nothumanallowed 12.6.6 → 12.7.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "12.6.6",
+  "version": "12.7.0",
   "description": "NotHumanAllowed — 38 AI agents, 80 tools. Email, calendar, browser automation, screen capture, canvas, cron/heartbeat, Alexandria E2E messaging, GitHub, Notion, Slack, voice chat, free AI (Liara), 28 languages. Zero-dependency CLI.",
   "type": "module",
   "bin": {

package/src/commands/ui.mjs

@@ -631,6 +631,14 @@ export async function cmdUI(args) {
       // GET /api/config — read config values for settings UI
       if (method === 'GET' && pathname === '/api/config') {
         // Return non-sensitive config for the settings form
+        // Sanitize email accounts — don't expose passwords to frontend
+        const safeAccounts = (config.emailAccounts || []).map(a => ({
+          label: a.label,
+          address: a.address,
+          isDefault: a.isDefault,
+          hasImap: !!(a.imap?.host),
+          hasSmtp: !!(a.smtp?.host),
+        }));
         sendJSON(res, 200, {
           profile: config.profile || {},
           provider: config.llm?.provider || '',
@@ -641,6 +649,8 @@ export async function cmdUI(args) {
           meetingAlert: config.ops?.meetingAlertMinutes || 30,
           hasTelegram: !!config.responder?.telegram?.token,
           hasDiscord: !!config.responder?.discord?.token,
+          hasGoogle: !!config._googleConnected,
+          emailAccounts: safeAccounts,
         });
         logRequest(method, pathname, 200, Date.now() - start);
         return;

package/src/config.mjs

@@ -109,6 +109,16 @@ const DEFAULT_CONFIG = {
   slack: {
     token: '',
   },
+  emailAccounts: [
+    // Example:
+    // {
+    //   label: 'Work',
+    //   address: 'you@company.com',
+    //   imap: { host: 'imap.company.com', port: 993, user: 'you@company.com', pass: '', tls: true },
+    //   smtp: { host: 'smtp.company.com', port: 587, user: 'you@company.com', pass: '', tls: false },
+    //   isDefault: false,
+    // }
+  ],
   profile: {
     name: '',
     email: '',
@@ -288,6 +298,42 @@ export function setConfigValue(key, value) {
     'language': 'language',
   };
 
+  // Special handler for email account management
+  if (key.startsWith('email-add')) {
+    // nha config set email-add "label|address|imap-host|imap-port|imap-user|imap-pass|smtp-host|smtp-port|smtp-user|smtp-pass"
+    const parts = value.split('|').map(p => p.trim());
+    if (parts.length < 6) return false;
+    const [label, address, imapHost, imapPort, imapUser, imapPass, smtpHost, smtpPort, smtpUser, smtpPass] = parts;
+    if (!config.emailAccounts) config.emailAccounts = [];
+    config.emailAccounts.push({
+      label: label || 'Email',
+      address: address || imapUser,
+      imap: { host: imapHost, port: parseInt(imapPort) || 993, user: imapUser, pass: imapPass, tls: true },
+      smtp: smtpHost ? { host: smtpHost, port: parseInt(smtpPort) || 587, user: smtpUser || imapUser, pass: smtpPass || imapPass, tls: false } : null,
+      isDefault: config.emailAccounts.length === 0,
+    });
+    saveConfig(config);
+    return true;
+  }
+
+  if (key === 'email-remove') {
+    if (!config.emailAccounts) return false;
+    const idx = parseInt(value);
+    if (isNaN(idx) || idx < 0 || idx >= config.emailAccounts.length) return false;
+    config.emailAccounts.splice(idx, 1);
+    saveConfig(config);
+    return true;
+  }
+
+  if (key === 'email-default') {
+    if (!config.emailAccounts) return false;
+    const idx = parseInt(value);
+    if (isNaN(idx) || idx < 0 || idx >= config.emailAccounts.length) return false;
+    config.emailAccounts.forEach((a, i) => a.isDefault = i === idx);
+    saveConfig(config);
+    return true;
+  }
+
   const resolved = aliases[key] || key;
   const resolvedParts = resolved.split('.');
 

package/src/constants.mjs

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-export const VERSION = '12.6.6';
+export const VERSION = '12.7.0';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/services/imap-email.mjs

@@ -0,0 +1,428 @@
+/**
+ * Multi-provider IMAP/SMTP email service.
+ *
+ * - Read-only IMAP: downloads messages, marks as seen on local DB only.
+ *   NEVER deletes, moves, or modifies messages on the remote server.
+ * - SMTP send: each account has its own SMTP config.
+ * - Multiple accounts supported, each independent.
+ * - Zero npm dependencies: uses Node.js 22 native net/tls + custom IMAP/SMTP.
+ *
+ * Config: ~/.nha/config.json → emailAccounts[]
+ */
+
+import net from 'net';
+import tls from 'tls';
+import crypto from 'crypto';
+import fs from 'fs';
+import path from 'path';
+import { NHA_DIR } from '../constants.mjs';
+
+const EMAIL_DB_DIR = path.join(NHA_DIR, 'email-cache');
+
+// ── IMAP Client (read-only, POP3-like behavior) ────────────────────────
+
+class IMAPClient {
+  constructor(host, port, user, pass, useTLS = true) {
+    this.host = host;
+    this.port = port;
+    this.user = user;
+    this.pass = pass;
+    this.useTLS = useTLS;
+    this.socket = null;
+    this.tagCounter = 0;
+    this.buffer = '';
+  }
+
+  /** Connect and authenticate */
+  async connect() {
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => reject(new Error('IMAP connection timeout')), 15000);
+
+      const onConnect = () => {
+        clearTimeout(timeout);
+        this._readResponse().then(() => {
+          return this._command(`LOGIN "${this.user}" "${this.pass}"`);
+        }).then(res => {
+          if (res.includes('OK')) resolve();
+          else reject(new Error('IMAP login failed'));
+        }).catch(reject);
+      };
+
+      if (this.useTLS) {
+        this.socket = tls.connect({ host: this.host, port: this.port, rejectUnauthorized: true }, onConnect);
+      } else {
+        this.socket = net.connect({ host: this.host, port: this.port }, onConnect);
+      }
+
+      this.socket.setEncoding('utf-8');
+      this.socket.on('error', (e) => { clearTimeout(timeout); reject(e); });
+    });
+  }
+
+  /** Send IMAP command and get response */
+  async _command(cmd) {
+    const tag = `A${++this.tagCounter}`;
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => reject(new Error('IMAP command timeout')), 30000);
+      let response = '';
+
+      const onData = (chunk) => {
+        response += chunk;
+        // Check if we have the tagged response line
+        if (response.includes(`${tag} OK`) || response.includes(`${tag} NO`) || response.includes(`${tag} BAD`)) {
+          clearTimeout(timeout);
+          this.socket.removeListener('data', onData);
+          resolve(response);
+        }
+      };
+
+      this.socket.on('data', onData);
+      this.socket.write(`${tag} ${cmd}\r\n`);
+    });
+  }
+
+  /** Read server greeting */
+  async _readResponse() {
+    return new Promise((resolve) => {
+      const onData = (chunk) => {
+        this.buffer += chunk;
+        if (this.buffer.includes('\r\n')) {
+          this.socket.removeListener('data', onData);
+          resolve(this.buffer);
+          this.buffer = '';
+        }
+      };
+      this.socket.on('data', onData);
+    });
+  }
+
+  /** List recent messages (headers only). NEVER modifies server state. */
+  async listMessages(folder = 'INBOX', limit = 20) {
+    await this._command(`SELECT "${folder}"`);
+
+    // Get message count from SELECT response
+    const searchRes = await this._command('SEARCH ALL');
+    const ids = searchRes.match(/\* SEARCH ([\d\s]+)/)?.[1]?.trim().split(/\s+/) || [];
+    const recent = ids.slice(-limit);
+
+    if (recent.length === 0) return [];
+
+    const messages = [];
+    for (const id of recent) {
+      try {
+        const headerRes = await this._command(`FETCH ${id} (FLAGS BODY.PEEK[HEADER.FIELDS (FROM TO SUBJECT DATE MESSAGE-ID)])`);
+
+        const from = headerRes.match(/From:\s*(.+)/i)?.[1]?.trim() || '';
+        const to = headerRes.match(/To:\s*(.+)/i)?.[1]?.trim() || '';
+        const subject = headerRes.match(/Subject:\s*(.+)/i)?.[1]?.trim() || '';
+        const date = headerRes.match(/Date:\s*(.+)/i)?.[1]?.trim() || '';
+        const messageId = headerRes.match(/Message-ID:\s*(.+)/i)?.[1]?.trim() || id;
+        const seen = headerRes.includes('\\Seen');
+
+        messages.push({ id, messageId, from, to, subject, date, seen });
+      } catch { /* skip unparseable messages */ }
+    }
+
+    return messages.reverse(); // newest first
+  }
+
+  /** Read full message body. Uses BODY.PEEK to NOT mark as read on server. */
+  async readMessage(id) {
+    const res = await this._command(`FETCH ${id} BODY.PEEK[]`);
+
+    // Parse basic MIME — extract text/plain or text/html part
+    const body = res.replace(/^\* \d+ FETCH.*?\r\n/m, '').replace(/\)\r\nA\d+ OK.*$/s, '');
+
+    // Try to extract text/plain content
+    const plainMatch = body.match(/Content-Type:\s*text\/plain[\s\S]*?\r\n\r\n([\s\S]*?)(?:\r\n--|\r\nA\d+)/i);
+    if (plainMatch) return decodeBody(plainMatch[1]);
+
+    // Fallback: strip HTML tags
+    const htmlMatch = body.match(/Content-Type:\s*text\/html[\s\S]*?\r\n\r\n([\s\S]*?)(?:\r\n--|\r\nA\d+)/i);
+    if (htmlMatch) return stripHtml(decodeBody(htmlMatch[1]));
+
+    // Last resort: return raw (first 5000 chars)
+    return body.slice(0, 5000);
+  }
+
+  async disconnect() {
+    try {
+      await this._command('LOGOUT');
+    } catch {} finally {
+      this.socket?.destroy();
+    }
+  }
+}
+
+// ── SMTP Client ─────────────────────────────────────────────────────────
+
+class SMTPClient {
+  constructor(host, port, user, pass, useTLS = true) {
+    this.host = host;
+    this.port = port;
+    this.user = user;
+    this.pass = pass;
+    this.useTLS = useTLS;
+    this.socket = null;
+  }
+
+  async connect() {
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => reject(new Error('SMTP connection timeout')), 15000);
+
+      const afterConnect = async () => {
+        clearTimeout(timeout);
+        try {
+          await this._readLine(); // greeting
+
+          // EHLO
+          await this._send(`EHLO nha-client`);
+          const ehloRes = await this._readMultiLine();
+
+          // STARTTLS if port 587 and not already TLS
+          if (this.port === 587 && !this.useTLS && ehloRes.includes('STARTTLS')) {
+            await this._send('STARTTLS');
+            await this._readLine();
+            // Upgrade to TLS
+            this.socket = await this._upgradeTLS();
+            await this._send(`EHLO nha-client`);
+            await this._readMultiLine();
+          }
+
+          // AUTH LOGIN
+          await this._send('AUTH LOGIN');
+          const authRes = await this._readLine();
+          if (!authRes.startsWith('334')) throw new Error('SMTP AUTH not supported');
+
+          await this._send(Buffer.from(this.user).toString('base64'));
+          await this._readLine();
+
+          await this._send(Buffer.from(this.pass).toString('base64'));
+          const loginRes = await this._readLine();
+          if (!loginRes.startsWith('235')) throw new Error('SMTP login failed');
+
+          resolve();
+        } catch (e) { reject(e); }
+      };
+
+      if (this.useTLS || this.port === 465) {
+        this.socket = tls.connect({ host: this.host, port: this.port, rejectUnauthorized: true }, afterConnect);
+      } else {
+        this.socket = net.connect({ host: this.host, port: this.port }, afterConnect);
+      }
+
+      this.socket.setEncoding('utf-8');
+      this.socket.on('error', (e) => { clearTimeout(timeout); reject(e); });
+    });
+  }
+
+  async _send(data) {
+    return new Promise((resolve, reject) => {
+      this.socket.write(data + '\r\n', (err) => err ? reject(err) : resolve());
+    });
+  }
+
+  async _readLine() {
+    return new Promise((resolve) => {
+      let buf = '';
+      const onData = (chunk) => {
+        buf += chunk;
+        if (buf.includes('\r\n')) {
+          this.socket.removeListener('data', onData);
+          resolve(buf.trim());
+        }
+      };
+      this.socket.on('data', onData);
+    });
+  }
+
+  async _readMultiLine() {
+    return new Promise((resolve) => {
+      let buf = '';
+      const onData = (chunk) => {
+        buf += chunk;
+        // Multi-line ends with a line that has space after status code (e.g., "250 OK")
+        const lines = buf.split('\r\n');
+        const lastLine = lines.filter(l => l.length > 0).pop() || '';
+        if (lastLine.match(/^\d{3} /)) {
+          this.socket.removeListener('data', onData);
+          resolve(buf.trim());
+        }
+      };
+      this.socket.on('data', onData);
+    });
+  }
+
+  async _upgradeTLS() {
+    return new Promise((resolve, reject) => {
+      const upgraded = tls.connect({ socket: this.socket, host: this.host, rejectUnauthorized: true }, () => {
+        this.socket = upgraded;
+        resolve(upgraded);
+      });
+      upgraded.on('error', reject);
+    });
+  }
+
+  /** Send email */
+  async send(from, to, subject, body, cc = '', bcc = '') {
+    // MAIL FROM
+    await this._send(`MAIL FROM:<${from}>`);
+    const fromRes = await this._readLine();
+    if (!fromRes.startsWith('250')) throw new Error(`MAIL FROM rejected: ${fromRes}`);
+
+    // RCPT TO (multiple recipients)
+    const recipients = [to, ...cc.split(','), ...bcc.split(',')].filter(Boolean).map(e => e.trim());
+    for (const rcpt of recipients) {
+      const addr = rcpt.match(/<([^>]+)>/)?.[1] || rcpt;
+      await this._send(`RCPT TO:<${addr}>`);
+      const rcptRes = await this._readLine();
+      if (!rcptRes.startsWith('250')) throw new Error(`RCPT TO rejected for ${addr}: ${rcptRes}`);
+    }
+
+    // DATA
+    await this._send('DATA');
+    const dataRes = await this._readLine();
+    if (!dataRes.startsWith('354')) throw new Error(`DATA rejected: ${dataRes}`);
+
+    // Headers + body
+    const msgId = `<${crypto.randomUUID()}@nha>`;
+    const date = new Date().toUTCString();
+    let msg = `From: ${from}\r\n`;
+    msg += `To: ${to}\r\n`;
+    if (cc) msg += `Cc: ${cc}\r\n`;
+    msg += `Subject: ${subject}\r\n`;
+    msg += `Date: ${date}\r\n`;
+    msg += `Message-ID: ${msgId}\r\n`;
+    msg += `MIME-Version: 1.0\r\n`;
+    msg += `Content-Type: text/plain; charset=UTF-8\r\n`;
+    msg += `Content-Transfer-Encoding: 8bit\r\n`;
+    msg += `X-Mailer: NHA/2.0\r\n`;
+    msg += `\r\n${body}\r\n.\r\n`;
+
+    await this._send(msg);
+    const sendRes = await this._readLine();
+    if (!sendRes.startsWith('250')) throw new Error(`Send failed: ${sendRes}`);
+
+    return { messageId: msgId, success: true };
+  }
+
+  async disconnect() {
+    try {
+      await this._send('QUIT');
+      await this._readLine();
+    } catch {} finally {
+      this.socket?.destroy();
+    }
+  }
+}
+
+// ── Helpers ──────────────────────────────────────────────────────────────
+
+function decodeBody(text) {
+  // Handle quoted-printable
+  return text.replace(/=\r?\n/g, '').replace(/=([0-9A-F]{2})/gi, (_, hex) => String.fromCharCode(parseInt(hex, 16)));
+}
+
+function stripHtml(html) {
+  return html
+    .replace(/<style[\s\S]*?<\/style>/gi, '')
+    .replace(/<script[\s\S]*?<\/script>/gi, '')
+    .replace(/<[^>]+>/g, ' ')
+    .replace(/&nbsp;/g, ' ')
+    .replace(/&amp;/g, '&')
+    .replace(/&lt;/g, '<')
+    .replace(/&gt;/g, '>')
+    .replace(/&quot;/g, '"')
+    .replace(/\s+/g, ' ')
+    .trim();
+}
+
+// ── Public API ──────────────────────────────────────────────────────────
+
+/**
+ * List messages from an IMAP account. Read-only, never modifies server.
+ * @param {object} account - { imap: { host, port, user, pass, tls }, label }
+ * @param {number} limit
+ * @returns {Array<{ id, from, to, subject, date, seen }>}
+ */
+export async function listImapMessages(account, limit = 20) {
+  const { host, port, user, pass, tls: useTLS } = account.imap;
+  const client = new IMAPClient(host, port || 993, user, pass, useTLS !== false);
+  try {
+    await client.connect();
+    return await client.listMessages('INBOX', limit);
+  } finally {
+    await client.disconnect();
+  }
+}
+
+/**
+ * Read a single message. Uses BODY.PEEK — does NOT mark as read on server.
+ * @param {object} account
+ * @param {string} messageId
+ * @returns {string} message body text
+ */
+export async function readImapMessage(account, messageId) {
+  const { host, port, user, pass, tls: useTLS } = account.imap;
+  const client = new IMAPClient(host, port || 993, user, pass, useTLS !== false);
+  try {
+    await client.connect();
+    await client._command('SELECT "INBOX"');
+    return await client.readMessage(messageId);
+  } finally {
+    await client.disconnect();
+  }
+}
+
+/**
+ * Send email via SMTP.
+ * @param {object} account - { smtp: { host, port, user, pass, tls }, address }
+ * @param {string} to
+ * @param {string} subject
+ * @param {string} body
+ * @param {string} cc
+ * @param {string} bcc
+ */
+export async function sendSmtpEmail(account, to, subject, body, cc = '', bcc = '') {
+  const { host, port, user, pass, tls: useTLS } = account.smtp;
+  const from = account.address || user;
+  const client = new SMTPClient(host, port || 587, user, pass, useTLS === true || port === 465);
+  try {
+    await client.connect();
+    return await client.send(from, to, subject, body, cc, bcc);
+  } finally {
+    await client.disconnect();
+  }
+}
+
+/**
+ * Get all configured email accounts from config.
+ * @param {object} config - NHA config
+ * @returns {Array<{ label, address, imap, smtp }>}
+ */
+export function getEmailAccounts(config) {
+  return config.emailAccounts || [];
+}
+
+/**
+ * List messages across ALL configured IMAP accounts.
+ * @param {object} config
+ * @param {number} limit - per account
+ * @returns {Array<{ account, messages[] }>}
+ */
+export async function listAllInboxes(config, limit = 10) {
+  const accounts = getEmailAccounts(config);
+  const results = [];
+
+  for (const account of accounts) {
+    if (!account.imap) continue;
+    try {
+      const messages = await listImapMessages(account, limit);
+      results.push({ account: account.label || account.address, messages });
+    } catch (e) {
+      results.push({ account: account.label || account.address, error: e.message, messages: [] });
+    }
+  }
+
+  return results;
+}

package/src/services/tool-executor.mjs

@@ -55,6 +55,8 @@ export const DESTRUCTIVE_ACTIONS = new Set([
   'gmail_send_attach',
   'gmail_reply',
   'gmail_delete',
+  'email_send',
+  'outreach_campaign',
   'calendar_create',
   'calendar_move',
   'calendar_update',
@@ -92,11 +94,42 @@ CRITICAL: Never output a JSON block as a "suggestion" or "let me try" — every
 
 TOOLS:
 
---- EMAIL ---
+--- EMAIL (Gmail) ---
 
 1. gmail_list(query: string, maxResults?: number)
-   Search emails. query uses Gmail search syntax (e.g. "from:boss@co.com", "is:unread subject:invoice").
+   Search Gmail. query uses Gmail search syntax (e.g. "from:boss@co.com", "is:unread subject:invoice").
    Default maxResults = 10.
+   NOTE: For non-Gmail accounts use email_list instead.
+
+--- EMAIL (Multi-Provider IMAP/SMTP) ---
+
+email_accounts()
+  List all configured email accounts (Gmail + IMAP/SMTP).
+
+email_list(account?: string, limit?: number)
+  List recent messages from an IMAP email account. If account not specified, lists all accounts.
+  account can be the label ("Work") or address ("you@company.com") or index (1, 2, 3).
+  Read-only: NEVER deletes or modifies messages on the server.
+
+email_read(messageId: string, account?: string)
+  Read a single message by ID from an IMAP account.
+
+email_send(to: string, subject: string, body: string, from?: string, cc?: string, bcc?: string)
+  Send email via SMTP. If 'from' specified, uses that account's SMTP. Otherwise uses default account.
+  ALWAYS confirm with the user before sending.
+
+find_contact_email(url: string)
+  Scrape a website to find contact email addresses. Checks /contact, /about, /contatti, home page.
+  Returns list of email addresses found.
+
+outreach_campaign(query: string, subject: string, template: string, maxSites?: number)
+  Full market research pipeline: search → find contact emails → prepare campaign.
+  1. Searches the web for businesses matching the query
+  2. Visits each site's contact page to extract emails
+  3. Returns a report with all found emails + template preview
+  Does NOT send automatically — reports findings and waits for user confirmation.
+
+--- EMAIL (Gmail) continued ---
 
 2. gmail_read(messageId: string)
    Read the full body of an email by its ID (returned by gmail_list).
@@ -820,6 +853,149 @@ export async function executeTool(action, params, config) {
       return `Email sent to ${params.to} with attachment "${downloaded.name}" (${formatFileSize(downloaded.size)}).`;
     }
 
+    // ── IMAP/SMTP Multi-Provider Email ────────────────────────────────────
+    case 'email_accounts': {
+      const { getEmailAccounts } = await import('./imap-email.mjs');
+      const accounts = getEmailAccounts(config);
+      if (accounts.length === 0) return 'No email accounts configured. Use "nha config set email-add" to add one, or configure in Settings.';
+      return accounts.map((a, i) => `${i + 1}. ${a.label || 'Email'} <${a.address}>${a.isDefault ? ' (default)' : ''}`).join('\n');
+    }
+
+    case 'email_list': {
+      const { listAllInboxes, listImapMessages, getEmailAccounts } = await import('./imap-email.mjs');
+      const accounts = getEmailAccounts(config);
+      if (accounts.length === 0) return 'No email accounts configured.';
+
+      // If account specified, use it; otherwise list all
+      if (params.account) {
+        const acct = accounts.find(a => a.label === params.account || a.address === params.account) || accounts[parseInt(params.account) - 1];
+        if (!acct) return `Account "${params.account}" not found.`;
+        const msgs = await listImapMessages(acct, params.limit || 10);
+        return msgs.length === 0 ? `No messages in ${acct.label || acct.address}.`
+          : `${acct.label || acct.address} (${msgs.length} messages):\n\n` + msgs.map((m, i) =>
+            `${i + 1}. ${m.seen ? '' : '[NEW] '}${m.from}\n   ${m.subject}\n   ${m.date}`).join('\n\n');
+      }
+
+      const all = await listAllInboxes(config, params.limit || 10);
+      return all.map(a => {
+        if (a.error) return `${a.account}: Error — ${a.error}`;
+        if (a.messages.length === 0) return `${a.account}: No messages.`;
+        return `${a.account} (${a.messages.length}):\n` + a.messages.map((m, i) =>
+          `  ${i + 1}. ${m.seen ? '' : '[NEW] '}${m.from} — ${m.subject}`).join('\n');
+      }).join('\n\n');
+    }
+
+    case 'email_read': {
+      const { readImapMessage, getEmailAccounts } = await import('./imap-email.mjs');
+      const accounts = getEmailAccounts(config);
+      if (!params.messageId) return 'messageId required.';
+      const acct = params.account
+        ? accounts.find(a => a.label === params.account || a.address === params.account) || accounts[0]
+        : accounts[0];
+      if (!acct) return 'No email accounts configured.';
+      const body = await readImapMessage(acct, params.messageId);
+      return body || 'Empty message.';
+    }
+
+    case 'email_send': {
+      const { sendSmtpEmail, getEmailAccounts } = await import('./imap-email.mjs');
+      const accounts = getEmailAccounts(config);
+      if (!params.to || !params.subject) return 'to and subject required.';
+
+      // Find the account to send from
+      let acct;
+      if (params.from) {
+        acct = accounts.find(a => a.address === params.from || a.label === params.from);
+      }
+      if (!acct) acct = accounts.find(a => a.isDefault) || accounts[0];
+      if (!acct || !acct.smtp) return 'No SMTP account configured for sending.';
+
+      const result = await sendSmtpEmail(acct, params.to, params.subject, params.body || '', params.cc || '', params.bcc || '');
+      return result.success ? `Email sent from ${acct.address} to ${params.to}.` : 'Send failed.';
+    }
+
+    case 'find_contact_email': {
+      // Scrape a website's contact/about page to find email addresses
+      const url = params.url || params.website;
+      if (!url) return 'url required.';
+
+      const fetchModule = await import('./web-tools.mjs');
+      const contactPaths = ['/contact', '/contacts', '/contatti', '/about', '/about-us', '/chi-siamo', '/impressum', '/kontakt', ''];
+      const emails = new Set();
+
+      for (const contactPath of contactPaths) {
+        try {
+          const fullUrl = url.replace(/\/+$/, '') + contactPath;
+          const result = await fetchModule.fetchUrl(config, fullUrl);
+          if (result.error) continue;
+          const text = result.text || result.content || '';
+          // Extract emails with regex
+          const found = text.match(/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g) || [];
+          found.forEach(e => {
+            const lower = e.toLowerCase();
+            // Filter out image/asset emails and common fake ones
+            if (!lower.endsWith('.png') && !lower.endsWith('.jpg') && !lower.endsWith('.gif')
+                && !lower.includes('example.com') && !lower.includes('sentry.io')
+                && !lower.includes('webpack') && !lower.includes('wixpress')) {
+              emails.add(lower);
+            }
+          });
+          if (emails.size > 0) break; // Found emails, stop searching
+        } catch { /* skip failed pages */ }
+      }
+
+      if (emails.size === 0) return `No email addresses found on ${url} (checked contact, about, home pages).`;
+      return `Found ${emails.size} email(s) on ${url}:\n${[...emails].join('\n')}`;
+    }
+
+    case 'outreach_campaign': {
+      // Full pipeline: search → find emails → send template
+      const query = params.query || params.search;
+      const template = params.template || params.body;
+      const subject = params.subject || 'Introduction';
+      if (!query) return 'query required (e.g., "Italian valve manufacturers").';
+      if (!template) return 'template required (email body text).';
+
+      // Step 1: Web search
+      const fetchModule = await import('./web-tools.mjs');
+      const searchResult = await fetchModule.webSearch(config, query, 10);
+      const urls = (searchResult.results || []).map(r => r.url).filter(Boolean).slice(0, params.maxSites || 5);
+
+      if (urls.length === 0) return 'No results found for the search query.';
+
+      // Step 2: Find emails from each site
+      const found = [];
+      for (const siteUrl of urls) {
+        try {
+          const contactPaths = ['/contact', '/contacts', '/contatti', '/about', ''];
+          for (const cp of contactPaths) {
+            const fullUrl = siteUrl.replace(/\/+$/, '') + cp;
+            const result = await fetchModule.fetchUrl(config, fullUrl);
+            const text = result.text || result.content || '';
+            const emails = text.match(/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g) || [];
+            const valid = emails.filter(e => !e.endsWith('.png') && !e.includes('example.com')).map(e => e.toLowerCase());
+            if (valid.length > 0) {
+              found.push({ site: siteUrl, emails: [...new Set(valid)] });
+              break;
+            }
+          }
+        } catch { /* skip */ }
+      }
+
+      if (found.length === 0) return `Searched ${urls.length} sites but found no contact emails. Try a different search query.`;
+
+      // Step 3: Report (don't send automatically — user must confirm)
+      let report = `Found ${found.length} sites with contact emails:\n\n`;
+      found.forEach((f, i) => {
+        report += `${i + 1}. ${f.site}\n   ${f.emails.join(', ')}\n`;
+      });
+      report += `\nSubject: "${subject}"\nTemplate preview: ${template.slice(0, 200)}...\n`;
+      report += `\nTo send to all, reply: "send the campaign"`;
+      report += `\nTo send to specific ones, reply: "send to #1 and #3"`;
+
+      return report;
+    }
+
     // ── Calendar ──────────────────────────────────────────────────────────
     case 'calendar_today': {
       const events = await getTodayEvents(config);

package/src/services/web-ui.mjs

@@ -2321,6 +2321,7 @@ function renderSettings(el) {
       ['summary-time', 'Summary Time', '18:00'],
       ['meeting-alert', 'Meeting Alert (minutes)', '30'],
     ]) +
+    renderEmailAccountsSection() +
     '<div class="card" style="margin-top:16px"><div class="card__title">Google Account</div>' +
     '<div style="font-size:11px;color:var(--dim);margin-bottom:8px">Connect Gmail, Calendar, Drive, Contacts, and Tasks. Opens a browser window for Google sign-in.</div>' +
     (settingsData.hasGoogle ? '<div style="color:var(--green);font-size:12px;margin-bottom:8px">\\u2705 Connected</div>' : '') +
@@ -2341,6 +2342,92 @@ function connectGoogle() {
   });
 }
 
+function renderEmailAccountsSection() {
+  var accounts = settingsData.emailAccounts || [];
+  var h = '<div class="card" style="margin-bottom:16px"><div class="card__title" style="color:var(--green);font-size:14px;margin-bottom:4px">Email Accounts (IMAP/SMTP)</div>';
+  h += '<div style="font-size:11px;color:var(--dim);margin-bottom:12px">Add email accounts for multi-provider inbox. Read-only IMAP (never deletes from server) + SMTP for sending. Works alongside Gmail.</div>';
+
+  if (accounts.length > 0) {
+    for (var i = 0; i < accounts.length; i++) {
+      var a = accounts[i];
+      h += '<div style="padding:8px 12px;margin-bottom:8px;background:var(--bg2);border:1px solid var(--border);border-radius:6px;display:flex;align-items:center;justify-content:space-between">';
+      h += '<div><span style="color:var(--green);font-weight:700;font-size:12px">' + esc(a.label || 'Email') + '</span>';
+      h += '<span style="color:var(--dim);font-size:11px;margin-left:8px">' + esc(a.address || '') + '</span>';
+      if (a.isDefault) h += '<span style="color:var(--amber);font-size:9px;margin-left:6px">(default)</span>';
+      h += '</div>';
+      h += '<div><button onclick="setDefaultEmail(' + i + ')" style="background:none;border:1px solid var(--border);color:var(--dim);padding:3px 8px;border-radius:4px;cursor:pointer;font-size:10px;margin-right:4px" title="Set as default">Default</button>';
+      h += '<button onclick="removeEmailAccount(' + i + ')" style="background:none;border:1px solid var(--red3);color:var(--red);padding:3px 8px;border-radius:4px;cursor:pointer;font-size:10px" title="Remove">Remove</button></div></div>';
+    }
+  } else {
+    h += '<div style="color:var(--dim);font-size:11px;padding:8px 0">No email accounts configured.</div>';
+  }
+
+  h += '<div style="margin-top:12px;border-top:1px solid var(--border);padding-top:12px">';
+  h += '<div style="font-size:12px;color:var(--fg);font-weight:700;margin-bottom:8px">Add Email Account</div>';
+  var fields = [
+    ['ea_label', 'Label', 'e.g. Work, Personal'],
+    ['ea_address', 'Email Address', 'e.g. you@company.com'],
+    ['ea_imap_host', 'IMAP Host', 'e.g. imap.company.com'],
+    ['ea_imap_port', 'IMAP Port', '993'],
+    ['ea_imap_user', 'IMAP User', 'Usually your email address'],
+    ['ea_imap_pass', 'IMAP Password', 'App password recommended', true],
+    ['ea_smtp_host', 'SMTP Host', 'e.g. smtp.company.com'],
+    ['ea_smtp_port', 'SMTP Port', '587'],
+    ['ea_smtp_user', 'SMTP User', 'Usually same as IMAP'],
+    ['ea_smtp_pass', 'SMTP Password', 'Usually same as IMAP', true],
+  ];
+  for (var i = 0; i < fields.length; i++) {
+    var f = fields[i];
+    h += '<div style="margin-bottom:6px"><label style="display:block;font-size:10px;color:var(--dim);margin-bottom:2px">' + esc(f[1]) + '</label>';
+    h += '<input id="' + f[0] + '" type="' + (f[3] ? 'password' : 'text') + '" placeholder="' + esc(f[2]) + '" style="width:100%;padding:6px 10px;background:var(--bg);border:1px solid var(--border);border-radius:4px;color:var(--fg);font-size:12px;font-family:var(--mono)"></div>';
+  }
+  h += '<button onclick="addEmailAccount()" style="margin-top:8px;padding:8px 20px;background:var(--green3);color:var(--bg);border:none;border-radius:6px;cursor:pointer;font-weight:700;font-size:12px">Add Account</button>';
+  h += '<div id="emailAccountStatus" style="margin-top:6px;font-size:10px;color:var(--dim)"></div>';
+  h += '</div></div>';
+  return h;
+}
+
+function addEmailAccount() {
+  var label = document.getElementById('ea_label').value.trim();
+  var address = document.getElementById('ea_address').value.trim();
+  var imapHost = document.getElementById('ea_imap_host').value.trim();
+  var imapPort = document.getElementById('ea_imap_port').value.trim() || '993';
+  var imapUser = document.getElementById('ea_imap_user').value.trim() || address;
+  var imapPass = document.getElementById('ea_imap_pass').value;
+  var smtpHost = document.getElementById('ea_smtp_host').value.trim();
+  var smtpPort = document.getElementById('ea_smtp_port').value.trim() || '587';
+  var smtpUser = document.getElementById('ea_smtp_user').value.trim() || imapUser;
+  var smtpPass = document.getElementById('ea_smtp_pass').value || imapPass;
+
+  if (!address || !imapHost) {
+    var s = document.getElementById('emailAccountStatus');
+    if (s) { s.textContent = 'Email address and IMAP host are required.'; s.style.color = 'var(--red)'; }
+    return;
+  }
+
+  var val = [label, address, imapHost, imapPort, imapUser, imapPass, smtpHost, smtpPort, smtpUser, smtpPass].join('|');
+  apiPost('/api/config', { key: 'email-add', value: val }).then(function() {
+    var s = document.getElementById('emailAccountStatus');
+    if (s) { s.textContent = 'Account added!'; s.style.color = 'var(--green)'; }
+    settingsLoaded = false;
+    renderSettings(document.getElementById('mainContent'));
+  });
+}
+
+function removeEmailAccount(idx) {
+  apiPost('/api/config', { key: 'email-remove', value: String(idx) }).then(function() {
+    settingsLoaded = false;
+    renderSettings(document.getElementById('mainContent'));
+  });
+}
+
+function setDefaultEmail(idx) {
+  apiPost('/api/config', { key: 'email-default', value: String(idx) }).then(function() {
+    settingsLoaded = false;
+    renderSettings(document.getElementById('mainContent'));
+  });
+}
+
 function settingsSection(id, title, desc, fields) {
   var h = '<form class="card" style="margin-bottom:16px" id="settings-' + id + '" onsubmit="event.preventDefault();saveSettingsSection(\\x27' + id + '\\x27)">' +
     '<div class="card__title" style="color:var(--green);font-size:14px;margin-bottom:4px">' + esc(title) + '</div>' +