record in email audit log: /root/.openclaw/agents/{agent}/workspace/email/sent_log.json
include approval phrase used and approver (stef)
output: sent email logged with full audit trail

decision points

if agent needs external communications (contabo support, competition entries, manufacturer inquiries):

proceed with full email setup including approval workflow
create dedicated email address with agent role in display name
configure forwarding and cc to stef.personal@gmail.com

else if agent is internal-only (bob, scout) or temporary:

skip email setup entirely
agent communication via internal channels only
no external email account created

if sandbox tests fail:

do not proceed to production
debug configuration files in sandbox
check syntax, credentials, port access
fix issues and re-run sandbox tests
only proceed to production after sandbox passes

else if sandbox tests pass:

proceed to production setup
follow steps 2-10 in order
test each step before moving to next

if imap/smtp connectivity fails during testing:

check hosting panel firewall settings
verify ports 993 (imap) and 587 (smtp) are open
confirm tls/ssl enabled on both protocols
test with openssl commands to isolate issue
contact hosting support if ports blocked

else if imap/smtp connectivity succeeds:

proceed to agent configuration step

if forwarding rule does not work:

log into hosting panel
verify forwarding address is correct
check email account is active and not suspended
test with manual send to confirm
enable hosting panel forwarding logging

else if forwarding works:

verify cc rule also works
proceed to test email step

if approval request is ambiguous (e.g., "looks good"):

do not send email
ask stef for explicit approval: "approved", "send it", "go ahead", or "yes, send that"
treat silence as no approval

else if approval is explicit:

send email immediately
log approval phrase and timestamp
record in sent_log.json

if knowledge transfer script fails:

manually check /root/.openclaw/agents/{agent}/workspace/ directory
verify read tool permission is enabled for agent
copy knowledge files manually if needed: cp /root/.openclaw/workspace/IDENTITY.md /root/.openclaw/agents/{agent}/workspace/
confirm agent has access to: IDENTITY.md, SOUL.md, USER.md, MEMORY.md, AGENTS.md, skill documentation

else if knowledge transfer succeeds:

proceed to test email step

if migrating email responsibility between agents (e.g., contabo from ace to lourens):

create new agent email account first
forward existing email thread to new agent address
send notification to external party: "future communications to newagent@supplystoreafrica.com"
update contact information in external systems
archive old agent's involvement in that thread

output contract

email account created: agentname@supplystoreafrica.com exists in hosting control panel, forwarding and auto-cc rules configured, credentials stored in bitwarden

configuration file written: /root/.openclaw/agents/{agent}/workspace/email/config.json contains imap_server, imap_port, smtp_server, smtp_port, username, password, display_name, signature, forward_to, auto_cc fields in valid json format

openclaw tools enabled: openclaw config shows agents.list[{index}].tools.allow includes both email_send and email_check

knowledge transfer complete: /root/.openclaw/agents/{agent}/workspace/ contains IDENTITY.md, SOUL.md, USER.md, MEMORY.md, AGENTS.md, and skill documentation; setup_agent_knowledge.py script ran without errors

test email logged: /root/.openclaw/agents/{agent}/workspace/email/test_log.json records test email sent and received with timestamps

templates created: /root/.openclaw/agents/{agent}/workspace/email/templates/ directory contains generic.txt and role-specific template files with {placeholder} variables

approval workflow functional: drafts written to /root/.openclaw/workspace/drafts/{agent}_{timestamp}.eml, approval logged in chat or via explicit message, sent_log.json records all external emails with approval timestamp and phrase

sent email audit trail: /root/.openclaw/agents/{agent}/workspace/email/sent_log.json contains entry for each sent email with to, from, subject, timestamp, approval_phrase, approver fields in json format

outcome signal

agent can send external emails: test email arrived in recipient inbox within 60 seconds; stef.personal@gmail.com received both forwarded copy and cc copy; no smtp errors in logs

forwarding works: stef.personal@gmail.com confirms receiving all incoming and outgoing agent emails without delay; forwarding rule visible in hosting control panel settings

approval workflow enforced: agent drafted email but did not send until stef provided explicit approval phrase ("approved", "send it", "go ahead", or "yes, send that"); ambiguous phrases like "looks good" did not trigger send; sent_log.json shows approval_phrase field populated

knowledge transfer successful: agent can read and reference IDENTITY.md, SOUL.md, USER.md when prompted; agent understands their role and context; no "empty workspace" errors when agent accesses knowledge files

role separation confirmed: lourens@supplystoreafrica.com signature identifies "SysAdmin Agent"; ace@supplystoreafrica.com signature identifies "Competitions Agent"; no cross-contamination of roles in external communications

audit trail complete: all external emails logged with timestamp, recipient, approval phrase, and approver name; sent_log.json can be reviewed monthly for security and compliance

security confirmed: no passwords appear in plaintext logs or scripts; all credentials accessed via bitwarden or environment variables; connection tests (openssl) show tls/ssl active on both imap and smtp

Agent Email Setup

related skills

Agent Email Setup

intent

inputs

procedure

decision points

output contract

outcome signal