BlueBubbles (recommended)
BlueBubbles (recommended) — Preferred iMessage path for new setups.
iMessage
iMessage (legacy: imsg)
For new iMessage deployments, use BlueBubbles.
The imsg integration is legacy and may be removed in a future release.
Status: legacy external CLI integration. Gateway spawns imsg rpc and communicates over JSON-RPC on stdio (no separate daemon/port).
Pairing
Pairing — iMessage DMs default to pairing mode.
Configuration reference
Configuration reference — Full iMessage field reference.
Quick setup
-
Install and verify imsg
Terminal window brew install steipete/tap/imsgimsg rpc --help -
Configure RemoteClaw
{channels: {imessage: {enabled: true,cliPath: "/usr/local/bin/imsg",dbPath: "/Users/<you>/Library/Messages/chat.db",},},} -
Start gateway
Terminal window remoteclaw gateway -
Approve first DM pairing (default dmPolicy)
Terminal window remoteclaw pairing list imessageremoteclaw pairing approve imessage <CODE>Pairing requests expire after 1 hour.
RemoteClaw only requires a stdio-compatible cliPath, so you can point cliPath at a wrapper script that SSHes to a remote Mac and runs imsg.
#!/usr/bin/env bashexec ssh -T gateway-host imsg "$@"Recommended config when attachments are enabled:
{ channels: { imessage: { enabled: true, cliPath: "~/.remoteclaw/scripts/imsg-ssh", remoteHost: "user@gateway-host", // used for SCP attachment fetches includeAttachments: true, // Optional: override allowed attachment roots. // Defaults include /Users/*/Library/Messages/Attachments attachmentRoots: ["/Users/*/Library/Messages/Attachments"], remoteAttachmentRoots: ["/Users/*/Library/Messages/Attachments"], }, },}If remoteHost is not set, RemoteClaw attempts to auto-detect it by parsing the SSH wrapper script.
remoteHost must be host or user@host (no spaces or SSH options).
RemoteClaw uses strict host-key checking for SCP, so the relay host key must already exist in ~/.ssh/known_hosts.
Attachment paths are validated against allowed roots (attachmentRoots / remoteAttachmentRoots).
Requirements and permissions (macOS)
- Messages must be signed in on the Mac running
imsg. - Full Disk Access is required for the process context running RemoteClaw/
imsg(Messages DB access). - Automation permission is required to send messages through Messages.app.
Permissions are granted per process context. If gateway runs headless (LaunchAgent/SSH), run a one-time interactive command in that same context to trigger prompts:
imsg chats --limit 1# orimsg send <handle> "test"Access control and routing
channels.imessage.dmPolicy controls direct messages:
pairing(default)allowlistopen(requiresallowFromto include"*")disabled
Allowlist field: channels.imessage.allowFrom.
Allowlist entries can be handles or chat targets (chat_id:*, chat_guid:*, chat_identifier:*).
channels.imessage.groupPolicy controls group handling:
allowlist(default when configured)opendisabled
Group sender allowlist: channels.imessage.groupAllowFrom.
Runtime fallback: if groupAllowFrom is unset, iMessage group sender checks fall back to allowFrom when available.
Runtime note: if channels.imessage is completely missing, runtime falls back to groupPolicy="allowlist" and logs a warning (even if channels.defaults.groupPolicy is set).
Mention gating for groups:
- iMessage has no native mention metadata
- mention detection uses regex patterns (
agents.list[].groupChat.mentionPatterns, fallbackmessages.groupChat.mentionPatterns) - with no configured patterns, mention gating cannot be enforced
Control commands from authorized senders can bypass mention gating in groups.
- DMs use direct routing; groups use group routing.
- With default
session.dmScope=main, iMessage DMs collapse into the agent main session. - Group sessions are isolated (
agent:<agentId>:imessage:group:<chat_id>). - Replies route back to iMessage using originating channel/target metadata.
Group-ish thread behavior:
Some multi-participant iMessage threads can arrive with is_group=false.
If that chat_id is explicitly configured under channels.imessage.groups, RemoteClaw treats it as group traffic (group gating + group session isolation).
Deployment patterns
Dedicated bot macOS user (separate iMessage identity)
Use a dedicated Apple ID and macOS user so bot traffic is isolated from your personal Messages profile.
Typical flow:
- Create/sign in a dedicated macOS user.
- Sign into Messages with the bot Apple ID in that user.
- Install
imsgin that user. - Create SSH wrapper so RemoteClaw can run
imsgin that user context. - Point
channels.imessage.accounts.<id>.cliPathand.dbPathto that user profile.
First run may require GUI approvals (Automation + Full Disk Access) in that bot user session.
Remote Mac over Tailscale (example)
Common topology:
- gateway runs on Linux/VM
- iMessage +
imsgruns on a Mac in your tailnet cliPathwrapper uses SSH to runimsgremoteHostenables SCP attachment fetches
Example:
{ channels: { imessage: { enabled: true, cliPath: "~/.remoteclaw/scripts/imsg-ssh", remoteHost: "bot@mac-mini.tailnet-1234.ts.net", includeAttachments: true, dbPath: "/Users/bot/Library/Messages/chat.db", }, },}#!/usr/bin/env bashexec ssh -T bot@mac-mini.tailnet-1234.ts.net imsg "$@"Use SSH keys so both SSH and SCP are non-interactive.
Ensure the host key is trusted first (for example ssh bot@mac-mini.tailnet-1234.ts.net) so known_hosts is populated.
Multi-account pattern
iMessage supports per-account config under channels.imessage.accounts.
Each account can override fields such as cliPath, dbPath, allowFrom, groupPolicy, mediaMaxMb, history settings, and attachment root allowlists.
Media, chunking, and delivery targets
Attachments and media
- inbound attachment ingestion is optional:
channels.imessage.includeAttachments - remote attachment paths can be fetched via SCP when
remoteHostis set - attachment paths must match allowed roots:
channels.imessage.attachmentRoots(local)channels.imessage.remoteAttachmentRoots(remote SCP mode)- default root pattern:
/Users/*/Library/Messages/Attachments
- SCP uses strict host-key checking (
StrictHostKeyChecking=yes) - outbound media size uses
channels.imessage.mediaMaxMb(default 16 MB)
Outbound chunking
- text chunk limit:
channels.imessage.textChunkLimit(default 4000) - chunk mode:
channels.imessage.chunkModelength(default)newline(paragraph-first splitting)
Addressing formats
Preferred explicit targets:
chat_id:123(recommended for stable routing)chat_guid:...chat_identifier:...
Handle targets are also supported:
imessage:+1555...sms:+1555...user@example.com
imsg chats --limit 20Config writes
iMessage allows channel-initiated config writes by default (for /config set|unset when commands.config: true).
Disable:
{ channels: { imessage: { configWrites: false, }, },}Troubleshooting
imsg not found or RPC unsupported
Validate the binary and RPC support:
imsg rpc --helpremoteclaw channels status --probeIf probe reports RPC unsupported, update imsg.
DMs are ignored
Check:
channels.imessage.dmPolicychannels.imessage.allowFrom- pairing approvals (
remoteclaw pairing list imessage)
Group messages are ignored
Check:
channels.imessage.groupPolicychannels.imessage.groupAllowFromchannels.imessage.groupsallowlist behavior- mention pattern configuration (
agents.list[].groupChat.mentionPatterns)
Remote attachments fail
Check:
channels.imessage.remoteHostchannels.imessage.remoteAttachmentRoots- SSH/SCP key auth from the gateway host
- host key exists in
~/.ssh/known_hostson the gateway host - remote path readability on the Mac running Messages
macOS permission prompts were missed
Re-run in an interactive GUI terminal in the same user/session context and approve prompts:
imsg chats --limit 1imsg send <handle> "test"Confirm Full Disk Access + Automation are granted for the process context that runs RemoteClaw/imsg.