What does the email assistant do?

It reads each new message that hits a business inbox, decides whether to answer directly from your knowledge file, draft a reply for human approval, escalate to a person, or archive without replying. The reader strips quoted threads, signatures, and footers before any model runs; the brain picks one of four tools per email; the sender carries out the decision with proper threading, a draft queue, an escalate-forward, or just an audit row.

How much does it cost to run?

About $2 to $5 per month for a typical small-business inbox of around 200 emails a day. The fixed cost is essentially zero — Lambda, S3, DynamoDB, and CloudWatch sit in always-free quotas at SMB volume. Variable cost is dominated by Bedrock Haiku tokens (roughly $1 to $3/month) plus SES inbound at $0.10 per 1,000 chunks and SES outbound at $0.10 per 1,000 emails sent.

Which inboxes does it support?

Any inbox you can route to AWS SES inbound. The simplest setup is a fresh address on a domain you own with MX records pointing at SES. For Google Workspace and Microsoft 365 inboxes, the assistant address is typically a separate alias (for example hello@yourbusiness.com) routed to SES inbound, while staff inboxes stay in Workspace or 365 unchanged. IMAP-based or Microsoft Graph-based polling against an existing Workspace or 365 mailbox is a viable alternative when the receiving address itself can't be moved to SES — the rest of the architecture stays the same.

How does it avoid replying to newsletters or auto-responders?

Three lanes at the door run before the brain ever sees an email. The auto-archive lane catches noreply@, no-reply@, donotreply@, and mailer-daemon@ senders, anything carrying a List-Unsubscribe header, and DMARC or bounce reports. The direct-escalate lane forwards messages from an allowlist of clients, partners, and staff straight to the human inbox with an X-Assistant-Lane: direct header. Only the AI-handle lane reaches the brain, and tool 4 (archive without replying) gives the brain itself a clean way to drop one-line thanks, cold outreach, or notifications that slipped through.

How does the assistant stay accurate?

Two gates fire on every reply: the answer must be supported by a passage in your knowledge file, and the model must emit a confidence score above the threshold. The brain calls Bedrock with strict tool_use over four tools, each requiring a citation_passage_id the runtime verifies against the retrieved set. Confidence ≥ 0.85 auto-sends; 0.6 to 0.85 becomes a draft for human approval; below 0.6 escalates. No citation, no auto-send.

What happens when a VIP emails?

VIPs (key clients, active partners, staff personal addresses, anyone replying to a thread a human already started) sit on a short allowlist that lives in the same Drive doc as the knowledge file. Their messages take the direct-escalate lane: forwarded to the human inbox unchanged, with a small X-Assistant-Lane: direct header so you know it bypassed the AI. The thread stays intact and the sender notices nothing. Editing the allowlist doesn't need a deploy.

Which AWS services does it use?

SES (inbound and outbound), Lambda, DynamoDB on-demand, S3, EventBridge, SNS, Secrets Manager, CloudWatch Logs with seven-day retention, AWS Budgets, and Bedrock (Claude Haiku 4.5 via Global cross-Region inference, plus Titan Text Embeddings v2 over an Amazon S3 Vectors index). No API Gateway, no NAT Gateway, no always-on compute.

Series · 7 parts Published April 30, 2026

Email assistant

A serverless email assistant on AWS that triages your inbox, drafts replies from your own knowledge, and escalates anything beyond its remit to a human. Seven posts on the same system — one diagram at a time — with an engineering reference at the end.

01

An email assistant on AWS for a few dollars a month

The whole system on one page — a reader, a brain, a sender, and the four moves they share for every inbound email.
02

How an email enters the assistant

Three lanes at the door: auto-archive for newsletters and bots, AI-handle for normal mail, direct escalate for the people you always want to see.
03

How the assistant reads an email

Strip the noise — quoted threads, signatures, footers — and what’s left is the real message. The brain only sees the clean version.
04

How the assistant decides what to do

Four tools, one pick per email: answer directly, draft for review, escalate to a human, or archive without replying. The AI is allowed to be confident or to defer — never to invent.
05

How a reply stays accurate

Every auto-reply cites a passage from your knowledge file. No citation, no auto-send. Borderline confidence routes to a draft you approve in seconds.
06

What the email assistant costs

A coffee a month at SMB volume. Cents per email, scaling smoothly with how often the inbox rings.
07

Engineering reference: the email assistant architecture

Same system, drawn purely for engineers. Service names, resource identifiers, region, Bedrock model IDs.

What does the email assistant do?: It reads each new message that hits a business inbox, decides whether to answer directly from your knowledge file, draft a reply for human approval, escalate to a person, or archive without replying. The reader strips quoted threads, signatures, and footers before any model runs; the brain picks one of four tools per email; the sender carries out the decision with proper threading, a draft queue, an escalate-forward, or just an audit row.
How much does it cost to run?: About $2 to $5 per month for a typical small-business inbox of around 200 emails a day. The fixed cost is essentially zero — Lambda, S3, DynamoDB, and CloudWatch sit in always-free quotas at SMB volume. Variable cost is dominated by Bedrock Haiku tokens (roughly $1 to $3/month) plus SES inbound at $0.10 per 1,000 chunks and SES outbound at $0.10 per 1,000 emails sent.
Which inboxes does it support?: Any inbox you can route to AWS SES inbound. The simplest setup is a fresh address on a domain you own with MX records pointing at SES. For Google Workspace and Microsoft 365 inboxes, the assistant address is typically a separate alias (for example hello@yourbusiness.com) routed to SES inbound, while staff inboxes stay in Workspace or 365 unchanged. IMAP-based or Microsoft Graph-based polling against an existing Workspace or 365 mailbox is a viable alternative when the receiving address itself can’t be moved to SES — the rest of the architecture stays the same.
How does it avoid replying to newsletters or auto-responders?: Three lanes at the door run before the brain ever sees an email. The auto-archive lane catches noreply@, no-reply@, donotreply@, and mailer-daemon@ senders, anything carrying a List-Unsubscribe header, and DMARC or bounce reports. The direct-escalate lane forwards messages from an allowlist of clients, partners, and staff straight to the human inbox with an X-Assistant-Lane: direct header. Only the AI-handle lane reaches the brain, and tool 4 (archive without replying) gives the brain itself a clean way to drop one-line thanks, cold outreach, or notifications that slipped through.
How does the assistant stay accurate?: Two gates fire on every reply: the answer must be supported by a passage in your knowledge file, and the model must emit a confidence score above the threshold. The brain calls Bedrock with strict tool_use over four tools, each requiring a citation_passage_id the runtime verifies against the retrieved set. Confidence ≥ 0.85 auto-sends; 0.6 to 0.85 becomes a draft for human approval; below 0.6 escalates. No citation, no auto-send.
What happens when a VIP emails?: VIPs (key clients, active partners, staff personal addresses, anyone replying to a thread a human already started) sit on a short allowlist that lives in the same Drive doc as the knowledge file. Their messages take the direct-escalate lane: forwarded to the human inbox unchanged, with a small X-Assistant-Lane: direct header so you know it bypassed the AI. The thread stays intact and the sender notices nothing. Editing the allowlist doesn’t need a deploy.
Which AWS services does it use?: SES (inbound and outbound), Lambda, DynamoDB on-demand, S3, EventBridge, SNS, Secrets Manager, CloudWatch Logs with seven-day retention, AWS Budgets, and Bedrock (Claude Haiku 4.5 via Global cross-Region inference, plus Titan Text Embeddings v2 over an Amazon S3 Vectors index). No API Gateway, no NAT Gateway, no always-on compute.

All posts

Frequently asked questions

Other series