mayur.ai

Silent Email Monitoring for AI Agents (2026 Final)

7 min readBy mayur.ai
AIAutomationEmailOpenClaw

Building Silent Email Monitoring for Your AI Assistant

What you'll learn: How to build an autonomous email monitoring system that detects incoming emails, composes intelligent replies, and costs under $20/month. I'll walk you through the entire architecture and show you exactly how to set it up for your OpenClaw instance.

The Problem I Solved

When I first started running OpenClaw, I wanted my AI assistant to monitor my email and handle routine messages. But I quickly realized that constant polling was wasteful — I was waking up the agent every 30 minutes to check for emails, burning tokens even when there was nothing to do.

At $0.01 per check × 48 checks per day, that's nearly $5/day just on idle polling. Over a month, that's $150+ before I'd even processed a single email.

There had to be a better way. I needed something that only processed emails when they actually arrived, not on a fixed schedule.

The Architecture I Built

Here's the elegant solution: a three-layer state machine that separates cheap polling from expensive reasoning.

Layer 1 (Free): A systemd timer runs pure bash every 5 minutes to check for unseen emails. This costs nothing — it's just local system calls.

Layer 2 (State Machine): If unread emails exist, a flag file is set to 1. If not, it stays 0. Simple, binary.

Layer 3 (Reasoning): OpenClaw only wakes up when the flag is 1. The AI skill then reads the email, validates the sender, composes a thoughtful reply, and marks it as read.

The result? I pay for LLM tokens only when there's actual work to do, not for idle checks.

How It Works: The Full Flow

Step 1: The Timer Fires (Every 5 Minutes)

A systemd timer triggers a bash script. This script runs ews check-unseen, which queries your mail server via the EWS API. The API call is local, fast, and costs nothing.

Output: Either "0 unread emails" or "5 unread emails"

Step 2: Check the Mail Count

The script compares the unseen count to zero. If there are unread emails, it sets a flag file to 1. If not, the flag stays 0.

Result: Simple state machine — flag is either on or off.

Step 3: Decide Whether to Wake OpenClaw

The same bash script checks the flag. If it's 0, the script exits silently — no agent wakes up, no tokens burned. If it's 1, the script calls OpenClaw with a message: "Process pending emails."

Result: Agent only wakes when needed.

Step 4: The Skill Does the Hard Work

OpenClaw loads the email-reply skill. The skill:

  • Fetches all unread emails
  • Checks the sender email address (not the display name — that matters for security)
  • If sender is trusted: reads the full email, uses LLM to compose an intelligent reply, sends it
  • If sender is unknown: forwards the email to your inbox for manual review
  • Marks each email as read

Cost: Only the LLM reasoning tokens for compose — typically $0.005-0.01 per email.

Step 5: Reset the Flag

After processing, the script resets the flag to 0. The system is ready for the next timer cycle.

Setting It Up Yourself

Prerequisites

  • OpenClaw installed and running
  • Email account (AWS WorkMail, Office 365, or any EWS-compatible mail server)
  • Terminal access to your system
  • Basic bash scripting knowledge (helpful but not required)

Step 1: Install the EWS CLI Wrapper

The EWS CLI is a Python wrapper around the exchangelib library. It gives you command-line access to check unseen emails without having to write Python code.

# Download the wrapper
curl -o ~/.local/bin/ews https://path-to-your-repo/ews-cli
chmod +x ~/.local/bin/ews

# Test it
ews check-unseen

# Output should be JSON with unseen count

The wrapper needs your mail server credentials via environment variables. Set them in your shell config or systemd service file.

Step 2: Create the Trigger Script

This is the heart of the system — the bash script that checks emails and decides whether to wake OpenClaw.

#!/bin/bash

# Configuration
FLAG_FILE="$HOME/.openclaw/email-check-needed.md"
LOG_FILE="$HOME/.openclaw/email-trigger.log"

log_action() {
  echo "[$(date -u '+%Y-%m-%d %H:%M:%S %Z')] $1" >> "$LOG_FILE"
}

# Step 1: Check for unseen emails
log_action "CHECK_START"

# Run the EWS check - this returns JSON
RESULT=$(ews check-unseen 2>&1)

# Extract the flag value (should be 0 or 1)
FLAG=$(echo "$RESULT" | jq -r '.flag // 0')

# If unseen emails found, write flag
if [ "$FLAG" = "1" ]; then
  echo "1" > "$FLAG_FILE"
  log_action "FLAG_ONE_TRIGGER"
else
  echo "0" > "$FLAG_FILE"
  log_action "FLAG_ZERO_SKIP"
fi

This script is deliberately simple. It does one thing: detect unseen emails and set a flag. No logic, no intelligence — just facts.

Step 3: Set Up the Systemd Timer

Create a systemd timer service that runs the trigger script every 5 minutes.

# ~/.config/systemd/user/email-poller.timer
[Unit]
Description=Email Poller Timer - Every 5 minutes
Requires=email-poller.service

[Timer]
OnBootSec=1min
OnUnitActiveSec=5min
Persistent=true
Unit=email-poller.service

[Install]
WantedBy=timers.target

# ~/.config/systemd/user/email-poller.service
[Unit]
Description=Email Poller Service
After=network-online.target

[Service]
Type=oneshot
ExecStart=/home/your-user/.openclaw/email-check-and-trigger.sh
StandardOutput=journal
StandardError=journal

Enable and start the timer:

systemctl --user enable email-poller.timer
systemctl --user start email-poller.timer

# Verify it's running
systemctl --user status email-poller.timer

Step 4: Create the Email-Reply Skill

This is where OpenClaw does the actual work. The skill:

  • Reads unread emails
  • Validates senders
  • Composes replies using LLM reasoning
  • Sends responses

The key security principle: Sender validation happens in code, before any LLM processing. This prevents email bodies from tricking your AI into acting on untrusted messages.

# Pseudocode of the validation logic
sender_email = email["sender"]

if sender_email == "your-trusted-email@example.com":
  # Safe to read full email and compose reply
  reply = compose_smart_reply(email)
  send_reply(email, reply)
else:
  # Forward to human for review
  forward_to_you(email)

The Numbers

| Operation | Cost | Frequency | Monthly | |-----------|------|-----------|---------| | EWS check (polling) | $0 | Every 5 mins | $0 | | LLM reply composition | $0.007 | Per email | $21 (300 emails) | | Total | | | ~$20 |

Compare that to the old approach: polling with OpenClaw awake = $150-200/month just for checking.

Why This Matters

This isn't just about saving money (though $180/month is significant). It's about the principle of efficient automation:

Use dumb systems for cheap polling. Use smart systems only when needed. Separate concerns. Keep each layer focused on one job.

This pattern applies beyond email — monitoring logs, checking deployments, tracking metrics. Whenever you need autonomous monitoring, the state-machine approach keeps costs down and performance up.

What's Next

Once this is working, you can extend it:

  • Multiple inboxes: Add flags for work email, personal email, etc. Each with its own timer.
  • Smart filtering: Route emails to different skills based on sender or subject.
  • Approval workflow: For sensitive tasks, add a human approval step before sending.
  • Webhook integration: Instead of polling, let your mail server push events to OpenClaw.

The foundation is solid. From here, you build based on your needs.

Questions? This system has been running in production since early 2026. It's simple, reliable, and cheap. If you implement it, I'd love to hear how it works for your use case.