← 返回 Skills 市场
topitip

Imap Idle Review

作者 Jake · GitHub ↗ · v1.4.0
cross-platform ⚠ suspicious
1675
总下载
3
收藏
2
当前安装
4
版本数
在 OpenClaw 中安装
/install imap-idle
功能描述
Event-driven email monitoring using IMAP IDLE protocol. Replaces polling with instant push notifications via OpenClaw webhooks. Use when setting up email monitoring, replacing hourly email checks, or implementing event-driven email processing. Monitors multiple IMAP accounts, triggers webhooks on new mail, zero tokens while waiting.
使用说明 (SKILL.md)

IMAP IDLE Listener

Event-driven email notifications for OpenClaw using IMAP IDLE protocol.

What This Does

Replaces polling-based email checks with push notifications:

Before (polling):

  • Cron job checks email every hour
  • 16-24 checks per day
  • Up to 1 hour delay for new emails
  • Token burn on empty checks

After (IMAP IDLE):

  • Persistent connection to IMAP server
  • Server pushes notification when new mail arrives
  • \x3C1 second notification latency
  • Zero tokens while waiting

Quick Start

1. Enable OpenClaw Webhooks

Edit ~/.openclaw/openclaw.json:

{
  "hooks": {
    "enabled": true,
    "token": "generate-secure-random-token-here",
    "path": "/hooks"
  }
}

Restart gateway: openclaw gateway restart

2. Install Dependencies

pip3 install imapclient --user --break-system-packages

Optional but recommended: Install keyring for secure password storage:

pip3 install keyring --user --break-system-packages

With keyring, passwords are stored in your system's secure keychain (macOS Keychain, GNOME Keyring, etc.) instead of plain text in config files.

3. Run Setup

./imap-idle setup

Follow the interactive wizard to configure:

  • IMAP account(s) (host, port, username, password)
  • OpenClaw webhook URL and token
  • Log file location

4. Start Listener

./imap-idle start

Verify it's running:

./imap-idle status
./imap-idle logs

5. Test

Send yourself an email. You should see:

  1. Log entry in listener logs
  2. OpenClaw wakes instantly
  3. Email processed in main session

CLI Commands

imap-idle start    # Start listener in background
imap-idle stop     # Stop listener
imap-idle restart  # Restart listener
imap-idle status   # Check if running
imap-idle logs     # Show recent logs (default: 50 lines)
imap-idle logs N   # Show last N lines
imap-idle setup    # Run interactive setup wizard

Configuration

Config file: ~/.openclaw/imap-idle.json

{
  "accounts": [
    {
      "host": "mail.example.com",
      "port": 993,
      "username": "[email protected]",
      "password": "password",
      "ssl": true
    }
  ],
  "webhook_url": "http://127.0.0.1:18789/hooks/wake",
  "webhook_token": "your-webhook-token",
  "log_file": "~/.openclaw/logs/imap-idle.log",
  "idle_timeout": 300,
  "reconnect_interval": 900,
  "debounce_seconds": 10
}

Fields:

  • accounts - Array of IMAP accounts to monitor
  • webhook_url - OpenClaw webhook endpoint
  • webhook_token - Webhook authentication token (from openclaw.json)
  • log_file - Path to log file (null for stdout)
  • idle_timeout - IDLE check timeout in seconds (default: 300 = 5 min)
  • reconnect_interval - Full reconnect interval in seconds (default: 900 = 15 min)
  • debounce_seconds - Batch events for N seconds before webhook (default: 10 sec)

Secure Password Storage (Keyring)

🔐 Recommended: Store passwords in system keychain instead of config file.

Setup with Keyring

When you run ./imap-idle setup, the wizard will ask if you want to use keyring. If you say yes:

  • Passwords are stored in your system's secure keychain
  • Config file only contains usernames (no passwords)
  • Keyring uses OS-level encryption

Manual Keyring Setup

If you already have a config with plain text passwords, migrate to keyring:

# Install keyring
pip3 install keyring --user --break-system-packages

# Store password for each account
python3 -c "
import keyring, getpass
username = '[email protected]'
password = getpass.getpass(f'Password for {username}: ')
keyring.set_password('imap-idle', username, password)
"

# Remove password from config
# Edit ~/.openclaw/imap-idle.json and remove "password" field

How Keyring Works

The listener automatically tries keyring first, then falls back to config:

  1. Try keyring.get_password('imap-idle', username)
  2. If not found, use config['password']
  3. If still no password, abort connection

Security Benefits

  • ✅ No plain text passwords in config files
  • ✅ OS-level encryption (macOS Keychain, GNOME Keyring, Windows Credential Manager)
  • ✅ Reduces VirusTotal false positives
  • ✅ Better security audit trail

How It Works

  1. Connect: Opens persistent IMAP connection per account
  2. IDLE: Enters IDLE mode (server will push notifications)
  3. Wait: Blocks until server sends "new mail" notification
  4. Fetch: Retrieves new email headers (From, Subject, body preview)
  5. Queue: Adds event to debounce buffer (batches for 10 seconds)
  6. Webhook: Sends batched events via webhook (single or grouped)
  7. Resume: Re-enters IDLE mode

Key Implementation Details:

  • Debouncing: Batches emails for 10 seconds before webhook to prevent flooding during spikes (e.g., GitHub mention storms)
  • Smart Batching: Single email → full details, multiple emails → grouped summary with counts
  • UID Tracking: Tracks last processed message UID per account to prevent duplicate webhooks
  • Keep-alive: IDLE timeout every 5 minutes, sends NOOP command
  • Reconnect: Full reconnect every 15 minutes to prevent stale connections
  • Threading: One thread per account for concurrent monitoring
  • Error handling: Exponential backoff (5s → 300s) on connection failures

Systemd Service (Optional)

For automatic startup on boot:

  1. Generate service file:
skill_dir="$(pwd)"
listener_script="$skill_dir/scripts/listener.py"
config_file="$HOME/.openclaw/imap-idle.json"
log_file="$HOME/.openclaw/logs/imap-idle.log"
log_dir="$(dirname "$log_file")"

sed -e "s|%USER%|$USER|g" \
    -e "s|%PYTHON%|$(which python3)|g" \
    -e "s|%LISTENER_SCRIPT%|$listener_script|g" \
    -e "s|%CONFIG_FILE%|$config_file|g" \
    -e "s|%LOG_FILE%|$log_file|g" \
    -e "s|%LOG_DIR%|$log_dir|g" \
    imap-idle.service.template > imap-idle.service
  1. Install service:
sudo cp imap-idle.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable imap-idle
sudo systemctl start imap-idle
  1. Check status:
sudo systemctl status imap-idle
sudo journalctl -u imap-idle -f

Troubleshooting

Listener won't start:

  • Check config file exists: cat ~/.openclaw/imap-idle.json
  • Verify imapclient installed: python3 -c "import imapclient"
  • Check logs: imap-idle logs

Duplicate webhooks:

  • Fixed in v2 - uses UID tracking to prevent duplicates
  • Check logs for "UID tracking" messages

Connection drops:

  • Increase reconnect_interval in config
  • Check IMAP server allows IDLE (most do)
  • Verify firewall allows persistent connections

No webhooks triggering:

  • Test webhook manually: 
    curl -X POST http://127.0.0.1:18789/hooks/wake \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"text": "test", "mode": "now"}'
  • Check OpenClaw config: hooks.enabled: true
  • Verify token matches in both configs

Removing Polling

Once IMAP IDLE is working, remove old polling cron jobs:

# List cron jobs
openclaw cron list

# Remove email check job
openclaw cron remove \x3Cjob-id>

Token Savings

Before:

  • 16-24 email checks per day
  • Each check = ~500-1000 tokens (even if no new mail)
  • Total: ~8,000-24,000 tokens/day for email monitoring

After:

  • 0 tokens while waiting
  • Tokens only spent when email actually arrives
  • 90%+ reduction in email-related token usage

Credits

Inspired by @claude-event-listeners' critique on Moltbook about polling vs event-driven architecture.

Implementation details from real-world debugging documented in Moltbook post "Event-Driven Email: From Polling to IMAP IDLE (with code)".

安全使用建议
This skill appears to implement IMAP IDLE → webhook behavior as described, but review before installing: - Verify webhook_url points to your own OpenClaw gateway (default is localhost). If you set the webhook to a remote service it will receive your email metadata — that is expected behavior but must be intentional. - Inspect the included Python files yourself (scripts/listener.py, scripts/setup.py). The older file scripts/listener_old.py contains personalized logic (hardcoded account and mention checks) and should be removed or audited; leftover code can be a maintenance / privacy risk. - The docs reference an `imap-idle` CLI wrapper (./imap-idle start) which is not obviously present in the shipped files; confirm how the skill is expected to be launched on your system (use scripts/listener.py directly or create your own wrapper). - Prefer OS keyring on desktops; for headless servers follow the SECURITY.md advice: chmod 600 on config, run as a dedicated non-root user, limit network egress, and use disk encryption or secrets management for containers. - Test in an isolated environment or non-production account first. Ensure logs and config files are restricted (600) and monitor network traffic if you want to verify there are no unexpected outbound endpoints. If you want, I can point out the exact lines in the files that reference the hardcoded account/mention logic, and suggest minimal edits to remove or sanitize leftovers.
功能分析
Type: OpenClaw Skill Name: imap-idle Version: 1.4.0 The OpenClaw skill 'imap-idle' is designed for event-driven email monitoring using IMAP IDLE and OpenClaw webhooks. The code (`scripts/listener.py`, `scripts/setup.py`) and documentation (`SKILL.md`, `README.md`, `SECURITY.md`) align with its stated purpose. It handles IMAP credentials, prioritizing secure storage via `keyring` and defaulting to a local OpenClaw webhook. The `SECURITY.md` is exceptionally thorough, transparently addressing potential security concerns (e.g., VirusTotal flags) and providing best practices for deployment and credential management. While `scripts/listener_old.py` contains hardcoded, personalized values and Russian text, `CHANGELOG.md` confirms these were removed in the current `1.4.0` version, indicating a cleanup of prior iterations rather than malicious intent. No evidence of data exfiltration to unauthorized endpoints, backdoors, obfuscation, or prompt injection against the AI agent was found.
能力评估
Purpose & Capability
Name/description align with included code: listener connects to IMAP servers, enters IDLE, and posts events to a configured webhook. Required packages (imapclient, optional keyring) and config paths (~/.openclaw/imap-idle.json, ~/.openclaw/openclaw.json) are consistent with the stated purpose.
Instruction Scope
SKILL.md instructions are generally scoped to configuring IMAP accounts, keyring, and OpenClaw webhooks and starting the listener. Two issues to note: 1) The docs/commands refer to an `imap-idle` CLI wrapper (./imap-idle start, imap-idle setup) but the shipped files appear to be Python scripts under scripts/ (listener.py, setup.py) — there is no obvious top-level `imap-idle` wrapper included. 2) An older file (scripts/listener_old.py) contains personalized hardcoded checks (e.g., account == '[email protected]' and '@arkasha-ai' patterns); while the newer listener.py appears to have generalized that behavior, the presence of listener_old.py is a leftover that should be inspected or removed.
Install Mechanism
No remote install actions are declared by the registry entry (instruction-only). Dependencies are standard Python packages installed with pip per the instructions. No downloads from untrusted URLs inside the skill bundle. The README suggests a GitHub release URL for an external .skill package, but the skill as delivered contains code files (no automatic installer), so be cautious if you follow external download instructions.
Credentials
The skill requests no environment variables or unrelated credentials. It stores credentials in a local config (~/.openclaw/imap-idle.json) or optionally in the OS keyring, which is appropriate for the task. The webhook token is a necessary secret for authenticating to your OpenClaw gateway; nothing in the package asks for unrelated cloud credentials or excessive secrets.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It optionally advises creating a systemd service for persistence, which is normal for a background listener. It does not request special platform privileges or attempt to modify other skills' configs in the provided code.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install imap-idle
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /imap-idle 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.4.0
v1.4.0: Removed personalized code, fixed ClawHub security scan issues. Generalized GitHub notification handling. No behavior changes for users.
v1.3.0
v1.3.0: Keyring support + Security guide. Addresses VirusTotal concerns professionally.
v1.2.0
Debouncing and smart batching
v1.0.0
- Initial release of imap-idle: event-driven email monitoring using the IMAP IDLE protocol. - Instantly triggers OpenClaw webhooks on new mail—replaces polling and reduces notification latency to under 1 second. - Supports monitoring multiple IMAP accounts, with individual threads and robust error handling (exponential backoff, reconnect, and keep-alive features). - Interactive setup wizard and CLI for easy configuration, status checks, and logs. - UID tracking to prevent duplicate processing; zero tokens used while waiting for new emails. - Configurable and systemd service support for automatic background operation.
元数据
Slug imap-idle
版本 1.4.0
许可证
累计安装 2
当前安装数 2
历史版本数 4
常见问题

Imap Idle Review 是什么?

Event-driven email monitoring using IMAP IDLE protocol. Replaces polling with instant push notifications via OpenClaw webhooks. Use when setting up email monitoring, replacing hourly email checks, or implementing event-driven email processing. Monitors multiple IMAP accounts, triggers webhooks on new mail, zero tokens while waiting. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1675 次。

如何安装 Imap Idle Review?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install imap-idle」即可一键安装,无需额外配置。

Imap Idle Review 是免费的吗?

是的,Imap Idle Review 完全免费(开源免费),可自由下载、安装和使用。

Imap Idle Review 支持哪些平台?

Imap Idle Review 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Imap Idle Review?

由 Jake(@topitip)开发并维护,当前版本 v1.4.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论