[0.16.5] - 2026-05-11

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• is_ip_in_cidr expression function for CIDR matching.

Changed

• Bump mail-auth to 0.9 (which bumps hickory-resolver to 0.26).
• Deprecated RFC2136 SIG(0) support as it is no longer supported by hickory.

Fixed

• JMAP:
  • Patching ids containing digits in JSON Pointers fails.
  • Patching nested objects with null values fails.
• External directories:
  • SQL: Return Failed instead of Error when the query returns no results.
  • LDAP: Impersonation fails when the user has not logged in before.
• Network: Attempt binding to IPv4 when binding to IPv6 fails with EAFNOSUPPORT error.
• Bootstrap: Timeout after 30 seconds when probing the data store.
• HTTP: Use permissive CORS headers for .well-known endpoints.
• ACME:
  • Include apex domains when requesting certificates for subdomains.
  • Use the public suffix list to determine the zone name when no origin is provided.
• MTA:
  • Allow rescheduling recipients with permanent failures.
  • Process reports using original RCPT before rewriting.
• Autodiscover v2 endpoint unreachable.
• DNS update (via dns-update crate):
  • OVH + Google Cloud DNS: Fix FQDN handling for MX and SRV records.
  • Route53: Fix changeset error resolution.
  • deSEC: Use empty subname for apex records instead of @, which the API rejects.
  • Cloudflare: Wrap TXT record content in double quotes (RFC 1035) to suppress dashboard warnings.
• iCalendar/JSCalendar (via calcard crate):
  • Support STATUS:CANCELLED mapping from VTODO to JSCalendar.
  • Fixed duration parsing for zero duration PT0S.

Check binary attestation here

[0.16.4] - 2026-05-05

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

Fixed

• Live tracing in community and OSS versions.
• Timezone changes from the AccountSettings object return invalidProperties.
• mail-parser panic with certain messages containing corrupted attachments.
• Pagination by anchor for queued messages, tasks and metrics.
• Spam filter: Use original instead of rewritten RCPT on checks.
• JMAP:
  • References in nested objects not resolved.
  • AddressBook/query fetches wrong resources.
• Import tool fails to restore registry entries.
• FDB: Allow multiple FoundationDB instances in the same process.
• Autoconfig: Return %EMAILADDRESS% when no email address is provided.
• Quota: Include Sieve scripts in quota recalculations.

Check binary attestation here

[0.16.3] - 2026-04-30

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

• Replaced STALWART_HTTPS_PORT with STALWART_PUBLIC_URL.
• App Passwords now begin with app_ instead of app to avoid issues with some clients that do not support spaces in passwords.

Fixed

• Directory:
  • Invalidate caches when group memberships change on an external directory.
  • OIDC: errors instead of "failed to decode token".
  • OIDC: Recovery admin access.
  • User impersonation.
• Tasks:
  • Delete locked tasks.
  • Queue pagination by anchor.
• Log viewer: All events show as INFO.
• Registry: Allow changing object variants.
• Node id renewal.
• DNS Updater: Fix Route53 serialization format.

Check binary attestation here

[0.16.2] - 2026-04-28

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• OIDC: Fallback to userinfo endpoint when JWT token does not contain an email claim.
• S3: verifyAfterWrite option to verify that objects have persisted after writing.

Changed

• Allow HTTP to be used for configuring the server.

Fixed

• LDAP: Generate valid credentialId when there are password changes.
• TLS: Disable cipher suited option disables wrong ciphers.
• DNS Updater:
  • BunnyDNS: Use subdomain as name of record instead of FQDN.
  • RFC2136: Chunk TXT records.
• Skip invalid entries in log files.

Check binary attestation here

[0.16.1] - 2026-04-25

This version includes multiple breaking changes. If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• OIDC: Extract username from JWT token.
• system('node_hostname') and system('node_role') expression variables to retrieve the local node hostname and cluster role respectively.

Changed

Fixed

• JMAP:
  • Invalid receivedAt headers after importing (#2939).
  • Sorting order issues when emails lack receivedAt headers.
• IMAP: Fix BINARY fetch responses (#2940).
• WebDAV: Fix ACL validation for target folders.
• ACME: Allow requesting apex domain certificates.
• Hostname issues:
  • Accept RFC 6761 reserved TLDs during bootstrap.
  • Allow hostnames without TLDs in remote server settings.
• Reverse proxy issues.
• OSS builds.
• DNS Updater:
  • RFC2136: TSIG secret not base64 decoded.
  • Google DNS: Chunk TXT records when they exceed 255 characters.
  • Cloudflare:
    • Fix CAA record updates.
    • Check zone subdomains when finding zones

Check binary attestation here

[0.16.0] - 2026-04-20

This version includes multiple breaking changes. If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• Web UI rewritten from the ground up using the JMAP management API, featuring a refreshed design and addressing 76 enhancement requests and bug fixes.
• CLI rewritten from the ground up to use the JMAP management API.
• Security enhancements:
  • Password strength enforcement using the zxcvbn algorithm
  • Password expiration, rotation policies and IP address restrictions for user accounts
  • App Passwords with limited access (#1609), labels (#2255), IP address restrictions and expiration dates
  • API keys with limited access, labels, IP address restrictions and expiration dates
  • Auto-ban comments and details about the triggering event (#1321)
  • Auto-ban expiration after a configurable time period (#964)
• DNS Management:
  • Automatic DNS management of MX, TXT, CNAME, SRV, CAA and TLSA records (#463 #1017 #1419 #2438 #1370 #1406 #1371)
  • Automatic update of TLSA records when ACME certificates change (#1664)
  • RFC2136 SIG(0) support (#856)
  • Route53 provider support (contributed by @jimmystewpot)
  • Google Cloud DNS provider support (contributed by @jimmystewpot)
  • Bunny provider support (contributed by @angeloanan)
  • Porkbun provider support (contributed by @jeffesquivels)
  • DNSimple provider support (contributed by @NelsonVides)
  • Spaceship provider support (contributed by @matserix)
• DKIM:
  • Automatic DKIM key generation, rotation and DNS management (#368 #961)
  • Store DKIM keys in the database (#1264)
  • Ignore insecure signatures when verifying DKIM (#1068 #467)
• ACME/TLS:
  • DNS-PERSIST-01 ACME challenge support (#2837)
  • Renew certificates on demand, view certificate details (#675 #1162 #2566)
  • CAA record support (#468) with accounturi parameter (#1933)
  • TLSA records publishing restricted to 3 1 1 and 2 1 1 (#2193)
• OIDC and OAuth:
  • JWT token validation without requesting userinfo from the OIDC provider.
  • Audience (aud) claim (#2603) and scope validation support.
  • Groups support (#1448)
  • RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients
• LDAP:
  • Separate filter for groups (#1841)
  • Improve support for OpenLDAP schemas (#760)
  • Improve and simplify LDAP settings (#2194 #2174)
• Directory:
  • Masked email addresses for enhanced privacy (Enterprise)
  • Domain aliases (#583)
  • E-mail alias descriptions and option to disable aliases (#506)
  • Account archiving and un-deletion (#2767) (Enterprise)
  • Per-domain directory backends (Enterprise)
• Account configuration and discovery:
  • Automatic Configuration of Email, Calendar, and Contact Server Settings (draft-mailmaint-uaautoconf-04) (#2201)
  • MS Autodiscover V2 support (#679)
• Sieve: Allow deactivating scripts without deleting them (#1251).
• Tracing: Enable events only mode (#2276)
• Clustering:
  • Automatic cluster node ID generation and management.
  • Unified cluster management (#960)
  • Outbound MTA role (#1692)

Changed

• Replaced REST API with JMAP API (#2262 #959 #1480)
• Removed support for Authenticated Received Chain (ARC) sealing (learn more).
• Directory: Removed smtp, imap and memory directory backends.
• Use aws-lc for cryptographic operations instead of ring.
• Use rustls-platform-verifier for TLS certificate verification instead of webpki (#247).

Fixed

• Directory:
  • Cannot remove built-in "admin" role from user once it was assigned (#1467)
  • Delete associated records (#963)
  • Updated Role permissions not applied (#2038)
  • Recreated account cannot log in until server is restarted (#1469)
  • Subaddressing does not work for groups (#475)
  • New LDAP aliases are rejected (#1318).
  • Validate account and group names (#2209)
• MTA:
  • RCPT TO stage settings improvements (#2217 #394)
  • Relay to IP addresses (#838)
  • Duplicate delivery inverted check
  • SASL challenge responses include invalid Go ahead text
• JMAP:
  • Fix inMailboxOtherThan query logic.
  • Fix hasAttachment search field (#2778)
• IMAP:
  • Increment argument max length to 8000 bytes
  • ACL: Add RIGHTS capability (#2762)
  • ACL: Fix ACL SET permission override.
• WebDAV:
  • Return 304 NOT_MODIFIED on If-None-Match
  • Use RFC 2616 instead of RFC 1123 for date formatting
  • Fix ACL container/item mismatch in reports.
  • CalDAV: Allow organized properties to be present in PUT requests if they are equal to the existing ones.
  • CalDAV: Enforce cumulative iCalendar instances cap in CalDAV free-busy REPORT handler
• Configuration: Prefix parsing issues (#2495)
• OIDC: JWKS Exposes Symmetric Signing Key
• SQLite: Fix thread pool exhaustion.
• PostgreSQL: Use clean recycling method on connection pool
• Meilisearch: Make id sorteable.
• ACME: Fix wrong origin for subdomain updates (#2360)
• Spam filter: Skip invalid messages during training.
• Calendar: Include minutes in localized invite templates (#2828)
• HTTP: Fix 204 CORS preflight responses

Check binary attestation here

[0.15.5] - 2026-02-14

If you are upgrading from v0.14.x and below, this version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.
If you are upgrading from v0.15.x, replace the binary and update the webadmin.

Added

Changed

Fixed

• IMAP/JMAP: OOM when mail-parser returns cyclical MIME structures (CVE-2026-26312).
• Tracing: Fix tracing indexing when using separate stores.
• JMAP: Fix upToId computation in */queryChanges.
• JMAP: Include createdIds when the property is present.
• JMAP: Respect query arguments in Email/queryChanges.
• JMAP: Return the correct container/item change id when there are no changes.

Check binary attestation at here

[0.15.4] - 2026-01-19

If you are upgrading from v0.14.x and below, this version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.
If you are upgrading from v0.15.x, replace the binary and update the webadmin.

Added

• IMAP: Map HEADER SUBJECT/FROM/TO searches to SUBJECT/FROM/TO queries.
• Sieve: Update spam status on user scripts.

Changed

Fixed

• Search: Return all document ids when no filters are provided.
• Search: Filters not applied when a single message is in the account.
• IMAP: Return ALREADYEXISTS code when creating existing mailboxes.
• IMAP: Do not return quota resources if no quota is set.
• JMAP/changes: Update newState with last changeId if an invalid fromChangeId is provided.
• JMAP/CalendarIdentity: Do not update invalid calendar identities.
• AI API: Include request error details if available.

Check binary attestation at here

[0.15.3] - 2025-12-29

If you are upgrading from v0.14.x and below, this version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.
If you are upgrading from v0.15.x, replace the binary and update the webadmin.

Added

• Polish locale support (contributed by @mrxkp) (#2480)

Changed

Fixed

• Meilisearch: Return correct error messages when failing to create indexes (#2574)
• PostgreSQL search: Truncate emails to 650kb for full-text search indexing.
• FoundationDB search: Batch large transactions (#2567).
• Spam filter: Fix training sample size checks
• IMAP: Fix UTF7 encoding with Emojis (contributed by @dojiong) (#2564).

Check binary attestation at here

[0.15.2] - 2025-12-22

If you are upgrading from v0.14.x and below, this version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.
If you are upgrading from v0.15.x, replace the binary and update the webadmin.

Added

• OAuth: Add device authorization endpoint (#2225).

Changed

• Antispam: Only auto-learn spam from traps or multiple RBL hits.

Fixed

• mySQL search: Use MEDIUMTEXT field type for email body and attachments (#2544).
• PostgreSQL search: Truncate large text fields.
• ElasticSearch: Implement pagination (#2551).
• Antispam: Fix NO_SPACE_IN_FROM spam tag detection logic (#2372).
• IMAP: Fix shared folder double nesting (test suite credits to @ochnygosch) (#2358).
• JMAP: Use latest Received header in JMAP Email/import (credits to @apexskier) (#2374).
• JMAP: Return unsorted search results when the index is not ready (#2544).
• LDAP: Lowercase attribute comparison (credits to @pdf) (#2363).
• CLI: Fix same-host JMAP redirection on non-standard ports (#2271).

Check binary attestation at here

[0.15.1] - 2025-12-17

This version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

Fixed

• PostgreSQL: Sanitize search index values (#2533)
• Elasticsearch: Ignore resource_already_exists_exception errors when creating indexes (#2535)
• Migrate 0.13.x data (#2534)

Check binary attestation at here

[0.15.0] - 2025-12-16

This version includes multiple breaking changes. Please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• Linear spam classifier using FTRL-Proximal and feature/cuckoo hashing.
• Meilisearch store backend implementation (#1482).
• PostgreSQL and mySQL native full-text search support.
• Multiple performance improvements and database access optimizations.
• Encryption-at-rest: Spam training privacy setting.
• Enterprise: Undelete e-mail feature now includes From/Subject/Received information.
• IMAP: Implemented new keywords and mailbox attributes described in draft-ietf-mailmaint-messageflag-mailboxattribute-13

Changed

• IMAP: Always return special use flags in responses.

Fixed

• JMAP: FileNode/set fails to delete files (#2485).
• JMAP: Return error when using blobId in JSContact and JSCalendar (#2431).
• Directory: Deletion of list or domain issues (#2415).
• MTA: Headers and body stripped from mail delivery subsystem failure notifications (#2344).
• MTA: Hooks only run if sieve script, milter or rewrite is configured (#2317).
• Autodiscover: Endpoint should be case insensitive (#2440).
• Housekeeper: Panic during DST transition (#2366).
• Import/Export: Fix import/export utility (#1882).
• Enterprise: Remove tenant admin permissions when license is invalid.

Check binary attestation at here

[0.14.1] - 2025-10-28

If you are upgrading from v0.13.4 and below, this version includes breaking changes to the internal directory, calendar and contacts. Please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• Autoconfig for CalDAV, CardDAV and WebDAV (#1937)

Changed

• HTTP: Remove HTTP STS preload directive.

Fixed

• Directory: Keep OTP Auth and AppPasswords unless the remote directory provides new ones (#2319)
• JMAP: Fix ContactCard/set and CalendarEvent/set destroy methods (#2308).

Check binary attestation at here

[0.14.0] - 2025-10-22

If you are upgrading from v0.13.4 and below, this version includes breaking changes to the internal directory, calendar and contacts. Please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

• JMAP for Calendars (draft-ietf-jmap-calendars).
• JMAP for Contacts (RFC 9610).
• JMAP for File Storage (draft-ietf-jmap-filenode).
• JMAP Sharing (RFC 9670)
• CalDAV: support for supported-calendar-component-set (#1893)
• i18n: Greek language support (contributed by @infl00p)
• i18n: Swedish language support (contributed by @purung)

Changed

• Breaking Database Changes (migrated automatically on first start):
  • Internal directory schema changed.
  • Calendar and Contacts storage schema changed.
  • Sieve scripts storage schema changed.
  • Push Subscriptions storage schema changed.
• Replaced sieve.untrusted.limits.max-scripts and jmap.push.max-total with object-quota.* settings.
• Cluster node roles now allow sharding.

Fixed

• Push Subscription: Clean-up of expired subscriptions and cluster notification of changes (#1248)
• CalDAV: Per-user CalDAV properties (#2058)

Check binary attestation at here

[0.13.4] - 2025-09-30

If you are upgrading from v0.11.x or v0.12.x, this version includes breaking changes to the message queue and MTA configuration. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.

Added

Changed

• JMAP: Protocol layer rewrite for zero-copy deserialization and architectural improvements.

Fixed

• IMAP: Unbounded memory allocation in request parser (CVE-2025-61600 ).
• IMAP: Wrong permission checked for GETACL.
• JMAP: References to previous method fail when there are no results (#1507).
• JMAP: Enforce quota checks on Blob/copy.
• JMAP: Mailbox/get fails without accountId argument (#1936).
• JMAP: Do not return invalidProperties when email update doesn't contain changes (#1139)
• iTIP: Include date properties in REPLY (#2102).
• OIDC: Do not set username field if it is the same as the email field.
• Telemetry: Fix calculateMetrics housekeeper task (#2155).
• Directory: Always use rsplit to extract the domain part from email addresses.

Check binary attestation at here

[0.13.3] - 2025-09-10

If you are upgrading from v0.11.x or v0.12.x, this version includes breaking changes to the message queue and MTA configuration. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.

Added

• CLI: Health checks (contributed by @Codekloeppler)

Changed

• WebDAV: Assisted discovery v2

Fixed

• iTIP: Do not send a REPLY when deleting an event that was not accepted.
• iTIP: Include event details in REPLY messages (#2102).
• iTIP: Add organizer to iMIP replies if missing to deal with MS Exchange 2010 bug.
• OIDC: Do not overwrite locally defined aliases (#2065).
• HTTP: Scan ban should only be triggered by HTTP parse errors.
• HTTP: Skip scanner fail2ban checks when the proxy client IP can't be parsed (#2121).
• JMAP: Do not allow roles to be removed from system mailboxes (#1977).
• JMAP WS: Fix panic when using invalid server url.
• SMTP: Do no send EHLO twice when STARTTLS is unavailable (#2050).
• IMAP: Allow ENABLE UTF8 in IMAPrev1.
• IMAP: Include administer permission in ACL responses.
• IMAP: Add owner rights to ACL get responses.
• IMAP: Do not auto-train Bayes when moving messages from Junk to Trash.
• IMAP/ManageSieve: Increase maximum quoted argument size (#2039).
• CalDAV: Limit recurrence expansions in calendar reports (CVE-2025-59045).
• WebDAV: Do not fix percent encoding on WebDAV FS (#2036).

Check binary attestation at here

[0.13.2] - 2025-07-28

If you are upgrading from v0.11.x or v0.12.x, this version includes breaking changes to the message queue and MTA configuration. Please read the UPGRADING.md file for more information on how to upgrade from previous versions.

Added

• ACME: DeSEC cloud DNS provider support (contributed by @Tyr3al).
• ACME: OVH cloud DNS provider support (contributed by @srachner).
• CalDAV Scheduling: Catalan language support (contributed by @jolupa) (#1873).
• MTA: Allow to send e-mails as group, while member of that group (#485).
• OIDC: Allow local access tokens to be used with third-party OIDC backends (#1311 stalwartlabs/webadmin#52).

Changed

• IMAP: Return OK when moving/copying non-existent messages (#670).
• IMAP: Copy flags when copying/moving messages between accounts.

Fixed

• MTA: Do not convert e-mail local parts to lowercase (#1916).
• Sieve: fileinto should override spam filter (#1917).
• JMAP: Incorrect accountId used in email set and import methods (#1777).
• WebDAV: Always return MULTISTATUS when calendar-query yields no results.
• LDAP: Only set account name if not returned in LDAP query (#1471).
• Enterprise: Invalidate logo cache when changes are made (#1856).
• Enterprise: Fix tenant quota update API.

Check binary attestation at here