UAI Mail Operator Boundaries
Owner-only actions, denied surfaces, credential redaction, and freeze rules for UAI Mail.
Body
UAI Mail — Operator Boundaries
Owner-Only Actions
| Action | Reason |
|---|---|
| Start any Mailu container | Stack intentionally frozen |
| Change DNS, MX, SPF, DMARC, or TLS | Deliverability and exposure risk |
| Modify firewall or host routes | Could expose services early |
Run renew-certs.sh |
Couples Beacon stop + Mailu front restart |
Wipe /root/mail or /mailu |
Only after archive verification |
| Choose restore vs rebuild | Open AI access model |
Credential Redaction
Models and docs must never expose values for:
/root/mail/mailu.env(includingSECRET_KEY,INITIAL_ADMIN_PW,API_TOKENnames — values forbidden)CADENCE_UMAIL_*/SCRIBE_UMAIL_*CADENCE_SMTP_*- DKIM private keys, TLS private keys, mailbox passwords
It is acceptable to reference names only.
Explorer Denied Surfaces (AI Lane)
Follow bootstrap denied_surfaces. Do not use /api/tree, /api/file, /api/raw, /api/upload, /api/admin/*, direct SQLite, .env, .ssh, or arbitrary filesystem search for mail data.
Mail bodies and secrets are not catalog content.
Capability Map Gate
Before describing live mail access, call GET /api/ai/capability-map. As of 2026-07-03 there is no UAI Mail card. Cadence cards exist. Beacon edge hostname mail.united-ai.ca is not proof that mail is live.
Freeze Contract
- No mail container start/stop/restart without owner
- No DNS/MX/TLS/firewall/route changes without owner
- No queue flush
- No secret print
- No mailbox body publication
See Also
uai-doc-ecosystem-product-uai-mailuai-doc-runbooks-uai-mail-archuai-doc-runbooks-uai-mail-stateuai-doc-runbooks-uai-mail-restoreuai-doc-plans-uai-mail-ai-access