v0.11.1

[0.11.1] - 2026-04-11

Added

• Port 465 (SMTPS) toggle on Dashboard with live listener status
• SMTPS listener shown in services table when enabled

Fixed

• SMTP user count shown once for auth ports instead of duplicated on 587 and 465

Full Changelog: v0.11.0...v0.11.1

v0.11.0

[0.11.0] - 2026-04-11

Added

• Let's Encrypt ACME DNS-01 via Cloudflare — switch from self-signed to real TLS certs from the Dashboard TLS card
• SMTPS port 465 with implicit TLS — for clients with "SSL" checkbox (UniFi UDM Pro, NAS devices, printers)
• TLS certificate details on Dashboard — issuer, subject, SANs, expiry date, days remaining with color indicator
• Configurable mail hostname — set the SMTP identity and cert subject from the TLS card or SIGNPOST_HOSTNAME env var
• Cloudflare API token stored encrypted in DB (AES-256-GCM) — configurable via GUI, included in backup/restore
• Renew Now button for manual certificate renewal
• 13 new tests covering TLS mode switching, token encryption, cert parsing, and backup/restore

Fixed

• Maddy ACME config uses inline syntax (required by Maddy v0.9.2)
• ACME settings preserved when switching between TLS modes
• Inject missing From header for RFC 5322 compliance
• Disable TLS on port 25 to prevent STARTTLS failures with self-signed certs

Ports

All three standard SMTP ports now supported:

• 25 — plaintext, no auth (local network trust)
• 587 — STARTTLS + auth (submission, RFC 6409)
• 465 — implicit TLS + auth (SMTPS, RFC 8314)

Full Changelog: v0.10.3...v0.11.0

v0.10.3

[0.10.3] - 2026-04-11

Fixed

• Disable TLS on port 25 (local SMTP) — port 25 is network-trust only, and advertising STARTTLS caused clients like the UniFi UDM Pro to attempt TLS, fail on the self-signed cert, and silently disconnect. Port 587 (submission) retains TLS for authenticated access.
• Inject missing From header for RFC 5322 compliance — devices like the UniFi UDM Pro omit the From: message header, causing Gmail to reject.

Full Changelog: v0.10.2...v0.10.3

v0.10.2

[0.10.2] - 2026-04-11

Fixed

• Inject missing From header for RFC 5322 compliance — devices like the UniFi UDM Pro send SMTP envelope MAIL FROM but omit the From: message header, causing Gmail to reject. Maddy check.command now prepends From: <envelope-sender> when missing, before DKIM signing.

Full Changelog: v0.10.1...v0.10.2

v0.10.1

[0.10.1] - 2026-04-11

Security

• Updated vite 8.0.3 → 8.0.8 (CVE fixes: path traversal in optimized deps, server.fs.deny bypass, WebSocket arbitrary file read)
• Updated hono 4.12.9 → 4.12.12 (CVE fixes: cookie name validation, IPv4-mapped IPv6 bypass, path traversal in toSSG, serveStatic middleware bypass)
• Updated @hono/node-server 1.19.11 → 1.19.13 (serveStatic middleware bypass)
• Fixed Dockerfile npm ci cross-platform lockfile compatibility

Full Changelog: v0.10.0...v0.10.1

v0.10.0

[0.10.0] - 2026-04-11

Added

• Logout button in sidebar — clears stored credentials and returns to login screen

Full Changelog: v0.9.0...v0.10.0

v0.9.0

Full Changelog: v0.8.0...v0.9.0

v0.8.0

Full Changelog: v0.7.1...v0.8.0

v0.7.1

Full Changelog: v0.7.0...v0.7.1

v0.7.0

Full Changelog: v0.6.1...v0.7.0