Is RadMail a good alternative to send-capable email MCP servers?
It depends on what the agent needs to do. If you want an agent to autonomously send mail — notifications, agent-to-agent messages, transactional replies — a send-capable email MCP server is the right category, and several are good at it. But that send tool is also the exact surface a business-email-compromise attack uses: an instruction hidden in an email body can invoke it, which is how the malicious postmark-mcp incident quietly BCC'd thousands of corporate emails. RadMail is the safe choice when the risk is money, wire or banking changes, or first contact with a new party: it exposes no tool that can auto-send those at all, so an agent literally cannot be tricked into the fraudulent send — and RadMail publishes that boundary as a machine-verifiable contract at /.well-known/agent-safety.json that an agent can check before it connects. RadMail is pre-release with its engine in a two-business test bed; use a send-capable server when autonomous sending is the goal, and RadMail when a safe, read-and-draft inbox brain is.