Labsco
mailgun logo

Mailgun

β˜… 56

from mailgun

Interact with Mailgun API.

πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedPaid serviceAdvanced setup

Mailgun MCP Server

MCP

Overview

A Model Context Protocol (MCP) server for Mailgun that gives AI agents a practical, workflow-oriented interface to send email, diagnose deliverability, and manage account operations.

Note: This MCP server runs locally on your machine. Mailgun does not currently offer a hosted version of this server.

Capabilities

  • Messaging β€” Send emails, retrieve stored messages, resend messages
  • Domains β€” View domain details, verify DNS configuration, manage tracking settings (click, open, unsubscribe)
  • Webhooks β€” List, create, update, and delete event webhooks
  • Routes β€” View and update inbound email routing rules
  • Mailing Lists β€” Create and manage mailing lists and their members
  • Templates β€” Create and manage email templates with versioning
  • Analytics β€” Query sending metrics, usage metrics, and logs
  • Stats β€” View aggregate statistics by domain, tag, provider, device, and country
  • Suppressions β€” View bounces, unsubscribes, complaints, and allowlist entries
  • IPs & IP Pools β€” View IP assignments and dedicated IP pool configuration
  • Bounce Classification β€” Analyze bounce types and delivery issues

Sample Prompts

Send an Email

Copy & paste β€” that's it
Can you send an email to EMAIL_HERE with a funny email body that makes it sound
like it's from the IT Desk from Office Space? Please use the sending domain
DOMAIN_HERE, and make the email from "postmaster@DOMAIN_HERE"!

Note: some MCP clients require a paid plan to invoke tools that send data. If sending fails silently, check your client's plan.

Fetch and Visualize Sending Statistics

Copy & paste β€” that's it
Would you be able to make a chart with email delivery statistics for the past week?

Manage Templates

Copy & paste β€” that's it
Create a welcome email template for new signups on my domain DOMAIN_HERE.
Include a personalized greeting and a call-to-action button.

Investigate Deliverability

Copy & paste β€” that's it
Can you check the bounce classification stats for my account and tell me
what the most common bounce reasons are?

Troubleshoot DNS

Copy & paste β€” that's it
Check the DNS verification status for my domain DOMAIN_HERE and tell me
if anything needs fixing.

Review Suppressions

Copy & paste β€” that's it
Are there any unsubscribes or complaints for DOMAIN_HERE? Summarize the
top offenders.

Manage Routing Rules

Copy & paste β€” that's it
List all my inbound routes and explain what each one does.

Create a Mailing List

Copy & paste β€” that's it
Create a mailing list called announcements@DOMAIN_HERE and add these
members: alice@example.com, bob@example.com.

Compare Domains

Copy & paste β€” that's it
Compare my sending volume and delivery rates across all my domains for
the past month.

Engagement by Region

Copy & paste β€” that's it
Break down my email engagement by country and device for DOMAIN_HERE.

Review Tracking Settings

Copy & paste β€” that's it
List all my domains and show which ones have tracking enabled for clicks
and opens.

Development

To run from source, clone the repository and use node directly:

Copy & paste β€” that's it
git clone https://github.com/mailgun/mailgun-mcp-server.git
cd mailgun-mcp-server
npm install
npm test

In your MCP client config, replace the npx command with:

Copy & paste β€” that's it
"command": "node",
"args": ["/path/to/mailgun-mcp-server/src/mailgun-mcp.js"]

Pre-commit hooks

npm install installs a git pre-commit hook (via husky) that runs oxlint --fix and oxfmt on staged TypeScript/JavaScript files and runs npm run check:versions. Fixable issues are auto-fixed and re-staged; commits that introduce unfixable lint errors or version-sync mismatches are rejected. If you already had a local clone before this change, run npm install once to install the hook.

Note on adding endpoints

When adding a new endpoint if you use a plain string for it's definition it will default to being tagged with the send product type in the _meta field. If you would like to tag it as a different product use the object version of the EndpointEntry type.

Security Considerations

API key isolation

Your Mailgun API key is passed as an environment variable and is never exposed to the AI model itself β€” it is only used by the MCP server process to authenticate requests. The server does not log API keys, request parameters, or response data.

Local execution

The server runs locally on your machine. All communication with the Mailgun API is over HTTPS with TLS certificate validation enforced. No data is sent to third-party services beyond the Mailgun API.

API key permissions

Use a dedicated Mailgun API key with permissions scoped to only the operations you need. The server exposes read and update operations but does not expose any delete operations, which limits the blast radius of unintended actions.

Rate limiting

The server does not implement client-side rate limiting. Each tool call from the AI translates directly into a Mailgun API request. The server relies on Mailgun's server-side rate limits to prevent abuse β€” requests that exceed those limits will return an error to the AI assistant.

Prompt injection

As with any MCP server, a crafted or adversarial prompt could trick the AI assistant into calling operations you did not intend β€” for example, modifying tracking settings or reading mailing list members. Review your AI assistant's tool-call confirmations before approving actions, especially in untrusted prompt contexts.

Webhook URLs

Webhook create and update operations accept arbitrary URLs provided through the AI assistant. The MCP server passes these URLs to the Mailgun API without additional validation. Mailgun is responsible for validating webhook destinations. Ensure your AI assistant does not set webhook URLs to unintended internal or sensitive addresses.

Input validation

All tool parameters are validated against the Mailgun OpenAPI specification using Zod schemas. However, validation depends on the accuracy of the OpenAPI spec, and some edge-case parameters may fall back to permissive validation. The Mailgun API performs its own server-side validation as an additional layer of protection.

Debugging

The MCP server communicates over stdio. Refer to the MCP Debugging Guide for troubleshooting.

License

Apache 2.0 β€” see LICENSE for details.

Contributing

We welcome contributions! Please feel free to submit a Pull Request or open an Issue.