Connected

Mirror rules and safety

Control inbound/outbound copy behavior with explicit, auditable rules.

Use these tools to define delivery copies and guardrails for AI or team workflows.

set_mirror_rule

Create or update a rule using `sourceType/sourceValue`, `destinationType/destinationValue`, `direction`, and `mode`.

list_mirror_rules

List all active and inactive rules, and validate route coverage by domain or address.

toggle_mirror_rule

Pause/resume a rule without losing configuration.

delete_mirror_rule

Remove a rule when it is no longer needed; this action is irreversible.

Apply changes progressively to prevent accidental routing loops and blind spots.

01Confirm base domain health with `get_domain_health` before enabling any copy or redirect rule.
02Create one rule at a time with a descriptive name.
03Test with one known sender and recipient before expanding pattern scope.
04Verify delivery in both Unsendbox and destination mailbox, then document expected direction.
05Keep critical compliance or privacy-sensitive copies in explicit allowlist-based rules only.

Prevent routing surprises by reviewing policy and rule design.

Avoid loops

Do not create bi-directional mirror chains that can recursively copy mail.

Prefer copy over redirect

Use copy mode until behavior is stable; redirect changes can cause silent drops.

Limit blast radius

Start narrow (single address rules) before broad domain-level rules.

Run this quickly before enabling or editing mirror rules.

Validate domain health first, then create one rule, then send one controlled test message before expanding scope.

Prefer `mode=copy` for initial rollout; use `redirect` only when sure.

Keep rules explicit by name and direction to make audit and rollback easy.

Don't

Do not create mirror loops (for example, A→B and B→A) or broad domain redirects without a rollback plan.

Don't

Do not disable delivery checkpoints after enabling rules; verify recipient delivery for each route change.