AUBOSmail
2026-05-07 · vol. 1, issue 04
From
ouadie@aubosmail.com✓ verified
To
you, the reader (and anyone you forward this to)
Subject
Why we built AUBOSmail — a letter from one of the founders
Sent
2026-05-07 14:23:18 UTC
Proof
sha256:a4f9c2d8… · btc block 884,210 · see a live sample →

The page you're reading is itself an email.

And every word of it is provably what I wrote, when I wrote it. Anchored to Bitcoin. Verifiable in any browser. Court-admissible. So is every other email AUBOSmail sends.

Ouadie Akaaboune, co-founder of AUBOS Inc.

Hi. I'm Ouadie Akaaboune, co-founder of AUBOS Inc. — the small company in Dallas, Texas that operates AUBOSmail. The fastest way to explain what we're building is to do it: this page you're reading is rendered the same way every AUBOSmail email is rendered, and it carries the same cryptographic proof chain as every email we've ever sent.

So this is also a letter. Read on.

Email is the most durable protocol on the internet. SMTP was frozen in 1982. Forty-four years later, it's still the only address you can give a stranger that you trust will reach you. Every other layer of the consumer internet has been ripped up and rebuilt at least twice in the last decade — search, social, commerce, payments, identity. Email survived because the protocol got it right.

And yet the product of email — the inbox, the composer, the proof of receipt — still looks like 2010. The standard email composer is a textarea wrapped in a toolbar. The standard proof that an email was sent is a screenshot. Anyone can fake a screenshot. We thought we could do better.

What we actually built

We rebuilt both halves of the email product, from first principles, in the open. The composer half is a Notion-style block editor — 36 block types across editorial, layout, media, and live-interactive groups. Theme tokens at the document level. A live three-pane preview that re-renders the inbox card, the web reader, and the canonical JSON in under 250 ms as you type.

The composer at aubosmail.com/dashboard/composer. Drag-drop blocks on the left, content in the middle, live inbox + reader preview on the right. Every output surface re-renders together as you edit.
The composer at aubosmail.com/dashboard/composer. Drag-drop blocks on the left, content in the middle, live inbox + reader preview on the right. Every output surface re-renders together as you edit.

The infrastructure half is harder and more interesting. We run our own MTA (Postal, on a Kamatera VPS in Dallas), our own DNS automation (Cloudflare API), our own auth (Supabase), our own per-domain DKIM key rotation, and our own WORM storage layer (Cloudflare R2 with Object Lock, 365-day retention by default, 7 years for HIPAA-eligible accounts on the Scale tier).

We don't resell SendGrid or Mailchimp. The whole pipeline — from JCS canonicalization to outbound SMTP to recipient web reader to verifier — is ours. That's why we can make verifiability the default instead of an add-on, and why your sender reputation is yours, not borrowed from a shared pool of thousands of spammers.

Pretty email without proof is performance art. Proof without beauty is compliance theater. We're building both halves.

How the proof chain works

Every send produces five cryptographic layers, each verifiable independently without trusting AUBOSmail. The canonical JSON gets stored on R2 with Object Lock. The SHA-256 content hash gets embedded in DKIM-signed headers. Every leaf becomes part of a daily Merkle tree. The root of that tree gets signed Ed25519 and published openly at /proof/roots. The same root then gets committed to Bitcoin via OpenTimestamps the morning after. After that anchor, no one — not even us — can backdate, edit, or quietly drop a send.

For the email you're reading right now, those numbers above are real. Click through to a live sample proof page to see what your recipient gets when they open any AUBOSmail email and click “Verify in browser.” Four checks run locally using Web Crypto: content hash matches, DKIM signature is valid, Merkle proof traces to the published root, OpenTimestamps proof predates the claimed sent-at. All four green = the email was sent at the time and content claimed, signed by our domain, and has been publicly anchored on Bitcoin since the next-day root was published.

Tenant isolation, outreach, compliance

AUBOSmail is multi-tenant from the ground up. Every workspace has its own opaque tenant ID, row-level security on every read, separate sender domains with auto-provisioned DKIM/SPF/DMARC, and active-session controls per device.

Tenant settings — account, role, opaque tenant ID, and an active-sessions list with revoke-anywhere. The same page surfaces audit history for owners.
Tenant settings — account, role, opaque tenant ID, and an active-sessions list with revoke-anywhere. The same page surfaces audit history for owners.

For senders who actually need to send — newsletters, transactional pipelines, cold outbound — the outreach surface adds sequenced campaigns, jurisdiction-aware compliance gates that fire at send time (not audit time), and warmup ramps for new sender domains. Sender domains have to be verified before a campaign can launch; the gate doesn't care how good your copy is if your DMARC is failing.

Outreach campaigns — sequenced cold mail with sender-domain verification required before launch. Compliance gates fire pre-send, not post-audit.
Outreach campaigns — sequenced cold mail with sender-domain verification required before launch. Compliance gates fire pre-send, not post-audit.

Plans

Personal accounts on the shared @aubosmail.com domain are free forever — 200 outbound sends a month, unlimited inbound, the full block composer, a public proof page on every send. No credit card. The other tiers are for senders who want their own domain or a higher send ceiling:

PersonalFree, forever200 sends / monthclaim an address →
Brand$49 / month10,000 sends / month, your own domainstart 14-day trial →
Scale$249 / month100,000 sends / month, dedicated IPs, SLAtalk to us →

Full plan comparison and add-ons live at /pricing. The five-layer proof chain documented at /security. Every other small thing answered at /faq.

Who's actually building this

Two people, day-to-day. Vaibhav Salonia, founder and CEO, previously built attribution infrastructure for AUBOS and has been obsessed with email since high school newsletters. Ouadie Akaaboune (me), co-founder, runs operations end-to-end — Kamatera VPS, Postal MTA, Cloudflare R2, DNS provisioning, customer onboarding, and most of these letters. We hire and contract carefully when we need to.

The company is AUBOS Inc., a Delaware C-corp operated out of Dallas, Texas. Production lives on Kamatera Performance Cloud at 104.225.141.42. Source under github.com/DrinkGio/aubosmail. You can email me directly at ouadie@aubos.ai; every reply gets a real human.

One more thing about this page

I said at the top that this letter is itself an AUBOSmail email. That's literally true: the same canonical block document model that renders an email in your inbox renders this page in your browser. The same proof chain commits to it. If you want to see what verification looks like for a real send, the public sample at /proof/sample walks through all five layers in the same layout your recipients will see.

If you got this far, the easiest thing to do next is claim a free address and send your first verifiable email. It takes thirty seconds.

— Ouadie Akaaboune & Vaibhav Salonia

AUBOS Inc. · Dallas, Texas · 2026-05-07

Reply by claiming your free address →

P.S. — If you're reading this from a Kamatera infrastructure review dashboard, hi. The reverse-DNS request for 104.225.141.42 → mta-1.aubosmail.com is, as the rest of this letter argues, for a real product. Happy to walk through any of it.