DEV Community

Jérémie Lumbroso
Jérémie Lumbroso

Posted on

Mailbase: A Trustworthy Foundation for Ethical Inbox-Aware Apps

#devchallenge #postmarkchallenge #webdev #api

This is a submission for the Postmark Challenge: Inbox Innovators.

I’m Jérémie Lumbroso, Ph.D., a Practice Assistant Professor in Computer and Information Science at the University of Pennsylvania. This challenge gave me the perfect excuse to finally build something I’ve been thinking about for years: A trustworthy foundation for inbox-aware applications.

What I Built

Mailbase is a privacy-first backend for building inbox-aware applications — a flexible, ethical system for receiving, storing, forwarding, and processing email with transparency and user control.

You can try it live right now at app.ingress.email.

Log in with Google, create an inbox (e.g., [email protected]), forward a message, and explore what happens next.

Mailbase powers two upcoming forks:

  • Political.email – a civic accountability platform that monitors manipulative political fundraising emails in real time.
  • Mailbank.ai – a personal semantic vault that embeds and indexes meaningful emails for later querying and LLM-based retrieval.

But rather than hardcode either project, I built Mailbase as a reusable base — an open infrastructure for trusted email applications.

Why Postmark Inbound Was a Game Changer

I've wanted to build email-driven apps for years — both for my professional computer science research and also just to build product-type side-projects — but Gmail’s APIs are a minefield:

  • Expensive security reviews ($15k+)
  • All-or-nothing inbox access
  • Invasive scopes, fragile compliance

Postmark’s Inbound Email API unlocked the right balance:

  • 📨 Unlimited inboxes with no sensitive OAuth scopes
  • 🔍 Scoped trust — the user knows exactly what address they’re giving
  • 🧭 Transparent flow — messages are acknowledged, deletable, and never opaque
  • 💡 It enables user agency — a core design principle in Mailbase

Inbound email has long been an underdeveloped platform. Postmark makes it viable — and respectful.

Demo

🔗 app.ingress.email

🛠️ How to try it:

  • Visit app.ingress.email
  • Sign in with your Google account
  • Create a test inbox (e.g., [email protected])
  • Forward an email to that address
  • See it land in the UI — and optionally, in your real inbox too

No tokens, no traps. Every setting is reversible. Everything is deletable, from individual emails to the entire account. Privacy and transparency are the defaults, and a through-line.

Code Repository

Mailbase is currently closed source. The GitHub organization is mailbase.

If selected as a finalist, I’ll open source it under a permissive license, for the community to build any kind of project on top of it, including commercial projects. The repository contains a guide exploring the source code and its main entry points.

In the meantime, judges may request private read-only access for evaluation by emailing me at [email protected].

How I Built It

Stack

  • FastAPI backend (Python 3.11)
  • PostgreSQL (via Neon.tech)
  • Redis + Celery (via Upstash) for async tasks
  • Postmark for both inbound and transactional outbound
  • Next.js frontend (optional but deployed)

Deployment: Render.com (serverless + persistent disk)

Auth: Google OAuth 2.0 via Authlib

Celery tasks:

  • email.forward: Sends inbound messages to the user
  • vector.add: (for Mailbank) Embeds message statements into Upstash Vector

Forking Architecture

Mailbase was designed to be forked cleanly, including with a cookiecutter template:

  • Override only the files you need:
    • inbound.py → customize the webhook processing
    • tasks/*.py → run your own ETL or enrichment
    • templates/ → change branding or email content

Everything else — user auth, inbox provisioning, forwarding, delete flows, webhook security, queueing — is clean, core, and shared. The UI and backend are cleanly decoupled in separate repositories.

🔍 ADRs included. Mailbase ships with Architecture Decision Records explaining every major choice.
🧾 Privacy policy scaffold included, so developers start from clarity, not chaos.

Forks like political.email and mailbank.ai can build specialized pipelines on a foundation they trust — and extend.

Feature Highlights

Per-user inboxes: Every user gets an address they control ([email protected]) — with forwarding, receipt, and opt-out options.

Sender policies: Restrict inboxes to: anyone, just the owner, or nobody. Add custom allow/block rules per address.

Message receipts: Users can opt in to receive acknowledgment emails when messages land.

Delete links: Every receipt includes a time-limited link to permanently delete the message — no login required.

Opt-out links: Let users instantly turn off receipts if they’re tired of them. Trust is earned through reversibility.

Webhook security: Supports optional Basic Auth, IP allow and block listing, and rate limiting on /inbound.

Queue-based extensions: Built-in support for async processing (e.g. LLM summarization, vector embedding, moderation).

Clean UI (optional): app.ingress.email ships with a Next.js frontend — but the API can be used headlessly too.

Why This Matters

Email is the most universal protocol we have — but it's long been hard to build with it ethically.

Gmail-style integrations ask for too much. Mail server setups are fragile. Webhook-based services are often too low-level.

Mailbase + Postmark changes the game.

If we want to build trustworthy email tools — whether for accountability, productivity, or AI — this is how we do it.

If Mailbase Wins

  • I’ll open source the codebase
  • I’ll publish guides for building with Postmark inbound: From webhook to user dashboard
  • I’ll create a community template to help others fork ethically

Mailbase is the ethical infrastructure I’ve long wished existed. Thanks to this challenge — and Postmark — it does now.

Screenshots

Welcome screen of Mailbase, showcasing key features. This interface is fully customizable and intended to be replaced in forks like political.email or mailbank.ai:
Welcome screen of Mailbase, showcasing key features. This interface is fully customizable and intended to be replaced in forks like political.email or mailbank.ai.

After logging in with Google OAuth and creating your first inbox, you’re issued a unique address (e.g. [email protected]). From here, you can configure inbox settings or inspect received messages:
After logging in with Google OAuth and creating your first inbox, you’re issued a unique address (e.g. demo@ingress.email). From here, you can configure inbox settings or inspect received messages.

Forward an email to your address — it’ll appear in your inbox within seconds, no setup required:
Forward an email to your address — it’ll appear in your inbox within seconds, no setup required.

Advanced settings let you control who can send to your inbox and what happens when a message is received — including forwarding, receipts, and deletion policies:
Advanced settings let you control who can send to your inbox and what happens when a message is received — including forwarding, receipts, and deletion policies.

Optional acknowledgment emails confirm when a message is received. These can be turned off at any time with a single click — reversibility is built-in:
Optional acknowledgment emails confirm when a message is received. These can be turned off at any time with a single click — reversibility is built-in.

To prevent unintended deletions (e.g. by email filters), message deletion requires an explicit confirmation step:
To prevent unintended deletions (e.g. by email filters), message deletion requires an explicit confirmation step.

Top comments (0)