Add the mailbox
Friendly name and email, host / port / security, the folder to watch and the department it feeds, then hit Test for a real IMAP login before saving.
Pipe support@ straight into OpsIQ: each inbound email becomes a native ticket, the AI drafts or sends a grounded reply by email, and your team picks up only what needs a human, all on one threaded timeline. Transactional and broadcast email ride the same authenticated relay, so SPF, DKIM and DMARC pass and your mail lands in the inbox, not spam.
Add an IMAP mailbox (Gmail, Outlook or cPanel), give it a friendly name, route it to a department, and test the connection with a real login before you save. Or set a forwarding rule from support@ to your OpsIQ pipe address. A cron job polls every few minutes; no MX change required to get started, and you can run sales@, billing@ and support@ side by side, each routed.
Friendly name and email, host / port / security, the folder to watch and the department it feeds, then hit Test for a real IMAP login before saving.
IMAP credentials to fetch on a schedule, or a forwarding rule from support@ to your pipe address. Either way, no MX change to start, and many mailboxes run side by side.
A cron job checks every enabled box on each tick, or Poll now on demand. Every message from a box lands on the right queue.
The ingestor reads the message, resolves the sender to a contact (or creates one), opens a ticket with the subject as title and the body as the first reply, and ingests attachments inline. Follow-ups thread onto the same ticket. No duplicates, no lost context.
Message-ID, In-Reply-To and References headers (plus the requester) are matched so a customer's reply appends to the original ticket. Attachments (receipts, screenshots, PDFs) are decoded from multipart MIME and stored on the timeline.
Every outbound message gets a minted, persisted Message-ID. When a reply returns, OpsIQ matches In-Reply-To and References against that ID, so the follow-up appends to the original ticket instead of opening a duplicate. An atomic Message-ID claim makes ingestion idempotent, even if the poll runs twice.
The same brain that runs your chat widget reads the email, answers from your knowledge base and the customer's account, and either drafts a reply for an agent to approve in the Email Drafts queue or sends it automatically, your choice, per workspace. Each inbound message lands with a grounded draft attached: tweak it inline, hit Regenerate for a fresh take, or approve to send. RFC-3834 suppression skips auto-responders, bounces and no-reply senders, and a 3-per-hour per-sender cap stops reply loops dead.
Outbound email leaves through one transport you control: pin a Mailgun / SendGrid / Postmark / Resend / Amazon SES connector, or configure SMTP as the fallback. Every message is DKIM-signed and SPF/DMARC-aligned for your domain, so mailbox providers trust it. A 24-hour delivery panel shows sent, failed and a breakdown by transport, with a warning if OpsIQ is still falling back to PHP mail().
Every outbound message (agent reply, AI auto-reply, transactional, broadcast) enters a single router. It tries your pinned connector first, then any other configured connector, then SMTP, and only falls through to PHP mail() as a last resort, warning you the moment it does. One deterministic path for CRM email, campaigns, proactive rules and ticket replies.
Pin one connector as the preferred outbound default so every send is predictable: agent replies, AI auto-replies, transactional and broadcasts alike.
If that send fails, the router cascades to your remaining connectors, then SMTP, so a single provider outage never silences your support inbox.
Only if nothing else is set does it fall through to PHP mail(), and a warning fires the instant it does, because most hosts throttle it.
Resets, 2FA codes, ticket updates, CSAT surveys and invoice receipts ride the same signed relay with branded HTML templates.
Compose with OpsIQ Writing, send to all active agents or a selected subset; every run logs date, subject, scope and sent / failed counts.
Audience sends respect consent state; the unsubscribe link revokes consent and logs the activity automatically.
A fair look at where the OpsIQ email channel sits next to the usual shared-inbox tools.
| Capability | Shared inbox / Gmail-as-helpdesk | OpsIQ |
|---|---|---|
| Email → native ticket | Labels & threads, not real tickets | Built-in |
| AI drafts grounded in your KB + account | None / paid add-on | Core, included |
| Approve-then-send draft queue | Manual / partial | Edit · regenerate · send |
| Unified with chat + tickets + CRM | Inbox only | One workspace |
| Header thread matching (no dupes) | Threads, not tickets | Message-ID + idempotency |
| DKIM / SPF / DMARC handled for you | DIY DNS / partial | Relay + connectors |
| Transactional + broadcast on same relay | DIY / limited | One signed relay |
| Bounce & complaint tracking | Manual | Tracked + auto-skip |
| Bring your own provider (SES / Postmark…) | n/a / limited | Connector or SMTP |
| Pricing model | Per-seat / per-mailbox | Flat plan |
Every capability, grouped. ★ marks a stand-out.
| Feature | What it does |
|---|---|
| Inbound | |
| IMAP Mailbox Connect ★ | Gmail, Outlook or cPanel; test the connection live before saving, cron polls every 3 minutes. |
| Inbound Email → Native Ticket ★ | Sender resolved, subject becomes the title, body the first reply, attachments inline: one message, one ticket, one timeline. |
| Sendmail Pipe Receiver | Alias-pipe raw email straight into tickets via your MTA, no MX change required. |
| Header-Based Thread Matching ★ | Message-ID, In-Reply-To and References matched so replies thread instead of duplicating. |
| Inbound Idempotency NEW | Atomic Message-ID claim means a double poll never double-ingests the same email. |
| Attachment Ingestion | Decoded, stored and displayed inline from multipart MIME; files travel into the ticket. |
| Department Routing by Recipient | support@, billing@ and sales@ routed by the To / Cc / Delivered-To headers into the right queue. |
| Multiple Mailbox Support | Multiple parallel mailboxes (plan-capped: 10 on Growth, up to unlimited on Enterprise): support@, sales@, billing@ side by side, each routed. |
| Polling Performance Budgeting NEW | Wall-clock budget plus per-mailbox caps so AI drafts never stall the poll. |
| IMAP Timeout Hardening NEW | 8–12s bounded timeouts; a dead host costs ~20s at most, never an unbounded stall. |
| SSL Certificate Validation Toggle NEW | Validated by default; self-signed certs are a per-mailbox opt-in. Secure by default. |
| AI & replies | |
| AI-Drafted Email Replies ★ | Grounded in the account and your knowledge base, written in your voice, mode set per workspace. |
| Email Drafts Queue ★ | A review page where every pending reply waits: approve-then-send. |
| Draft Regeneration NEW | Re-run the AI with the same context for a fresh take, without losing the thread. |
| Draft Editing NEW | Inline tweaks before send: quick edits, no separate composer. |
| Auto-Reply Mode Control ★ | Auto-send, draft-first or hands-off, chosen per workspace. |
| Auto-Reply Suppression (RFC 3834) ★ | Skips mailers, bounces, no-reply senders and lists; never auto-reply to a daemon. |
| Per-Sender Auto-Reply Rate Limit NEW | 3-per-hour cap per sender stops reply loops from broken filters. |
| Outbound & deliverability | |
| Outbound Email Router ★ | One send path: pinned connector → other connectors → SMTP → mail() last resort. |
| Email Connector: Mailgun | Inbound webhook plus the Messages API for outbound relay. |
| Email Connector: SendGrid | Inbound Parse plus outbound over Basic Auth. |
| SMTP Fallback | STARTTLS or SSL used automatically when a connector send fails. |
| Test Email Send NEW | Fire a live test through the chosen transport to confirm delivery end to end. |
| DKIM Signing ★ | Per-message DKIM plus a unique Message-ID so providers trust your mail. |
| SPF & DMARC Alignment ★ | Relay and connector domains aligned so authentication passes. |
| Per-Domain From Identity | Global or per-department From identity; connectors can override. |
| Reply-To Preservation ★ | In-Reply-To and References preserved so replies land on the same ticket. |
| Message-ID Minting & Persistence NEW | Minted, stored and matched against inbound replies. |
| Department Signatures NEW | Per-department signatures appended to outbound mail automatically. |
| Header Injection Defence ★ NEW | CRLF and NUL stripped from header values to block SMTP header injection. |
| Multipart MIME NEW | text/html plus attachments: text clients see text, HTML clients see styled. |
| Attachment Support NEW | Attach up to 15 files at 15MB each on outbound replies. |
| Analytics & logs | |
| 24-Hour Delivery Stats NEW | Sent and failed, broken down by transport, on a live 24-hour dashboard. |
| Email Audit Log ★ NEW | Every email logged with direction, status, transport and thread, fully auditable. |
| Transactional & broadcast | |
| Broadcast Email to Agents | Send to all or selected agents; every run is logged. |
| OpsIQ Writing for Broadcasts NEW | Compose broadcasts with the AI Assist writer. |
| Broadcast History & Audit NEW | Full history: who sent what, scope and sent / failed counts. |
| Transactional Email | Resets, 2FA codes, receipts, CSAT and ticket updates over the signed relay. |
| Compliance & suppression | |
| Email Consent Tracking ★ | unknown / granted / revoked states block mail to anyone opted out. |
| Unsubscribe Handling | The unsubscribe link revokes consent and logs the activity automatically. |
| Bounce Detection Activity | Hard bounces raise an email.bounced activity so you stop sending to bad addresses. |
| Bounce Impact on Outreach NEW | Bounced contacts are auto-skipped in sequences and outreach. |
| Integration, config & security | |
| Email Connector Context Provider NEW | Mailbox, draft, stats and domain config surfaced to the AI. |
| Pinned Connector Selection NEW | Pin one connector as the preferred outbound default. |
| Mail Fallback Warning NEW | Warns the instant OpsIQ has to fall back to PHP mail(). |
| Webhook Signature Verification ★ | HMAC-SHA256 or Basic Auth blocks forged inbound email. |
| Webhook Timestamp Validation NEW | A 5-minute window blocks replay attacks. |
| Unique Webhook Paths per Connector NEW | Unguessable per-connector paths prevent enumeration. |
| Allowed Self-Signed Certs (Per-Mailbox) NEW | Fine-grained opt-in for self-signed certs; secure by default. |
mail() if neither is set, which the Email Settings screen warns you about, because most hosts cap it.