Add some information about mailing list managers.

Add draft/mailing_list_current_state.rst
Add Self and mailing list id as contacts; unfortunately I had to remove the may_be_valid_addr test because a listId is not a vaild email address
2026-04-02 05:22:14 +03:00 · 2020-04-17 18:38:34 +02:00 · 2020-04-17 18:19:32 +02:00 · 2020-04-17 12:45:22 +02:00 · 2020-04-17 11:12:19 +02:00 · 2020-04-17 10:18:10 +02:00
93 changed files with 4478 additions and 2390 deletions
--- a/.github/workflows/code-quality.yml
+++ b/.github/workflows/code-quality.yml
@@ -10,7 +10,7 @@ jobs:
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
-          toolchain: nightly-2019-11-06
+          toolchain: nightly-2020-03-12
          override: true
      - uses: actions-rs/cargo@v1
        with:
@@ -25,7 +25,7 @@ jobs:
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
-          toolchain: nightly-2019-11-06
+          toolchain: nightly-2020-03-12
          override: true
      - run: rustup component add rustfmt
      - uses: actions-rs/cargo@v1
@@ -39,10 +39,10 @@ jobs:
      - uses: actions/checkout@v1
      - uses: actions-rs/toolchain@v1
        with:
-            toolchain: nightly-2019-11-06
+            toolchain: nightly-2020-03-12
            components: clippy
            override: true
      - uses: actions-rs/clippy-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
-          args: --all-features
+          args: --all-features
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,24 @@
 # Changelog 

+## 1.28.0
+
+- new flag DC_GCL_FOR_FORWARDING for dc_get_chatlist()
+  that will sort the "saved messages" chat to the top of the chatlist #1336
+- mark mails as being deleted from server in dc_empty_server() #1333
+- fix interaction with servers that do not allow folder creation on root-level;
+  use path separator as defined by the email server #1359
+- fix group creation if group was created by non-delta clients #1357
+- fix showing replies from non-delta clients #1353
+- fix member list on rejoining left groups #1343
+- fix crash when using empty groups #1354
+- fix potential crash on special names #1350
+
+
+## 1.27.0
+
+- handle keys reliably on armv7 #1327
+
+
 ## 1.26.0

 - change generated key type back to RSA as shipped versions
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.26.0"
+version = "1.28.0"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
 license = "MPL-2.0"
@@ -12,7 +12,7 @@ lto = true
 deltachat_derive = { path = "./deltachat_derive" }

 libc = "0.2.51"
-pgp = { version = "0.4.0", default-features = false }
+pgp = { version = "0.5.1", default-features = false } 
 hex = "0.4.0"
 sha2 = "0.8.0"
 rand = "0.7.0"
@@ -32,8 +32,6 @@ percent-encoding = "2.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 chrono = "0.4.6"
-failure = "0.1.5"
-failure_derive = "0.1.5"
 indexmap = "1.3.0"
 lazy_static = "1.4.0"
 regex = "1.1.6"
@@ -53,13 +51,15 @@ bitflags = "1.1.0"
 debug_stub_derive = "0.3.0"
 sanitize-filename = "0.2.1"
 stop-token = { version = "0.1.1", features = ["unstable"] }
-mailparse = "0.10.2"
+mailparse = "0.12.0"
 encoded-words = { git = "https://github.com/async-email/encoded-words", branch="master" }
 native-tls = "0.2.3"
 image = { version = "0.22.4", default-features=false, features = ["gif_codec", "jpeg", "ico", "png_codec", "pnm", "webp", "bmp"] }
 pretty_env_logger = "0.3.1"

 rustyline = { version = "4.1.0", optional = true }
+thiserror = "1.0.14"
+anyhow = "1.0.28"

 [dev-dependencies]
 tempfile = "3.0"
@@ -84,7 +84,7 @@ required-features = ["rustyline"]


 [features]
-default = ["nightly", "ringbuf"]
+default = ["nightly"]
 vendored = ["async-native-tls/vendored", "reqwest/native-tls-vendored", "async-smtp/native-tls-vendored"]
 nightly = ["pgp/nightly"]
-ringbuf = ["pgp/ringbuf"]
+
--- a/README.md
+++ b/README.md
@@ -108,7 +108,6 @@ $ cargo test -- --ignored

 - `vendored`: When using Openssl for TLS, this bundles a vendored version.
 - `nightly`: Enable nightly only performance and security related features.
- `ringbuf`: Enable the use of [`slice_deque`](https://github.com/gnzlbg/slice_deque) in pgp.

 [circle-shield]: https://img.shields.io/circleci/project/github/deltachat/deltachat-core-rust/master.svg?style=flat-square
 [circle]: https://circleci.com/gh/deltachat/deltachat-core-rust/
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -4,7 +4,7 @@ environment:

 install:
  - appveyor DownloadFile https://win.rustup.rs/ -FileName rustup-init.exe
-  - rustup-init -yv --default-toolchain nightly-2019-07-10
+  - rustup-init -yv --default-toolchain nightly-2020-03-12
  - set PATH=%PATH%;%USERPROFILE%\.cargo\bin
  - rustc -vV
  - cargo -vV
--- a/ci_scripts/docker-coredeps/deps/build_rust.sh
+++ b/ci_scripts/docker-coredeps/deps/build_rust.sh
@@ -3,9 +3,9 @@
 set -e -x

 # Install Rust
-curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain nightly-2019-11-06 -y
+curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain nightly-2020-03-12 -y
 export PATH=/root/.cargo/bin:$PATH
 rustc --version

 # remove some 300-400 MB that we don't need for automated builds
-rm -rf /root/.rustup/toolchains/nightly-2019-11-06-x86_64-unknown-linux-gnu/share/
+rm -rf /root/.rustup/toolchains/nightly-2020-03-12-x86_64-unknown-linux-gnu/share/
--- a/ci_scripts/old/run-python.sh
+++ b/ci_scripts/old/run-python.sh
@@ -46,6 +46,7 @@ if [ -n "$TESTS" ]; then
    tox --workdir "$TOXWORKDIR" -e py37 -- --reruns 3 -k "not qr"
    tox --workdir "$TOXWORKDIR" -e py37 -- --reruns 3 -k "qr"
    unset DCC_PY_LIVECONFIG
+    unset DCC_NEW_TMP_EMAIL
    tox --workdir "$TOXWORKDIR" -p4 -e lint,py35,py36,doc
    tox --workdir "$TOXWORKDIR" -e auditwheels
    popd
--- a/ci_scripts/remote_python_packaging.sh
+++ b/ci_scripts/remote_python_packaging.sh
@@ -32,11 +32,11 @@ ssh $SSHTARGET bash -c "cat >$BUILDDIR/exec_docker_run" <<_HERE
    set +x -e
    cd $BUILDDIR
    export DCC_PY_LIVECONFIG=$DCC_PY_LIVECONFIG
-
+    export DCC_NEW_TMP_EMAIL=$DCC_NEW_TMP_EMAIL
    set -x

    # run everything else inside docker 
-    docker run -e DCC_PY_LIVECONFIG \
+    docker run -e DCC_NEW_TMP_EMAIL -e DCC_PY_LIVECONFIG \
       --rm -it -v \$(pwd):/mnt -w /mnt \
       deltachat/coredeps ci_scripts/run_all.sh

--- a/ci_scripts/remote_tests_python.sh
+++ b/ci_scripts/remote_tests_python.sh
@@ -30,6 +30,7 @@ ssh $SSHTARGET <<_HERE
    export CARGO_TARGET_DIR=\`pwd\`/../target
    export TARGET=release
    export DCC_PY_LIVECONFIG=$DCC_PY_LIVECONFIG
+    export DCC_NEW_TMP_EMAIL=$DCC_NEW_TMP_EMAIL

    #we rely on tox/virtualenv being available in the host
    #rm -rf virtualenv venv
--- a/ci_scripts/run_all.sh
+++ b/ci_scripts/run_all.sh
@@ -37,7 +37,8 @@ mkdir -p $TOXWORKDIR
 # XXX we may switch on some live-tests on for better ensurances 
 # Note that the independent remote_tests_python step does all kinds of
 # live-testing already. 
-unset DCC_PY_LIVECONFIG 
+unset DCC_PY_LIVECONFIG
+unset DCC_NEW_TMP_EMAIL
 tox --workdir "$TOXWORKDIR" -e py35,py36,py37,py38,auditwheels
 popd

--- a/deltachat-ffi/Cargo.toml
+++ b/deltachat-ffi/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.26.0"
+version = "1.28.0"
 description = "Deltachat FFI"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
@@ -19,11 +19,11 @@ deltachat = { path = "../", default-features = false }
 libc = "0.2"
 human-panic = "1.0.1"
 num-traits = "0.2.6"
-failure = "0.1.6"
 serde_json = "1.0"
+anyhow = "1.0.28"
+thiserror = "1.0.14"

 [features]
-default = ["vendored", "nightly", "ringbuf"]
+default = ["vendored", "nightly"]
 vendored = ["deltachat/vendored"]
 nightly = ["deltachat/nightly"]
-ringbuf = ["deltachat/ringbuf"]
--- a/deltachat-ffi/deltachat.h
+++ b/deltachat-ffi/deltachat.h
@@ -373,6 +373,14 @@ char*           dc_get_blobdir               (const dc_context_t* context);
 * - `save_mime_headers` = 1=save mime headers
 *                    and make dc_get_mime_headers() work for subsequent calls,
 *                    0=do not save mime headers (default)
+ * - `delete_device_after` = 0=do not delete messages from device automatically (default),
+ *                    >=1=seconds, after which messages are deleted automatically from the device.
+ *                    Messages in the "saved messages" chat (see dc_chat_is_self_talk()) are skipped.
+ *                    Messages are deleted whether they were seen or not, the UI should clearly point that out.
+ * - `delete_server_after` = 0=do not delete messages from server automatically (default),
+ *                    >=1=seconds, after which messages are deleted automatically from the server.
+ *                    "Saved messages" are deleted from the server as well as
+ *                    emails matching the `show_emails` settings above, the UI should clearly point that out.
 *
 * If you want to retrieve a value, use dc_get_config().
 *
@@ -901,6 +909,7 @@ int             dc_preconfigure_keypair        (dc_context_t* context, const cha
 #define         DC_GCL_ARCHIVED_ONLY         0x01
 #define         DC_GCL_NO_SPECIALS           0x02
 #define         DC_GCL_ADD_ALLDONE_HINT      0x04
+#define         DC_GCL_FOR_FORWARDING        0x08


 /**
@@ -939,6 +948,8 @@ int             dc_preconfigure_keypair        (dc_context_t* context, const cha
 *       if DC_GCL_ARCHIVED_ONLY is not set, only unarchived chats are returned and
 *       the pseudo-chat DC_CHAT_ID_ARCHIVED_LINK is added if there are _any_ archived
 *       chats
+ *     - the flag DC_GCL_FOR_FORWARDING sorts "Saved messages" to the top of the chatlist,
+ *       typically used on forwarding, may be combined with DC_GCL_NO_SPECIALS
 *     - if the flag DC_GCL_NO_SPECIALS is set, deaddrop and archive link are not added
 *       to the list (may be used eg. for selecting chats on forwarding, the flag is
 *       not needed when DC_GCL_ARCHIVED_ONLY is already set)
@@ -1292,6 +1303,21 @@ int             dc_get_msg_cnt               (dc_context_t* context, uint32_t ch
 int             dc_get_fresh_msg_cnt         (dc_context_t* context, uint32_t chat_id);


+
+/**
+ * Estimate the number of messages that will be deleted
+ * by the dc_set_config()-options `delete_device_after` or `delete_server_after`.
+ * This is typically used to show the estimated impact to the user before actually enabling ephemeral messages.
+ *
+ * @param context The context object as returned from dc_context_new().
+ * @param from_server 1=Estimate deletion count for server, 0=Estimate deletion count for device
+ * @param seconds Count messages older than the given number of seconds.
+ * @return Number of messages that are older than the given number of seconds.
+ *     This includes emails downloaded due to the `show_emails` option.
+ *     Messages in the "saved messages" folder are not counted as they will not be deleted automatically.
+ */
+int             dc_estimate_deletion_cnt    (dc_context_t* context, int from_server, int64_t seconds);
+
 /**
 * Returns the message IDs of all _fresh_ messages of any chat.
 * Typically used for implementing notification summaries.
@@ -1655,8 +1681,9 @@ char*           dc_get_mime_headers          (dc_context_t* context, uint32_t ms
 */
 void            dc_delete_msgs               (dc_context_t* context, const uint32_t* msg_ids, int msg_cnt);

-/**
+/*
 * Empty IMAP server folder: delete all messages.
+ * Deprecated, use dc_set_config() with the key "delete_server_after" instead.
 *
 * @memberof dc_context_t
 * @param context The context object as created by dc_context_new()
@@ -4124,28 +4151,8 @@ int64_t          dc_lot_get_timestamp     (const dc_lot_t* lot);
 */


-/**
- * @defgroup DC_EMPTY DC_EMPTY
- *
- * These constants configure emptying imap folders with dc_empty_server()
- *
- * @addtogroup DC_EMPTY
- * @{
- */
-
-/**
- * Clear all mvbox messages.
- */
-#define DC_EMPTY_MVBOX 0x01
-
-/**
- * Clear all INBOX messages.
- */
-#define DC_EMPTY_INBOX 0x02
-
-/**
- * @}
- */
+#define DC_EMPTY_MVBOX 0x01 // Deprecated, flag for dc_empty_server(): Clear all mvbox messages
+#define DC_EMPTY_INBOX 0x02 // Deprecated, flag for dc_empty_server(): Clear all INBOX messages


 /**
@@ -4498,14 +4505,22 @@ int64_t          dc_lot_get_timestamp     (const dc_lot_t* lot);


 /**
- * This event is sent out to the inviter when a joiner successfully joined a group.
+ * This event is sent for each member that gets added to a (verified or unverified) chat. 
 *
 * @param data1 (int) chat_id
 * @param data2 (int) contact_id
 * @return 0
 */
-#define DC_EVENT_SECUREJOIN_MEMBER_ADDED 2062
+#define DC_EVENT_MEMBER_ADDED 2062

+/**
+ * This event is sent for each member that gets removed from a (verified or unverified) chat. 
+ *
+ * @param data1 (int) chat_id
+ * @param data2 (int) contact_id
+ * @return 0
+ */
+#define DC_EVENT_MEMBER_REMOVED 2063

 /**
 * @}
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -27,7 +27,7 @@ use num_traits::{FromPrimitive, ToPrimitive};

 use deltachat::chat::{ChatId, ChatVisibility, MuteDuration};
 use deltachat::constants::DC_MSG_ID_LAST_SPECIAL;
-use deltachat::contact::Contact;
+use deltachat::contact::{Contact, Origin};
 use deltachat::context::Context;
 use deltachat::key::DcKey;
 use deltachat::message::MsgId;
@@ -120,17 +120,17 @@ impl ContextWrapper {
    /// Unlock the context and execute a closure with it.
    ///
    /// This is like [ContextWrapper::with_inner] but uses
-    /// [failure::Error] as error type.  This allows you to write a
+    /// [anyhow::Error] as error type.  This allows you to write a
    /// closure which could produce many errors, use the `?` operator
    /// to return them and handle them all as the return of this call.
-    fn try_inner<T, F>(&self, ctxfn: F) -> Result<T, failure::Error>
+    fn try_inner<T, F>(&self, ctxfn: F) -> Result<T, anyhow::Error>
    where
-        F: FnOnce(&Context) -> Result<T, failure::Error>,
+        F: FnOnce(&Context) -> Result<T, anyhow::Error>,
    {
        let guard = self.inner.read().unwrap();
        match guard.as_ref() {
            Some(ref ctx) => ctxfn(ctx),
-            None => Err(failure::err_msg("context not open")),
+            None => Err(anyhow::format_err!("context not open")),
        }
    }

@@ -199,6 +199,14 @@ impl ContextWrapper {
                Event::SecurejoinMemberAdded {
                    chat_id,
                    contact_id,
+                }
+                | Event::MemberAdded {
+                    chat_id,
+                    contact_id,
+                }
+                | Event::MemberRemoved {
+                    chat_id,
+                    contact_id,
                } => {
                    ffi_cb(
                        self,
@@ -433,7 +441,7 @@ pub unsafe extern "C" fn dc_set_config_from_qr(
 pub unsafe extern "C" fn dc_get_info(context: *mut dc_context_t) -> *mut libc::c_char {
    if context.is_null() {
        eprintln!("ignoring careless call to dc_get_info()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_context = &*context;
    let guard = ffi_context.inner.read().unwrap();
@@ -1045,6 +1053,25 @@ pub unsafe extern "C" fn dc_get_fresh_msg_cnt(
        .unwrap_or(0)
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_estimate_deletion_cnt(
+    context: *mut dc_context_t,
+    from_server: libc::c_int,
+    seconds: i64,
+) -> libc::c_int {
+    if context.is_null() || seconds < 0 {
+        eprintln!("ignoring careless call to dc_estimate_deletion_cnt()");
+        return 0;
+    }
+    let ffi_context = &*context;
+    ffi_context
+        .with_inner(|ctx| {
+            message::estimate_deletion_cnt(ctx, from_server != 0, seconds).unwrap_or(0)
+                as libc::c_int
+        })
+        .unwrap_or(0)
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_fresh_msgs(
    context: *mut dc_context_t,
@@ -1455,7 +1482,7 @@ pub unsafe extern "C" fn dc_get_msg_info(
 ) -> *mut libc::c_char {
    if context.is_null() {
        eprintln!("ignoring careless call to dc_get_msg_info()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_context = &*context;
    ffi_context
@@ -1638,7 +1665,9 @@ pub unsafe extern "C" fn dc_lookup_contact_id_by_addr(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| Contact::lookup_id_by_addr(ctx, to_string_lossy(addr)))
+        .with_inner(|ctx| {
+            Contact::lookup_id_by_addr(ctx, to_string_lossy(addr), Origin::IncomingReplyTo)
+        })
        .unwrap_or(0)
 }

@@ -2406,7 +2435,7 @@ pub unsafe extern "C" fn dc_chat_get_type(chat: *mut dc_chat_t) -> libc::c_int {
 pub unsafe extern "C" fn dc_chat_get_name(chat: *mut dc_chat_t) -> *mut libc::c_char {
    if chat.is_null() {
        eprintln!("ignoring careless call to dc_chat_get_name()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_chat = &*chat;
    ffi_chat.chat.get_name().strdup()
@@ -2728,7 +2757,7 @@ pub unsafe extern "C" fn dc_msg_get_sort_timestamp(msg: *mut dc_msg_t) -> i64 {
 pub unsafe extern "C" fn dc_msg_get_text(msg: *mut dc_msg_t) -> *mut libc::c_char {
    if msg.is_null() {
        eprintln!("ignoring careless call to dc_msg_get_text()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_msg = &*msg;
    ffi_msg.message.get_text().unwrap_or_default().strdup()
@@ -2747,8 +2776,7 @@ pub unsafe extern "C" fn dc_msg_get_file(msg: *mut dc_msg_t) -> *mut libc::c_cha
            ffi_msg
                .message
                .get_file(ctx)
-                .and_then(|p| p.to_c_string().ok())
-                .map(|cs| dc_strdup(cs.as_ptr()))
+                .map(|p| p.strdup())
                .unwrap_or_else(|| "".strdup())
        })
        .unwrap_or_else(|_| "".strdup())
@@ -2758,7 +2786,7 @@ pub unsafe extern "C" fn dc_msg_get_file(msg: *mut dc_msg_t) -> *mut libc::c_cha
 pub unsafe extern "C" fn dc_msg_get_filename(msg: *mut dc_msg_t) -> *mut libc::c_char {
    if msg.is_null() {
        eprintln!("ignoring careless call to dc_msg_get_filename()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_msg = &*msg;
    ffi_msg.message.get_filename().unwrap_or_default().strdup()
@@ -2768,13 +2796,13 @@ pub unsafe extern "C" fn dc_msg_get_filename(msg: *mut dc_msg_t) -> *mut libc::c
 pub unsafe extern "C" fn dc_msg_get_filemime(msg: *mut dc_msg_t) -> *mut libc::c_char {
    if msg.is_null() {
        eprintln!("ignoring careless call to dc_msg_get_filemime()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_msg = &*msg;
    if let Some(x) = ffi_msg.message.get_filemime() {
        x.strdup()
    } else {
-        dc_strdup(ptr::null())
+        "".strdup()
    }
 }

@@ -3098,7 +3126,7 @@ pub unsafe extern "C" fn dc_contact_get_id(contact: *mut dc_contact_t) -> u32 {
 pub unsafe extern "C" fn dc_contact_get_addr(contact: *mut dc_contact_t) -> *mut libc::c_char {
    if contact.is_null() {
        eprintln!("ignoring careless call to dc_contact_get_addr()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_contact = &*contact;
    ffi_contact.contact.get_addr().strdup()
@@ -3108,7 +3136,7 @@ pub unsafe extern "C" fn dc_contact_get_addr(contact: *mut dc_contact_t) -> *mut
 pub unsafe extern "C" fn dc_contact_get_name(contact: *mut dc_contact_t) -> *mut libc::c_char {
    if contact.is_null() {
        eprintln!("ignoring careless call to dc_contact_get_name()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_contact = &*contact;
    ffi_contact.contact.get_name().strdup()
@@ -3120,7 +3148,7 @@ pub unsafe extern "C" fn dc_contact_get_display_name(
 ) -> *mut libc::c_char {
    if contact.is_null() {
        eprintln!("ignoring careless call to dc_contact_get_display_name()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_contact = &*contact;
    ffi_contact.contact.get_display_name().strdup()
@@ -3132,7 +3160,7 @@ pub unsafe extern "C" fn dc_contact_get_name_n_addr(
 ) -> *mut libc::c_char {
    if contact.is_null() {
        eprintln!("ignoring careless call to dc_contact_get_name_n_addr()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_contact = &*contact;
    ffi_contact.contact.get_name_n_addr().strdup()
@@ -3144,7 +3172,7 @@ pub unsafe extern "C" fn dc_contact_get_first_name(
 ) -> *mut libc::c_char {
    if contact.is_null() {
        eprintln!("ignoring careless call to dc_contact_get_first_name()");
-        return dc_strdup(ptr::null());
+        return "".strdup();
    }
    let ffi_contact = &*contact;
    ffi_contact.contact.get_first_name().strdup()
--- a/deltachat-ffi/src/string.rs
+++ b/deltachat-ffi/src/string.rs
@@ -1,4 +1,3 @@
-use failure::Fail;
 use std::ffi::{CStr, CString};
 use std::ptr;

@@ -9,7 +8,7 @@ use std::ptr;
 /// # Examples
 ///
 /// ```rust,norun
-/// use deltachat::dc_tools::{dc_strdup, to_string_lossy};
+/// use crate::string::{dc_strdup, to_string_lossy};
 /// unsafe {
 ///     let str_a = b"foobar\x00" as *const u8 as *const libc::c_char;
 ///     let str_a_copy = dc_strdup(str_a);
@@ -17,7 +16,7 @@ use std::ptr;
 ///     assert_ne!(str_a, str_a_copy);
 /// }
 /// ```
-pub unsafe fn dc_strdup(s: *const libc::c_char) -> *mut libc::c_char {
+unsafe fn dc_strdup(s: *const libc::c_char) -> *mut libc::c_char {
    let ret: *mut libc::c_char;
    if !s.is_null() {
        ret = libc::strdup(s);
@@ -31,13 +30,13 @@ pub unsafe fn dc_strdup(s: *const libc::c_char) -> *mut libc::c_char {
 }

 /// Error type for the [OsStrExt] trait
-#[derive(Debug, Fail, PartialEq)]
-pub enum CStringError {
+#[derive(Debug, PartialEq, thiserror::Error)]
+pub(crate) enum CStringError {
    /// The string contains an interior null byte
-    #[fail(display = "String contains an interior null byte")]
+    #[error("String contains an interior null byte")]
    InteriorNullByte,
    /// The string is not valid Unicode
-    #[fail(display = "String is not valid unicode")]
+    #[error("String is not valid unicode")]
    NotUnicode,
 }

@@ -66,7 +65,7 @@ pub enum CStringError {
 ///     let mut c_ptr: *mut libc::c_char = dc_strdup(path_c.as_ptr());
 /// }
 /// ```
-pub trait OsStrExt {
+pub(crate) trait OsStrExt {
    /// Convert a  [std::ffi::OsStr] to an [std::ffi::CString]
    ///
    /// This is useful to convert e.g. a [std::path::Path] to
@@ -131,15 +130,16 @@ fn os_str_to_c_string_unicode(
 }

 /// Convenience methods/associated functions for working with [CString]
-///
-/// This is helps transitioning from unsafe code.
-pub trait CStringExt {
-    /// Create a new [CString], yolo style
+trait CStringExt {
+    /// Create a new [CString], best effort
    ///
-    /// This unwrap the result, panicking when there are embedded NULL
-    /// bytes.
-    fn yolo<T: Into<Vec<u8>>>(t: T) -> CString {
-        CString::new(t).expect("String contains null byte, can not be CString")
+    /// Like the [to_string_lossy] this doesn't give up in the face of
+    /// bad input (embedded null bytes in this case) instead it does
+    /// the best it can by stripping the embedded null bytes.
+    fn new_lossy<T: Into<Vec<u8>>>(t: T) -> CString {
+        let mut s = t.into();
+        s.retain(|&c| c != 0);
+        CString::new(s).unwrap_or_default()
    }
 }

@@ -151,7 +151,7 @@ impl CStringExt for CString {}
 /// Rust strings to raw C strings.  This can be clumsy to do correctly
 /// and the compiler sometimes allows it in an unsafe way.  These
 /// methods make it more succinct and help you get it right.
-pub trait StrExt {
+pub(crate) trait Strdup {
    /// Allocate a new raw C `*char` version of this string.
    ///
    /// This allocates a new raw C string which must be freed using
@@ -168,35 +168,44 @@ pub trait StrExt {
    unsafe fn strdup(&self) -> *mut libc::c_char;
 }

-impl<T: AsRef<str>> StrExt for T {
+impl<T: AsRef<str>> Strdup for T {
    unsafe fn strdup(&self) -> *mut libc::c_char {
-        let tmp = CString::yolo(self.as_ref());
+        let tmp = CString::new_lossy(self.as_ref());
+        dc_strdup(tmp.as_ptr())
+    }
+}
+
+// We can not implement for AsRef<OsStr> because we already implement
+// AsRev<str> and this conflicts.  So implement for Path directly.
+impl Strdup for std::path::Path {
+    unsafe fn strdup(&self) -> *mut libc::c_char {
+        let tmp = self.to_c_string().unwrap_or_else(|_| CString::default());
        dc_strdup(tmp.as_ptr())
    }
 }

 /// Convenience methods to turn optional strings into C strings.
 ///
-/// This is the same as the [StrExt] trait but a different trait name
-/// to work around the type system not allowing to implement [StrExt]
-/// for `Option<impl StrExt>` When we already have an [StrExt] impl
+/// This is the same as the [Strdup] trait but a different trait name
+/// to work around the type system not allowing to implement [Strdup]
+/// for `Option<impl Strdup>` When we already have an [Strdup] impl
 /// for `AsRef<&str>`.
 ///
 /// When the [Option] is [Option::Some] this behaves just like
-/// [StrExt::strdup], when it is [Option::None] a null pointer is
+/// [Strdup::strdup], when it is [Option::None] a null pointer is
 /// returned.
-pub trait OptStrExt {
+pub(crate) trait OptStrdup {
    /// Allocate a new raw C `*char` version of this string, or NULL.
    ///
-    /// See [StrExt::strdup] for details.
+    /// See [Strdup::strdup] for details.
    unsafe fn strdup(&self) -> *mut libc::c_char;
 }

-impl<T: AsRef<str>> OptStrExt for Option<T> {
+impl<T: AsRef<str>> OptStrdup for Option<T> {
    unsafe fn strdup(&self) -> *mut libc::c_char {
        match self {
            Some(s) => {
-                let tmp = CString::yolo(s.as_ref());
+                let tmp = CString::new_lossy(s.as_ref());
                dc_strdup(tmp.as_ptr())
            }
            None => ptr::null_mut(),
@@ -204,7 +213,7 @@ impl<T: AsRef<str>> OptStrExt for Option<T> {
    }
 }

-pub fn to_string_lossy(s: *const libc::c_char) -> String {
+pub(crate) fn to_string_lossy(s: *const libc::c_char) -> String {
    if s.is_null() {
        return "".into();
    }
@@ -214,7 +223,7 @@ pub fn to_string_lossy(s: *const libc::c_char) -> String {
    cstr.to_string_lossy().to_string()
 }

-pub fn to_opt_string_lossy(s: *const libc::c_char) -> Option<String> {
+pub(crate) fn to_opt_string_lossy(s: *const libc::c_char) -> Option<String> {
    if s.is_null() {
        return None;
    }
@@ -235,7 +244,7 @@ pub fn to_opt_string_lossy(s: *const libc::c_char) -> Option<String> {
 ///
 /// [Path]: std::path::Path
 #[cfg(not(target_os = "windows"))]
-pub fn as_path<'a>(s: *const libc::c_char) -> &'a std::path::Path {
+pub(crate) fn as_path<'a>(s: *const libc::c_char) -> &'a std::path::Path {
    assert!(!s.is_null(), "cannot be used on null pointers");
    use std::os::unix::ffi::OsStrExt;
    unsafe {
@@ -247,7 +256,7 @@ pub fn as_path<'a>(s: *const libc::c_char) -> &'a std::path::Path {

 // as_path() implementation for windows, documented above.
 #[cfg(target_os = "windows")]
-pub fn as_path<'a>(s: *const libc::c_char) -> &'a std::path::Path {
+pub(crate) fn as_path<'a>(s: *const libc::c_char) -> &'a std::path::Path {
    as_path_unicode(s)
 }

@@ -354,8 +363,14 @@ mod tests {
    }

    #[test]
-    fn test_cstring_yolo() {
-        assert_eq!(CString::new("hello").unwrap(), CString::yolo("hello"));
+    fn test_cstring_new_lossy() {
+        assert!(CString::new("hel\x00lo").is_err());
+        assert!(CString::new(String::from("hel\x00o")).is_err());
+        let r = CString::new("hello").unwrap();
+        assert_eq!(CString::new_lossy("hello"), r);
+        assert_eq!(CString::new_lossy("hel\x00lo"), r);
+        assert_eq!(CString::new_lossy(String::from("hello")), r);
+        assert_eq!(CString::new_lossy(String::from("hel\x00lo")), r);
    }

    #[test]
--- a/deltachat_derive/src/lib.rs
+++ b/deltachat_derive/src/lib.rs
@@ -3,7 +3,6 @@ extern crate proc_macro;

 use crate::proc_macro::TokenStream;
 use quote::quote;
-use syn;

 // For now, assume (not check) that these macroses are applied to enum without
 // data.  If this assumption is violated, compiler error will point to
--- a/draft/group-sync.rst
+++ b/draft/group-sync.rst
@@ -0,0 +1,126 @@
+
+Problem: missing eventual group consistency
+--------------------------------------------
+
+If group members are concurrently adding new members,
+the new members will miss each other's additions, example:
+
+- Alice and Bob are in a two-member group
+
+- Alice adds Carol, concurrently Bob adds Doris
+
+- Carol will see a three-member group (Alice, Bob, Carol),
+  Doris will see a different three-member group (Alice, Bob, Doris),
+  and only Alice and Bob will have all four members.
+
+Note that for verified groups any mitigation mechanism likely
+needs to make all clients to know who originally added a member.
+
+
+solution: memorize+attach (possible encrypted) chat-meta mime messages
+----------------------------------------------------------------------
+
+For reference, please see https://github.com/deltachat/deltachat-core-rust/blob/master/spec.md#add-and-remove-members how MemberAdded/Removed messages are shaped.
+
+
+- All Chat-Group-Member-Added/Removed messages are recorded in their
+  full raw (signed and encrypted) mime-format in the DB
+
+- If an incoming member-add/member-delete messages has a member list
+  which is, apart from the added/removed member, not consistent
+  with our own view, broadcast a "Chat-Group-Member-Correction" message to
+  all members, attaching the original added/removed mime-message for all mismatching
+  contacts.  If we have no relevant add/del information, don't send a
+  correction message out.
+
+- Upong receiving added/removed attachments we don't do the
+  check_consistency+correction message dance.
+  This avoids recursion problems and hard-to-reason-about chatter.
+
+Notes:
+
+- mechanism works for both encrypted and unencrypted add/del messages
+
+- we already have a "mime_headers" column in the DB for each incoming message.
+  We could extend it to also include the payload and store mime unconditionally
+  for member-added/removed messages.
+
+- multiple member-added/removed messages can be attached in a single
+  correction message
+
+- it is minimal on the number of overall messages to reach group consistency
+  (best-case: no extra messages, the ABCD case above: max two extra messages)
+
+- somewhat backward compatible: older clients will probably ignore
+  messages which are signed by someone who is not the outer From-address.
+
+- the correction-protocol also helps with dropped messages.  If a member
+  did not see a member-added/removed message, the next member add/removed
+  message in the group will likely heal group consistency for this member.
+
+- we can quite easily extend the mechanism to also provide the group-avatar or
+  other meta-information.
+
+Discussions of variants
++++++++++++++++++++++++
+
+- instead of acting on MemberAdded/Removed message we could send
+  corrections for any received message that addresses inconsistent group members but
+  a) this would delay group-membership healing
+  b) could lead to a lot of members sending corrections
+
+- instead of broadcasting correction messages we could only send it to
+  the sender of the inconsistent member-added/removed message.
+  A receiver of such a correction message would then need to forward
+  the message to the members it thinks also have an inconsistent view.
+  This sounds complicated and error-prone.  Concretely, if Alice
+  receives Bob's "Member-added: Doris" message, then Alice
+  broadcasting the correction message with "Member-added: Carol"
+  would reach all four members, healing group consistency in one step.
+  If Bob meanwhile receives Alice's "Member-Added: Carol" message,
+  Bob would broadcast a correction message to all four members as well.
+  (Imagine a situation where Alice/Bob added Carol/Doris
+  while both being in an offline or bad-connection situation).
+
+
+solution2: repeat member-added/removed messages
+---------------------------------------------------
+
+Introduce a new Chat-Group-Member-Changed header and deprecate Chat-Group-Member-Added/Removed
+but keep sending out the old headers until the new protocol is sufficiently deployed.
+
+The new Chat-Group-Member-Changed header contains a Time-to-Live number (TTL)
+which controls repetition of the signed "add/del e-mail address" payload.
+
+Example::
+
+    Chat-Group-Member-Changed: TTL add "somedisplayname" someone@example.org
+        owEBYQGe/pANAwACAY47A6J5t3LWAcsxYgBeTQypYWRkICJzb21lZGlzcGxheW5h
+        bWUiIHNvbWVvbmVAZXhhbXBsZS5vcmcgCokBHAQAAQIABgUCXk0MqQAKCRCOOwOi
+        ebdy1hfRB/wJ74tgFQulicthcv9n+ZsqzwOtBKMEVIHqJCzzDB/Hg/2z8ogYoZNR
+        iUKKrv3Y1XuFvdKyOC+wC/unXAWKFHYzY6Tv6qDp6r+amt+ad+8Z02q53h9E55IP
+        FUBdq2rbS8hLGjQB+mVRowYrUACrOqGgNbXMZjQfuV7fSc7y813OsCQgi3tjstup
+        b+uduVzxCp3PChGhcZPs3iOGCnQvSB8VAaLGMWE2d7nTo/yMQ0Jx69x5qwfXogTk
+        mTt5rOJyrosbtf09TMKFzGgtqBcEqHLp3+mQpZQ+WHUKAbsRa8Jc9DOUOSKJ8SNM
+        clKdskprY+4LY0EBwLD3SQ7dPkTITCRD
+        =P6GG
+
+TTL is set to "2" on an initial Chat-Group-Member-Changed add/del message.
+Receivers will apply the add/del change to the group-membership,
+decrease the TTL by 1, and if TTL>0 re-sent the header.
+
+The "add|del e-mail address" payload is pgp-signed and repeated verbatim.
+This allows to propagate, in a cryptographically secured way,
+who added a member. This is particularly important for allowing
+to show in verified groups who added a member (planned).
+
+Disadvantage to solution 1:
+
+- requires to specify encoding and precise rules for what/how is signed.
+
+- causes O(N^2) extra messages
+
+- Not easily extendable for other things (without introducing a new
+  header / encoding)
+
+
--- a/draft/mailing_list.rst
+++ b/draft/mailing_list.rst
@@ -0,0 +1,19 @@
+2. Mailing lists are now only detected by the ListId header, because how should DC sort mailing lists if the ListId header is unset and only the precedence header says it's a mailing list (?). We could just hide these emails (with "junk" or "list" precedence), as we did before, if there is a reason to do so. 
+
+   I do not actually understand why such emails were hidden in the first place, though; if there is an automatic answer stating that someone is out of office or if an email could not be delivered (these are the usual reasons why such emails are sent), I would want to know about this as a user.
+   
+  Björn: to the ListId-header: it is already an improvement to use only that and to keep ignoring mails with Precedence-header. historically, i ignored all these mails to reduce noise that is created from them (eg. contacts should not be added to the suggestion list...) and to be able to concentrate on other things first.
+   
+   
+3. for `List-Id: foo <bla>`, bla now is the id and foo is the name. For GitHub and GitLab notifications this is bad because all notifications will go into one chat. Maybe we should instead take the "in-reply-to" header to find out what messages belong together. For normal mailing lists, of course, this will create a second chat if someone does not use the "Reply" button to write to that mailing list.
+
+  Björn: well, having all notifications in one chat is not that bad. i would just follow the guidelines for now, use the ID and not the Name.
+
+
+4. Currently a mailing list is shown as an empty group (ChatType `Group`) ("0 members"). 
+
+   Maybe we should change the ChatType to `Single` because this way, the UI would fit better. Disadvantage: We can't show the different senders of the messages. 
+   
+   Or we introduce a `ChatType` `MailingList`. Very big disadvantage: We would have to adapt all UI project and it would be nice if we could keep the changes within the core.
+
+5. Contacts from mailings lists stay "unknown" now and are not shown in the contacts suggestion list..
--- a/draft/mailing_list_current_state.rst
+++ b/draft/mailing_list_current_state.rst
@@ -0,0 +1,13 @@
+1. Mailing lists with Precedence-header and without List-Id are shown as normal messages.
+   
+2. for `List-Id: foo <bla>`, bla now is the id and foo is the name. If foo is not present, bla is taken as the name as well. For GitHub and GitLab notifications all notifications will go into one chat. To distinguish, all subjects are shown in mailing lists.
+
+3. Currently a mailing list is shown as a group with SELF and the List-Id. I could not find any stable way to get a mail address that could be called the "mailing list address". To get this to work, I disabled the may_be_valid_addr check. (to be discussed...)
+
+4. Contacts from mailings lists stay "unknown" and are not shown in the contacts suggestion list.
+
+5. In general, only the From: address is taken as the author. If the domain matches with the List-Id domain (like `deltachat.github.com` and `Hocuri <notifications@notification.github.com>`) then the display name is added to the email address -> `Hocuri - notifications@notification.github.com`. This is not really nice, but as the UIs distinguish bettween contacts only based on the address this was the only way I could find without changing the API. 
+
+   TODO: Prevent the user from sending emails to such contacts (like Hocuri - notifications@notification.github.com)
+
+6. You can't send to mailing lists.
--- a/draft/mailing_list_managers.md
+++ b/draft/mailing_list_managers.md
@@ -0,0 +1,71 @@
+# Mailing list integration of Delta Chat
+
+A collection of information to help with the integration of mailing lists into Delta Chat.
+
+## Chat name
+
+How should the chat be titled?
+
+It could be taken from the email header `List-Id`:
+
+### Mailman 
+
+* Schema: `${list-description} <${list-local-part}.${list-domain}>`
+* $list-description could be many words, should be truncated. Could also be empty, though.
+
+### Schleuder
+* Schema: `<${list-local-part}.${list-domain}>`
+* No name available.
+* Could be absent: <https://0xacab.org/schleuder/schleuder/-/blob/master/lib/schleuder/mail/message.rb#L357-358>.
+
+
+### Sympa
+* Schema: `<${list-local-part}.${list-domain}>`
+* No name available.
+* Always present <https://github.com/sympa-community/sympa/blob/sympa-6.2/src/lib/Sympa/Spindle/TransformOutgoing.pm#L110-L118>, <https://github.com/sympa-community/sympa/blob/sympa-6.2/src/lib/Sympa/List.pm#L6832-L6833>.
+
+
+## Sender name
+
+What's the name of the person that actually sent the message?
+
+Some MLM change the sender information to avoid problems with DMARC.
+
+### Mailman
+
+* Since v2.1.16 the `From` depends on the list's configuration and possibly on the sender-domain's DMARC-configuration — i.e. messages from the same list can arrive one of the Variants A-D!
+* Documentation of config options:
+ * <https://wiki.list.org/DOC/Mailman%202.1%20List%20Administrators%20Manual#line-544>,
+ * <https://wiki.list.org/DOC/Mailman%202.1%20List%20Administrators%20Manual#line-163>,
+ * <https://wiki.list.org/DEV/DMARC>
+* Variant A: `From` is unchanged.
+* Variant B. `From` is mangled like this: `${sender-name} via ${list-name} <${list-addr-spec}>`. The original sender is put into `Reply-To`.
+* Variant C. `From` is mangled like this: `${sender-name} <${encoded-sender-addr-spec}@${list-domain}>`. The original sender is put into `Reply-To`.
+* Variant D: `From` is set to ${list-name-addr}, the originally sent message is included as mime-part.
+* Variant E: `From` is set to ${list-name-addr}, original sender information is removed.
+
+### Schleuder
+
+* Visible only in mime-body (which is possibly encrypted), or not at all.
+* The first `text/plain` mime-part may include the information, as taken from the original message: `From: ${sender-name-addr}`.
+
+### Sympa
+* Depends on the list's configuration.
+* Documentation:
+ * <https://sympa-community.github.io/manual/customize/dmarc-protection.html>,
+ * <https://sympa-community.github.io/gpldoc/man/sympa.conf.5.html#dmarc-protection>.
+* Variant A: `From` is unchanged.
+* Variant B: `From` is mangled like Mailman Variant B, but the original sender information is put into `X-Original-From`.
+
+
+## Autocrypt
+
+### Mailman
+* Not supported.
+
+### Schleuder
+* A list's key is included in sent messages (as of version 3.5.0) (optional, by default active): <https://0xacab.org/schleuder/schleuder/-/blob/master/lib/schleuder/mail/message.rb#L349-355>.
+* Incoming keys are not yet looked at (that feature is planned: <https://0xacab.org/schleuder/schleuder/issues/435>).
+
+### Sympa
+* Not supported.
--- a/examples/repl/cmdline.rs
+++ b/examples/repl/cmdline.rs
@@ -1,6 +1,7 @@
 use std::path::Path;
 use std::str::FromStr;

+use anyhow::{bail, ensure};
 use deltachat::chat::{self, Chat, ChatId, ChatVisibility};
 use deltachat::chatlist::*;
 use deltachat::constants::*;
@@ -91,7 +92,7 @@ fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
    1
 }

-fn dc_poke_eml_file(context: &Context, filename: impl AsRef<Path>) -> Result<(), Error> {
+fn dc_poke_eml_file(context: &Context, filename: impl AsRef<Path>) -> Result<(), anyhow::Error> {
    let data = dc_read_file(context, filename)?;

    if let Err(err) = dc_receive_imf(context, &data, "import", 0, false) {
@@ -297,7 +298,7 @@ fn chat_prefix(chat: &Chat) -> &'static str {
    chat.typ.into()
 }

-pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
+pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), Error> {
    let chat_id = *context.cmdline_sel_chat_id.read().unwrap();
    let mut sel_chat = if !chat_id.is_unset() {
        Chat::load_from_db(context, chat_id).ok()
@@ -397,6 +398,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                 providerinfo <addr>\n\
                 event <event-id to test>\n\
                 fileinfo <file>\n\
+                 estimatedeletion <seconds>\n\
                 emptyserver <flags> (1=MVBOX 2=INBOX)\n\
                 clear -- clear screen\n\
                 exit or quit\n\
@@ -1028,6 +1030,16 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                bail!("Command failed.");
            }
        }
+        "estimatedeletion" => {
+            ensure!(!arg1.is_empty(), "Argument <seconds> missing");
+            let seconds = arg1.parse()?;
+            let device_cnt = message::estimate_deletion_cnt(context, false, seconds)?;
+            let server_cnt = message::estimate_deletion_cnt(context, true, seconds)?;
+            println!(
+                "estimated count of messages older than {} seconds:\non device: {}\non server: {}",
+                seconds, device_cnt, server_cnt
+            );
+        }
        "emptyserver" => {
            ensure!(!arg1.is_empty(), "Argument <flags> missing");

--- a/examples/repl/main.rs
+++ b/examples/repl/main.rs
@@ -7,8 +7,6 @@
 #[macro_use]
 extern crate deltachat;
 #[macro_use]
-extern crate failure;
-#[macro_use]
 extern crate lazy_static;
 #[macro_use]
 extern crate rusqlite;
@@ -20,6 +18,7 @@ use std::process::Command;
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::{Arc, Mutex, RwLock};

+use anyhow::{bail, Error};
 use deltachat::chat::ChatId;
 use deltachat::config;
 use deltachat::context::*;
@@ -308,8 +307,17 @@ const CONTACT_COMMANDS: [&str; 6] = [
    "delcontact",
    "cleanupcontacts",
 ];
-const MISC_COMMANDS: [&str; 9] = [
-    "getqr", "getbadqr", "checkqr", "event", "fileinfo", "clear", "exit", "quit", "help",
+const MISC_COMMANDS: [&str; 10] = [
+    "getqr",
+    "getbadqr",
+    "checkqr",
+    "event",
+    "fileinfo",
+    "clear",
+    "exit",
+    "quit",
+    "help",
+    "estimatedeletion",
 ];

 impl Hinter for DcHelper {
@@ -361,10 +369,10 @@ impl Highlighter for DcHelper {

 impl Helper for DcHelper {}

-fn main_0(args: Vec<String>) -> Result<(), failure::Error> {
+fn main_0(args: Vec<String>) -> Result<(), Error> {
    if args.len() < 2 {
        println!("Error: Bad arguments, expected [db-name].");
-        return Err(format_err!("No db-name specified"));
+        bail!("No db-name specified");
    }
    let context = Context::new(
        Box::new(receive_event),
@@ -434,7 +442,7 @@ enum ExitResult {
    Exit,
 }

-fn handle_cmd(line: &str, ctx: Arc<RwLock<Context>>) -> Result<ExitResult, failure::Error> {
+fn handle_cmd(line: &str, ctx: Arc<RwLock<Context>>) -> Result<ExitResult, Error> {
    let mut args = line.splitn(2, ' ');
    let arg0 = args.next().unwrap_or_default();
    let arg1 = args.next().unwrap_or_default();
@@ -517,7 +525,7 @@ fn handle_cmd(line: &str, ctx: Arc<RwLock<Context>>) -> Result<ExitResult, failu
    Ok(ExitResult::Continue)
 }

-pub fn main() -> Result<(), failure::Error> {
+pub fn main() -> Result<(), Error> {
    let _ = pretty_env_logger::try_init();

    let args: Vec<String> = std::env::args().collect();
--- a/python/CHANGELOG
+++ b/python/CHANGELOG
@@ -1,3 +1,15 @@
+0.900.0 (DRAFT)
+---------------
+
+- refactored internals to use plugin-approach 
+
+- introduced PerAccount and Global hooks that plugins can implement 
+
+- introduced `ac_member_added()` and `ac_member_removed()` plugin events. 
+
+- introduced two documented examples for an echo and a group-membership
+  tracking plugin. 
+
 0.800.0
 -------

--- a/python/doc/api.rst
+++ b/python/doc/api.rst
@@ -2,10 +2,6 @@
 high level API reference
 ========================

-.. note::
-
-    This API is work in progress and may change in versions prior to 1.0.
-
 - :class:`deltachat.account.Account` (your main entry point, creates the
  other classes)
 - :class:`deltachat.contact.Contact`
--- a/python/doc/capi.rst
+++ b/python/doc/capi.rst
@@ -1,7 +0,0 @@
-
-C deltachat interface
-=====================
-
-See :doc:`lapi` for accessing many of the below functions
-through the ``deltachat.capi.lib`` namespace.
-
--- a/python/doc/examples.rst
+++ b/python/doc/examples.rst
@@ -1,37 +1,60 @@

-
 examples
 ========

-
-Playing around on the commandline
----------------------------------
-
 Once you have :doc:`installed deltachat bindings <install>`
-you can start playing from the python interpreter commandline.
-For example you can type ``python`` and then::
+you need email/password credentials for an IMAP/SMTP account.
+Delta Chat developers and the CI system use a special URL to create
+temporary e-mail accounts on [testrun.org](https://testrun.org) for testing.

-    # instantiate and configure deltachat account
-    import deltachat
-    ac = deltachat.Account("/tmp/db")
+Receiving a Chat message from the command line
+----------------------------------------------

-    # start configuration activity and smtp/imap threads
-    ac.start_threads()
-    ac.configure(addr="test2@hq5.merlinux.eu", mail_pw="********")
+Here is a simple bot that:

-    # create a contact and send a message
-    contact = ac.create_contact("someother@email.address")
-    chat = ac.create_chat_by_contact(contact)
-    chat.send_text("hi from the python interpreter command line")
+- receives a message and sends back ("echoes") a message

-Checkout our :doc:`api` for the various high-level things you can do
-to send/receive messages, create contacts and chats.
+- terminates the bot if the message `/quit` is sent

+.. include:: ../examples/echo_and_quit.py
+    :literal:

-Looking at a real example
+With this file in your working directory you can run the bot
+by specifying a database path, an e-mail address and password of
+a SMTP-IMAP account::
+
+    $ cd examples
+    $ python echo_and_quit.py /tmp/db --email ADDRESS --password PASSWORD
+
+While this process is running you can start sending chat messages
+to `ADDRESS`.
+
+Track member additions and removals in a group
+----------------------------------------------
+
+Here is a simple bot that:
+
+- echoes messages sent to it
+
+- tracks if configuration completed
+
+- tracks member additions and removals for all chat groups
+
+.. include:: ../examples/group_tracking.py
+    :literal:
+
+With this file in your working directory you can run the bot
+by specifying a database path, an e-mail address and password of
+a SMTP-IMAP account::
+
+    python group_tracking.py --email ADDRESS --password PASSWORD /tmp/db
+
+When this process is running you can start sending chat messages
+to `ADDRESS`.
+
+Writing bots for real
 -------------------------

 The `deltabot repository <https://github.com/deltachat/deltabot#deltachat-example-bot>`_
-contains a real-life example of Python bindings usage.
-
+contains a little framework for writing deltachat bots in Python.

--- a/python/doc/index.rst
+++ b/python/doc/index.rst
@@ -4,8 +4,9 @@ deltachat python bindings
 The ``deltachat`` Python package provides two layers of bindings for the
 core Rust-library of the https://delta.chat messaging ecosystem:

- :doc:`api` is a high level interface to deltachat-core which aims
-  to be memory safe and thoroughly tested through continous tox/pytest runs.
+- :doc:`api` is a high level interface to deltachat-core.
+
+- :doc:`plugins` is a brief introduction into implementing plugin hooks.

 - :doc:`lapi` is a lowlevel CFFI-binding to the `Rust Core
  <https://github.com/deltachat/deltachat-core-rust>`_.
@@ -28,6 +29,7 @@ getting started
   changelog
   api
   lapi
+   plugins

 ..
    Indices and tables
--- a/python/doc/plugins.rst
+++ b/python/doc/plugins.rst
@@ -0,0 +1,38 @@
+
+Implementing Plugin Hooks
+==========================
+
+The Delta Chat Python bindings use `pluggy <https://pluggy.readthedocs.io>`_
+for managing global and per-account plugin registration, and performing
+hook calls. There are two kinds of plugins:
+
+- Global plugins that are active for all accounts; they can implement
+  hooks at account-creation and account-shutdown time.
+
+- Account plugins that are only active during the lifetime of a
+  single Account instance.
+
+
+Registering a plugin
+--------------------
+
+.. autofunction:: deltachat.register_global_plugin
+    :noindex:
+
+.. automethod:: deltachat.account.Account.add_account_plugin
+    :noindex:
+
+
+Per-Account Hook specifications
+-------------------------------
+
+.. autoclass:: deltachat.hookspec.PerAccount
+    :members:
+
+
+Global Hook specifications
+--------------------------
+
+.. autoclass:: deltachat.hookspec.Global
+    :members:
+
--- a/python/examples/echo_and_quit.py
+++ b/python/examples/echo_and_quit.py
@@ -0,0 +1,30 @@
+
+# content of echo_and_quit.py
+
+from deltachat import account_hookimpl, run_cmdline
+
+
+class EchoPlugin:
+    @account_hookimpl
+    def ac_incoming_message(self, message):
+        print("process_incoming message", message)
+        if message.text.strip() == "/quit":
+            message.account.shutdown()
+        else:
+            # unconditionally accept the chat
+            message.accept_sender_contact()
+            addr = message.get_sender_contact().addr
+            text = message.text
+            message.chat.send_text("echoing from {}:\n{}".format(addr, text))
+
+    @account_hookimpl
+    def ac_message_delivered(self, message):
+        print("ac_message_delivered", message)
+
+
+def main(argv=None):
+    run_cmdline(argv=argv, account_plugins=[EchoPlugin()])
+
+
+if __name__ == "__main__":
+    main()
--- a/python/examples/group_tracking.py
+++ b/python/examples/group_tracking.py
@@ -0,0 +1,40 @@
+
+# content of group_tracking.py
+
+from deltachat import account_hookimpl, run_cmdline
+
+
+class GroupTrackingPlugin:
+    @account_hookimpl
+    def ac_incoming_message(self, message):
+        print("process_incoming message", message)
+        if message.text.strip() == "/quit":
+            message.account.shutdown()
+        else:
+            # unconditionally accept the chat
+            message.accept_sender_contact()
+            addr = message.get_sender_contact().addr
+            text = message.text
+            message.chat.send_text("echoing from {}:\n{}".format(addr, text))
+
+    @account_hookimpl
+    def ac_configure_completed(self, success):
+        print("*** ac_configure_completed:", success)
+
+    @account_hookimpl
+    def ac_member_added(self, chat, contact):
+        print("*** ac_member_added", contact.addr, "from", chat)
+        for member in chat.get_contacts():
+            print("chat member: {}".format(member.addr))
+
+    @account_hookimpl
+    def ac_member_removed(self, chat, contact):
+        print("*** ac_member_removed", contact.addr, "from", chat)
+
+
+def main(argv=None):
+    run_cmdline(argv=argv, account_plugins=[GroupTrackingPlugin()])
+
+
+if __name__ == "__main__":
+    main()
--- a/python/examples/test_examples.py
+++ b/python/examples/test_examples.py
@@ -0,0 +1,72 @@
+
+import pytest
+import py
+import echo_and_quit
+import group_tracking
+from deltachat.eventlogger import FFIEventLogger
+
+
+@pytest.fixture(scope='session')
+def datadir():
+    """The py.path.local object of the test-data/ directory."""
+    for path in reversed(py.path.local(__file__).parts()):
+        datadir = path.join('test-data')
+        if datadir.isdir():
+            return datadir
+    else:
+        pytest.skip('test-data directory not found')
+
+
+def test_echo_quit_plugin(acfactory):
+    botproc = acfactory.run_bot_process(echo_and_quit)
+
+    ac1 = acfactory.get_one_online_account()
+    bot_contact = ac1.create_contact(botproc.addr)
+    ch1 = ac1.create_chat_by_contact(bot_contact)
+    ch1.send_text("hello")
+    reply = ac1._evtracker.wait_next_incoming_message()
+    assert "hello" in reply.text
+    assert reply.chat == ch1
+    ch1.send_text("/quit")
+    botproc.wait()
+
+
+def test_group_tracking_plugin(acfactory, lp):
+    lp.sec("creating one group-tracking bot and two temp accounts")
+    botproc = acfactory.run_bot_process(group_tracking)
+
+    ac1, ac2 = acfactory.get_two_online_accounts(quiet=True)
+
+    botproc.fnmatch_lines("""
+        *ac_configure_completed: True*
+    """)
+    ac1.add_account_plugin(FFIEventLogger(ac1, "ac1"))
+    ac2.add_account_plugin(FFIEventLogger(ac2, "ac2"))
+
+    lp.sec("creating bot test group with all three")
+    bot_contact = ac1.create_contact(botproc.addr)
+    ch = ac1.create_group_chat("bot test group")
+    ch.add_contact(bot_contact)
+    ch.send_text("hello")
+
+    botproc.fnmatch_lines("""
+        *ac_member_added {}*
+    """.format(ac1.get_config("addr")))
+
+    lp.sec("adding third member {}".format(ac2.get_config("addr")))
+    contact3 = ac1.create_contact(ac2.get_config("addr"))
+    ch.add_contact(contact3)
+
+    reply = ac1._evtracker.wait_next_incoming_message()
+    assert "hello" in reply.text
+
+    lp.sec("now looking at what the bot received")
+    botproc.fnmatch_lines("""
+        *ac_member_added {}*
+    """.format(contact3.addr))
+
+    lp.sec("contact successfully added, now removing")
+    ch.remove_contact(contact3)
+    botproc.fnmatch_lines("""
+        *ac_member_removed {}*
+    """.format(contact3.addr))
--- a/python/setup.py
+++ b/python/setup.py
@@ -22,6 +22,11 @@ def main():
        packages=setuptools.find_packages('src'),
        package_dir={'': 'src'},
        cffi_modules=['src/deltachat/_build.py:ffibuilder'],
+        entry_points = {
+            'pytest11': [
+                'deltachat.testplugin = deltachat.testplugin',
+            ],
+        },
        classifiers=[
            'Development Status :: 4 - Beta',
            'Intended Audience :: Developers',
--- a/python/src/deltachat/init.py
+++ b/python/src/deltachat/init.py
@@ -1,6 +1,13 @@
-from deltachat import capi, const
-from deltachat.capi import ffi
-from deltachat.account import Account  # noqa
+import sys
+
+from . import capi, const, hookspec
+from .capi import ffi
+from .account import Account  # noqa
+from .message import Message  # noqa
+from .contact import Contact  # noqa
+from .chat import Chat        # noqa
+from .hookspec import account_hookimpl, global_hookimpl  # noqa
+from . import eventlogger

 from pkg_resources import get_distribution, DistributionNotFound
 try:
@@ -74,3 +81,62 @@ def get_dc_event_name(integer, _DC_EVENTNAME_MAP={}):
            if name.startswith("DC_EVENT_"):
                _DC_EVENTNAME_MAP[val] = name
    return _DC_EVENTNAME_MAP[integer]
+
+
+def register_global_plugin(plugin):
+    """ Register a global plugin which implements one or more
+    of the :class:`deltachat.hookspec.Global` hooks.
+    """
+    gm = hookspec.Global._get_plugin_manager()
+    gm.register(plugin)
+    gm.check_pending()
+
+
+def unregister_global_plugin(plugin):
+    gm = hookspec.Global._get_plugin_manager()
+    gm.unregister(plugin)
+
+
+register_global_plugin(eventlogger)
+
+
+def run_cmdline(argv=None, account_plugins=None):
+    """ Run a simple default command line app, registering the specified
+    account plugins. """
+    import argparse
+    if argv is None:
+        argv = sys.argv
+
+    parser = argparse.ArgumentParser(prog=argv[0] if argv else None)
+    parser.add_argument("db", action="store", help="database file")
+    parser.add_argument("--show-ffi", action="store_true", help="show low level ffi events")
+    parser.add_argument("--email", action="store", help="email address")
+    parser.add_argument("--password", action="store", help="password")
+
+    args = parser.parse_args(argv[1:])
+
+    ac = Account(args.db)
+
+    if args.show_ffi:
+        log = eventlogger.FFIEventLogger(ac, "bot")
+        ac.add_account_plugin(log)
+
+    if not ac.is_configured():
+        assert args.email and args.password, (
+            "you must specify --email and --password once to configure this database/account"
+        )
+        ac.set_config("addr", args.email)
+        ac.set_config("mail_pw", args.password)
+        ac.set_config("mvbox_move", "0")
+        ac.set_config("mvbox_watch", "0")
+        ac.set_config("sentbox_watch", "0")
+
+    for plugin in account_plugins or []:
+        ac.add_account_plugin(plugin)
+
+    # start IO threads and configure if neccessary
+    ac.start()
+
+    print("{}: waiting for message".format(ac.get_config("addr")))
+
+    ac.wait_shutdown()
--- a/python/src/deltachat/account.py
+++ b/python/src/deltachat/account.py
@@ -2,12 +2,12 @@

 from __future__ import print_function
 import atexit
-import threading
+from contextlib import contextmanager
+from email.utils import parseaddr
+import queue
+from threading import Event
 import os
-import time
 from array import array
-from queue import Queue
-
 import deltachat
 from . import const
 from .capi import ffi, lib
@@ -15,8 +15,12 @@ from .cutil import as_dc_charpointer, from_dc_charpointer, iter_array, DCLot
 from .chat import Chat
 from .message import Message
 from .contact import Contact
-from .eventlogger import EventLogger
-from .hookspec import get_plugin_manager, hookimpl
+from .tracker import ImexTracker
+from . import hookspec, iothreads
+
+
+class MissingCredentials(ValueError):
+    """ Account is missing `addr` and `mail_pw` config values. """


 class Account(object):
@@ -24,45 +28,54 @@ class Account(object):
    by the underlying deltachat core library.  All public Account methods are
    meant to be memory-safe and return memory-safe objects.
    """
-    def __init__(self, db_path, logid=None, os_name=None, debug=True):
+    MissingCredentials = MissingCredentials
+
+    def __init__(self, db_path, os_name=None):
        """ initialize account object.

        :param db_path: a path to the account database. The database
                        will be created if it doesn't exist.
-        :param logid: an optional logging prefix that should be used with
-                      the default internal logging.
        :param os_name: this will be put to the X-Mailer header in outgoing messages
-        :param debug: turn on debug logging for events.
        """
+        # initialize per-account plugin system
+        self._pm = hookspec.PerAccount._make_plugin_manager()
+        self.add_account_plugin(self)
+
        self._dc_context = ffi.gc(
            lib.dc_context_new(lib.py_dc_callback, ffi.NULL, as_dc_charpointer(os_name)),
            _destroy_dc_context,
        )
-        self._evlogger = EventLogger(self, logid, debug)
-        self._threads = IOThreads(self._dc_context, self._evlogger._log_event)

-        # register event call back and initialize plugin system
-        def _ll_event(ctx, evt_name, data1, data2):
-            assert ctx == self._dc_context
-            self.pluggy.hook.process_low_level_event(
-                account=self, event_name=evt_name, data1=data1, data2=data2
-            )
+        hook = hookspec.Global._get_plugin_manager().hook

-        self.pluggy = get_plugin_manager()
-        self.pluggy.register(self._evlogger)
-        deltachat.set_context_callback(self._dc_context, _ll_event)
+        self._threads = iothreads.IOThreads(self)
+        self._hook_event_queue = queue.Queue()
+        self._in_use_iter_events = False
+        self._shutdown_event = Event()

        # open database
+        self.db_path = db_path
        if hasattr(db_path, "encode"):
            db_path = db_path.encode("utf8")
        if not lib.dc_open(self._dc_context, db_path, ffi.NULL):
            raise ValueError("Could not dc_open: {}".format(db_path))
        self._configkeys = self.get_config("sys.config_keys").split()
        atexit.register(self.shutdown)
+        hook.dc_account_init(account=self)
+
+    @hookspec.account_hookimpl
+    def ac_process_ffi_event(self, ffi_event):
+        name, kwargs = self._map_ffi_event(ffi_event)
+        if name is not None:
+            ev = HookEvent(self, name=name, kwargs=kwargs)
+            self._hook_event_queue.put(ev)

    # def __del__(self):
    #    self.shutdown()

+    def ac_log_line(self, msg):
+        self._pm.hook.ac_log_line(message=msg)
+
    def _check_config_key(self, name):
        if name not in self._configkeys:
            raise KeyError("{!r} not a valid config key, existing keys: {!r}".format(
@@ -134,16 +147,15 @@ class Account(object):
        if res == 0:
            raise Exception("Failed to set key")

-    def configure(self, **kwargs):
-        """ set config values and configure this account.
+    def update_config(self, kwargs):
+        """ update config values.

        :param kwargs: name=value config settings for this account.
                       values need to be unicode.
        :returns: None
        """
-        for name, value in kwargs.items():
-            self.set_config(name, value)
-        lib.dc_configure(self._dc_context)
+        for key, value in kwargs.items():
+            self.set_config(key, str(value))

    def is_configured(self):
        """ determine if the account is configured already; an initial connection
@@ -151,7 +163,7 @@ class Account(object):

        :returns: True if account is configured.
        """
-        return lib.dc_is_configured(self._dc_context)
+        return bool(lib.dc_is_configured(self._dc_context))

    def set_avatar(self, img_path):
        """Set self avatar.
@@ -202,8 +214,7 @@ class Account(object):

        :returns: :class:`deltachat.contact.Contact`
        """
-        self.check_is_configured()
-        return Contact(self._dc_context, const.DC_CONTACT_ID_SELF)
+        return Contact(self, const.DC_CONTACT_ID_SELF)

    def create_contact(self, email, name=None):
        """ create a (new) Contact. If there already is a Contact
@@ -214,11 +225,14 @@ class Account(object):
        :param name: display name for this contact (optional)
        :returns: :class:`deltachat.contact.Contact` instance.
        """
-        name = as_dc_charpointer(name)
-        email = as_dc_charpointer(email)
-        contact_id = lib.dc_create_contact(self._dc_context, name, email)
+        realname, addr = parseaddr(email)
+        if name:
+            realname = name
+        realname = as_dc_charpointer(realname)
+        addr = as_dc_charpointer(addr)
+        contact_id = lib.dc_create_contact(self._dc_context, realname, addr)
        assert contact_id > const.DC_CHAT_ID_LAST_SPECIAL
-        return Contact(self._dc_context, contact_id)
+        return Contact(self, contact_id)

    def delete_contact(self, contact):
        """ delete a Contact.
@@ -250,7 +264,7 @@ class Account(object):
            lib.dc_get_contacts(self._dc_context, flags, query),
            lib.dc_array_unref
        )
-        return list(iter_array(dc_array, lambda x: Contact(self._dc_context, x)))
+        return list(iter_array(dc_array, lambda x: Contact(self, x)))

    def create_chat_by_contact(self, contact):
        """ create or get an existing 1:1 chat object for the specified contact or contact id.
@@ -272,6 +286,9 @@ class Account(object):
        """ create or get an existing chat object for the
        the specified message.

+        If this message is in the deaddrop chat then
+        the sender will become an accepted contact.
+
        :param message: messsage id or message instance.
        :returns: a :class:`deltachat.chat.Chat` object.
        """
@@ -324,6 +341,13 @@ class Account(object):
        """
        return Message.from_db(self, msg_id)

+    def get_contact_by_id(self, contact_id):
+        """ return Contact instance or None.
+        :param contact_id: integer id of this contact.
+        :returns: None or :class:`deltachat.contact.Contact` instance.
+        """
+        return Contact(self, contact_id)
+
    def get_chat_by_id(self, chat_id):
        """ return Chat instance.
        :param chat_id: integer id of this chat.
@@ -368,13 +392,18 @@ class Account(object):
        lib.dc_delete_msgs(self._dc_context, msg_ids, len(msg_ids))

    def export_self_keys(self, path):
-        """ export public and private keys to the specified directory. """
+        """ export public and private keys to the specified directory.
+
+        Note that the account does not have to be started.
+        """
        return self._export(path, imex_cmd=1)

    def export_all(self, path):
        """return new file containing a backup of all database state
        (chats, contacts, keys, media, ...). The file is created in the
        the `path` directory.
+
+        Note that the account does not have to be started.
        """
        export_files = self._export(path, 11)
        if len(export_files) != 1:
@@ -382,7 +411,7 @@ class Account(object):
        return export_files[0]

    def _export(self, path, imex_cmd):
-        with ImexTracker(self) as imex_tracker:
+        with self.temp_plugin(ImexTracker()) as imex_tracker:
            lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
            if not self._threads.is_started():
                lib.dc_perform_imap_jobs(self._dc_context)
@@ -392,6 +421,8 @@ class Account(object):
        """ Import private keys found in the `path` directory.
        The last imported key is made the default keys unless its name
        contains the string legacy. Public keys are not imported.
+
+        Note that the account does not have to be started.
        """
        self._import(path, imex_cmd=2)

@@ -404,7 +435,7 @@ class Account(object):
        self._import(path, imex_cmd=12)

    def _import(self, path, imex_cmd):
-        with ImexTracker(self) as imex_tracker:
+        with self.temp_plugin(ImexTracker()) as imex_tracker:
            lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
            if not self._threads.is_started():
                lib.dc_perform_imap_jobs(self._dc_context)
@@ -473,46 +504,6 @@ class Account(object):
            raise ValueError("could not join group")
        return Chat(self, chat_id)

-    def stop_ongoing(self):
-        lib.dc_stop_ongoing_process(self._dc_context)
-
-    #
-    # meta API for start/stop and event based processing
-    #
-
-    def wait_next_incoming_message(self):
-        """ wait for and return next incoming message. """
-        ev = self._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
-        return self.get_message_by_id(ev[2])
-
-    def start_threads(self, mvbox=False, sentbox=False):
-        """ start IMAP/SMTP threads (and configure account if it hasn't happened).
-
-        :raises: ValueError if 'addr' or 'mail_pw' are not configured.
-        :returns: None
-        """
-        if not self.is_configured():
-            self.configure()
-        self._threads.start(mvbox=mvbox, sentbox=sentbox)
-
-    def stop_threads(self, wait=True):
-        """ stop IMAP/SMTP threads. """
-        if self._threads.is_started():
-            self.stop_ongoing()
-            self._threads.stop(wait=wait)
-
-    def shutdown(self, wait=True):
-        """ stop threads and close and remove underlying dc_context and callbacks. """
-        if hasattr(self, "_dc_context") and hasattr(self, "_threads"):
-            # print("SHUTDOWN", self)
-            self.stop_threads(wait=False)
-            lib.dc_close(self._dc_context)
-            self.stop_threads(wait=wait)  # to wait for threads
-            deltachat.clear_context_callback(self._dc_context)
-            del self._dc_context
-            atexit.unregister(self.shutdown)
-        self.pluggy.unregister(self._evlogger)
-
    def set_location(self, latitude=0.0, longitude=0.0, accuracy=0.0):
        """set a new location. It effects all chats where we currently
        have enabled location streaming.
@@ -527,120 +518,123 @@ class Account(object):
        if dc_res == 0:
            raise ValueError("no chat is streaming locations")

+    #
+    # meta API for start/stop and event based processing
+    #

-class ImexTracker:
-    def __init__(self, account):
-        self._imex_events = Queue()
-        self.account = account
+    def add_account_plugin(self, plugin, name=None):
+        """ add an account plugin which implements one or more of
+        the :class:`deltachat.hookspec.PerAccount` hooks.
+        """
+        self._pm.register(plugin, name=name)
+        self._pm.check_pending()
+        return plugin

-    def __enter__(self):
-        self.account.pluggy.register(self)
-        return self
+    @contextmanager
+    def temp_plugin(self, plugin):
+        """ run a with-block with the given plugin temporarily registered. """
+        self._pm.register(plugin)
+        yield plugin
+        self._pm.unregister(plugin)

-    def __exit__(self, *args):
-        self.account.pluggy.unregister(self)
+    def stop_ongoing(self):
+        """ Stop ongoing securejoin, configuration or other core jobs. """
+        lib.dc_stop_ongoing_process(self._dc_context)

-    @hookimpl
-    def process_low_level_event(self, account, event_name, data1, data2):
-        # there could be multiple accounts instantiated
-        if self.account is not account:
+    def start(self, callback_thread=True):
+        """ start this account (activate imap/smtp threads etc.)
+        and return immediately.
+
+        If this account is not configured, an internal configuration
+        job will be scheduled if config values are sufficiently specified.
+
+        You may call `wait_shutdown` or `shutdown` after the
+        account is in started mode.
+
+        :raises MissingCredentials: if `addr` and `mail_pw` values are not set.
+
+        :returns: None
+        """
+        if not self.is_configured():
+            if not self.get_config("addr") or not self.get_config("mail_pw"):
+                raise MissingCredentials("addr or mail_pwd not set in config")
+            lib.dc_configure(self._dc_context)
+        self._threads.start(callback_thread=callback_thread)
+
+    def wait_shutdown(self):
+        """ wait until shutdown of this account has completed. """
+        self._shutdown_event.wait()
+
+    def shutdown(self, wait=True):
+        """ shutdown account, stop threads and close and remove
+        underlying dc_context and callbacks. """
+        dc_context = self._dc_context
+        if dc_context is None:
            return
-        if event_name == "DC_EVENT_IMEX_PROGRESS":
-            self._imex_events.put(data1)
-        elif event_name == "DC_EVENT_IMEX_FILE_WRITTEN":
-            self._imex_events.put(data1)

-    def wait_finish(self, progress_timeout=60):
-        """ Return list of written files, raise ValueError if ExportFailed. """
-        files_written = []
-        while True:
-            ev = self._imex_events.get(timeout=progress_timeout)
-            if isinstance(ev, str):
-                files_written.append(ev)
-            elif ev == 0:
-                raise ValueError("export failed, exp-files: {}".format(files_written))
-            elif ev == 1000:
-                return files_written
+        if self._threads.is_started():
+            self.stop_ongoing()
+            self._threads.stop(wait=False)
+        lib.dc_close(dc_context)
+        self._hook_event_queue.put(None)
+        self._threads.stop(wait=wait)  # to wait for threads
+        self._dc_context = None
+        atexit.unregister(self.shutdown)
+        self._shutdown_event.set()
+        hook = hookspec.Global._get_plugin_manager().hook
+        hook.dc_account_after_shutdown(account=self, dc_context=dc_context)

+    def _handle_current_events(self):
+        """ handle all currently queued events and then return. """
+        while 1:
+            try:
+                event = self._hook_event_queue.get(block=False)
+            except queue.Empty:
+                break
+            else:
+                event.call_hook()

-class IOThreads:
-    def __init__(self, dc_context, log_event=lambda *args: None):
-        self._dc_context = dc_context
-        self._thread_quitflag = False
-        self._name2thread = {}
-        self._log_event = log_event
+    def iter_events(self, timeout=None):
+        """ yield hook events until shutdown.

-    def is_started(self):
-        return len(self._name2thread) > 0
+        It is not allowed to call iter_events() from multiple threads.
+        """
+        if self._in_use_iter_events:
+            raise RuntimeError("can only call iter_events() from one thread")
+        self._in_use_iter_events = True
+        while 1:
+            event = self._hook_event_queue.get(timeout=timeout)
+            if event is None:
+                break
+            yield event

-    def start(self, imap=True, smtp=True, mvbox=False, sentbox=False):
-        assert not self.is_started()
-        if imap:
-            self._start_one_thread("inbox", self.imap_thread_run)
-        if mvbox:
-            self._start_one_thread("mvbox", self.mvbox_thread_run)
-        if sentbox:
-            self._start_one_thread("sentbox", self.sentbox_thread_run)
-        if smtp:
-            self._start_one_thread("smtp", self.smtp_thread_run)
-
-    def _start_one_thread(self, name, func):
-        self._name2thread[name] = t = threading.Thread(target=func, name=name)
-        t.setDaemon(1)
-        t.start()
-
-    def stop(self, wait=False):
-        self._thread_quitflag = True
-
-        # Workaround for a race condition. Make sure that thread is
-        # not in between checking for quitflag and entering idle.
-        time.sleep(0.5)
-
-        lib.dc_interrupt_imap_idle(self._dc_context)
-        lib.dc_interrupt_smtp_idle(self._dc_context)
-        lib.dc_interrupt_mvbox_idle(self._dc_context)
-        lib.dc_interrupt_sentbox_idle(self._dc_context)
-        if wait:
-            for name, thread in self._name2thread.items():
-                thread.join()
-
-    def imap_thread_run(self):
-        self._log_event("py-bindings-info", 0, "INBOX THREAD START")
-        while not self._thread_quitflag:
-            lib.dc_perform_imap_jobs(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_imap_fetch(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_imap_idle(self._dc_context)
-        self._log_event("py-bindings-info", 0, "INBOX THREAD FINISHED")
-
-    def mvbox_thread_run(self):
-        self._log_event("py-bindings-info", 0, "MVBOX THREAD START")
-        while not self._thread_quitflag:
-            lib.dc_perform_mvbox_jobs(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_mvbox_fetch(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_mvbox_idle(self._dc_context)
-        self._log_event("py-bindings-info", 0, "MVBOX THREAD FINISHED")
-
-    def sentbox_thread_run(self):
-        self._log_event("py-bindings-info", 0, "SENTBOX THREAD START")
-        while not self._thread_quitflag:
-            lib.dc_perform_sentbox_jobs(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_sentbox_fetch(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_sentbox_idle(self._dc_context)
-        self._log_event("py-bindings-info", 0, "SENTBOX THREAD FINISHED")
-
-    def smtp_thread_run(self):
-        self._log_event("py-bindings-info", 0, "SMTP THREAD START")
-        while not self._thread_quitflag:
-            lib.dc_perform_smtp_jobs(self._dc_context)
-            if not self._thread_quitflag:
-                lib.dc_perform_smtp_idle(self._dc_context)
-        self._log_event("py-bindings-info", 0, "SMTP THREAD FINISHED")
+    def _map_ffi_event(self, ffi_event):
+        name = ffi_event.name
+        if name == "DC_EVENT_CONFIGURE_PROGRESS":
+            data1 = ffi_event.data1
+            if data1 == 0 or data1 == 1000:
+                success = data1 == 1000
+                return "ac_configure_completed", dict(success=success)
+        elif name == "DC_EVENT_INCOMING_MSG":
+            msg = self.get_message_by_id(ffi_event.data2)
+            return "ac_incoming_message", dict(message=msg)
+        elif name == "DC_EVENT_MSGS_CHANGED":
+            if ffi_event.data2 != 0:
+                msg = self.get_message_by_id(ffi_event.data2)
+                if msg.is_in_fresh():
+                    return "ac_incoming_message", dict(message=msg)
+        elif name == "DC_EVENT_MSG_DELIVERED":
+            msg = self.get_message_by_id(ffi_event.data2)
+            return "ac_message_delivered", dict(message=msg)
+        elif name == "DC_EVENT_MEMBER_ADDED":
+            chat = self.get_chat_by_id(ffi_event.data1)
+            contact = self.get_contact_by_id(ffi_event.data2)
+            return "ac_member_added", dict(chat=chat, contact=contact)
+        elif name == "DC_EVENT_MEMBER_REMOVED":
+            chat = self.get_chat_by_id(ffi_event.data1)
+            contact = self.get_contact_by_id(ffi_event.data2)
+            return "ac_member_removed", dict(chat=chat, contact=contact)
+        return None, {}


 def _destroy_dc_context(dc_context, dc_context_unref=lib.dc_context_unref):
@@ -667,3 +661,17 @@ class ScannedQRCode:
    @property
    def contact_id(self):
        return self._dc_lot.id()
+
+
+class HookEvent:
+    def __init__(self, account, name, kwargs):
+        assert hasattr(account._pm.hook, name), name
+        self.account = account
+        self.name = name
+        self.kwargs = kwargs
+
+    def call_hook(self):
+        hook = getattr(self.account._pm.hook, self.name, None)
+        if hook is None:
+            raise ValueError("event_name {} unknown".format(self.name))
+        return hook(**self.kwargs)
--- a/python/src/deltachat/chat.py
+++ b/python/src/deltachat/chat.py
@@ -51,6 +51,16 @@ class Chat(object):

    # ------  chat status/metadata API ------------------------------

+    def is_group(self):
+        """ return true if this chat is a group chat.
+
+        :returns: True if chat is a group-chat, false if it's a contact 1:1 chat.
+        """
+        return lib.dc_chat_get_type(self._dc_chat) in (
+            const.DC_CHAT_TYPE_GROUP,
+            const.DC_CHAT_TYPE_VERIFIED_GROUP
+        )
+
    def is_deaddrop(self):
        """ return true if this chat is a deaddrop chat.

@@ -129,7 +139,7 @@ class Chat(object):
        return bool(lib.dc_chat_get_remaining_mute_duration(self.id))

    def get_type(self):
-        """ return type of this chat.
+        """ (deprecated) return type of this chat.

        :returns: one of const.DC_CHAT_TYPE_*
        """
@@ -353,7 +363,7 @@ class Chat(object):
            lib.dc_array_unref
        )
        return list(iter_array(
-            dc_array, lambda id: Contact(self._dc_context, id))
+            dc_array, lambda id: Contact(self.account, id))
        )

    def set_profile_image(self, img_path):
--- a/python/src/deltachat/const.py
+++ b/python/src/deltachat/const.py
@@ -99,6 +99,8 @@ DC_EVENT_IMEX_FILE_WRITTEN = 2052
 DC_EVENT_SECUREJOIN_INVITER_PROGRESS = 2060
 DC_EVENT_SECUREJOIN_JOINER_PROGRESS = 2061
 DC_EVENT_SECUREJOIN_MEMBER_ADDED = 2062
+DC_EVENT_MEMBER_ADDED = 2063
+DC_EVENT_MEMBER_REMOVED = 2064
 DC_EVENT_FILE_COPIED = 2055
 DC_EVENT_IS_OFFLINE = 2081
 DC_EVENT_GET_STRING = 2091
--- a/python/src/deltachat/contact.py
+++ b/python/src/deltachat/contact.py
@@ -10,8 +10,9 @@ class Contact(object):

    You obtain instances of it through :class:`deltachat.account.Account`.
    """
-    def __init__(self, dc_context, id):
-        self._dc_context = dc_context
+    def __init__(self, account, id):
+        self.account = account
+        self._dc_context = account._dc_context
        self.id = id

    def __eq__(self, other):
@@ -57,3 +58,7 @@ class Contact(object):
        if dc_res == ffi.NULL:
            return None
        return from_dc_charpointer(dc_res)
+
+    def get_chat(self):
+        """return 1:1 chat for this contact. """
+        return self.account.create_chat_by_contact(self)
--- a/python/src/deltachat/eventlogger.py
+++ b/python/src/deltachat/eventlogger.py
@@ -1,28 +1,88 @@
+import deltachat
 import threading
-import re
 import time
+import re
 from queue import Queue, Empty
-from .hookspec import hookimpl
+from .hookspec import account_hookimpl, global_hookimpl


-class EventLogger:
+@global_hookimpl
+def dc_account_init(account):
+    # send all FFI events for this account to a plugin hook
+    def _ll_event(ctx, evt_name, data1, data2):
+        assert ctx == account._dc_context
+        ffi_event = FFIEvent(name=evt_name, data1=data1, data2=data2)
+        account._pm.hook.ac_process_ffi_event(
+            account=account, ffi_event=ffi_event
+        )
+    deltachat.set_context_callback(account._dc_context, _ll_event)
+
+
+@global_hookimpl
+def dc_account_after_shutdown(dc_context):
+    deltachat.clear_context_callback(dc_context)
+
+
+class FFIEvent:
+    def __init__(self, name, data1, data2):
+        self.name = name
+        self.data1 = data1
+        self.data2 = data2
+
+    def __str__(self):
+        return "{name} data1={data1} data2={data2}".format(**self.__dict__)
+
+
+class FFIEventLogger:
+    """ If you register an instance of this logger with an Account
+    you'll get all ffi-events printed.
+    """
+    # to prevent garbled logging
    _loglock = threading.RLock()

-    def __init__(self, account, logid=None, debug=True):
+    def __init__(self, account, logid):
+        """
+        :param logid: an optional logging prefix that should be used with
+                      the default internal logging.
+        """
        self.account = account
-        self._event_queue = Queue()
-        self._debug = debug
-        if logid is None:
-            logid = str(self.account._dc_context).strip(">").split()[-1]
        self.logid = logid
-        self._timeout = None
        self.init_time = time.time()

-    @hookimpl
-    def process_low_level_event(self, account, event_name, data1, data2):
-        if self.account == account:
-            self._log_event(event_name, data1, data2)
-            self._event_queue.put((event_name, data1, data2))
+    @account_hookimpl
+    def ac_process_ffi_event(self, ffi_event):
+        self._log_event(ffi_event)
+
+    def _log_event(self, ffi_event):
+        # don't show events that are anyway empty impls now
+        if ffi_event.name == "DC_EVENT_GET_STRING":
+            return
+        self.account.ac_log_line(str(ffi_event))
+
+    @account_hookimpl
+    def ac_log_line(self, message):
+        t = threading.currentThread()
+        tname = getattr(t, "name", t)
+        if tname == "MainThread":
+            tname = "MAIN"
+        elapsed = time.time() - self.init_time
+        locname = tname
+        if self.logid:
+            locname += "-" + self.logid
+        s = "{:2.2f} [{}] {}".format(elapsed, locname, message)
+        with self._loglock:
+            print(s, flush=True)
+
+
+class FFIEventTracker:
+    def __init__(self, account, timeout=None):
+        self.account = account
+        self._timeout = timeout
+        self._event_queue = Queue()
+
+    @account_hookimpl
+    def ac_process_ffi_event(self, ffi_event):
+        self._event_queue.put(ffi_event)

    def set_timeout(self, timeout):
        self._timeout = timeout
@@ -32,10 +92,10 @@ class EventLogger:
            self.get(check_error=check_error)

    def get(self, timeout=None, check_error=True):
-        timeout = timeout or self._timeout
+        timeout = timeout if timeout is not None else self._timeout
        ev = self._event_queue.get(timeout=timeout)
-        if check_error and ev[0] == "DC_EVENT_ERROR":
-            raise ValueError("{}({!r},{!r})".format(*ev))
+        if check_error and ev.name == "DC_EVENT_ERROR":
+            raise ValueError(str(ev))
        return ev

    def ensure_event_not_queued(self, event_name_regex):
@@ -47,35 +107,31 @@ class EventLogger:
            except Empty:
                break
            else:
-                assert not rex.match(ev[0]), "event found {}".format(ev)
+                assert not rex.match(ev.name), "event found {}".format(ev)

    def get_matching(self, event_name_regex, check_error=True, timeout=None):
-        self._log("-- waiting for event with regex: {} --".format(event_name_regex))
+        self.account.ac_log_line("-- waiting for event with regex: {} --".format(event_name_regex))
        rex = re.compile("(?:{}).*".format(event_name_regex))
        while 1:
            ev = self.get(timeout=timeout, check_error=check_error)
-            if rex.match(ev[0]):
+            if rex.match(ev.name):
                return ev

    def get_info_matching(self, regex):
        rex = re.compile("(?:{}).*".format(regex))
        while 1:
            ev = self.get_matching("DC_EVENT_INFO")
-            if rex.match(ev[2]):
+            if rex.match(ev.data2):
                return ev

-    def _log_event(self, evt_name, data1, data2):
-        # don't show events that are anyway empty impls now
-        if evt_name == "DC_EVENT_GET_STRING":
-            return
-        if self._debug:
-            evpart = "{}({!r},{!r})".format(evt_name, data1, data2)
-            self._log(evpart)
+    def wait_next_incoming_message(self):
+        """ wait for and return next incoming message. """
+        ev = self.get_matching("DC_EVENT_INCOMING_MSG")
+        return self.account.get_message_by_id(ev.data2)

-    def _log(self, msg):
-        t = threading.currentThread()
-        tname = getattr(t, "name", t)
-        if tname == "MainThread":
-            tname = "MAIN"
-        with self._loglock:
-            print("{:2.2f} [{}-{}] {}".format(time.time() - self.init_time, tname, self.logid, msg))
+    def wait_next_messages_changed(self):
+        """ wait for and return next message-changed message or None
+        if the event contains no msgid"""
+        ev = self.get_matching("DC_EVENT_MSGS_CHANGED")
+        if ev.data2 > 0:
+            return self.account.get_message_by_id(ev.data2)
--- a/python/src/deltachat/hookspec.py
+++ b/python/src/deltachat/hookspec.py
@@ -1,25 +1,84 @@
-""" Hooks for python bindings """
+""" Hooks for Python bindings to Delta Chat Core Rust CFFI"""

 import pluggy

-name = "deltachat"

-hookspec = pluggy.HookspecMarker(name)
-hookimpl = pluggy.HookimplMarker(name)
-_plugin_manager = None
+account_spec_name = "deltachat-account"
+account_hookspec = pluggy.HookspecMarker(account_spec_name)
+account_hookimpl = pluggy.HookimplMarker(account_spec_name)
+
+global_spec_name = "deltachat-global"
+global_hookspec = pluggy.HookspecMarker(global_spec_name)
+global_hookimpl = pluggy.HookimplMarker(global_spec_name)


-def get_plugin_manager():
-    global _plugin_manager
-    if _plugin_manager is None:
-        _plugin_manager = pluggy.PluginManager(name)
-        _plugin_manager.add_hookspecs(DeltaChatHookSpecs)
-    return _plugin_manager
+class PerAccount:
+    """ per-Account-instance hook specifications.
+
+    Except for ac_process_ffi_event all hooks are executed
+    in the thread which calls Account.wait_shutdown().
+    """
+    @classmethod
+    def _make_plugin_manager(cls):
+        pm = pluggy.PluginManager(account_spec_name)
+        pm.add_hookspecs(cls)
+        return pm
+
+    @account_hookspec
+    def ac_process_ffi_event(self, ffi_event):
+        """ process a CFFI low level events for a given account.
+
+        ffi_event has "name", "data1", "data2" values as specified
+        with `DC_EVENT_* <https://c.delta.chat/group__DC__EVENT.html>`_.
+
+        DANGER: this hook is executed from the callback invoked by core.
+        Hook implementations need to be short running and can typically
+        not call back into core because this would easily cause recursion issues.
+        """
+
+    @account_hookspec
+    def ac_log_line(self, message):
+        """ log a message related to the account. """
+
+    @account_hookspec
+    def ac_configure_completed(self, success):
+        """ Called when a configure process completed. """
+
+    @account_hookspec
+    def ac_incoming_message(self, message):
+        """ Called on any incoming message (to deaddrop or chat). """
+
+    @account_hookspec
+    def ac_message_delivered(self, message):
+        """ Called when an outgoing message has been delivered to SMTP. """
+
+    @account_hookspec
+    def ac_member_added(self, chat, contact):
+        """ Called for each contact added to a chat. """
+
+    @account_hookspec
+    def ac_member_removed(self, chat, contact):
+        """ Called for each contact removed from a chat. """


-class DeltaChatHookSpecs:
-    """ Plugin Hook specifications for Python bindings to Delta Chat CFFI. """
+class Global:
+    """ global hook specifications using a per-process singleton
+    plugin manager instance.

-    @hookspec
-    def process_low_level_event(self, account, event_name, data1, data2):
-        """ process a CFFI low level events for a given account. """
+    """
+    _plugin_manager = None
+
+    @classmethod
+    def _get_plugin_manager(cls):
+        if cls._plugin_manager is None:
+            cls._plugin_manager = pm = pluggy.PluginManager(global_spec_name)
+            pm.add_hookspecs(cls)
+        return cls._plugin_manager
+
+    @global_hookspec
+    def dc_account_init(self, account):
+        """ called when `Account::__init__()` function starts executing. """
+
+    @global_hookspec
+    def dc_account_after_shutdown(self, account, dc_context):
+        """ Called after the account has been shutdown. """
--- a/python/src/deltachat/iothreads.py
+++ b/python/src/deltachat/iothreads.py
@@ -0,0 +1,106 @@
+
+import threading
+import time
+
+from contextlib import contextmanager
+
+from .capi import lib
+
+
+class IOThreads:
+    def __init__(self, account):
+        self.account = account
+        self._dc_context = account._dc_context
+        self._thread_quitflag = False
+        self._name2thread = {}
+
+    def is_started(self):
+        return len(self._name2thread) > 0
+
+    def start(self, callback_thread):
+        assert not self.is_started()
+        self._start_one_thread("inbox", self.imap_thread_run)
+        self._start_one_thread("smtp", self.smtp_thread_run)
+
+        if callback_thread:
+            self._start_one_thread("cb", self.cb_thread_run)
+
+        if int(self.account.get_config("mvbox_watch")):
+            self._start_one_thread("mvbox", self.mvbox_thread_run)
+
+        if int(self.account.get_config("sentbox_watch")):
+            self._start_one_thread("sentbox", self.sentbox_thread_run)
+
+    def _start_one_thread(self, name, func):
+        self._name2thread[name] = t = threading.Thread(target=func, name=name)
+        t.setDaemon(1)
+        t.start()
+
+    @contextmanager
+    def log_execution(self, message):
+        self.account.ac_log_line(message + " START")
+        yield
+        self.account.ac_log_line(message + " FINISHED")
+
+    def stop(self, wait=False):
+        self._thread_quitflag = True
+
+        # Workaround for a race condition. Make sure that thread is
+        # not in between checking for quitflag and entering idle.
+        time.sleep(0.5)
+
+        lib.dc_interrupt_imap_idle(self._dc_context)
+        lib.dc_interrupt_smtp_idle(self._dc_context)
+        if "mvbox" in self._name2thread:
+            lib.dc_interrupt_mvbox_idle(self._dc_context)
+        if "sentbox" in self._name2thread:
+            lib.dc_interrupt_sentbox_idle(self._dc_context)
+        if wait:
+            for name, thread in self._name2thread.items():
+                if thread != threading.currentThread():
+                    thread.join()
+
+    def cb_thread_run(self):
+        with self.log_execution("CALLBACK THREAD START"):
+            it = self.account.iter_events()
+            while not self._thread_quitflag:
+                try:
+                    ev = next(it)
+                except StopIteration:
+                    break
+                self.account.ac_log_line("calling hook name={} kwargs={}".format(ev.name, ev.kwargs))
+                ev.call_hook()
+
+    def imap_thread_run(self):
+        with self.log_execution("INBOX THREAD START"):
+            while not self._thread_quitflag:
+                lib.dc_perform_imap_jobs(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_imap_fetch(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_imap_idle(self._dc_context)
+
+    def mvbox_thread_run(self):
+        with self.log_execution("MVBOX THREAD"):
+            while not self._thread_quitflag:
+                lib.dc_perform_mvbox_jobs(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_mvbox_fetch(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_mvbox_idle(self._dc_context)
+
+    def sentbox_thread_run(self):
+        with self.log_execution("SENTBOX THREAD"):
+            while not self._thread_quitflag:
+                lib.dc_perform_sentbox_jobs(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_sentbox_fetch(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_sentbox_idle(self._dc_context)
+
+    def smtp_thread_run(self):
+        with self.log_execution("SMTP THREAD"):
+            while not self._thread_quitflag:
+                lib.dc_perform_smtp_jobs(self._dc_context)
+                if not self._thread_quitflag:
+                    lib.dc_perform_smtp_idle(self._dc_context)
--- a/python/src/deltachat/message.py
+++ b/python/src/deltachat/message.py
@@ -50,6 +50,16 @@ class Message(object):
            lib.dc_msg_unref
        ))

+    def accept_sender_contact(self):
+        """ ensure that the sender is an accepted contact
+        and that the message has a non-deaddrop chat object.
+        """
+        self.account.create_chat_by_message(self)
+        self._dc_msg = ffi.gc(
+                lib.dc_get_msg(self._dc_context, self.id),
+                lib.dc_msg_unref
+        )
+
    @props.with_doc
    def text(self):
        """unicode text of this messages (might be empty if not a text message). """
@@ -159,6 +169,13 @@ class Message(object):
        chat_id = lib.dc_msg_get_chat_id(self._dc_msg)
        return Chat(self.account, chat_id)

+    def get_sender_chat(self):
+        """return the 1:1 chat with the sender of this message.
+
+        :returns: :class:`deltachat.chat.Chat` instance
+        """
+        return self.get_sender_contact().get_chat()
+
    def get_sender_contact(self):
        """return the contact of who wrote the message.

@@ -166,7 +183,7 @@ class Message(object):
        """
        from .contact import Contact
        contact_id = lib.dc_msg_get_from_id(self._dc_msg)
-        return Contact(self._dc_context, contact_id)
+        return Contact(self.account, contact_id)

    #
    # Message State query methods
@@ -269,6 +286,10 @@ class Message(object):
        """ return True if it's a file message. """
        return self._view_type == const.DC_MSG_FILE

+    def mark_seen(self):
+        """ mark this message as seen. """
+        self.account.mark_seen_messages([self.id])
+

 # some code for handling DC_MSG_* view types

--- a/python/src/deltachat/testplugin.py
+++ b/python/src/deltachat/testplugin.py
@@ -0,0 +1,373 @@
+from __future__ import print_function
+import os
+import sys
+import subprocess
+import queue
+import threading
+import fnmatch
+import pytest
+import requests
+import time
+from . import Account, const
+from .tracker import ConfigureTracker
+from .capi import lib
+from .eventlogger import FFIEventLogger, FFIEventTracker
+from _pytest.monkeypatch import MonkeyPatch
+from _pytest._code import Source
+
+import tempfile
+
+
+def pytest_addoption(parser):
+    parser.addoption(
+        "--liveconfig", action="store", default=None,
+        help="a file with >=2 lines where each line "
+             "contains NAME=VALUE config settings for one account"
+    )
+    parser.addoption(
+        "--ignored", action="store_true",
+        help="Also run tests marked with the ignored marker",
+    )
+
+
+def pytest_configure(config):
+    config.addinivalue_line(
+        "markers", "ignored: Mark test as bing slow, skipped unless --ignored is used."
+    )
+    cfg = config.getoption('--liveconfig')
+    if not cfg:
+        cfg = os.getenv('DCC_NEW_TMP_EMAIL')
+        if cfg:
+            config.option.liveconfig = cfg
+
+
+def pytest_runtest_setup(item):
+    if (list(item.iter_markers(name="ignored"))
+            and not item.config.getoption("ignored")):
+        pytest.skip("Ignored tests not requested, use --ignored")
+
+
+def pytest_report_header(config, startdir):
+    summary = []
+
+    t = tempfile.mktemp()
+    m = MonkeyPatch()
+    try:
+        m.setattr(sys.stdout, "write", lambda x: len(x))
+        ac = Account(t)
+        info = ac.get_info()
+        ac.shutdown()
+    finally:
+        m.undo()
+        os.remove(t)
+    summary.extend(['Deltachat core={} sqlite={}'.format(
+         info['deltachat_core_version'],
+         info['sqlite_version'],
+     )])
+
+    cfg = config.option.liveconfig
+    if cfg:
+        if "?" in cfg:
+            url, token = cfg.split("?", 1)
+            summary.append('Liveconfig provider: {}?<token ommitted>'.format(url))
+        else:
+            summary.append('Liveconfig file: {}'.format(cfg))
+    return summary
+
+
+class SessionLiveConfigFromFile:
+    def __init__(self, fn):
+        self.fn = fn
+        self.configlist = []
+        for line in open(fn):
+            if line.strip() and not line.strip().startswith('#'):
+                d = {}
+                for part in line.split():
+                    name, value = part.split("=")
+                    d[name] = value
+                self.configlist.append(d)
+
+    def get(self, index):
+        return self.configlist[index]
+
+    def exists(self):
+        return bool(self.configlist)
+
+
+class SessionLiveConfigFromURL:
+    def __init__(self, url):
+        self.configlist = []
+        self.url = url
+
+    def get(self, index):
+        try:
+            return self.configlist[index]
+        except IndexError:
+            assert index == len(self.configlist), index
+            res = requests.post(self.url)
+            if res.status_code != 200:
+                pytest.skip("creating newtmpuser failed {!r}".format(res))
+            d = res.json()
+            config = dict(addr=d["email"], mail_pw=d["password"])
+            self.configlist.append(config)
+            return config
+
+    def exists(self):
+        return bool(self.configlist)
+
+
+@pytest.fixture(scope="session")
+def session_liveconfig(request):
+    liveconfig_opt = request.config.option.liveconfig
+    if liveconfig_opt:
+        if liveconfig_opt.startswith("http"):
+            return SessionLiveConfigFromURL(liveconfig_opt)
+        else:
+            return SessionLiveConfigFromFile(liveconfig_opt)
+
+
+@pytest.fixture
+def data(request):
+    class Data:
+        def __init__(self):
+            # trying to find test data heuristically
+            # because we are run from a dev-setup with pytest direct,
+            # through tox, and then maybe also from deltachat-binding
+            # users like "deltabot".
+            self.paths = [os.path.normpath(x) for x in [
+                os.path.join(os.path.dirname(request.fspath.strpath), "data"),
+                os.path.join(os.path.dirname(__file__), "..", "..", "..", "test-data")
+            ]]
+
+        def get_path(self, bn):
+            """ return path of file or None if it doesn't exist. """
+            for path in self.paths:
+                fn = os.path.join(path, *bn.split("/"))
+                if os.path.exists(fn):
+                    return fn
+            print("WARNING: path does not exist: {!r}".format(fn))
+
+        def read_path(self, bn, mode="r"):
+            fn = self.get_path(bn)
+            if fn is not None:
+                with open(fn, mode) as f:
+                    return f.read()
+
+    return Data()
+
+
+@pytest.fixture
+def acfactory(pytestconfig, tmpdir, request, session_liveconfig, data):
+
+    class AccountMaker:
+        def __init__(self):
+            self.live_count = 0
+            self.offline_count = 0
+            self._finalizers = []
+            self.init_time = time.time()
+            self._generated_keys = ["alice", "bob", "charlie",
+                                    "dom", "elena", "fiona"]
+
+        def finalize(self):
+            while self._finalizers:
+                fin = self._finalizers.pop()
+                fin()
+
+        def make_account(self, path, logid, quiet=False):
+            ac = Account(path)
+            ac._evtracker = ac.add_account_plugin(FFIEventTracker(ac))
+            ac._configtracker = ac.add_account_plugin(ConfigureTracker())
+            if not quiet:
+                ac.add_account_plugin(FFIEventLogger(ac, logid=logid))
+            self._finalizers.append(ac.shutdown)
+            return ac
+
+        def get_unconfigured_account(self):
+            self.offline_count += 1
+            tmpdb = tmpdir.join("offlinedb%d" % self.offline_count)
+            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.offline_count))
+            ac._evtracker.init_time = self.init_time
+            ac._evtracker.set_timeout(2)
+            return ac
+
+        def _preconfigure_key(self, account, addr):
+            # Only set a key if we haven't used it yet for another account.
+            if self._generated_keys:
+                keyname = self._generated_keys.pop(0)
+                fname_pub = data.read_path("key/{name}-public.asc".format(name=keyname))
+                fname_sec = data.read_path("key/{name}-secret.asc".format(name=keyname))
+                if fname_pub and fname_sec:
+                    account._preconfigure_keypair(addr, fname_pub, fname_sec)
+                    return True
+                else:
+                    print("WARN: could not use preconfigured keys for {!r}".format(addr))
+
+        def get_configured_offline_account(self):
+            ac = self.get_unconfigured_account()
+
+            # do a pseudo-configured account
+            addr = "addr{}@offline.org".format(self.offline_count)
+            ac.set_config("addr", addr)
+            self._preconfigure_key(ac, addr)
+            lib.dc_set_config(ac._dc_context, b"configured_addr", addr.encode("ascii"))
+            ac.set_config("mail_pw", "123")
+            lib.dc_set_config(ac._dc_context, b"configured_mail_pw", b"123")
+            lib.dc_set_config(ac._dc_context, b"configured", b"1")
+            return ac
+
+        def get_online_config(self, pre_generated_key=True, quiet=False):
+            if not session_liveconfig:
+                pytest.skip("specify DCC_NEW_TMP_EMAIL or --liveconfig")
+            configdict = session_liveconfig.get(self.live_count)
+            self.live_count += 1
+            if "e2ee_enabled" not in configdict:
+                configdict["e2ee_enabled"] = "1"
+
+            # Enable strict certificate checks for online accounts
+            configdict["imap_certificate_checks"] = str(const.DC_CERTCK_STRICT)
+            configdict["smtp_certificate_checks"] = str(const.DC_CERTCK_STRICT)
+
+            tmpdb = tmpdir.join("livedb%d" % self.live_count)
+            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count), quiet=quiet)
+            if pre_generated_key:
+                self._preconfigure_key(ac, configdict['addr'])
+            ac._evtracker.init_time = self.init_time
+            ac._evtracker.set_timeout(30)
+            return ac, dict(configdict)
+
+        def get_online_configuring_account(self, mvbox=False, sentbox=False, move=False,
+                                           pre_generated_key=True, quiet=False, config={}):
+            ac, configdict = self.get_online_config(
+                pre_generated_key=pre_generated_key, quiet=quiet)
+            configdict.update(config)
+            configdict["mvbox_watch"] = str(int(mvbox))
+            configdict["mvbox_move"] = str(int(move))
+            configdict["sentbox_watch"] = str(int(sentbox))
+            ac.update_config(configdict)
+            ac.start()
+            return ac
+
+        def get_one_online_account(self, pre_generated_key=True, mvbox=False, move=False):
+            ac1 = self.get_online_configuring_account(
+                pre_generated_key=pre_generated_key, mvbox=mvbox, move=move)
+            ac1._configtracker.wait_imap_connected()
+            ac1._configtracker.wait_smtp_connected()
+            ac1._configtracker.wait_finish()
+            return ac1
+
+        def get_two_online_accounts(self, move=False, quiet=False):
+            ac1 = self.get_online_configuring_account(move=True, quiet=quiet)
+            ac2 = self.get_online_configuring_account(quiet=quiet)
+            ac1._configtracker.wait_finish()
+            ac2._configtracker.wait_finish()
+            return ac1, ac2
+
+        def clone_online_account(self, account, pre_generated_key=True):
+            self.live_count += 1
+            tmpdb = tmpdir.join("livedb%d" % self.live_count)
+            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count))
+            if pre_generated_key:
+                self._preconfigure_key(ac, account.get_config("addr"))
+            ac._evtracker.init_time = self.init_time
+            ac._evtracker.set_timeout(30)
+            ac.update_config(dict(
+                addr=account.get_config("addr"),
+                mail_pw=account.get_config("mail_pw"),
+                mvbox_watch=account.get_config("mvbox_watch"),
+                mvbox_move=account.get_config("mvbox_move"),
+                sentbox_watch=account.get_config("sentbox_watch"),
+            ))
+            ac.start()
+            return ac
+
+        def run_bot_process(self, module):
+            fn = module.__file__
+
+            bot_ac, bot_cfg = self.get_online_config()
+
+            args = [
+                sys.executable,
+                fn,
+                "--show-ffi",
+                "--email", bot_cfg["addr"],
+                "--password", bot_cfg["mail_pw"],
+                bot_ac.db_path,
+            ]
+            print("$", " ".join(args))
+            popen = subprocess.Popen(
+                args=args,
+                stdin=subprocess.DEVNULL,
+                stdout=subprocess.PIPE,
+                stderr=subprocess.STDOUT,  # combine stdout/stderr in one stream
+                bufsize=1,                 # line buffering
+                close_fds=True,            # close all FDs other than 0/1/2
+                universal_newlines=True    # give back text
+            )
+            bot = BotProcess(popen, bot_cfg)
+            self._finalizers.append(bot.kill)
+            return bot
+
+    am = AccountMaker()
+    request.addfinalizer(am.finalize)
+    return am
+
+
+class BotProcess:
+    def __init__(self, popen, bot_cfg):
+        self.popen = popen
+        self.addr = bot_cfg["addr"]
+
+        # we read stdout as quickly as we can in a thread and make
+        # the (unicode) lines available for readers through a queue.
+        self.stdout_queue = queue.Queue()
+        self.stdout_thread = t = threading.Thread(target=self._run_stdout_thread, name="bot-stdout-thread")
+        t.setDaemon(1)
+        t.start()
+
+    def _run_stdout_thread(self):
+        try:
+            while 1:
+                line = self.popen.stdout.readline()
+                if not line:
+                    break
+                line = line.strip()
+                self.stdout_queue.put(line)
+        finally:
+            self.stdout_queue.put(None)
+
+    def kill(self):
+        self.popen.kill()
+
+    def wait(self, timeout=30):
+        self.popen.wait(timeout=timeout)
+
+    def fnmatch_lines(self, pattern_lines):
+        patterns = [x.strip() for x in Source(pattern_lines.rstrip()).lines if x.strip()]
+        for next_pattern in patterns:
+            print("+++FNMATCH:", next_pattern)
+            while 1:
+                line = self.stdout_queue.get(timeout=15)
+                if line is None:
+                    raise IOError("BOT stdout-thread terminated")
+                if fnmatch.fnmatch(line, next_pattern):
+                    print("+++MATCHED:", line)
+                    break
+                else:
+                    print("+++IGN:", line)
+
+
+@pytest.fixture
+def tmp_db_path(tmpdir):
+    return tmpdir.join("test.db").strpath
+
+
+@pytest.fixture
+def lp():
+    class Printer:
+        def sec(self, msg):
+            print()
+            print("=" * 10, msg, "=" * 10)
+
+        def step(self, msg):
+            print("-" * 5, "step " + msg, "-" * 5)
+    return Printer()
--- a/python/src/deltachat/tracker.py
+++ b/python/src/deltachat/tracker.py
@@ -0,0 +1,76 @@
+
+from queue import Queue
+from threading import Event
+
+from .hookspec import account_hookimpl
+
+
+class ImexFailed(RuntimeError):
+    """ Exception for signalling that import/export operations failed."""
+
+
+class ImexTracker:
+    def __init__(self):
+        self._imex_events = Queue()
+
+    @account_hookimpl
+    def ac_process_ffi_event(self, ffi_event):
+        if ffi_event.name == "DC_EVENT_IMEX_PROGRESS":
+            self._imex_events.put(ffi_event.data1)
+        elif ffi_event.name == "DC_EVENT_IMEX_FILE_WRITTEN":
+            self._imex_events.put(ffi_event.data1)
+
+    def wait_finish(self, progress_timeout=60):
+        """ Return list of written files, raise ValueError if ExportFailed. """
+        files_written = []
+        while True:
+            ev = self._imex_events.get(timeout=progress_timeout)
+            if isinstance(ev, str):
+                files_written.append(ev)
+            elif ev == 0:
+                raise ImexFailed("export failed, exp-files: {}".format(files_written))
+            elif ev == 1000:
+                return files_written
+
+
+class ConfigureFailed(RuntimeError):
+    """ Exception for signalling that configuration failed."""
+
+
+class ConfigureTracker:
+    ConfigureFailed = ConfigureFailed
+
+    def __init__(self):
+        self._configure_events = Queue()
+        self._smtp_finished = Event()
+        self._imap_finished = Event()
+        self._ffi_events = []
+
+    @account_hookimpl
+    def ac_process_ffi_event(self, ffi_event):
+        self._ffi_events.append(ffi_event)
+        if ffi_event.name == "DC_EVENT_SMTP_CONNECTED":
+            self._smtp_finished.set()
+        elif ffi_event.name == "DC_EVENT_IMAP_CONNECTED":
+            self._imap_finished.set()
+
+    @account_hookimpl
+    def ac_configure_completed(self, success):
+        self._configure_events.put(success)
+
+    def wait_smtp_connected(self):
+        """ wait until smtp is configured. """
+        self._smtp_finished.wait()
+
+    def wait_imap_connected(self):
+        """ wait until smtp is configured. """
+        self._imap_finished.wait()
+
+    def wait_finish(self):
+        """ wait until configure is completed.
+
+        Raise Exception if Configure failed
+        """
+        if not self._configure_events.get():
+            content = "\n".join(map(str, self._ffi_events))
+            raise ConfigureFailed(content)
--- a/python/tests/conftest.py
+++ b/python/tests/conftest.py
@@ -1,317 +1,18 @@
 from __future__ import print_function
-import os
-import sys
-import py
-import pytest
-import requests
-import time
-from deltachat import Account
-from deltachat import const
-from deltachat.capi import lib
-from _pytest.monkeypatch import MonkeyPatch
-import tempfile
-
-
-def pytest_addoption(parser):
-    parser.addoption(
-        "--liveconfig", action="store", default=None,
-        help="a file with >=2 lines where each line "
-             "contains NAME=VALUE config settings for one account"
-    )
-    parser.addoption(
-        "--ignored", action="store_true",
-        help="Also run tests marked with the ignored marker",
-    )
-
-
-def pytest_configure(config):
-    config.addinivalue_line(
-        "markers", "ignored: Mark test as bing slow, skipped unless --ignored is used."
-    )
-    cfg = config.getoption('--liveconfig')
-    if not cfg:
-        cfg = os.getenv('DCC_NEW_TMP_EMAIL')
-        if cfg:
-            config.option.liveconfig = cfg
-
-
-def pytest_runtest_setup(item):
-    if (list(item.iter_markers(name="ignored"))
-            and not item.config.getoption("ignored")):
-        pytest.skip("Ignored tests not requested, use --ignored")
-
-
-def pytest_report_header(config, startdir):
-    summary = []
-
-    t = tempfile.mktemp()
-    m = MonkeyPatch()
-    try:
-        m.setattr(sys.stdout, "write", lambda x: len(x))
-        ac = Account(t)
-        info = ac.get_info()
-        ac.shutdown()
-    finally:
-        m.undo()
-        os.remove(t)
-    summary.extend(['Deltachat core={} sqlite={}'.format(
-         info['deltachat_core_version'],
-         info['sqlite_version'],
-     )])
-
-    cfg = config.option.liveconfig
-    if cfg:
-        if "#" in cfg:
-            url, token = cfg.split("#", 1)
-            summary.append('Liveconfig provider: {}#<token ommitted>'.format(url))
-        else:
-            summary.append('Liveconfig file: {}'.format(cfg))
-    return summary
-
-
-@pytest.fixture(scope="session")
-def data():
-    class Data:
-        def __init__(self):
-            self.path = os.path.join(os.path.dirname(__file__), "data")
-
-        def get_path(self, bn):
-            fn = os.path.join(self.path, bn)
-            assert os.path.exists(fn)
-            return fn
-    return Data()
-
-
-class SessionLiveConfigFromFile:
-    def __init__(self, fn):
-        self.fn = fn
-        self.configlist = []
-        for line in open(fn):
-            if line.strip() and not line.strip().startswith('#'):
-                d = {}
-                for part in line.split():
-                    name, value = part.split("=")
-                    d[name] = value
-                self.configlist.append(d)
-
-    def get(self, index):
-        return self.configlist[index]
-
-    def exists(self):
-        return bool(self.configlist)
-
-
-class SessionLiveConfigFromURL:
-    def __init__(self, url):
-        self.configlist = []
-        self.url = url
-
-    def get(self, index):
-        try:
-            return self.configlist[index]
-        except IndexError:
-            assert index == len(self.configlist), index
-            res = requests.post(self.url)
-            if res.status_code != 200:
-                pytest.skip("creating newtmpuser failed {!r}".format(res))
-            d = res.json()
-            config = dict(addr=d["email"], mail_pw=d["password"])
-            self.configlist.append(config)
-            return config
-
-    def exists(self):
-        return bool(self.configlist)
-
-
-@pytest.fixture(scope="session")
-def session_liveconfig(request):
-    liveconfig_opt = request.config.option.liveconfig
-    if liveconfig_opt:
-        if liveconfig_opt.startswith("http"):
-            return SessionLiveConfigFromURL(liveconfig_opt)
-        else:
-            return SessionLiveConfigFromFile(liveconfig_opt)
-
-
-@pytest.fixture(scope='session')
-def datadir():
-    """The py.path.local object of the test-data/ directory."""
-    for path in reversed(py.path.local(__file__).parts()):
-        datadir = path.join('test-data')
-        if datadir.isdir():
-            return datadir
-    else:
-        pytest.skip('test-data directory not found')
-
-
-@pytest.fixture
-def acfactory(pytestconfig, tmpdir, request, session_liveconfig, datadir):
-
-    class AccountMaker:
-        def __init__(self):
-            self.live_count = 0
-            self.offline_count = 0
-            self._finalizers = []
-            self.init_time = time.time()
-            self._generated_keys = ["alice", "bob", "charlie",
-                                    "dom", "elena", "fiona"]
-
-        def finalize(self):
-            while self._finalizers:
-                fin = self._finalizers.pop()
-                fin()
-
-        def make_account(self, path, logid):
-            ac = Account(path, logid=logid)
-            self._finalizers.append(ac.shutdown)
-            return ac
-
-        def get_unconfigured_account(self):
-            self.offline_count += 1
-            tmpdb = tmpdir.join("offlinedb%d" % self.offline_count)
-            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.offline_count))
-            ac._evlogger.init_time = self.init_time
-            ac._evlogger.set_timeout(2)
-            return ac
-
-        def _preconfigure_key(self, account, addr):
-            # Only set a key if we haven't used it yet for another account.
-            if self._generated_keys:
-                keyname = self._generated_keys.pop(0)
-                fname_pub = "key/{name}-public.asc".format(name=keyname)
-                fname_sec = "key/{name}-secret.asc".format(name=keyname)
-                account._preconfigure_keypair(addr,
-                                              datadir.join(fname_pub).read(),
-                                              datadir.join(fname_sec).read())
-
-        def get_configured_offline_account(self):
-            ac = self.get_unconfigured_account()
-
-            # do a pseudo-configured account
-            addr = "addr{}@offline.org".format(self.offline_count)
-            ac.set_config("addr", addr)
-            self._preconfigure_key(ac, addr)
-            lib.dc_set_config(ac._dc_context, b"configured_addr", addr.encode("ascii"))
-            ac.set_config("mail_pw", "123")
-            lib.dc_set_config(ac._dc_context, b"configured_mail_pw", b"123")
-            lib.dc_set_config(ac._dc_context, b"configured", b"1")
-            return ac
-
-        def get_online_config(self, pre_generated_key=True):
-            if not session_liveconfig:
-                pytest.skip("specify DCC_NEW_TMP_EMAIL or --liveconfig")
-            configdict = session_liveconfig.get(self.live_count)
-            self.live_count += 1
-            if "e2ee_enabled" not in configdict:
-                configdict["e2ee_enabled"] = "1"
-
-            # Enable strict certificate checks for online accounts
-            configdict["imap_certificate_checks"] = str(const.DC_CERTCK_STRICT)
-            configdict["smtp_certificate_checks"] = str(const.DC_CERTCK_STRICT)
-
-            tmpdb = tmpdir.join("livedb%d" % self.live_count)
-            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count))
-            if pre_generated_key:
-                self._preconfigure_key(ac, configdict['addr'])
-            ac._evlogger.init_time = self.init_time
-            ac._evlogger.set_timeout(30)
-            return ac, dict(configdict)
-
-        def get_online_configuring_account(self, mvbox=False, sentbox=False,
-                                           pre_generated_key=True, config={}):
-            ac, configdict = self.get_online_config(
-                pre_generated_key=pre_generated_key)
-            configdict.update(config)
-            ac.configure(**configdict)
-            ac.start_threads(mvbox=mvbox, sentbox=sentbox)
-            return ac
-
-        def get_one_online_account(self, pre_generated_key=True):
-            ac1 = self.get_online_configuring_account(
-                pre_generated_key=pre_generated_key)
-            wait_successful_IMAP_SMTP_connection(ac1)
-            wait_configuration_progress(ac1, 1000)
-            return ac1
-
-        def get_two_online_accounts(self):
-            ac1 = self.get_online_configuring_account()
-            ac2 = self.get_online_configuring_account()
-            wait_successful_IMAP_SMTP_connection(ac1)
-            wait_configuration_progress(ac1, 1000)
-            wait_successful_IMAP_SMTP_connection(ac2)
-            wait_configuration_progress(ac2, 1000)
-            return ac1, ac2
-
-        def clone_online_account(self, account, pre_generated_key=True):
-            self.live_count += 1
-            tmpdb = tmpdir.join("livedb%d" % self.live_count)
-            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count))
-            if pre_generated_key:
-                self._preconfigure_key(ac, account.get_config("addr"))
-            ac._evlogger.init_time = self.init_time
-            ac._evlogger.set_timeout(30)
-            ac.configure(addr=account.get_config("addr"), mail_pw=account.get_config("mail_pw"))
-            ac.start_threads()
-            return ac
-
-    am = AccountMaker()
-    request.addfinalizer(am.finalize)
-    return am
-
-
-@pytest.fixture
-def tmp_db_path(tmpdir):
-    return tmpdir.join("test.db").strpath
-
-
-@pytest.fixture
-def lp():
-    class Printer:
-        def sec(self, msg):
-            print()
-            print("=" * 10, msg, "=" * 10)
-
-        def step(self, msg):
-            print("-" * 5, "step " + msg, "-" * 5)
-    return Printer()


 def wait_configuration_progress(account, min_target, max_target=1001):
    min_target = min(min_target, max_target)
    while 1:
-        evt_name, data1, data2 = \
-            account._evlogger.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
-        if data1 >= min_target and data1 <= max_target:
+        event = account._evtracker.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
+        if event.data1 >= min_target and event.data1 <= max_target:
            print("** CONFIG PROGRESS {}".format(min_target), account)
            break


 def wait_securejoin_inviter_progress(account, target):
    while 1:
-        evt_name, data1, data2 = \
-            account._evlogger.get_matching("DC_EVENT_SECUREJOIN_INVITER_PROGRESS")
-        if data2 >= target:
+        event = account._evtracker.get_matching("DC_EVENT_SECUREJOIN_INVITER_PROGRESS")
+        if event.data2 >= target:
            print("** SECUREJOINT-INVITER PROGRESS {}".format(target), account)
            break
-
-
-def wait_successful_IMAP_SMTP_connection(account):
-    imap_ok = smtp_ok = False
-    while not imap_ok or not smtp_ok:
-        evt_name, data1, data2 = \
-            account._evlogger.get_matching("DC_EVENT_(IMAP|SMTP)_CONNECTED")
-        if evt_name == "DC_EVENT_IMAP_CONNECTED":
-            imap_ok = True
-            print("** IMAP OK", account)
-        if evt_name == "DC_EVENT_SMTP_CONNECTED":
-            smtp_ok = True
-            print("** SMTP OK", account)
-    print("** IMAP and SMTP logins successful", account)
-
-
-def wait_msgs_changed(account, chat_id, msg_id=None):
-    ev = account._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
-    assert ev[1] == chat_id
-    if msg_id is not None:
-        assert ev[2] == msg_id
-    return ev[2]
--- a/python/tests/data/key
+++ b/python/tests/data/key
@@ -0,0 +1 @@
+../../../test-data/key
--- a/python/tests/test_account.py
+++ b/python/tests/test_account.py
--- a/python/tests/test_increation.py
+++ b/python/tests/test_increation.py
@@ -6,10 +6,18 @@ import shutil
 import pytest
 from filecmp import cmp

-from conftest import wait_configuration_progress, wait_msgs_changed
+from conftest import wait_configuration_progress
 from deltachat import const


+def wait_msgs_changed(account, chat_id, msg_id=None):
+    ev = account._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
+    assert ev.data1 == chat_id
+    if msg_id is not None:
+        assert ev.data2 == msg_id
+    return ev.data2
+
+
 class TestOnlineInCreation:
    def test_increation_not_blobdir(self, tmpdir, acfactory, lp):
        ac1 = acfactory.get_online_configuring_account()
@@ -91,22 +99,22 @@ class TestOnlineInCreation:
        assert fwd_msg.is_out_pending() or fwd_msg.is_out_delivered()

        lp.sec("wait for the messages to be delivered to SMTP")
-        ev = ac1._evlogger.get_matching("DC_EVENT_MSG_DELIVERED")
-        assert ev[1] == chat.id
-        assert ev[2] == prepared_original.id
-        ev = ac1._evlogger.get_matching("DC_EVENT_MSG_DELIVERED")
-        assert ev[1] == chat2.id
-        assert ev[2] == forwarded_id
+        ev = ac1._evtracker.get_matching("DC_EVENT_MSG_DELIVERED")
+        assert ev.data1 == chat.id
+        assert ev.data2 == prepared_original.id
+        ev = ac1._evtracker.get_matching("DC_EVENT_MSG_DELIVERED")
+        assert ev.data1 == chat2.id
+        assert ev.data2 == forwarded_id

        lp.sec("wait1 for original or forwarded messages to arrive")
-        ev1 = ac2._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
-        assert ev1[1] > const.DC_CHAT_ID_LAST_SPECIAL
-        received_original = ac2.get_message_by_id(ev1[2])
+        ev1 = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
+        assert ev1.data1 > const.DC_CHAT_ID_LAST_SPECIAL
+        received_original = ac2.get_message_by_id(ev1.data2)
        assert cmp(received_original.filename, orig, shallow=False)

        lp.sec("wait2 for original or forwarded messages to arrive")
-        ev2 = ac2._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
-        assert ev2[1] > const.DC_CHAT_ID_LAST_SPECIAL
-        assert ev2[1] != ev1[1]
-        received_copy = ac2.get_message_by_id(ev2[2])
+        ev2 = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
+        assert ev2.data1 > const.DC_CHAT_ID_LAST_SPECIAL
+        assert ev2.data1 != ev1.data1
+        received_copy = ac2.get_message_by_id(ev2.data2)
        assert cmp(received_copy.filename, orig, shallow=False)
--- a/python/tests/test_lowlevel.py
+++ b/python/tests/test_lowlevel.py
@@ -1,5 +1,7 @@
 from __future__ import print_function
 from deltachat import capi, cutil, const, set_context_callback, clear_context_callback
+from deltachat import register_global_plugin
+from deltachat.hookspec import global_hookimpl
 from deltachat.capi import ffi
 from deltachat.capi import lib

@@ -16,21 +18,31 @@ def test_callback_None2int():
    clear_context_callback(ctx)


-def test_dc_close_events(tmpdir):
-    from deltachat.account import Account
-    p = tmpdir.join("hello.db")
-    ac1 = Account(p.strpath)
+def test_dc_close_events(tmpdir, acfactory):
+    ac1 = acfactory.get_unconfigured_account()
+
+    # register after_shutdown function
+    shutdowns = []
+
+    class ShutdownPlugin:
+        @global_hookimpl
+        def dc_account_after_shutdown(self, account):
+            assert account._dc_context is None
+            shutdowns.append(account)
+    register_global_plugin(ShutdownPlugin())
+    assert hasattr(ac1, "_dc_context")
    ac1.shutdown()
+    assert shutdowns == [ac1]

    def find(info_string):
-        evlog = ac1._evlogger
+        evlog = ac1._evtracker
        while 1:
            ev = evlog.get_matching("DC_EVENT_INFO", check_error=False)
-            data2 = ev[2]
+            data2 = ev.data2
            if info_string in data2:
                return
            else:
-                print("skipping event", *ev)
+                print("skipping event", ev)

    find("disconnecting inbox-thread")
    find("disconnecting sentbox-thread")
@@ -80,10 +92,10 @@ def test_markseen_invalid_message_ids(acfactory):
    contact1 = ac1.create_contact(email="some1@example.com", name="some1")
    chat = ac1.create_chat_by_contact(contact1)
    chat.send_text("one messae")
-    ac1._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
+    ac1._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
    msg_ids = [9]
    lib.dc_markseen_msgs(ac1._dc_context, msg_ids, len(msg_ids))
-    ac1._evlogger.ensure_event_not_queued("DC_EVENT_WARNING|DC_EVENT_ERROR")
+    ac1._evtracker.ensure_event_not_queued("DC_EVENT_WARNING|DC_EVENT_ERROR")


 def test_get_special_message_id_returns_empty_message(acfactory):
--- a/python/tox.ini
+++ b/python/tox.ini
@@ -7,13 +7,14 @@ envlist =

 [testenv]
 commands = 
-    pytest -n6 --reruns 2 --reruns-delay 5 -v -rsXx --ignored {posargs:tests}
+    pytest -n6 --reruns 2 --reruns-delay 5 -v -rsXx --ignored {posargs: tests examples}
    python tests/package_wheels.py {toxworkdir}/wheelhouse
 passenv = 
    TRAVIS 
    DCC_RS_DEV
    DCC_RS_TARGET
    DCC_PY_LIVECONFIG
+    DCC_NEW_TMP_EMAIL 
    CARGO_TARGET_DIR
    RUSTC_WRAPPER
 deps = 
@@ -40,13 +41,13 @@ deps =
    restructuredtext_lint 
 commands =
    flake8 src/deltachat
-    flake8 tests/
+    flake8 tests/ examples/
    rst-lint --encoding 'utf-8' README.rst

 [testenv:doc]
 changedir=doc
 deps =
-    sphinx==2.2.0
+    sphinx
    breathe
 commands =
    sphinx-build -Q -w toxdoc-warnings.log -b html . _build/html
@@ -66,7 +67,6 @@ commands =

 [pytest]
 addopts = -v -ra --strict-markers
-python_files = tests/test_*.py
 norecursedirs = .tox 
 xfail_strict=true
 timeout = 90
--- a/2
+++ b/2
@@ -1 +1 @@
-nightly-2019-11-06
+nightly-2020-03-12
--- a/src/aheader.rs
+++ b/src/aheader.rs
@@ -75,7 +75,7 @@ impl Aheader {
        wanted_from: &str,
        headers: &[mailparse::MailHeader<'_>],
    ) -> Option<Self> {
-        if let Ok(Some(value)) = headers.get_header_value(HeaderDef::Autocrypt) {
+        if let Some(value) = headers.get_header_value(HeaderDef::Autocrypt) {
            match Self::from_str(&value) {
                Ok(header) => {
                    if addr_cmp(&header.addr, wanted_from) {
@@ -127,14 +127,10 @@ impl str::FromStr for Aheader {
            .split(';')
            .filter_map(|a| {
                let attribute: Vec<&str> = a.trim().splitn(2, '=').collect();
-                if attribute.len() < 2 {
-                    return None;
+                match &attribute[..] {
+                    [key, value] => Some((key.trim().to_string(), value.trim().to_string())),
+                    _ => None,
                }
-
-                Some((
-                    attribute[0].trim().to_string(),
-                    attribute[1].trim().to_string(),
-                ))
            })
            .collect();

--- a/src/blob.rs
+++ b/src/blob.rs
@@ -6,13 +6,13 @@ use std::fs;
 use std::io::Write;
 use std::path::{Path, PathBuf};

-use self::image::GenericImageView;
+use image::GenericImageView;
+use thiserror::Error;
+
 use crate::constants::AVATAR_SIZE;
 use crate::context::Context;
 use crate::events::Event;

-extern crate image;
-
 /// Represents a file in the blob directory.
 ///
 /// The object has a name, which will always be valid UTF-8.  Having a
@@ -56,7 +56,6 @@ impl<'a> BlobObject<'a> {
                blobdir: blobdir.to_path_buf(),
                blobname: name.clone(),
                cause: err,
-                backtrace: failure::Backtrace::new(),
            })?;
        let blob = BlobObject {
            blobdir,
@@ -84,7 +83,6 @@ impl<'a> BlobObject<'a> {
                            blobdir: dir.to_path_buf(),
                            blobname: name,
                            cause: err,
-                            backtrace: failure::Backtrace::new(),
                        });
                    } else {
                        name = format!("{}-{}{}", stem, rand::random::<u32>(), ext);
@@ -97,7 +95,6 @@ impl<'a> BlobObject<'a> {
            blobdir: dir.to_path_buf(),
            blobname: name,
            cause: std::io::Error::new(std::io::ErrorKind::Other, "supposedly unreachable"),
-            backtrace: failure::Backtrace::new(),
        })
    }

@@ -122,7 +119,6 @@ impl<'a> BlobObject<'a> {
            blobname: String::from(""),
            src: src.as_ref().to_path_buf(),
            cause: err,
-            backtrace: failure::Backtrace::new(),
        })?;
        let (stem, ext) = BlobObject::sanitise_name(&src.as_ref().to_string_lossy());
        let (name, mut dst_file) = BlobObject::create_new_file(context.get_blobdir(), &stem, &ext)?;
@@ -138,7 +134,6 @@ impl<'a> BlobObject<'a> {
                blobname: name_for_err,
                src: src.as_ref().to_path_buf(),
                cause: err,
-                backtrace: failure::Backtrace::new(),
            }
        })?;
        let blob = BlobObject {
@@ -198,17 +193,14 @@ impl<'a> BlobObject<'a> {
            .map_err(|_| BlobError::WrongBlobdir {
                blobdir: context.get_blobdir().to_path_buf(),
                src: path.as_ref().to_path_buf(),
-                backtrace: failure::Backtrace::new(),
            })?;
        if !BlobObject::is_acceptible_blob_name(&rel_path) {
            return Err(BlobError::WrongName {
                blobname: path.as_ref().to_path_buf(),
-                backtrace: failure::Backtrace::new(),
            });
        }
        let name = rel_path.to_str().ok_or_else(|| BlobError::WrongName {
            blobname: path.as_ref().to_path_buf(),
-            backtrace: failure::Backtrace::new(),
        })?;
        BlobObject::from_name(context, name.to_string())
    }
@@ -236,7 +228,6 @@ impl<'a> BlobObject<'a> {
        if !BlobObject::is_acceptible_blob_name(&name) {
            return Err(BlobError::WrongName {
                blobname: PathBuf::from(name),
-                backtrace: failure::Backtrace::new(),
            });
        }
        Ok(BlobObject {
@@ -359,7 +350,6 @@ impl<'a> BlobObject<'a> {
            blobdir: context.get_blobdir().to_path_buf(),
            blobname: blob_abs.to_str().unwrap_or_default().to_string(),
            cause: err,
-            backtrace: failure::Backtrace::new(),
        })?;

        if img.width() <= AVATAR_SIZE && img.height() <= AVATAR_SIZE {
@@ -372,7 +362,6 @@ impl<'a> BlobObject<'a> {
            blobdir: context.get_blobdir().to_path_buf(),
            blobname: blob_abs.to_str().unwrap_or_default().to_string(),
            cause: err,
-            backtrace: failure::Backtrace::new(),
        })?;

        Ok(())
@@ -386,98 +375,41 @@ impl<'a> fmt::Display for BlobObject<'a> {
 }

 /// Errors for the [BlobObject].
-#[derive(Fail, Debug)]
+#[derive(Debug, Error)]
 pub enum BlobError {
+    #[error("Failed to create blob {blobname} in {}", .blobdir.display())]
    CreateFailure {
        blobdir: PathBuf,
        blobname: String,
-        #[cause]
+        #[source]
        cause: std::io::Error,
-        backtrace: failure::Backtrace,
    },
+    #[error("Failed to write data to blob {blobname} in {}", .blobdir.display())]
    WriteFailure {
        blobdir: PathBuf,
        blobname: String,
-        #[cause]
+        #[source]
        cause: std::io::Error,
-        backtrace: failure::Backtrace,
    },
+    #[error("Failed to copy data from {} to blob {blobname} in {}", .src.display(), .blobdir.display())]
    CopyFailure {
        blobdir: PathBuf,
        blobname: String,
        src: PathBuf,
-        #[cause]
+        #[source]
        cause: std::io::Error,
-        backtrace: failure::Backtrace,
    },
+    #[error("Failed to recode to blob {blobname} in {}", .blobdir.display())]
    RecodeFailure {
        blobdir: PathBuf,
        blobname: String,
-        #[cause]
+        #[source]
        cause: image::ImageError,
-        backtrace: failure::Backtrace,
    },
-    WrongBlobdir {
-        blobdir: PathBuf,
-        src: PathBuf,
-        backtrace: failure::Backtrace,
-    },
-    WrongName {
-        blobname: PathBuf,
-        backtrace: failure::Backtrace,
-    },
-}
-
-// Implementing Display is done by hand because the failure
-// #[fail(display = "...")] syntax does not allow using
-// `blobdir.display()`.
-impl fmt::Display for BlobError {
-    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        // Match on the data rather than kind, they are equivalent for
-        // identifying purposes but contain the actual data we need.
-        match &self {
-            BlobError::CreateFailure {
-                blobdir, blobname, ..
-            } => write!(
-                f,
-                "Failed to create blob {} in {}",
-                blobname,
-                blobdir.display()
-            ),
-            BlobError::WriteFailure {
-                blobdir, blobname, ..
-            } => write!(
-                f,
-                "Failed to write data to blob {} in {}",
-                blobname,
-                blobdir.display()
-            ),
-            BlobError::CopyFailure {
-                blobdir,
-                blobname,
-                src,
-                ..
-            } => write!(
-                f,
-                "Failed to copy data from {} to blob {} in {}",
-                src.display(),
-                blobname,
-                blobdir.display(),
-            ),
-            BlobError::RecodeFailure {
-                blobdir, blobname, ..
-            } => write!(f, "Failed to recode {} in {}", blobname, blobdir.display(),),
-            BlobError::WrongBlobdir { blobdir, src, .. } => write!(
-                f,
-                "File path {} is not in blobdir {}",
-                src.display(),
-                blobdir.display(),
-            ),
-            BlobError::WrongName { blobname, .. } => {
-                write!(f, "Blob has a bad name: {}", blobname.display(),)
-            }
-        }
-    }
+    #[error("File path {} is not in {}", .src.display(), .blobdir.display())]
+    WrongBlobdir { blobdir: PathBuf, src: PathBuf },
+    #[error("Blob has a badname {}", .blobname.display())]
+    WrongName { blobname: PathBuf },
 }

 #[cfg(test)]
--- a/src/chat.rs
+++ b/src/chat.rs
@@ -15,7 +15,7 @@ use crate::constants::*;
 use crate::contact::*;
 use crate::context::Context;
 use crate::dc_tools::*;
-use crate::error::Error;
+use crate::error::{bail, ensure, format_err, Error};
 use crate::events::Event;
 use crate::job::*;
 use crate::message::{self, InvalidMsgId, Message, MessageState, MsgId};
@@ -286,10 +286,7 @@ impl ChatId {
    /// Returns `true`, if message was deleted, `false` otherwise.
    fn maybe_delete_draft(self, context: &Context) -> bool {
        match self.get_draft_msg_id(context) {
-            Some(msg_id) => {
-                Message::delete_from_db(context, msg_id);
-                true
-            }
+            Some(msg_id) => msg_id.delete_from_db(context).is_ok(),
            None => false,
        }
    }
@@ -327,7 +324,7 @@ impl ChatId {
                time(),
                msg.viewtype,
                MessageState::OutDraft,
-                msg.text.as_ref().map(String::as_str).unwrap_or(""),
+                msg.text.as_deref().unwrap_or(""),
                msg.param.to_string(),
                1,
            ],
@@ -362,6 +359,74 @@ impl ChatId {
            .unwrap_or_default() as usize
    }

+    pub(crate) fn get_param(self, context: &Context) -> Result<Params, Error> {
+        let res: Option<String> = context
+            .sql
+            .query_get_value_result("SELECT param FROM chats WHERE id=?", params![self])?;
+        Ok(res
+            .map(|s| s.parse().unwrap_or_default())
+            .unwrap_or_default())
+    }
+
+    // Returns true if chat is a saved messages chat.
+    pub fn is_self_talk(self, context: &Context) -> Result<bool, Error> {
+        Ok(self.get_param(context)?.exists(Param::Selftalk))
+    }
+
+    /// Returns true if chat is a device chat.
+    pub fn is_device_talk(self, context: &Context) -> Result<bool, Error> {
+        Ok(self.get_param(context)?.exists(Param::Devicetalk))
+    }
+
+    fn parent_query<T, F>(self, context: &Context, fields: &str, f: F) -> sql::Result<Option<T>>
+    where
+        F: FnOnce(&rusqlite::Row) -> rusqlite::Result<T>,
+    {
+        let sql = &context.sql;
+        let query = format!(
+            "SELECT {} \
+             FROM msgs WHERE chat_id=? AND state NOT IN (?, ?, ?, ?) \
+             ORDER BY timestamp DESC, id DESC \
+             LIMIT 1;",
+            fields
+        );
+        sql.query_row_optional(
+            query,
+            params![
+                self,
+                MessageState::OutPreparing,
+                MessageState::OutDraft,
+                MessageState::OutPending,
+                MessageState::OutFailed
+            ],
+            f,
+        )
+    }
+
+    fn get_parent_mime_headers(self, context: &Context) -> Option<(String, String, String)> {
+        let collect = |row: &rusqlite::Row| Ok((row.get(0)?, row.get(1)?, row.get(2)?));
+        self.parent_query(
+            context,
+            "rfc724_mid, mime_in_reply_to, mime_references",
+            collect,
+        )
+        .ok()
+        .flatten()
+    }
+
+    fn parent_is_encrypted(self, context: &Context) -> Result<bool, Error> {
+        let collect = |row: &rusqlite::Row| Ok(row.get(0)?);
+        let packed: Option<String> = self.parent_query(context, "param", collect)?;
+
+        if let Some(ref packed) = packed {
+            let param = packed.parse::<Params>()?;
+            Ok(param.exists(Param::GuaranteeE2ee))
+        } else {
+            // No messages
+            Ok(false)
+        }
+    }
+
    /// Bad evil escape hatch.
    ///
    /// Avoid using this, eventually types should be cleaned up enough
@@ -509,9 +574,13 @@ impl Chat {
        self.param.exists(Param::Devicetalk)
    }

+    pub fn is_mailing_list(&self) -> bool {
+        self.param.exists(Param::MailingList)
+    }
+
    /// Returns true if user can send messages to this chat.
    pub fn can_send(&self) -> bool {
-        !self.id.is_special() && !self.is_device_talk()
+        !self.id.is_special() && !self.is_device_talk() && !self.is_mailing_list()
    }

    pub fn update_param(&mut self, context: &Context) -> Result<(), Error> {
@@ -560,6 +629,10 @@ impl Chat {
                .unwrap_or_else(|| "Err".into());
        }

+        if self.typ == Chattype::Group && self.is_mailing_list() {
+            return "".to_string();
+        }
+
        if self.typ == Chattype::Group || self.typ == Chattype::VerifiedGroup {
            if self.id.is_deaddrop() {
                return context.stock_str(StockMessage::DeadDrop).into();
@@ -571,44 +644,6 @@ impl Chat {
        "Err".to_string()
    }

-    fn parent_query(fields: &str) -> String {
-        // Check for server_uid guarantees that we don't
-        // select a draft or undelivered message.
-        format!(
-            "SELECT {} \
-             FROM msgs WHERE chat_id=?1 AND server_uid!=0 \
-             ORDER BY timestamp DESC, id DESC \
-             LIMIT 1;",
-            fields
-        )
-    }
-
-    fn get_parent_mime_headers(&self, context: &Context) -> Option<(String, String, String)> {
-        let collect = |row: &rusqlite::Row| Ok((row.get(0)?, row.get(1)?, row.get(2)?));
-        let params = params![self.id];
-        let sql = &context.sql;
-
-        let query = Self::parent_query("rfc724_mid, mime_in_reply_to, mime_references");
-
-        sql.query_row(&query, params, collect).ok()
-    }
-
-    fn parent_is_encrypted(&self, context: &Context) -> Result<bool, Error> {
-        let sql = &context.sql;
-        let params = params![self.id];
-        let query = Self::parent_query("param");
-
-        let packed: Option<String> = sql.query_get_value_result(&query, params)?;
-
-        if let Some(ref packed) = packed {
-            let param = packed.parse::<Params>()?;
-            Ok(param.exists(Param::GuaranteeE2ee))
-        } else {
-            // No messages
-            Ok(false)
-        }
-    }
-
    pub fn get_profile_image(&self, context: &Context) -> Option<PathBuf> {
        if let Some(image_rel) = self.param.get(Param::ProfileImage) {
            if !image_rel.is_empty() {
@@ -815,7 +850,7 @@ impl Chat {
                    }
                }

-                if can_encrypt && (all_mutual || self.parent_is_encrypted(context)?) {
+                if can_encrypt && (all_mutual || self.id.parent_is_encrypted(context)?) {
                    msg.param.set_int(Param::GuaranteeE2ee, 1);
                }
            }
@@ -830,7 +865,7 @@ impl Chat {
            // we do not set In-Reply-To/References in this case.
            if !self.is_self_talk() {
                if let Some((parent_rfc724_mid, parent_in_reply_to, parent_references)) =
-                    self.get_parent_mime_headers(context)
+                    self.id.get_parent_mime_headers(context)
                {
                    if !parent_rfc724_mid.is_empty() {
                        new_in_reply_to = parent_rfc724_mid.clone();
@@ -1070,7 +1105,11 @@ pub fn create_by_msg_id(context: &Context, msg_id: MsgId) -> Result<ChatId, Erro
            msg_id: MsgId::new(0),
        });
    }
-    Contact::scaleup_origin_by_id(context, msg.from_id, Origin::CreateChat);
+
+    // If the message is from a mailing list, the contacts are not counted as "known"
+    if !chat.is_mailing_list() {
+        Contact::scaleup_origin_by_id(context, msg.from_id, Origin::CreateChat);
+    }
    Ok(chat.id)
 }

@@ -1450,6 +1489,18 @@ pub fn get_chat_msgs(
    flags: u32,
    marker1before: Option<MsgId>,
 ) -> Vec<MsgId> {
+    match hide_device_expired_messages(context) {
+        Err(err) => warn!(context, "Failed to delete expired messages: {}", err),
+        Ok(messages_deleted) => {
+            if messages_deleted {
+                context.call_cb(Event::MsgsChanged {
+                    msg_id: MsgId::new(0),
+                    chat_id: ChatId::new(0),
+                })
+            }
+        }
+    }
+
    let process_row =
        |row: &rusqlite::Row| Ok((row.get::<_, MsgId>("id")?, row.get::<_, i64>("timestamp")?));
    let process_rows = |rows: rusqlite::MappedRows<_>| {
@@ -1584,6 +1635,47 @@ pub fn marknoticed_all_chats(context: &Context) -> Result<(), Error> {
    Ok(())
 }

+/// Hides messages which are expired according to "delete_device_after" setting.
+///
+/// Returns true if any message is hidden, so event can be emitted. If nothing
+/// has been hidden, returns false.
+pub fn hide_device_expired_messages(context: &Context) -> Result<bool, Error> {
+    if let Some(delete_device_after) = context.get_config_delete_device_after() {
+        let threshold_timestamp = time() - delete_device_after;
+
+        let self_chat_id = lookup_by_contact_id(context, DC_CONTACT_ID_SELF)
+            .unwrap_or_default()
+            .0;
+        let device_chat_id = lookup_by_contact_id(context, DC_CONTACT_ID_DEVICE)
+            .unwrap_or_default()
+            .0;
+
+        // Hide expired messages
+        //
+        // Only update the rows that have to be updated, to avoid emitting
+        // unnecessary "chat modified" events.
+        let rows_modified = context.sql.execute(
+            "UPDATE msgs \
+             SET txt = 'DELETED', hidden = 1 \
+             WHERE timestamp < ? \
+             AND chat_id > ? \
+             AND chat_id != ? \
+             AND chat_id != ? \
+             AND NOT hidden",
+            params![
+                threshold_timestamp,
+                DC_CHAT_ID_LAST_SPECIAL,
+                self_chat_id,
+                device_chat_id
+            ],
+        )?;
+
+        Ok(rows_modified > 0)
+    } else {
+        Ok(false)
+    }
+}
+
 pub fn get_chat_media(
    context: &Context,
    chat_id: ChatId,
@@ -1658,17 +1750,17 @@ pub fn get_next_media(
            msg_type2,
            msg_type3,
        );
-        for i in 0..list.len() {
-            if curr_msg_id == list[i] {
+        for (i, msg_id) in list.iter().enumerate() {
+            if curr_msg_id == *msg_id {
                match direction {
                    Direction::Forward => {
                        if i + 1 < list.len() {
-                            ret = Some(list[i + 1]);
+                            ret = list.get(i + 1).copied();
                        }
                    }
                    Direction::Backward => {
                        if i >= 1 {
-                            ret = Some(list[i - 1]);
+                            ret = list.get(i - 1).copied();
                        }
                    }
                }
@@ -1750,36 +1842,68 @@ pub fn create_group_chat(
    Ok(chat_id)
 }

+/// add a contact to the chats_contact table
+/// on success emit MemberAdded event and return true
 pub(crate) fn add_to_chat_contacts_table(
    context: &Context,
    chat_id: ChatId,
    contact_id: u32,
 ) -> bool {
-    // add a contact to a chat; the function does not check the type or if any of the record exist or are already
-    // added to the chat!
-    sql::execute(
+    match sql::execute(
        context,
        &context.sql,
        "INSERT INTO chats_contacts (chat_id, contact_id) VALUES(?, ?)",
        params![chat_id, contact_id as i32],
-    )
-    .is_ok()
+    ) {
+        Ok(()) => {
+            context.call_cb(Event::MemberAdded {
+                chat_id,
+                contact_id,
+            });
+
+            true
+        }
+        Err(err) => {
+            error!(
+                context,
+                "could not add {} to chat {} table: {}", contact_id, chat_id, err
+            );
+
+            false
+        }
+    }
 }

+/// remove a contact from the chats_contact table
+/// on success emit MemberRemoved event and return true
 pub(crate) fn remove_from_chat_contacts_table(
    context: &Context,
    chat_id: ChatId,
    contact_id: u32,
 ) -> bool {
-    // remove a contact from the chats_contact table unconditionally
-    // the function does not check the type or if the record exist
-    sql::execute(
+    match sql::execute(
        context,
        &context.sql,
        "DELETE FROM chats_contacts WHERE chat_id=? AND contact_id=?",
        params![chat_id, contact_id as i32],
-    )
-    .is_ok()
+    ) {
+        Ok(()) => {
+            context.call_cb(Event::MemberRemoved {
+                chat_id,
+                contact_id,
+            });
+
+            true
+        }
+        Err(_) => {
+            warn!(
+                context,
+                "could not remove contact {:?} from chat {:?}", contact_id, chat_id
+            );
+
+            false
+        }
+    }
 }

 /// Adds a contact to the chat.
@@ -1873,16 +1997,9 @@ pub(crate) fn add_contact_to_chat_ex(
        msg.param.set_cmd(SystemMessage::MemberAddedToGroup);
        msg.param.set(Param::Arg, contact.get_addr());
        msg.param.set_int(Param::Arg2, from_handshake.into());
+
        msg.id = send_msg(context, chat_id, &mut msg)?;
-        context.call_cb(Event::MsgsChanged {
-            chat_id,
-            msg_id: msg.id,
-        });
    }
-    context.call_cb(Event::MsgsChanged {
-        chat_id,
-        msg_id: MsgId::new(0),
-    });
    context.call_cb(Event::ChatModified(chat_id));
    Ok(true)
 }
@@ -2064,7 +2181,6 @@ pub fn remove_contact_from_chat(
                    )
                );
            } else {
-                /* we should respect this - whatever we send to the group, it gets discarded anyway! */
                if let Ok(contact) = Contact::get_by_id(context, contact_id) {
                    if chat.is_promoted() {
                        msg.viewtype = Viewtype::Text;
@@ -2093,10 +2209,18 @@ pub fn remove_contact_from_chat(
                        });
                    }
                }
-                if remove_from_chat_contacts_table(context, chat_id, contact_id) {
-                    context.call_cb(Event::ChatModified(chat_id));
-                    success = true;
-                }
+                // we remove the member from the chat after constructing the
+                // to-be-send message. If between send_msg() and here the
+                // process dies the user will have to re-do the action.  It's
+                // better than the other way round: you removed
+                // someone from DB but no peer or device gets to know about it and
+                // group membership is thus different on different devices.
+                // Note also that sending a message needs all recipients
+                // in order to correctly determine encryption so if we
+                // removed it first, it would complicate the
+                // check/encryption logic.
+                success = remove_from_chat_contacts_table(context, chat_id, contact_id);
+                context.call_cb(Event::ChatModified(chat_id));
            }
        }
    }
@@ -2390,6 +2514,22 @@ pub(crate) fn get_chat_id_by_grpid(
    )
 }

+pub(crate) fn get_chat_id_by_mailinglistid(
+    context: &Context,
+    listid: impl AsRef<str>,
+) -> Result<(ChatId, Blocked), sql::Error> {
+    context.sql.query_row(
+        "SELECT id, blocked, type FROM chats WHERE grpid=?;",
+        params![listid.as_ref()],
+        |row| {
+            let chat_id = row.get::<_, ChatId>(0)?;
+
+            let b = row.get::<_, Option<Blocked>>(1)?.unwrap_or_default();
+            Ok((chat_id, b))
+        },
+    )
+}
+
 /// Adds a message to device chat.
 ///
 /// Optional `label` can be provided to ensure that message is added only once.
@@ -3051,4 +3191,16 @@ mod tests {
            false
        );
    }
+
+    #[test]
+    fn test_parent_is_encrypted() {
+        let t = dummy_context();
+        let chat_id = create_group_chat(&t.ctx, VerifiedStatus::Unverified, "foo").unwrap();
+        assert!(!chat_id.parent_is_encrypted(&t.ctx).unwrap());
+
+        let mut msg = Message::new(Viewtype::Text);
+        msg.set_text(Some("hello".to_string()));
+        chat_id.set_draft(&t.ctx, Some(&mut msg));
+        assert!(!chat_id.parent_is_encrypted(&t.ctx).unwrap());
+    }
 }
--- a/src/chatlist.rs
+++ b/src/chatlist.rs
@@ -1,10 +1,11 @@
 //! # Chat list module

+use crate::chat;
 use crate::chat::*;
 use crate::constants::*;
 use crate::contact::*;
 use crate::context::*;
-use crate::error::Result;
+use crate::error::{bail, ensure, Result};
 use crate::lot::Lot;
 use crate::message::{Message, MessageState, MsgId};
 use crate::stock::StockMessage;
@@ -73,6 +74,9 @@ impl Chatlist {
    ///   if DC_GCL_ARCHIVED_ONLY is not set, only unarchived chats are returned and
    ///   the pseudo-chat DC_CHAT_ID_ARCHIVED_LINK is added if there are *any* archived
    ///   chats
+    /// - the flag DC_GCL_FOR_FORWARDING sorts "Saved messages" to the top of the chatlist
+    ///   and hides the device-chat,
+    //    typically used on forwarding, may be combined with DC_GCL_NO_SPECIALS
    /// - if the flag DC_GCL_NO_SPECIALS is set, deaddrop and archive link are not added
    ///   to the list (may be used eg. for selecting chats on forwarding, the flag is
    ///   not needed when DC_GCL_ARCHIVED_ONLY is already set)
@@ -88,6 +92,12 @@ impl Chatlist {
        query: Option<&str>,
        query_contact_id: Option<u32>,
    ) -> Result<Self> {
+        // Note that we do not emit DC_EVENT_MSGS_MODIFIED here even if some
+        // messages get hidden to avoid reloading the same chatlist.
+        if let Err(err) = hide_device_expired_messages(context) {
+            warn!(context, "Failed to hide expired messages: {}", err);
+        }
+
        let mut add_archived_link_item = false;

        let process_row = |row: &rusqlite::Row| {
@@ -101,6 +111,14 @@ impl Chatlist {
                .map_err(Into::into)
        };

+        let skip_id = if 0 != listflags & DC_GCL_FOR_FORWARDING {
+            chat::lookup_by_contact_id(context, DC_CONTACT_ID_DEVICE)
+                .unwrap_or_default()
+                .0
+        } else {
+            ChatId::new(0)
+        };
+
        // select with left join and minimum:
        //
        // - the inner select must use `hidden` and _not_ `m.hidden`
@@ -139,6 +157,9 @@ impl Chatlist {
            )?
        } else if 0 != listflags & DC_GCL_ARCHIVED_ONLY {
            // show archived chats
+            // (this includes the archived device-chat; we could skip it,
+            // however, then the number of archived chats do not match, which might be even more irritating.
+            // and adapting the number requires larger refactorings and seems not to be worth the effort)
            context.sql.query_map(
                "SELECT c.id, m.id
                 FROM chats c
@@ -178,18 +199,25 @@ impl Chatlist {
                               SELECT MAX(timestamp)
                                 FROM msgs
                                WHERE chat_id=c.id
-                                  AND (hidden=0 OR state=?))
-                 WHERE c.id>9
+                                  AND (hidden=0 OR state=?1))
+                 WHERE c.id>9 AND c.id!=?2
                   AND c.blocked=0
-                   AND c.name LIKE ?
+                   AND c.name LIKE ?3
                 GROUP BY c.id
                 ORDER BY IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
-                params![MessageState::OutDraft, str_like_cmd],
+                params![MessageState::OutDraft, skip_id, str_like_cmd],
                process_row,
                process_rows,
            )?
        } else {
            //  show normal chatlist
+            let sort_id_up = if 0 != listflags & DC_GCL_FOR_FORWARDING {
+                chat::lookup_by_contact_id(context, DC_CONTACT_ID_SELF)
+                    .unwrap_or_default()
+                    .0
+            } else {
+                ChatId::new(0)
+            };
            let mut ids = context.sql.query_map(
                "SELECT c.id, m.id
                 FROM chats c
@@ -200,21 +228,23 @@ impl Chatlist {
                                 FROM msgs
                                WHERE chat_id=c.id
                                  AND (hidden=0 OR state=?1))
-                 WHERE c.id>9
+                 WHERE c.id>9 AND c.id!=?2
                   AND c.blocked=0
-                   AND NOT c.archived=?2
+                   AND NOT c.archived=?3
                 GROUP BY c.id
-                 ORDER BY c.archived=?3 DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
-                params![MessageState::OutDraft, ChatVisibility::Archived, ChatVisibility::Pinned],
+                 ORDER BY c.id=?4 DESC, c.archived=?5 DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                params![MessageState::OutDraft, skip_id, ChatVisibility::Archived, sort_id_up, ChatVisibility::Pinned],
                process_row,
                process_rows,
            )?;
            if 0 == listflags & DC_GCL_NO_SPECIALS {
                if let Some(last_deaddrop_fresh_msg_id) = get_last_deaddrop_fresh_msg(context) {
-                    ids.insert(
-                        0,
-                        (ChatId::new(DC_CHAT_ID_DEADDROP), last_deaddrop_fresh_msg_id),
-                    );
+                    if 0 == listflags & DC_GCL_FOR_FORWARDING {
+                        ids.insert(
+                            0,
+                            (ChatId::new(DC_CHAT_ID_DEADDROP), last_deaddrop_fresh_msg_id),
+                        );
+                    }
                }
                add_archived_link_item = true;
            }
@@ -245,18 +275,20 @@ impl Chatlist {
    ///
    /// To get the message object from the message ID, use dc_get_chat().
    pub fn get_chat_id(&self, index: usize) -> ChatId {
-        if index >= self.ids.len() {
-            return ChatId::new(0);
+        match self.ids.get(index) {
+            Some((chat_id, _msg_id)) => *chat_id,
+            None => ChatId::new(0),
        }
-        self.ids[index].0
    }

    /// Get a single message ID of a chatlist.
    ///
    /// To get the message object from the message ID, use dc_get_msg().
    pub fn get_msg_id(&self, index: usize) -> Result<MsgId> {
-        ensure!(index < self.ids.len(), "Chatlist index out of range");
-        Ok(self.ids[index].1)
+        match self.ids.get(index) {
+            Some((_chat_id, msg_id)) => Ok(*msg_id),
+            None => bail!("Chatlist index out of range"),
+        }
    }

    /// Get a summary for a chatlist index.
@@ -280,25 +312,27 @@ impl Chatlist {
        // Also, sth. as "No messages" would not work if the summary comes from a message.
        let mut ret = Lot::new();

-        if index >= self.ids.len() {
-            ret.text2 = Some("ErrBadChatlistIndex".to_string());
-            return ret;
-        }
+        let (chat_id, lastmsg_id) = match self.ids.get(index) {
+            Some(ids) => ids,
+            None => {
+                ret.text2 = Some("ErrBadChatlistIndex".to_string());
+                return ret;
+            }
+        };

        let chat_loaded: Chat;
        let chat = if let Some(chat) = chat {
            chat
-        } else if let Ok(chat) = Chat::load_from_db(context, self.ids[index].0) {
+        } else if let Ok(chat) = Chat::load_from_db(context, *chat_id) {
            chat_loaded = chat;
            &chat_loaded
        } else {
            return ret;
        };

-        let lastmsg_id = self.ids[index].1;
        let mut lastcontact = None;

-        let lastmsg = if let Ok(lastmsg) = Message::load_from_db(context, lastmsg_id) {
+        let lastmsg = if let Ok(lastmsg) = Message::load_from_db(context, *lastmsg_id) {
            if lastmsg.from_id != DC_CONTACT_ID_SELF
                && (chat.typ == Chattype::Group || chat.typ == Chattype::VerifiedGroup)
            {
@@ -399,6 +433,25 @@ mod tests {
        assert_eq!(chats.len(), 1);
    }

+    #[test]
+    fn test_sort_self_talk_up_on_forward() {
+        let t = dummy_context();
+        t.ctx.update_device_chats().unwrap();
+        create_group_chat(&t.ctx, VerifiedStatus::Unverified, "a chat").unwrap();
+
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert!(chats.len() == 3);
+        assert!(!Chat::load_from_db(&t.ctx, chats.get_chat_id(0))
+            .unwrap()
+            .is_self_talk());
+
+        let chats = Chatlist::try_load(&t.ctx, DC_GCL_FOR_FORWARDING, None, None).unwrap();
+        assert!(chats.len() == 2); // device chat cannot be written and is skipped on forwarding
+        assert!(Chat::load_from_db(&t.ctx, chats.get_chat_id(0))
+            .unwrap()
+            .is_self_talk());
+    }
+
    #[test]
    fn test_search_special_chat_names() {
        let t = dummy_context();
@@ -421,4 +474,18 @@ mod tests {
        let chats = Chatlist::try_load(&t.ctx, 0, Some("t-5678-b"), None).unwrap();
        assert_eq!(chats.len(), 1);
    }
+
+    #[test]
+    fn test_get_summary_unwrap() {
+        let t = dummy_context();
+        let chat_id1 = create_group_chat(&t.ctx, VerifiedStatus::Unverified, "a chat").unwrap();
+
+        let mut msg = Message::new(Viewtype::Text);
+        msg.set_text(Some("foo:\nbar \r\n test".to_string()));
+        chat_id1.set_draft(&t.ctx, Some(&mut msg));
+
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        let summary = chats.get_summary(&t.ctx, 0, None);
+        assert_eq!(summary.get_text2().unwrap(), "foo: bar test"); // the linebreak should be removed from summary
+    }
 }
--- a/src/config.rs
+++ b/src/config.rs
@@ -4,10 +4,13 @@ use strum::{EnumProperty, IntoEnumIterator};
 use strum_macros::{AsRefStr, Display, EnumIter, EnumProperty, EnumString};

 use crate::blob::BlobObject;
+use crate::chat::ChatId;
 use crate::constants::DC_VERSION_STR;
 use crate::context::Context;
 use crate::dc_tools::*;
+use crate::events::Event;
 use crate::job::*;
+use crate::message::MsgId;
 use crate::mimefactory::RECOMMENDED_FILE_SIZE;
 use crate::stock::StockMessage;
 use rusqlite::NO_PARAMS;
@@ -65,6 +68,25 @@ pub enum Config {
    #[strum(props(default = "0"))]
    KeyGenType,

+    /// Timer in seconds after which the message is deleted from the
+    /// server.
+    ///
+    /// Equals to 0 by default, which means the message is never
+    /// deleted.
+    ///
+    /// Value 1 is treated as "delete at once": messages are deleted
+    /// immediately, without moving to DeltaChat folder.
+    #[strum(props(default = "0"))]
+    DeleteServerAfter,
+
+    /// Timer in seconds after which the message is deleted from the
+    /// device.
+    ///
+    /// Equals to 0 by default, which means the message is never
+    /// deleted.
+    #[strum(props(default = "0"))]
+    DeleteDeviceAfter,
+
    SaveMimeHeaders,
    ConfiguredAddr,
    ConfiguredMailServer,
@@ -128,6 +150,29 @@ impl Context {
        self.get_config_int(key) != 0
    }

+    /// Gets configured "delete_server_after" value.
+    ///
+    /// `None` means never delete the message, `Some(0)` means delete
+    /// at once, `Some(x)` means delete after `x` seconds.
+    pub fn get_config_delete_server_after(&self) -> Option<i64> {
+        match self.get_config_int(Config::DeleteServerAfter) {
+            0 => None,
+            1 => Some(0),
+            x => Some(x as i64),
+        }
+    }
+
+    /// Gets configured "delete_device_after" value.
+    ///
+    /// `None` means never delete the message, `Some(x)` means delete
+    /// after `x` seconds.
+    pub fn get_config_delete_device_after(&self) -> Option<i64> {
+        match self.get_config_int(Config::DeleteDeviceAfter) {
+            0 => None,
+            x => Some(x as i64),
+        }
+    }
+
    /// Set the given config key.
    /// If `None` is passed as a value the value is cleared and set to the default if there is one.
    pub fn set_config(&self, key: Config, value: Option<&str>) -> crate::sql::Result<()> {
@@ -171,6 +216,15 @@ impl Context {

                self.sql.set_raw_config(self, key, val)
            }
+            Config::DeleteDeviceAfter => {
+                let ret = self.sql.set_raw_config(self, key, value);
+                // Force chatlist reload to delete old messages immediately.
+                self.call_cb(Event::MsgsChanged {
+                    msg_id: MsgId::new(0),
+                    chat_id: ChatId::new(0),
+                });
+                ret
+            }
            _ => self.sql.set_raw_config(self, key, value),
        }
    }
--- a/src/configure/auto_mozilla.rs
+++ b/src/configure/auto_mozilla.rs
@@ -1,7 +1,6 @@
 //! # Thunderbird's Autoconfiguration implementation
 //!
 //! Documentation: https://developer.mozilla.org/en-US/docs/Mozilla/Thunderbird/Autoconfiguration */
-use quick_xml;
 use quick_xml::events::{BytesEnd, BytesStart, BytesText};

 use crate::constants::*;
@@ -9,33 +8,7 @@ use crate::context::Context;
 use crate::login_param::LoginParam;

 use super::read_url::read_url;
-
-#[derive(Debug, Fail)]
-pub enum Error {
-    #[fail(display = "Invalid email address: {:?}", _0)]
-    InvalidEmailAddress(String),
-
-    #[fail(display = "XML error at position {}", position)]
-    InvalidXml {
-        position: usize,
-        #[cause]
-        error: quick_xml::Error,
-    },
-
-    #[fail(display = "Bad or incomplete autoconfig")]
-    IncompleteAutoconfig(LoginParam),
-
-    #[fail(display = "Failed to get URL {}", _0)]
-    ReadUrlError(#[cause] super::read_url::Error),
-}
-
-pub type Result<T> = std::result::Result<T, Error>;
-
-impl From<super::read_url::Error> for Error {
-    fn from(err: super::read_url::Error) -> Error {
-        Error::ReadUrlError(err)
-    }
-}
+use super::Error;

 #[derive(Debug)]
 struct MozAutoconfigure<'a> {
@@ -65,16 +38,16 @@ enum MozConfigTag {
    Username,
 }

-fn parse_xml(in_emailaddr: &str, xml_raw: &str) -> Result<LoginParam> {
+fn parse_xml(in_emailaddr: &str, xml_raw: &str) -> Result<LoginParam, Error> {
    let mut reader = quick_xml::Reader::from_str(xml_raw);
    reader.trim_text(true);

    // Split address into local part and domain part.
-    let p = in_emailaddr
-        .find('@')
-        .ok_or_else(|| Error::InvalidEmailAddress(in_emailaddr.to_string()))?;
-    let (in_emaillocalpart, in_emaildomain) = in_emailaddr.split_at(p);
-    let in_emaildomain = &in_emaildomain[1..];
+    let parts: Vec<&str> = in_emailaddr.rsplitn(2, '@').collect();
+    let (in_emaillocalpart, in_emaildomain) = match &parts[..] {
+        [domain, local] => (local, domain),
+        _ => return Err(Error::InvalidEmailAddress(in_emailaddr.to_string())),
+    };

    let mut moz_ac = MozAutoconfigure {
        in_emailaddr,
@@ -125,7 +98,7 @@ pub fn moz_autoconfigure(
    context: &Context,
    url: &str,
    param_in: &LoginParam,
-) -> Result<LoginParam> {
+) -> Result<LoginParam, Error> {
    let xml_raw = read_url(context, url)?;

    let res = parse_xml(&param_in.addr, &xml_raw);
--- a/src/configure/auto_outlook.rs
+++ b/src/configure/auto_outlook.rs
@@ -1,6 +1,5 @@
 //! Outlook's Autodiscover

-use quick_xml;
 use quick_xml::events::BytesEnd;

 use crate::constants::*;
@@ -8,33 +7,7 @@ use crate::context::Context;
 use crate::login_param::LoginParam;

 use super::read_url::read_url;
-
-#[derive(Debug, Fail)]
-pub enum Error {
-    #[fail(display = "XML error at position {}", position)]
-    InvalidXml {
-        position: usize,
-        #[cause]
-        error: quick_xml::Error,
-    },
-
-    #[fail(display = "Bad or incomplete autoconfig")]
-    IncompleteAutoconfig(LoginParam),
-
-    #[fail(display = "Failed to get URL {}", _0)]
-    ReadUrlError(#[cause] super::read_url::Error),
-
-    #[fail(display = "Number of redirection is exceeded")]
-    RedirectionError,
-}
-
-pub type Result<T> = std::result::Result<T, Error>;
-
-impl From<super::read_url::Error> for Error {
-    fn from(err: super::read_url::Error) -> Error {
-        Error::ReadUrlError(err)
-    }
-}
+use super::Error;

 struct OutlookAutodiscover {
    pub out: LoginParam,
@@ -52,7 +25,7 @@ enum ParsingResult {
    RedirectUrl(String),
 }

-fn parse_xml(xml_raw: &str) -> Result<ParsingResult> {
+fn parse_xml(xml_raw: &str) -> Result<ParsingResult, Error> {
    let mut outlk_ad = OutlookAutodiscover {
        out: LoginParam::new(),
        out_imap_set: false,
@@ -143,7 +116,7 @@ pub fn outlk_autodiscover(
    context: &Context,
    url: &str,
    _param_in: &LoginParam,
-) -> Result<LoginParam> {
+) -> Result<LoginParam, Error> {
    let mut url = url.to_string();
    /* Follow up to 10 xml-redirects (http-redirects are followed in read_url() */
    for _i in 0..10 {
--- a/src/configure/mod.rs
+++ b/src/configure/mod.rs
@@ -12,6 +12,7 @@ use crate::config::Config;
 use crate::constants::*;
 use crate::context::Context;
 use crate::dc_tools::*;
+use crate::error::format_err;
 use crate::job::{self, job_add, job_kill_action};
 use crate::login_param::{CertificateChecks, LoginParam};
 use crate::oauth2::*;
@@ -371,7 +372,7 @@ pub(crate) fn JobConfigureImap(context: &Context) -> job::Status {
                let create_mvbox = context.get_config_bool(Config::MvboxWatch)
                    || context.get_config_bool(Config::MvboxMove);
                let imap = &context.inbox_thread.read().unwrap().imap;
-                if let Err(err) = imap.ensure_configured_folders(context, create_mvbox) {
+                if let Err(err) = imap.configure_folders(context, create_mvbox) {
                    warn!(context, "configuring folders failed: {:?}", err);
                    false
                } else {
@@ -651,6 +652,28 @@ fn try_smtp_one_param(context: &Context, param: &LoginParam) -> Option<bool> {
    }
 }

+#[derive(Debug, thiserror::Error)]
+pub enum Error {
+    #[error("Invalid email address: {0:?}")]
+    InvalidEmailAddress(String),
+
+    #[error("XML error at position {position}")]
+    InvalidXml {
+        position: usize,
+        #[source]
+        error: quick_xml::Error,
+    },
+
+    #[error("Bad or incomplete autoconfig")]
+    IncompleteAutoconfig(LoginParam),
+
+    #[error("Failed to get URL")]
+    ReadUrlError(#[from] self::read_url::Error),
+
+    #[error("Number of redirection is exceeded")]
+    RedirectionError,
+}
+
 #[cfg(test)]
 mod tests {

--- a/src/configure/read_url.rs
+++ b/src/configure/read_url.rs
@@ -1,14 +1,12 @@
 use crate::context::Context;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "URL request error")]
-    GetError(#[cause] reqwest::Error),
+    #[error("URL request error")]
+    GetError(#[from] reqwest::Error),
 }

-pub type Result<T> = std::result::Result<T, Error>;
-
-pub fn read_url(context: &Context, url: &str) -> Result<String> {
+pub fn read_url(context: &Context, url: &str) -> Result<String, Error> {
    info!(context, "Requesting URL {}", url);

    match reqwest::blocking::Client::new()
--- a/src/constants.rs
+++ b/src/constants.rs
@@ -80,6 +80,7 @@ pub(crate) const DC_FROM_HANDSHAKE: i32 = 0x01;
 pub const DC_GCL_ARCHIVED_ONLY: usize = 0x01;
 pub const DC_GCL_NO_SPECIALS: usize = 0x02;
 pub const DC_GCL_ADD_ALLDONE_HINT: usize = 0x04;
+pub const DC_GCL_FOR_FORWARDING: usize = 0x08;

 pub const DC_GCM_ADDDAYMARKER: u32 = 0x01;

@@ -196,13 +197,13 @@ pub const DC_LP_SMTP_SOCKET_SSL: usize = 0x20000;
 pub const DC_LP_SMTP_SOCKET_PLAIN: usize = 0x40000;

 /// if none of these flags are set, the default is chosen
-pub const DC_LP_AUTH_FLAGS: i32 = (DC_LP_AUTH_OAUTH2 | DC_LP_AUTH_NORMAL);
+pub const DC_LP_AUTH_FLAGS: i32 = DC_LP_AUTH_OAUTH2 | DC_LP_AUTH_NORMAL;
 /// if none of these flags are set, the default is chosen
 pub const DC_LP_IMAP_SOCKET_FLAGS: i32 =
-    (DC_LP_IMAP_SOCKET_STARTTLS | DC_LP_IMAP_SOCKET_SSL | DC_LP_IMAP_SOCKET_PLAIN);
+    DC_LP_IMAP_SOCKET_STARTTLS | DC_LP_IMAP_SOCKET_SSL | DC_LP_IMAP_SOCKET_PLAIN;
 /// if none of these flags are set, the default is chosen
 pub const DC_LP_SMTP_SOCKET_FLAGS: usize =
-    (DC_LP_SMTP_SOCKET_STARTTLS | DC_LP_SMTP_SOCKET_SSL | DC_LP_SMTP_SOCKET_PLAIN);
+    DC_LP_SMTP_SOCKET_STARTTLS | DC_LP_SMTP_SOCKET_SSL | DC_LP_SMTP_SOCKET_PLAIN;

 // QR code scanning (view from Bob, the joiner)
 pub const DC_VC_AUTH_REQUIRED: i32 = 2;
@@ -213,6 +214,9 @@ pub const DC_BOB_SUCCESS: i32 = 1;
 // max. width/height of an avatar
 pub const AVATAR_SIZE: u32 = 192;

+// this value can be increased if the folder configuration is changed and must be redone on next program start
+pub const DC_FOLDERS_CONFIGURED_VERSION: i32 = 3;
+
 #[derive(
    Debug,
    Display,
--- a/src/contact.rs
+++ b/src/contact.rs
@@ -4,7 +4,6 @@ use std::path::PathBuf;

 use deltachat_derive::*;
 use itertools::Itertools;
-use rusqlite;

 use crate::aheader::EncryptPreference;
 use crate::chat::ChatId;
@@ -13,7 +12,7 @@ use crate::constants::*;
 use crate::context::Context;
 use crate::dc_tools::*;
 use crate::e2ee;
-use crate::error::{Error, Result};
+use crate::error::{bail, ensure, format_err, Result};
 use crate::events::Event;
 use crate::key::*;
 use crate::login_param::LoginParam;
@@ -24,9 +23,6 @@ use crate::peerstate::*;
 use crate::sql;
 use crate::stock::StockMessage;

-/// Contacts with at least this origin value are shown in the contact list.
-const DC_ORIGIN_MIN_CONTACT_LIST: i32 = 0x100;
-
 /// An object representing a single contact in memory.
 ///
 /// The contact object is not updated.
@@ -94,6 +90,7 @@ pub enum Origin {
    UnhandledQrScan = 0x80,

    /// Reply-To: of incoming message of known sender
+    /// Contacts with at least this origin value are shown in the contact list.
    IncomingReplyTo = 0x100,

    /// Cc: of incoming message of known sender
@@ -118,7 +115,7 @@ pub enum Origin {
    Internal = 0x40000,

    /// address is in our address book
-    AdressBook = 0x80000,
+    AddressBook = 0x80000,

    /// set on Alice's side for contacts like Bob that have scanned the QR code offered by her. Only means the contact has once been established using the "securejoin" procedure in the past, getting the current key verification status requires calling dc_contact_is_verified() !
    SecurejoinInvited = 0x0100_0000,
@@ -274,7 +271,7 @@ impl Contact {
    ///
    /// To validate an e-mail address independently of the contact database
    /// use `dc_may_be_valid_addr()`.
-    pub fn lookup_id_by_addr(context: &Context, addr: impl AsRef<str>) -> u32 {
+    pub fn lookup_id_by_addr(context: &Context, addr: impl AsRef<str>, min_origin: Origin) -> u32 {
        if addr.as_ref().is_empty() {
            return 0;
        }
@@ -287,14 +284,13 @@ impl Contact {
        if addr_cmp(addr_normalized, addr_self) {
            return DC_CONTACT_ID_SELF;
        }
-
        context.sql.query_get_value(
            context,
            "SELECT id FROM contacts WHERE addr=?1 COLLATE NOCASE AND id>?2 AND origin>=?3 AND blocked=0;",
            params![
                addr_normalized,
                DC_CONTACT_ID_LAST_SPECIAL as i32,
-                DC_ORIGIN_MIN_CONTACT_LIST,
+                min_origin as u32,
            ],
        ).unwrap_or_default()
    }
@@ -347,20 +343,6 @@ impl Contact {
            return Ok((DC_CONTACT_ID_SELF, sth_modified));
        }

-        if !may_be_valid_addr(&addr) {
-            warn!(
-                context,
-                "Bad address \"{}\" for contact \"{}\".",
-                addr,
-                if !name.as_ref().is_empty() {
-                    name.as_ref()
-                } else {
-                    "<unset>"
-                },
-            );
-            bail!("Bad address supplied: {:?}", addr);
-        }
-
        let mut update_addr = false;
        let mut update_name = false;
        let mut update_authname = false;
@@ -497,9 +479,18 @@ impl Contact {

        for (name, addr) in split_address_book(addr_book.as_ref()).into_iter() {
            let name = normalize_name(name);
-            let (_, modified) = Contact::add_or_lookup(context, name, addr, Origin::AdressBook)?;
-            if modified != Modifier::None {
-                modify_cnt += 1
+            match Contact::add_or_lookup(context, name, addr, Origin::AddressBook) {
+                Err(err) => {
+                    warn!(
+                        context,
+                        "Failed to add address {} from address book: {}", addr, err
+                    );
+                }
+                Ok((_, modified)) => {
+                    if modified != Modifier::None {
+                        modify_cnt += 1
+                    }
+                }
            }
        }
        if modify_cnt > 0 {
@@ -1058,7 +1049,7 @@ pub fn normalize_name(full_name: impl AsRef<str>) -> String {
    }

    let len = full_name.len();
-    if len > 0 {
+    if len > 1 {
        let firstchar = full_name.as_bytes()[0];
        let lastchar = full_name.as_bytes()[len - 1];
        if firstchar == b'\'' && lastchar == b'\''
@@ -1111,10 +1102,9 @@ fn cat_fingerprint(
 impl Context {
    /// determine whether the specified addr maps to the/a self addr
    pub fn is_self_addr(&self, addr: &str) -> Result<bool> {
-        let self_addr = match self.get_config(Config::ConfiguredAddr) {
-            Some(s) => s,
-            None => return Err(Error::NotConfigured),
-        };
+        let self_addr = self
+            .get_config(Config::ConfiguredAddr)
+            .ok_or_else(|| format_err!("Not configured"))?;

        Ok(addr_cmp(self_addr, addr))
    }
@@ -1167,6 +1157,10 @@ mod tests {
    fn test_normalize_name() {
        assert_eq!(&normalize_name("Doe, John"), "John Doe");
        assert_eq!(&normalize_name(" hello world   "), "hello world");
+        assert_eq!(&normalize_name("<"), "<");
+        assert_eq!(&normalize_name(">"), ">");
+        assert_eq!(&normalize_name("'"), "'");
+        assert_eq!(&normalize_name("\""), "\"");
    }

    #[test]
@@ -1229,6 +1223,7 @@ mod tests {
        let book = concat!(
            "  Name one  \n one@eins.org \n",
            "Name two\ntwo@deux.net\n",
+            "Invalid\n+1234567890\n", // invalid, should be ignored
            "\nthree@drei.sam\n",
            "Name two\ntwo@deux.net\n" // should not be added again
        );
--- a/src/dc_receive_imf.rs
+++ b/src/dc_receive_imf.rs
@@ -2,6 +2,8 @@ use itertools::join;
 use sha2::{Digest, Sha256};

 use num_traits::FromPrimitive;
+use regex::Regex;
+use std::borrow::Cow;

 use crate::chat::{self, Chat, ChatId};
 use crate::config::Config;
@@ -9,7 +11,7 @@ use crate::constants::*;
 use crate::contact::*;
 use crate::context::Context;
 use crate::dc_tools::*;
-use crate::error::Result;
+use crate::error::{bail, ensure, Result};
 use crate::events::Event;
 use crate::headerdef::HeaderDef;
 use crate::job::*;
@@ -17,7 +19,7 @@ use crate::message::{self, MessageState, MessengerMessage, MsgId};
 use crate::mimeparser::*;
 use crate::param::*;
 use crate::peerstate::*;
-use crate::securejoin::{self, handle_securejoin_handshake};
+use crate::securejoin::{self, handle_securejoin_handshake, observe_securejoin_on_other_device};
 use crate::sql;
 use crate::stock::StockMessage;
 use crate::{contact, location};
@@ -71,6 +73,8 @@ pub fn dc_receive_imf(
    let mut created_db_entries = Vec::new();
    let mut create_event_to_send = Some(CreateEvent::MsgsChanged);

+    let list_id_header: Option<&String> = mime_parser.get(HeaderDef::ListId);
+
    // helper method to handle early exit and memory cleanup
    let cleanup = |context: &Context,
                   create_event_to_send: &Option<CreateEvent>,
@@ -98,7 +102,7 @@ pub fn dc_receive_imf(
    // https://github.com/deltachat/deltachat-core/issues/150)
    let (from_id, from_id_blocked, incoming_origin) =
        if let Some(field_from) = mime_parser.get(HeaderDef::From_) {
-            from_field_to_contact_id(context, field_from)?
+            from_field_to_contact_id(context, field_from, list_id_header)?
        } else {
            (0, false, Origin::Unknown)
        };
@@ -117,6 +121,7 @@ pub fn dc_receive_imf(
                } else {
                    Origin::IncomingUnknownTo
                },
+                list_id_header,
            )?);
        }
    }
@@ -192,17 +197,24 @@ pub fn dc_receive_imf(
        };
    }

-    // if we delete we don't need to try moving messages
-    if needs_delete_job && !created_db_entries.is_empty() {
-        job_add(
-            context,
-            Action::DeleteMsgOnImap,
-            created_db_entries[0].1.to_u32() as i32,
-            Params::new(),
-            0,
-        );
-    } else {
-        context.do_heuristics_moves(server_folder.as_ref(), insert_msg_id);
+    // Get user-configured server deletion
+    let delete_server_after = context.get_config_delete_server_after();
+
+    if !created_db_entries.is_empty() {
+        if needs_delete_job || delete_server_after == Some(0) {
+            for db_entry in &created_db_entries {
+                job_add(
+                    context,
+                    Action::DeleteMsgOnImap,
+                    db_entry.1.to_u32() as i32,
+                    Params::new(),
+                    0,
+                );
+            }
+        } else {
+            // Move message if we don't delete it immediately.
+            context.do_heuristics_moves(server_folder.as_ref(), insert_msg_id);
+        }
    }

    info!(
@@ -212,7 +224,7 @@ pub fn dc_receive_imf(

    cleanup(context, &create_event_to_send, created_db_entries);

-    mime_parser.handle_reports(context, from_id, sent_timestamp, &server_folder, server_uid);
+    mime_parser.handle_reports(context, from_id, sent_timestamp);

    Ok(())
 }
@@ -223,11 +235,13 @@ pub fn dc_receive_imf(
 pub fn from_field_to_contact_id(
    context: &Context,
    field_from: &str,
+    list_id_header: Option<&String>,
 ) -> Result<(u32, bool, Origin)> {
    let from_ids = dc_add_or_lookup_contacts_by_address_list(
        context,
        &field_from,
        Origin::IncomingUnknownFrom,
+        list_id_header,
    )?;

    if from_ids.contains(&DC_CONTACT_ID_SELF) {
@@ -340,11 +354,9 @@ fn add_parts(
        };
        to_id = DC_CONTACT_ID_SELF;

-        // handshake messages must be processed _before_ chats are created
-        // (eg. contacs may be marked as verified)
+        // handshake may mark contacts as verified and must be processed before chats are created
        if mime_parser.get(HeaderDef::SecureJoin).is_some() {
-            // avoid discarding by show_emails setting
-            msgrmsg = MessengerMessage::Yes;
+            msgrmsg = MessengerMessage::Yes; // avoid discarding by show_emails setting
            *chat_id = ChatId::new(0);
            allow_creation = true;
            match handle_securejoin_handshake(context, mime_parser, from_id) {
@@ -358,8 +370,7 @@ fn add_parts(
                    state = MessageState::InSeen;
                }
                Ok(securejoin::HandshakeMessage::Propagate) => {
-                    // Message will still be processed as "member
-                    // added" or similar system message.
+                    // process messages as "member added" normally
                }
                Err(err) => {
                    *hidden = true;
@@ -389,7 +400,11 @@ fn add_parts(
            let (new_chat_id, new_chat_id_blocked) = create_or_lookup_group(
                context,
                &mut mime_parser,
-                allow_creation,
+                if test_normal_chat_id.is_unset() {
+                    allow_creation
+                } else {
+                    true
+                },
                create_blocked,
                from_id,
                to_ids,
@@ -407,9 +422,34 @@ fn add_parts(

        if chat_id.is_unset() {
            // check if the message belongs to a mailing list
-            if mime_parser.is_mailinglist_message() {
-                *chat_id = ChatId::new(DC_CHAT_ID_TRASH);
-                info!(context, "Message belongs to a mailing list and is ignored.",);
+            if let Some(list_id_header) = mime_parser.get(HeaderDef::ListId) {
+                let create_blocked = if !test_normal_chat_id.is_unset()
+                    && test_normal_chat_id_blocked == Blocked::Not
+                {
+                    Blocked::Not
+                } else {
+                    Blocked::Deaddrop
+                };
+
+                let (new_chat_id, new_chat_id_blocked) = create_or_lookup_mailinglist(
+                    context,
+                    if test_normal_chat_id.is_unset() {
+                        allow_creation
+                    } else {
+                        true
+                    },
+                    create_blocked,
+                    list_id_header,
+                );
+                *chat_id = new_chat_id;
+                chat_id_blocked = new_chat_id_blocked;
+                if !chat_id.is_unset()
+                    && chat_id_blocked != Blocked::Not
+                    && create_blocked == Blocked::Not
+                {
+                    new_chat_id.unblock(context);
+                    chat_id_blocked = Blocked::Not;
+                }
            }
        }

@@ -472,6 +512,27 @@ fn add_parts(
        // We cannot recreate other states (read, error).
        state = MessageState::OutDelivered;
        to_id = to_ids.get_index(0).cloned().unwrap_or_default();
+
+        // handshake may mark contacts as verified and must be processed before chats are created
+        if mime_parser.get(HeaderDef::SecureJoin).is_some() {
+            msgrmsg = MessengerMessage::Yes; // avoid discarding by show_emails setting
+            *chat_id = ChatId::new(0);
+            allow_creation = true;
+            match observe_securejoin_on_other_device(context, mime_parser, to_id) {
+                Ok(securejoin::HandshakeMessage::Done)
+                | Ok(securejoin::HandshakeMessage::Ignore) => {
+                    *hidden = true;
+                }
+                Ok(securejoin::HandshakeMessage::Propagate) => {
+                    // process messages as "member added" normally
+                }
+                Err(err) => {
+                    *hidden = true;
+                    error!(context, "Error in Secure-Join watching: {}", err);
+                }
+            }
+        }
+
        if !to_ids.is_empty() {
            if chat_id.is_unset() {
                let (new_chat_id, new_chat_id_blocked) = create_or_lookup_group(
@@ -579,10 +640,13 @@ fn add_parts(
            let subject = mime_parser.get_subject().unwrap_or_default();

            for part in mime_parser.parts.iter_mut() {
-                if mime_parser.location_kml.is_some()
+                let is_mdn = !mime_parser.reports.is_empty();
+
+                let is_location_kml = mime_parser.location_kml.is_some()
                    && icnt == 1
-                    && (part.msg == "-location-" || part.msg.is_empty())
-                {
+                    && (part.msg == "-location-" || part.msg.is_empty());
+
+                if is_mdn || is_location_kml {
                    *hidden = true;
                    if state == MessageState::InFresh {
                        state = MessageState::InNoticed;
@@ -768,7 +832,6 @@ fn create_or_lookup_group(
    let mut chat_id_blocked = Blocked::Not;
    let mut recreate_member_list = false;
    let mut send_EVENT_CHAT_MODIFIED = false;
-    let mut X_MrRemoveFromGrp = None;
    let mut X_MrAddToGrp = None;
    let mut X_MrGrpNameChanged = false;
    let mut better_msg: String = From::from("");
@@ -816,22 +879,25 @@ fn create_or_lookup_group(
    // but we might not know about this group

    let grpname = mime_parser.get(HeaderDef::ChatGroupName).cloned();
+    let mut removed_id = 0;

-    if let Some(optional_field) = mime_parser.get(HeaderDef::ChatGroupMemberRemoved).cloned() {
-        X_MrRemoveFromGrp = Some(optional_field);
-        mime_parser.is_system_message = SystemMessage::MemberRemovedFromGroup;
-        let left_group = Contact::lookup_id_by_addr(context, X_MrRemoveFromGrp.as_ref().unwrap())
-            == from_id as u32;
-        better_msg = context.stock_system_msg(
-            if left_group {
-                StockMessage::MsgGroupLeft
-            } else {
-                StockMessage::MsgDelMember
-            },
-            X_MrRemoveFromGrp.as_ref().unwrap(),
-            "",
-            from_id as u32,
-        )
+    if let Some(removed_addr) = mime_parser.get(HeaderDef::ChatGroupMemberRemoved).cloned() {
+        removed_id = Contact::lookup_id_by_addr(context, &removed_addr, Origin::Unknown);
+        if removed_id == 0 {
+            warn!(context, "removed {:?} has no contact_id", removed_addr);
+        } else {
+            mime_parser.is_system_message = SystemMessage::MemberRemovedFromGroup;
+            better_msg = context.stock_system_msg(
+                if removed_id == from_id as u32 {
+                    StockMessage::MsgGroupLeft
+                } else {
+                    StockMessage::MsgDelMember
+                },
+                &removed_addr,
+                "",
+                from_id as u32,
+            );
+        }
    } else {
        let field = mime_parser.get(HeaderDef::ChatGroupMemberAdded).cloned();
        if let Some(optional_field) = field {
@@ -917,7 +983,7 @@ fn create_or_lookup_group(
            && !grpid.is_empty()
            && grpname.is_some()
            // otherwise, a pending "quit" message may pop up
-            && X_MrRemoveFromGrp.is_none()
+            && removed_id == 0
            // re-create explicitly left groups only if ourself is re-added
            && (!group_explicitly_left
                || X_MrAddToGrp.is_some() && addr_cmp(&self_addr, X_MrAddToGrp.as_ref().unwrap()))
@@ -1023,6 +1089,17 @@ fn create_or_lookup_group(
    // add members to group/check members
    if recreate_member_list {
        if !chat::is_contact_in_chat(context, chat_id, DC_CONTACT_ID_SELF) {
+            // Members could have been removed while we were
+            // absent. We can't use existing member list and need to
+            // start from scratch.
+            sql::execute(
+                context,
+                &context.sql,
+                "DELETE FROM chats_contacts WHERE chat_id=?;",
+                params![chat_id],
+            )
+            .ok();
+
            chat::add_to_chat_contacts_table(context, chat_id, DC_CONTACT_ID_SELF);
        }
        if from_id > DC_CONTACT_ID_LAST_SPECIAL
@@ -1040,12 +1117,8 @@ fn create_or_lookup_group(
            }
        }
        send_EVENT_CHAT_MODIFIED = true;
-    } else if let Some(removed_addr) = X_MrRemoveFromGrp {
-        let contact_id = Contact::lookup_id_by_addr(context, removed_addr);
-        if contact_id != 0 {
-            info!(context, "remove {:?} from chat id={}", contact_id, chat_id);
-            chat::remove_from_chat_contacts_table(context, chat_id, contact_id);
-        }
+    } else if removed_id > 0 {
+        chat::remove_from_chat_contacts_table(context, chat_id, removed_id);
        send_EVENT_CHAT_MODIFIED = true;
    }

@@ -1055,6 +1128,66 @@ fn create_or_lookup_group(
    Ok((chat_id, chat_id_blocked))
 }

+fn create_or_lookup_mailinglist(
+    context: &Context,
+    allow_creation: bool,
+    create_blocked: Blocked,
+    list_id_header: &str,
+) -> (ChatId, Blocked) {
+    let re = Regex::new(r"^(.*.)<(.*.)>$").unwrap();
+    let (name, listid) = match re.captures(list_id_header) {
+        Some(cap) => (cap[1].trim().to_string(), cap[2].trim().to_string()),
+        None => (
+            list_id_header.trim().to_string(),
+            list_id_header.trim().to_string(),
+        ),
+    };
+
+    chat::get_chat_id_by_mailinglistid(context, &listid).unwrap_or_else(|_e| {
+        if allow_creation {
+            // list does not exist but should be created
+            match create_mailinglist_record(context, &listid, &name, create_blocked) {
+                Ok(chat_id) => {
+                    chat::add_to_chat_contacts_table(context, chat_id, DC_CONTACT_ID_SELF);
+
+                    // Add the mailing list as "unknown" contact
+                    match add_or_lookup_contact_by_addr(
+                        context,
+                        &Some(name),
+                        &listid,
+                        Origin::IncomingUnknownFrom,
+                        None,
+                    ) {
+                        Ok(list_id_contact) => {
+                            chat::add_to_chat_contacts_table(context, chat_id, list_id_contact);
+                        }
+                        Err(e) => warn!(
+                            context,
+                            "Failed to lookup mailing list contact: {}",
+                            e.to_string()
+                        ),
+                    };
+
+                    (chat_id, create_blocked)
+                }
+                Err(e) => {
+                    warn!(
+                        context,
+                        "Failed to create mailinglist '{}' for grpid={}: {}",
+                        &name,
+                        &listid,
+                        e.to_string()
+                    );
+                    (ChatId::new(0), create_blocked)
+                }
+            }
+        } else {
+            info!(context, "creating list forbidden by caller");
+            (ChatId::new(0), Blocked::Not)
+        }
+    })
+}
+
 /// try extract a grpid from a message-id list header value
 fn extract_grpid(mime_parser: &MimeMessage, headerdef: HeaderDef) -> Option<&str> {
    let header = mime_parser.get(headerdef)?;
@@ -1172,6 +1305,7 @@ fn create_or_lookup_adhoc_group(
    Ok((new_chat_id, create_blocked))
 }

+// Insert a group record into the database. Note that this function is also used by create_mailinglist_record() below.
 fn create_group_record(
    context: &Context,
    grpid: impl AsRef<str>,
@@ -1199,7 +1333,7 @@ fn create_group_record(
    {
        warn!(
            context,
-            "Failed to create group '{}' for grpid={}",
+            "Failed to create group or mailinglist '{}' for grpid={}",
            grpname.as_ref(),
            grpid.as_ref()
        );
@@ -1209,7 +1343,7 @@ fn create_group_record(
    let chat_id = ChatId::new(row_id);
    info!(
        context,
-        "Created group '{}' grpid={} as {}",
+        "Created group or mailinglist '{}' grpid={} as {}",
        grpname.as_ref(),
        grpid.as_ref(),
        chat_id
@@ -1217,6 +1351,27 @@ fn create_group_record(
    chat_id
 }

+fn create_mailinglist_record(
+    context: &Context,
+    listid: impl AsRef<str>,
+    name: impl AsRef<str>,
+    create_blocked: Blocked,
+) -> Result<ChatId> {
+    let chat_id = create_group_record(
+        context,
+        &listid,
+        &name,
+        create_blocked,
+        VerifiedStatus::Unverified,
+    );
+    let mut chat = Chat::load_from_db(context, chat_id)?;
+
+    chat.param.set(Param::MailingList, "true");
+    chat.update_param(context)?;
+
+    Ok(chat_id)
+}
+
 fn create_adhoc_grp_id(context: &Context, member_ids: &[u32]) -> String {
    /* algorithm:
    - sort normalized, lowercased, e-mail addresses alphabetically
@@ -1477,6 +1632,7 @@ fn is_known_rfc724_mid_in_list(context: &Context, mid_list: &str) -> bool {

 /// Check if a message is a reply to a known message (messenger or non-messenger).
 fn is_known_rfc724_mid(context: &Context, rfc724_mid: &str) -> bool {
+    let rfc724_mid = rfc724_mid.trim_start_matches('<').trim_end_matches('>');
    context
        .sql
        .exists(
@@ -1523,6 +1679,7 @@ pub(crate) fn is_msgrmsg_rfc724_mid_in_list(context: &Context, mid_list: &str) -

 /// Check if a message is a reply to any messenger message.
 fn is_msgrmsg_rfc724_mid(context: &Context, rfc724_mid: &str) -> bool {
+    let rfc724_mid = rfc724_mid.trim_start_matches('<').trim_end_matches('>');
    context
        .sql
        .exists(
@@ -1536,6 +1693,7 @@ fn dc_add_or_lookup_contacts_by_address_list(
    context: &Context,
    addr_list_raw: &str,
    origin: Origin,
+    list_id_header: Option<&String>,
 ) -> Result<ContactIds> {
    let addrs = match mailparse::addrparse(addr_list_raw) {
        Ok(addrs) => addrs,
@@ -1553,6 +1711,7 @@ fn dc_add_or_lookup_contacts_by_address_list(
                    &info.display_name,
                    &info.addr,
                    origin,
+                    list_id_header,
                )?);
            }
            mailparse::MailAddr::Group(infos) => {
@@ -1562,6 +1721,7 @@ fn dc_add_or_lookup_contacts_by_address_list(
                        &info.display_name,
                        &info.addr,
                        origin,
+                        list_id_header,
                    )?);
                }
            }
@@ -1577,6 +1737,7 @@ fn add_or_lookup_contact_by_addr(
    display_name: &Option<String>,
    addr: &str,
    origin: Origin,
+    list_id_header: Option<&String>,
 ) -> Result<u32> {
    if context.is_self_addr(addr)? {
        return Ok(DC_CONTACT_ID_SELF);
@@ -1586,8 +1747,26 @@ fn add_or_lookup_contact_by_addr(
        .map(normalize_name)
        .unwrap_or_default();

+    let mut addr = Cow::from(addr);
+    if let Some(list_id) = list_id_header {
+        let list_id = list_id.trim().trim_end_matches('>');
+        let addr_email = EmailAddress::new(&addr)?;
+        let mut addr_domain_parts = addr_email.domain.split('.');
+        let mut list_id_parts = list_id.split('.');
+        if list_id_parts.next_back() == addr_domain_parts.next_back()
+            && list_id_parts.next_back() == addr_domain_parts.next_back()
+        {
+            // list_id was something like "name <name.github.com" (after trimming the last '>')
+            // and addr was something like "notifications@github.com".
+            // addr is not the address of the actual sender but the one of the mailing list.
+            // Add the display name to the addr to make it distinguishable from other people
+            // who sent to the same mailing list.
+            *addr.to_mut() = format!("{} – {}", display_name_normalized, addr);
+        }
+    }
+
    let (row_id, _modified) =
-        Contact::add_or_lookup(context, display_name_normalized, addr, origin)?;
+        Contact::add_or_lookup(context, display_name_normalized, &addr, origin)?;
    ensure!(row_id > 0, "could not add contact: {:?}", addr);

    Ok(row_id)
@@ -1612,7 +1791,101 @@ fn dc_create_incoming_rfc724_mid(
 #[cfg(test)]
 mod tests {
    use super::*;
-    use crate::test_utils::dummy_context;
+    use crate::chat::ChatVisibility;
+    use crate::chatlist::Chatlist;
+    use crate::message::Message;
+    use crate::test_utils::{dummy_context, TestContext};
+
+    static MAILINGLIST: &[u8] = b"From: Max Mustermann <notifications@github.com>\n\
+    To: deltachat/deltachat-core-rust <deltachat-core-rust@noreply.github.com>\n\
+    Subject: [deltachat/deltachat-core-rust] PR run failed\n\
+    Message-ID: <3333@example.org>\n\
+    List-ID: deltachat/deltachat-core-rust <deltachat-core-rust.deltachat.github.com>\n\
+    Precedence: list\n\
+    Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+    \n\
+    hello\n";
+
+    static MAILINGLIST2: &[u8] = b"From: Github <notifications@github.com>\n\
+    To: deltachat/deltachat-core-rust <deltachat-core-rust@noreply.github.com>\n\
+    Subject: [deltachat/deltachat-core-rust] PR run failed\n\
+    Message-ID: <3334@example.org>\n\
+    List-ID: deltachat/deltachat-core-rust <deltachat-core-rust.deltachat.github.com>\n\
+    Precedence: list\n\
+    Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+    \n\
+    hello back\n";
+
+    static MAILINGLIST3: &[u8] = b"From: Alice <alice@posteo.org>\n\
+    To: delta-dev@codespeak.net\n\
+    Subject: Re: [delta-dev] What's up?\n\
+    Message-ID: <38942@posteo.org>\n\
+    List-ID: \"discussions about and around https://delta.chat developments\" <delta.codespeak.net>\n\
+    Precedence: list\n\
+    Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+    \n\
+    body\n";
+
+    #[test]
+    fn test_mailing_list() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("2")).unwrap();
+
+        dc_receive_imf(&t.ctx, MAILINGLIST, "INBOX", 1, false).unwrap();
+
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+
+        let chat_id = chat::create_by_msg_id(&t.ctx, chats.get_msg_id(0).unwrap()).unwrap();
+        let chat = chat::Chat::load_from_db(&t.ctx, chat_id).unwrap();
+
+        assert!(chat.is_mailing_list());
+        assert_eq!(chat.can_send(), false);
+        assert_eq!(chat.name, "deltachat/deltachat-core-rust");
+        println!("{:?}", Contact::load_from_db(&t.ctx, 1));
+        println!("{:?}", chat::get_chat_contacts(&t.ctx, chat_id));
+        assert_eq!(chat::get_chat_contacts(&t.ctx, chat_id).len(), 2);
+
+        dc_receive_imf(&t.ctx, MAILINGLIST2, "INBOX", 1, false).unwrap();
+
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+        let contacts = Contact::get_all(&t.ctx, 0, None as Option<String>).unwrap();
+        assert_eq!(contacts.len(), 0); // mailing list recipients and senders do not count as "known contacts"
+        let msgs = chat::get_chat_msgs(&t.ctx, chat_id, 0, None);
+        let contact1 = Contact::load_from_db(
+            &t.ctx,
+            Message::load_from_db(&t.ctx, msgs[0]).unwrap().from_id,
+        );
+        assert_eq!(
+            contact1.unwrap().get_addr(),
+            "Max Mustermann – notifications@github.com"
+        );
+        let contact2 = Contact::load_from_db(
+            &t.ctx,
+            Message::load_from_db(&t.ctx, msgs[1]).unwrap().from_id,
+        );
+        assert_eq!(
+            contact2.unwrap().get_addr(),
+            "Github – notifications@github.com"
+        );
+    }
+
+    #[test]
+    fn test_mailing_list2() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("2")).unwrap();
+        dc_receive_imf(&t.ctx, MAILINGLIST3, "INBOX", 1, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        let chat_id = chat::create_by_msg_id(&t.ctx, chats.get_msg_id(0).unwrap()).unwrap();
+
+        let msgs = chat::get_chat_msgs(&t.ctx, chat_id, 0, None);
+        let contact1 = Contact::load_from_db(
+            &t.ctx,
+            Message::load_from_db(&t.ctx, msgs[0]).unwrap().from_id,
+        );
+        assert_eq!(contact1.unwrap().get_addr(), "alice@posteo.org");
+    }

    #[test]
    fn test_hex_hash() {
@@ -1671,4 +1944,288 @@ mod tests {
            Some("123-45-9@stub".into())
        );
    }
+
+    #[test]
+    fn test_is_known_rfc724_mid() {
+        let t = dummy_context();
+        let mut msg = Message::new(Viewtype::Text);
+        msg.text = Some("first message".to_string());
+        let msg_id = chat::add_device_msg(&t.ctx, None, Some(&mut msg)).unwrap();
+        let msg = Message::load_from_db(&t.ctx, msg_id).unwrap();
+
+        // Message-IDs may or may not be surrounded by angle brackets
+        assert!(is_known_rfc724_mid(
+            &t.ctx,
+            format!("<{}>", msg.rfc724_mid).as_str()
+        ));
+        assert!(is_known_rfc724_mid(&t.ctx, &msg.rfc724_mid));
+        assert!(!is_known_rfc724_mid(&t.ctx, "nonexistant@message.id"));
+    }
+
+    #[test]
+    fn test_is_msgrmsg_rfc724_mid() {
+        let t = dummy_context();
+        let mut msg = Message::new(Viewtype::Text);
+        msg.text = Some("first message".to_string());
+        let msg_id = chat::add_device_msg(&t.ctx, None, Some(&mut msg)).unwrap();
+        let msg = Message::load_from_db(&t.ctx, msg_id).unwrap();
+
+        // Message-IDs may or may not be surrounded by angle brackets
+        assert!(is_msgrmsg_rfc724_mid(
+            &t.ctx,
+            format!("<{}>", msg.rfc724_mid).as_str()
+        ));
+        assert!(is_msgrmsg_rfc724_mid(&t.ctx, &msg.rfc724_mid));
+        assert!(!is_msgrmsg_rfc724_mid(&t.ctx, "nonexistant@message.id"));
+    }
+
+    fn configured_offline_context() -> TestContext {
+        let t = dummy_context();
+        t.ctx
+            .set_config(Config::Addr, Some("alice@example.org"))
+            .unwrap();
+        t.ctx
+            .set_config(Config::ConfiguredAddr, Some("alice@example.org"))
+            .unwrap();
+        t.ctx.set_config(Config::Configured, Some("1")).unwrap();
+        t
+    }
+
+    static MSGRMSG: &[u8] = b"From: Bob <bob@example.org>\n\
+                    To: alice@example.org\n\
+                    Chat-Version: 1.0\n\
+                    Subject: Chat: hello\n\
+                    Message-ID: <Mr.1111@example.org>\n\
+                    Date: Sun, 22 Mar 2020 22:37:55 +0000\n\
+                    \n\
+                    hello\n";
+
+    static ONETOONE_NOREPLY_MAIL: &[u8] = b"From: Bob <bob@example.org>\n\
+                    To: alice@example.org\n\
+                    Subject: Chat: hello\n\
+                    Message-ID: <2222@example.org>\n\
+                    Date: Sun, 22 Mar 2020 22:37:56 +0000\n\
+                    \n\
+                    hello\n";
+
+    static GRP_MAIL: &[u8] = b"From: bob@example.org\n\
+                    To: alice@example.org, claire@example.org\n\
+                    Subject: group with Alice, Bob and Claire\n\
+                    Message-ID: <3333@example.org>\n\
+                    Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+                    \n\
+                    hello\n";
+
+    #[test]
+    fn test_adhoc_group_show_chats_only() {
+        let t = configured_offline_context();
+        assert_eq!(t.ctx.get_config_int(Config::ShowEmails), 0);
+
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 0);
+
+        dc_receive_imf(&t.ctx, MSGRMSG, "INBOX", 1, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+
+        dc_receive_imf(&t.ctx, ONETOONE_NOREPLY_MAIL, "INBOX", 1, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+
+        dc_receive_imf(&t.ctx, GRP_MAIL, "INBOX", 1, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+    }
+
+    #[test]
+    fn test_adhoc_group_show_accepted_contact_unknown() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("1")).unwrap();
+        dc_receive_imf(&t.ctx, GRP_MAIL, "INBOX", 1, false).unwrap();
+
+        // adhoc-group with unknown contacts with show_emails=accepted is ignored for unknown contacts
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 0);
+    }
+
+    #[test]
+    fn test_adhoc_group_show_accepted_contact_known() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("1")).unwrap();
+        Contact::create(&t.ctx, "Bob", "bob@example.org").unwrap();
+        dc_receive_imf(&t.ctx, GRP_MAIL, "INBOX", 1, false).unwrap();
+
+        // adhoc-group with known contacts with show_emails=accepted is still ignored for known contacts
+        // (and existent chat is required)
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 0);
+    }
+
+    #[test]
+    fn test_adhoc_group_show_accepted_contact_accepted() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("1")).unwrap();
+
+        // accept Bob by accepting a delta-message from Bob
+        dc_receive_imf(&t.ctx, MSGRMSG, "INBOX", 1, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+        assert!(chats.get_chat_id(0).is_deaddrop());
+        let chat_id = chat::create_by_msg_id(&t.ctx, chats.get_msg_id(0).unwrap()).unwrap();
+        assert!(!chat_id.is_special());
+        let chat = chat::Chat::load_from_db(&t.ctx, chat_id).unwrap();
+        assert_eq!(chat.typ, Chattype::Single);
+        assert_eq!(chat.name, "Bob");
+        assert_eq!(chat::get_chat_contacts(&t.ctx, chat_id).len(), 1);
+        assert_eq!(chat::get_chat_msgs(&t.ctx, chat_id, 0, None).len(), 1);
+
+        // receive a non-delta-message from Bob, shows up because of the show_emails setting
+        dc_receive_imf(&t.ctx, ONETOONE_NOREPLY_MAIL, "INBOX", 2, false).unwrap();
+        assert_eq!(chat::get_chat_msgs(&t.ctx, chat_id, 0, None).len(), 2);
+
+        // let Bob create an adhoc-group by a non-delta-message, shows up because of the show_emails setting
+        dc_receive_imf(&t.ctx, GRP_MAIL, "INBOX", 3, false).unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 2);
+        let chat_id = chat::create_by_msg_id(&t.ctx, chats.get_msg_id(0).unwrap()).unwrap();
+        let chat = chat::Chat::load_from_db(&t.ctx, chat_id).unwrap();
+        assert_eq!(chat.typ, Chattype::Group);
+        assert_eq!(chat.name, "group with Alice, Bob and Claire");
+        assert_eq!(chat::get_chat_contacts(&t.ctx, chat_id).len(), 3);
+    }
+
+    #[test]
+    fn test_adhoc_group_show_all() {
+        let t = configured_offline_context();
+        t.ctx.set_config(Config::ShowEmails, Some("2")).unwrap();
+        dc_receive_imf(&t.ctx, GRP_MAIL, "INBOX", 1, false).unwrap();
+
+        // adhoc-group with unknown contacts with show_emails=all will show up in the deaddrop
+        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
+        assert_eq!(chats.len(), 1);
+        assert!(chats.get_chat_id(0).is_deaddrop());
+        let chat_id = chat::create_by_msg_id(&t.ctx, chats.get_msg_id(0).unwrap()).unwrap();
+        let chat = chat::Chat::load_from_db(&t.ctx, chat_id).unwrap();
+        assert_eq!(chat.typ, Chattype::Group);
+        assert_eq!(chat.name, "group with Alice, Bob and Claire");
+        assert_eq!(chat::get_chat_contacts(&t.ctx, chat_id).len(), 3);
+    }
+
+    #[test]
+    fn test_read_receipt_and_unarchive() {
+        // create alice's account
+        let t = configured_offline_context();
+
+        // create one-to-one with bob, archive one-to-one
+        let bob_id = Contact::create(&t.ctx, "bob", "bob@exampel.org").unwrap();
+        let one2one_id = chat::create_by_contact_id(&t.ctx, bob_id).unwrap();
+        one2one_id
+            .set_visibility(&t.ctx, ChatVisibility::Archived)
+            .unwrap();
+        let one2one = Chat::load_from_db(&t.ctx, one2one_id).unwrap();
+        assert!(one2one.get_visibility() == ChatVisibility::Archived);
+
+        // create a group with bob, archive group
+        let group_id = chat::create_group_chat(&t.ctx, VerifiedStatus::Unverified, "foo").unwrap();
+        chat::add_contact_to_chat(&t.ctx, group_id, bob_id);
+        assert_eq!(chat::get_chat_msgs(&t.ctx, group_id, 0, None).len(), 0);
+        group_id
+            .set_visibility(&t.ctx, ChatVisibility::Archived)
+            .unwrap();
+        let group = Chat::load_from_db(&t.ctx, group_id).unwrap();
+        assert!(group.get_visibility() == ChatVisibility::Archived);
+
+        // everything archived, chatlist should be empty
+        assert_eq!(
+            Chatlist::try_load(&t.ctx, DC_GCL_NO_SPECIALS, None, None)
+                .unwrap()
+                .len(),
+            0
+        );
+
+        // send a message to group with bob
+        dc_receive_imf(
+            &t.ctx,
+            format!(
+                "From: alice@example.org\n\
+                 To: bob@example.org\n\
+                 Subject: foo\n\
+                 Message-ID: <Gr.{}.12345678901@example.org>\n\
+                 Chat-Version: 1.0\n\
+                 Chat-Group-ID: {}\n\
+                 Chat-Group-Name: foo\n\
+                 Chat-Disposition-Notification-To: alice@example.org\n\
+                 Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+                 \n\
+                 hello\n",
+                group.grpid, group.grpid
+            )
+            .as_bytes(),
+            "INBOX",
+            1,
+            false,
+        )
+        .unwrap();
+        let msgs = chat::get_chat_msgs(&t.ctx, group_id, 0, None);
+        assert_eq!(msgs.len(), 1);
+        let msg_id = msgs.first().unwrap();
+        let msg = message::Message::load_from_db(&t.ctx, msg_id.clone()).unwrap();
+        assert_eq!(msg.is_dc_message, MessengerMessage::Yes);
+        assert_eq!(msg.text.unwrap(), "hello");
+        assert_eq!(msg.state, MessageState::OutDelivered);
+        let group = Chat::load_from_db(&t.ctx, group_id).unwrap();
+        assert!(group.get_visibility() == ChatVisibility::Normal);
+
+        // bob sends a read receipt to the group
+        dc_receive_imf(
+            &t.ctx,
+            format!(
+                "From: bob@example.org\n\
+                 To: alice@example.org\n\
+                 Subject: message opened\n\
+                 Date: Sun, 22 Mar 2020 23:37:57 +0000\n\
+                 Chat-Version: 1.0\n\
+                 Message-ID: <Mr.12345678902@example.org>\n\
+                 Content-Type: multipart/report; report-type=disposition-notification; boundary=\"SNIPP\"\n\
+                 \n\
+                 \n\
+                 --SNIPP\n\
+                 Content-Type: text/plain; charset=utf-8\n\
+                 \n\
+                 Read receipts do not guarantee sth. was read.\n\
+                 \n\
+                 \n\
+                 --SNIPP\n\
+                 Content-Type: message/disposition-notification\n\
+                 \n\
+                 Reporting-UA: Delta Chat 1.28.0\n\
+                 Original-Recipient: rfc822;bob@example.org\n\
+                 Final-Recipient: rfc822;bob@example.org\n\
+                 Original-Message-ID: <Gr.{}.12345678901@example.org>\n\
+                 Disposition: manual-action/MDN-sent-automatically; displayed\n\
+                 \n\
+                 \n\
+                 --SNIPP--",
+                group.grpid
+            )
+            .as_bytes(),
+            "INBOX",
+            1,
+            false,
+        )
+        .unwrap();
+        assert_eq!(chat::get_chat_msgs(&t.ctx, group_id, 0, None).len(), 1);
+        let msg = message::Message::load_from_db(&t.ctx, msg_id.clone()).unwrap();
+        assert_eq!(msg.state, MessageState::OutMdnRcvd);
+
+        // check, the read-receipt has not unarchived the one2one
+        assert_eq!(
+            Chatlist::try_load(&t.ctx, DC_GCL_NO_SPECIALS, None, None)
+                .unwrap()
+                .len(),
+            1
+        );
+        let one2one = Chat::load_from_db(&t.ctx, one2one_id).unwrap();
+        assert!(one2one.get_visibility() == ChatVisibility::Archived);
+    }
 }
--- a/src/dc_tools.rs
+++ b/src/dc_tools.rs
@@ -12,17 +12,17 @@ use chrono::{Local, TimeZone};
 use rand::{thread_rng, Rng};

 use crate::context::Context;
-use crate::error::Error;
+use crate::error::{bail, ensure, Error};
 use crate::events::Event;

 pub(crate) fn dc_exactly_one_bit_set(v: i32) -> bool {
    0 != v && 0 == v & (v - 1)
 }

-/// Shortens a string to a specified length and adds "..." or "[...]" to the end of
-/// the shortened string.
-pub(crate) fn dc_truncate(buf: &str, approx_chars: usize, do_unwrap: bool) -> Cow<str> {
-    let ellipse = if do_unwrap { "..." } else { "[...]" };
+/// Shortens a string to a specified length and adds "[...]" to the
+/// end of the shortened string.
+pub(crate) fn dc_truncate(buf: &str, approx_chars: usize) -> Cow<str> {
+    let ellipse = "[...]";

    let count = buf.chars().count();
    if approx_chars > 0 && count > approx_chars + ellipse.len() {
@@ -494,24 +494,25 @@ impl FromStr for EmailAddress {
        ensure!(!input.is_empty(), "empty string is not valid");
        let parts: Vec<&str> = input.rsplitn(2, '@').collect();

-        ensure!(parts.len() > 1, "missing '@' character");
-        let local = parts[1];
-        let domain = parts[0];
+        match &parts[..] {
+            [domain, local] => {
+                ensure!(
+                    !local.is_empty(),
+                    "empty string is not valid for local part"
+                );
+                ensure!(domain.len() > 3, "domain is too short");

-        ensure!(
-            !local.is_empty(),
-            "empty string is not valid for local part"
-        );
-        ensure!(domain.len() > 3, "domain is too short");
+                let dot = domain.find('.');
+                ensure!(dot.is_some(), "invalid domain");
+                ensure!(dot.unwrap() < domain.len() - 2, "invalid domain");

-        let dot = domain.find('.');
-        ensure!(dot.is_some(), "invalid domain");
-        ensure!(dot.unwrap() < domain.len() - 2, "invalid domain");
-
-        Ok(EmailAddress {
-            local: local.to_string(),
-            domain: domain.to_string(),
-        })
+                Ok(EmailAddress {
+                    local: (*local).to_string(),
+                    domain: (*domain).to_string(),
+                })
+            }
+            _ => bail!("missing '@' character"),
+        }
    }
 }

@@ -538,54 +539,42 @@ mod tests {
    #[test]
    fn test_dc_truncate_1() {
        let s = "this is a little test string";
-        assert_eq!(dc_truncate(s, 16, false), "this is a [...]");
-        assert_eq!(dc_truncate(s, 16, true), "this is a ...");
+        assert_eq!(dc_truncate(s, 16), "this is a [...]");
    }

    #[test]
    fn test_dc_truncate_2() {
-        assert_eq!(dc_truncate("1234", 2, false), "1234");
-        assert_eq!(dc_truncate("1234", 2, true), "1234");
+        assert_eq!(dc_truncate("1234", 2), "1234");
    }

    #[test]
    fn test_dc_truncate_3() {
-        assert_eq!(dc_truncate("1234567", 1, false), "1[...]");
-        assert_eq!(dc_truncate("1234567", 1, true), "1...");
+        assert_eq!(dc_truncate("1234567", 1), "1[...]");
    }

    #[test]
    fn test_dc_truncate_4() {
-        assert_eq!(dc_truncate("123456", 4, false), "123456");
-        assert_eq!(dc_truncate("123456", 4, true), "123456");
+        assert_eq!(dc_truncate("123456", 4), "123456");
    }

    #[test]
    fn test_dc_truncate_edge() {
-        assert_eq!(dc_truncate("", 4, false), "");
-        assert_eq!(dc_truncate("", 4, true), "");
+        assert_eq!(dc_truncate("", 4), "");

-        assert_eq!(dc_truncate("\n  hello \n world", 4, false), "\n  [...]");
-        assert_eq!(dc_truncate("\n  hello \n world", 4, true), "\n  ...");
+        assert_eq!(dc_truncate("\n  hello \n world", 4), "\n  [...]");

+        assert_eq!(dc_truncate("𐠈0Aᝮa𫝀®!ꫛa¡0A𐢧00𐹠®A  丽ⷐએ", 1), "𐠈[...]");
        assert_eq!(
-            dc_truncate("𐠈0Aᝮa𫝀®!ꫛa¡0A𐢧00𐹠®A  丽ⷐએ", 1, false),
-            "𐠈[...]"
-        );
-        assert_eq!(
-            dc_truncate("𐠈0Aᝮa𫝀®!ꫛa¡0A𐢧00𐹠®A  丽ⷐએ", 0, false),
+            dc_truncate("𐠈0Aᝮa𫝀®!ꫛa¡0A𐢧00𐹠®A  丽ⷐએ", 0),
            "𐠈0Aᝮa𫝀®!ꫛa¡0A𐢧00𐹠®A  丽ⷐએ"
        );

        // 9 characters, so no truncation
-        assert_eq!(
-            dc_truncate("𑒀ὐ￠🜀\u{1e01b}A a🟠", 6, false),
-            "𑒀ὐ￠🜀\u{1e01b}A a🟠",
-        );
+        assert_eq!(dc_truncate("𑒀ὐ￠🜀\u{1e01b}A a🟠", 6), "𑒀ὐ￠🜀\u{1e01b}A a🟠",);

        // 12 characters, truncation
        assert_eq!(
-            dc_truncate("𑒀ὐ￠🜀\u{1e01b}A a🟠bcd", 6, false),
+            dc_truncate("𑒀ὐ￠🜀\u{1e01b}A a🟠bcd", 6),
            "𑒀ὐ￠🜀\u{1e01b}A[...]",
        );
    }
@@ -701,11 +690,10 @@ mod tests {
        #[test]
        fn test_dc_truncate(
            buf: String,
-            approx_chars in 0..10000usize,
-            do_unwrap: bool,
+            approx_chars in 0..10000usize
        ) {
-            let res = dc_truncate(&buf, approx_chars, do_unwrap);
-            let el_len = if do_unwrap { 3 } else { 5 };
+            let res = dc_truncate(&buf, approx_chars);
+            let el_len = 5;
            let l = res.chars().count();
            if approx_chars > 0 {
                assert!(
@@ -719,11 +707,7 @@ mod tests {

            if approx_chars > 0 && buf.chars().count() > approx_chars + el_len {
                let l = res.len();
-                if do_unwrap {
-                    assert_eq!(&res[l-3..l], "...", "missing ellipsis in {}", &res);
-                } else {
-                    assert_eq!(&res[l-5..l], "[...]", "missing ellipsis in {}", &res);
-                }
+                assert_eq!(&res[l-5..l], "[...]", "missing ellipsis in {}", &res);
            }
        }
    }
--- a/src/dehtml.rs
+++ b/src/dehtml.rs
@@ -3,7 +3,6 @@
 //! A module to remove HTML tags from the email text

 use lazy_static::lazy_static;
-use quick_xml;
 use quick_xml::events::{BytesEnd, BytesStart, BytesText};

 lazy_static! {
@@ -35,6 +34,7 @@ pub fn dehtml(buf: &str) -> String {
    };

    let mut reader = quick_xml::Reader::from_str(buf);
+    reader.check_end_names(false);

    let mut buf = Vec::new();

@@ -225,4 +225,23 @@ mod tests {
            "<>\"\'& äÄöÖüÜß fooÆçÇ \u{2666}\u{200e}\u{200f}\u{200c}&noent;\u{200d}"
        );
    }
+
+    #[test]
+    fn test_unclosed_tags() {
+        let input = r##"
+        <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'
+        'http://www.w3.org/TR/html4/loose.dtd'>
+        <html>
+        <head>
+        <title>Hi</title>
+        <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>						
+        </head>
+        <body>
+        lots of text
+        </body>
+        </html>
+        "##;
+        let txt = dehtml(input);
+        assert_eq!(txt.trim(), "lots of text");
+    }
 }
--- a/src/e2ee.rs
+++ b/src/e2ee.rs
@@ -126,7 +126,7 @@ pub fn try_decrypt(
 ) -> Result<(Option<Vec<u8>>, HashSet<String>)> {
    let from = mail
        .headers
-        .get_header_value(HeaderDef::From_)?
+        .get_header_value(HeaderDef::From_)
        .and_then(|from_addr| mailparse::addrparse(&from_addr).ok())
        .and_then(|from| from.extract_single_info())
        .map(|from| from.addr)
@@ -200,15 +200,13 @@ fn load_or_generate_self_public_key(
    self_addr: impl AsRef<str>,
 ) -> Result<SignedPublicKey> {
    if let Some(key) = Key::from_self_public(context, &self_addr, &context.sql) {
-        return SignedPublicKey::try_from(key)
-            .map_err(|_| Error::Message("Not a public key".into()));
+        return SignedPublicKey::try_from(key).map_err(|_| format_err!("Not a public key"));
    }
    let _guard = context.generating_key_mutex.lock().unwrap();

    // Check again in case the key was generated while we were waiting for the lock.
    if let Some(key) = Key::from_self_public(context, &self_addr, &context.sql) {
-        return SignedPublicKey::try_from(key)
-            .map_err(|_| Error::Message("Not a public key".into()));
+        return SignedPublicKey::try_from(key).map_err(|_| format_err!("Not a public key"));
    }

    let start = std::time::Instant::now();
@@ -417,7 +415,6 @@ Sent with my Delta Chat Messenger: https://delta.chat";
        }

        #[test]
-        #[ignore] // generating keys is expensive
        fn test_generate() {
            let t = dummy_context();
            let addr = "alice@example.org";
@@ -429,7 +426,6 @@ Sent with my Delta Chat Messenger: https://delta.chat";
        }

        #[test]
-        #[ignore]
        fn test_generate_concurrent() {
            use std::sync::Arc;
            use std::thread;
--- a/src/error.rs
+++ b/src/error.rs
@@ -1,189 +1,13 @@
 //! # Error handling

-use lettre_email::mime;
+pub use anyhow::{bail, ensure, format_err, Error, Result};

-#[derive(Debug, Fail)]
-pub enum Error {
-    #[fail(display = "{:?}", _0)]
-    Failure(failure::Error),
-
-    #[fail(display = "SQL error: {:?}", _0)]
-    SqlError(#[cause] crate::sql::Error),
-
-    #[fail(display = "{:?}", _0)]
-    Io(std::io::Error),
-
-    #[fail(display = "{:?}", _0)]
-    Message(String),
-
-    #[fail(display = "{:?}", _0)]
-    MessageWithCause(String, #[cause] failure::Error, failure::Backtrace),
-
-    #[fail(display = "{:?}", _0)]
-    Image(image_meta::ImageError),
-
-    #[fail(display = "{:?}", _0)]
-    Utf8(std::str::Utf8Error),
-
-    #[fail(display = "PGP: {:?}", _0)]
-    Pgp(pgp::errors::Error),
-
-    #[fail(display = "Base64Decode: {:?}", _0)]
-    Base64Decode(base64::DecodeError),
-
-    #[fail(display = "{:?}", _0)]
-    FromUtf8(std::string::FromUtf8Error),
-
-    #[fail(display = "{}", _0)]
-    BlobError(#[cause] crate::blob::BlobError),
-
-    #[fail(display = "Invalid Message ID.")]
-    InvalidMsgId,
-
-    #[fail(display = "Watch folder not found {:?}", _0)]
-    WatchFolderNotFound(String),
-
-    #[fail(display = "Invalid Email: {:?}", _0)]
-    MailParseError(#[cause] mailparse::MailParseError),
-
-    #[fail(display = "Building invalid Email: {:?}", _0)]
-    LettreError(#[cause] lettre_email::error::Error),
-
-    #[fail(display = "SMTP error: {:?}", _0)]
-    SmtpError(#[cause] async_smtp::error::Error),
-
-    #[fail(display = "FromStr error: {:?}", _0)]
-    FromStr(#[cause] mime::FromStrError),
-
-    #[fail(display = "Not Configured")]
-    NotConfigured,
-}
-
-pub type Result<T> = std::result::Result<T, Error>;
-
-impl From<crate::sql::Error> for Error {
-    fn from(err: crate::sql::Error) -> Error {
-        Error::SqlError(err)
-    }
-}
-
-impl From<base64::DecodeError> for Error {
-    fn from(err: base64::DecodeError) -> Error {
-        Error::Base64Decode(err)
-    }
-}
-
-impl From<failure::Error> for Error {
-    fn from(err: failure::Error) -> Error {
-        Error::Failure(err)
-    }
-}
-
-impl From<std::io::Error> for Error {
-    fn from(err: std::io::Error) -> Error {
-        Error::Io(err)
-    }
-}
-
-impl From<std::str::Utf8Error> for Error {
-    fn from(err: std::str::Utf8Error) -> Error {
-        Error::Utf8(err)
-    }
-}
-
-impl From<image_meta::ImageError> for Error {
-    fn from(err: image_meta::ImageError) -> Error {
-        Error::Image(err)
-    }
-}
-
-impl From<pgp::errors::Error> for Error {
-    fn from(err: pgp::errors::Error) -> Error {
-        Error::Pgp(err)
-    }
-}
-
-impl From<std::string::FromUtf8Error> for Error {
-    fn from(err: std::string::FromUtf8Error) -> Error {
-        Error::FromUtf8(err)
-    }
-}
-
-impl From<crate::blob::BlobError> for Error {
-    fn from(err: crate::blob::BlobError) -> Error {
-        Error::BlobError(err)
-    }
-}
-
-impl From<crate::message::InvalidMsgId> for Error {
-    fn from(_err: crate::message::InvalidMsgId) -> Error {
-        Error::InvalidMsgId
-    }
-}
-
-impl From<crate::key::SaveKeyError> for Error {
-    fn from(err: crate::key::SaveKeyError) -> Error {
-        Error::MessageWithCause(format!("{}", err), err.into(), failure::Backtrace::new())
-    }
-}
-
-impl From<crate::pgp::PgpKeygenError> for Error {
-    fn from(err: crate::pgp::PgpKeygenError) -> Error {
-        Error::MessageWithCause(format!("{}", err), err.into(), failure::Backtrace::new())
-    }
-}
-
-impl From<mailparse::MailParseError> for Error {
-    fn from(err: mailparse::MailParseError) -> Error {
-        Error::MailParseError(err)
-    }
-}
-
-impl From<lettre_email::error::Error> for Error {
-    fn from(err: lettre_email::error::Error) -> Error {
-        Error::LettreError(err)
-    }
-}
-
-impl From<mime::FromStrError> for Error {
-    fn from(err: mime::FromStrError) -> Error {
-        Error::FromStr(err)
-    }
-}
-
-#[macro_export]
-macro_rules! bail {
-    ($e:expr) => {
-        return Err($crate::error::Error::Message($e.to_string()));
-    };
-    ($fmt:expr, $($arg:tt)+) => {
-        return Err($crate::error::Error::Message(format!($fmt, $($arg)+)));
-    };
-}
-
-#[macro_export]
-macro_rules! format_err {
-    ($e:expr) => {
-        $crate::error::Error::Message($e.to_string());
-    };
-    ($fmt:expr, $($arg:tt)+) => {
-        $crate::error::Error::Message(format!($fmt, $($arg)+));
-    };
-}
-
-#[macro_export(local_inner_macros)]
-macro_rules! ensure {
-    ($cond:expr, $e:expr) => {
-        if !($cond) {
-            bail!($e);
-        }
-    };
-    ($cond:expr, $fmt:expr, $($arg:tt)+) => {
-        if !($cond) {
-            bail!($fmt, $($arg)+);
-        }
-    };
-}
+// #[fail(display = "Invalid Message ID.")]
+// InvalidMsgId,
+// #[fail(display = "Watch folder not found {:?}", _0)]
+// WatchFolderNotFound(String),
+// #[fail(display = "Not Configured")]
+// NotConfigured,

 #[macro_export]
 macro_rules! ensure_eq {
--- a/src/events.rs
+++ b/src/events.rs
@@ -207,4 +207,16 @@ pub enum Event {
    /// @param data2 (int) contact_id
    #[strum(props(id = "2062"))]
    SecurejoinMemberAdded { chat_id: ChatId, contact_id: u32 },
+
+    /// This event is sent for each contact added to a chat.
+    /// @param data1 (int) chat_id
+    /// @param data2 (int) contact_id
+    #[strum(props(id = "2063"))]
+    MemberAdded { chat_id: ChatId, contact_id: u32 },
+
+    /// This event is sent for each contact removed from a chat.
+    /// @param data1 (int) chat_id
+    /// @param data2 (int) contact_id
+    #[strum(props(id = "2064"))]
+    MemberRemoved { chat_id: ChatId, contact_id: u32 },
 }
--- a/src/headerdef.rs
+++ b/src/headerdef.rs
@@ -1,5 +1,5 @@
 use crate::strum::AsStaticRef;
-use mailparse::{MailHeader, MailHeaderMap, MailParseError};
+use mailparse::{MailHeader, MailHeaderMap};

 #[derive(Debug, Display, Clone, PartialEq, Eq, EnumVariantNames, AsStaticStr)]
 #[strum(serialize_all = "kebab_case")]
@@ -52,11 +52,11 @@ impl HeaderDef {
 }

 pub trait HeaderDefMap {
-    fn get_header_value(&self, headerdef: HeaderDef) -> Result<Option<String>, MailParseError>;
+    fn get_header_value(&self, headerdef: HeaderDef) -> Option<String>;
 }

 impl HeaderDefMap for [MailHeader<'_>] {
-    fn get_header_value(&self, headerdef: HeaderDef) -> Result<Option<String>, MailParseError> {
+    fn get_header_value(&self, headerdef: HeaderDef) -> Option<String> {
        self.get_first_value(headerdef.get_headername())
    }
 }
@@ -79,18 +79,13 @@ mod tests {
        let (headers, _) =
            mailparse::parse_headers(b"fRoM: Bob\naUtoCryPt-SeTup-MessAge: v99").unwrap();
        assert_eq!(
-            headers
-                .get_header_value(HeaderDef::AutocryptSetupMessage)
-                .unwrap(),
+            headers.get_header_value(HeaderDef::AutocryptSetupMessage),
            Some("v99".to_string())
        );
        assert_eq!(
-            headers.get_header_value(HeaderDef::From_).unwrap(),
+            headers.get_header_value(HeaderDef::From_),
            Some("Bob".to_string())
        );
-        assert_eq!(
-            headers.get_header_value(HeaderDef::Autocrypt).unwrap(),
-            None
-        );
+        assert_eq!(headers.get_header_value(HeaderDef::Autocrypt), None);
    }
 }
--- a/src/imap/idle.rs
+++ b/src/imap/idle.rs
@@ -15,28 +15,22 @@ use super::session::Session;

 type Result<T> = std::result::Result<T, Error>;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "IMAP IDLE protocol failed to init/complete")]
-    IdleProtocolFailed(#[cause] async_imap::error::Error),
+    #[error("IMAP IDLE protocol failed to init/complete")]
+    IdleProtocolFailed(#[from] async_imap::error::Error),

-    #[fail(display = "IMAP IDLE protocol timed out")]
-    IdleTimeout(#[cause] async_std::future::TimeoutError),
+    #[error("IMAP IDLE protocol timed out")]
+    IdleTimeout(#[from] async_std::future::TimeoutError),

-    #[fail(display = "IMAP server does not have IDLE capability")]
+    #[error("IMAP server does not have IDLE capability")]
    IdleAbilityMissing,

-    #[fail(display = "IMAP select folder error")]
-    SelectFolderError(#[cause] select_folder::Error),
+    #[error("IMAP select folder error")]
+    SelectFolderError(#[from] select_folder::Error),

-    #[fail(display = "Setup handle error")]
-    SetupHandleError(#[cause] super::Error),
-}
-
-impl From<select_folder::Error> for Error {
-    fn from(err: select_folder::Error) -> Error {
-        Error::SelectFolderError(err)
-    }
+    #[error("Setup handle error")]
+    SetupHandleError(#[from] super::Error),
 }

 #[derive(Debug)]
@@ -71,9 +65,7 @@ impl Imap {
                return Err(Error::IdleAbilityMissing);
            }

-            self.setup_handle_if_needed(context)
-                .await
-                .map_err(Error::SetupHandleError)?;
+            self.setup_handle_if_needed(context).await?;

            self.select_folder(context, watch_folder.clone()).await?;

@@ -84,9 +76,7 @@ impl Imap {
                    // BEWARE: If you change the Secure branch you
                    // typically also need to change the Insecure branch.
                    IdleHandle::Secure(mut handle) => {
-                        if let Err(err) = handle.init().await {
-                            return Err(Error::IdleProtocolFailed(err));
-                        }
+                        handle.init().await?;

                        let (idle_wait, interrupt) = handle.wait_with_timeout(timeout);
                        *self.interrupt.lock().await = Some(interrupt);
@@ -141,9 +131,7 @@ impl Imap {
                        }
                    }
                    IdleHandle::Insecure(mut handle) => {
-                        if let Err(err) = handle.init().await {
-                            return Err(Error::IdleProtocolFailed(err));
-                        }
+                        handle.init().await?;

                        let (idle_wait, interrupt) = handle.wait_with_timeout(timeout);
                        *self.interrupt.lock().await = Some(interrupt);
--- a/src/imap/mod.rs
+++ b/src/imap/mod.rs
@@ -39,78 +39,48 @@ use session::Session;

 type Result<T> = std::result::Result<T, Error>;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "IMAP Connect without configured params")]
+    #[error("IMAP Connect without configured params")]
    ConnectWithoutConfigure,

-    #[fail(display = "IMAP Connection Failed params: {}", _0)]
+    #[error("IMAP Connection Failed params: {0}")]
    ConnectionFailed(String),

-    #[fail(display = "IMAP No Connection established")]
+    #[error("IMAP No Connection established")]
    NoConnection,

-    #[fail(display = "IMAP Could not get OAUTH token")]
+    #[error("IMAP Could not get OAUTH token")]
    OauthError,

-    #[fail(display = "IMAP Could not login as {}", _0)]
+    #[error("IMAP Could not login as {0}")]
    LoginFailed(String),

-    #[fail(display = "IMAP Could not fetch")]
-    FetchFailed(#[cause] async_imap::error::Error),
+    #[error("IMAP Could not fetch")]
+    FetchFailed(#[from] async_imap::error::Error),

-    #[fail(display = "IMAP operation attempted while it is torn down")]
+    #[error("IMAP operation attempted while it is torn down")]
    InTeardown,

-    #[fail(display = "IMAP operation attempted while it is torn down")]
-    SqlError(#[cause] crate::sql::Error),
+    #[error("IMAP operation attempted while it is torn down")]
+    SqlError(#[from] crate::sql::Error),

-    #[fail(display = "IMAP got error from elsewhere")]
-    WrappedError(#[cause] crate::error::Error),
+    #[error("IMAP got error from elsewhere")]
+    WrappedError(#[from] crate::error::Error),

-    #[fail(display = "IMAP select folder error")]
-    SelectFolderError(#[cause] select_folder::Error),
+    #[error("IMAP select folder error")]
+    SelectFolderError(#[from] select_folder::Error),

-    #[fail(display = "Mail parse error")]
-    MailParseError(#[cause] mailparse::MailParseError),
+    #[error("Mail parse error")]
+    MailParseError(#[from] mailparse::MailParseError),

-    #[fail(display = "No mailbox selected, folder: {:?}", _0)]
+    #[error("No mailbox selected, folder: {0}")]
    NoMailbox(String),

-    #[fail(display = "IMAP other error: {:?}", _0)]
+    #[error("IMAP other error: {0}")]
    Other(String),
 }

-impl From<crate::sql::Error> for Error {
-    fn from(err: crate::sql::Error) -> Error {
-        Error::SqlError(err)
-    }
-}
-
-impl From<crate::error::Error> for Error {
-    fn from(err: crate::error::Error) -> Error {
-        Error::WrappedError(err)
-    }
-}
-
-impl From<Error> for crate::error::Error {
-    fn from(err: Error) -> crate::error::Error {
-        crate::error::Error::Message(err.to_string())
-    }
-}
-
-impl From<select_folder::Error> for Error {
-    fn from(err: select_folder::Error) -> Error {
-        Error::SelectFolderError(err)
-    }
-}
-
-impl From<mailparse::MailParseError> for Error {
-    fn from(err: mailparse::MailParseError) -> Error {
-        Error::MailParseError(err)
-    }
-}
-
 #[derive(Debug, Display, Clone, Copy, PartialEq, Eq)]
 pub enum ImapActionResult {
    Failed,
@@ -188,7 +158,6 @@ struct ImapConfig {
    /// True if the server has MOVE capability as defined in
    /// https://tools.ietf.org/html/rfc6851
    pub can_move: bool,
-    pub imap_delimiter: char,
 }

 impl Default for ImapConfig {
@@ -206,7 +175,6 @@ impl Default for ImapConfig {
            selected_folder_needs_expunge: false,
            can_idle: false,
            can_move: false,
-            imap_delimiter: '.',
        }
    }
 }
@@ -796,7 +764,6 @@ impl Imap {
        folder: &str,
        uid: u32,
        dest_folder: &str,
-        dest_uid: &mut u32,
    ) -> ImapActionResult {
        task::block_on(async move {
            if folder == dest_folder {
@@ -813,10 +780,6 @@ impl Imap {
                return imapresult;
            }
            // we are connected, and the folder is selected
-
-            // XXX Rust-Imap provides no target uid on mv, so just set it to 0
-            *dest_uid = 0;
-
            let set = format!("{}", uid);
            let display_folder_id = format!("{}/{}", folder, uid);

@@ -996,10 +959,10 @@ impl Imap {
        context: &Context,
        message_id: &str,
        folder: &str,
-        uid: &mut u32,
+        uid: u32,
    ) -> ImapActionResult {
        task::block_on(async move {
-            if let Some(imapresult) = self.prepare_imap_operation_on_msg(context, folder, *uid) {
+            if let Some(imapresult) = self.prepare_imap_operation_on_msg(context, folder, uid) {
                return imapresult;
            }
            // we are connected, and the folder is selected
@@ -1021,7 +984,7 @@ impl Imap {
                                display_imap_id,
                                message_id,
                            );
-                            return ImapActionResult::Failed;
+                            return ImapActionResult::AlreadyDone;
                        };

                        let remote_message_id = get_fetch_headers(fetch)
@@ -1036,7 +999,7 @@ impl Imap {
                                remote_message_id,
                                message_id,
                            );
-                            *uid = 0;
+                            return ImapActionResult::Failed;
                        }
                    }
                    Err(err) => {
@@ -1044,18 +1007,18 @@ impl Imap {
                            context,
                            "Cannot delete {} on IMAP: {}", display_imap_id, err
                        );
-                        *uid = 0;
+                        return ImapActionResult::RetryLater;
                    }
                }
            }

            // mark the message for deletion
-            if !self.add_flag_finalized(context, *uid, "\\Deleted").await {
+            if !self.add_flag_finalized(context, uid, "\\Deleted").await {
                warn!(
                    context,
                    "Cannot mark message {} as \"Deleted\".", display_imap_id
                );
-                ImapActionResult::Failed
+                ImapActionResult::RetryLater
            } else {
                emit_event!(
                    context,
@@ -1074,12 +1037,14 @@ impl Imap {
        let folders_configured = context
            .sql
            .get_raw_config_int(context, "folders_configured");
-        if folders_configured.unwrap_or_default() >= 3 {
-            // the "3" here we increase if we have future updates to
-            // to folder configuration
+        if folders_configured.unwrap_or_default() >= DC_FOLDERS_CONFIGURED_VERSION {
            return Ok(());
        }

+        self.configure_folders(context, create_mvbox)
+    }
+
+    pub fn configure_folders(&self, context: &Context, create_mvbox: bool) -> Result<()> {
        task::block_on(async move {
            if !self.is_connected().await {
                return Err(Error::NoConnection);
@@ -1104,7 +1069,15 @@ impl Imap {
                        });
                info!(context, "sentbox folder is {:?}", sentbox_folder);

-                let delimiter = self.config.read().await.imap_delimiter;
+                let mut delimiter = ".";
+                if let Some(folder) = folders.first() {
+                    if let Some(d) = folder.delimiter() {
+                        if !d.is_empty() {
+                            delimiter = d;
+                        }
+                    }
+                }
+                info!(context, "Using \"{}\" as folder-delimiter.", delimiter);
                let fallback_folder = format!("INBOX{}DeltaChat", delimiter);

                let mut mvbox_folder = folders
@@ -1168,9 +1141,11 @@ impl Imap {
                        Some(sentbox_folder.name()),
                    )?;
                }
-                context
-                    .sql
-                    .set_raw_config_int(context, "folders_configured", 3)?;
+                context.sql.set_raw_config_int(
+                    context,
+                    "folders_configured",
+                    DC_FOLDERS_CONFIGURED_VERSION,
+                )?;
            }
            info!(context, "FINISHED configuring IMAP-folders.");
            Ok(())
@@ -1205,13 +1180,13 @@ impl Imap {
                return;
            }
            if let Err(err) = self.setup_handle_if_needed(context).await {
-                error!(context, "could not setup imap connection: {:?}", err);
+                error!(context, "could not setup imap connection: {}", err);
                return;
            }
            if let Err(err) = self.select_folder(context, Some(&folder)).await {
                error!(
                    context,
-                    "Could not select {} for expunging: {:?}", folder, err
+                    "Could not select {} for expunging: {}", folder, err
                );
                return;
            }
@@ -1231,9 +1206,21 @@ impl Imap {
                    emit_event!(context, Event::ImapFolderEmptied(folder.to_string()));
                }
                Err(err) => {
-                    error!(context, "expunge failed {}: {:?}", folder, err);
+                    error!(context, "expunge failed {}: {}", folder, err);
                }
            }
+
+            if let Err(err) = crate::sql::execute(
+                context,
+                &context.sql,
+                "UPDATE msgs SET server_folder='',server_uid=0 WHERE server_folder=?",
+                params![folder],
+            ) {
+                warn!(
+                    context,
+                    "Failed to reset server_uid and server_folder for deleted messages: {}", err
+                );
+            }
        });
    }
 }
@@ -1284,17 +1271,52 @@ fn precheck_imf(context: &Context, rfc724_mid: &str, server_folder: &str, server
        message::rfc724_mid_exists(context, &rfc724_mid)
    {
        if old_server_folder.is_empty() && old_server_uid == 0 {
-            info!(context, "[move] detected bcc-self {}", rfc724_mid,);
-            context.do_heuristics_moves(server_folder.as_ref(), msg_id);
-            job_add(
+            info!(
                context,
-                Action::MarkseenMsgOnImap,
-                msg_id.to_u32() as i32,
-                Params::new(),
-                0,
+                "[move] detected bcc-self {} as {}/{}", rfc724_mid, server_folder, server_uid
            );
+
+            let delete_server_after = context.get_config_delete_server_after();
+
+            if delete_server_after != Some(0) {
+                context.do_heuristics_moves(server_folder.as_ref(), msg_id);
+                job_add(
+                    context,
+                    Action::MarkseenMsgOnImap,
+                    msg_id.to_u32() as i32,
+                    Params::new(),
+                    0,
+                );
+            }
        } else if old_server_folder != server_folder {
-            info!(context, "[move] detected moved message {}", rfc724_mid,);
+            info!(
+                context,
+                "[move] detected message {} moved by other device from {}/{} to {}/{}",
+                rfc724_mid,
+                old_server_folder,
+                old_server_uid,
+                server_folder,
+                server_uid
+            );
+        } else if old_server_uid == 0 {
+            info!(
+                context,
+                "[move] detected message {} moved by us from {}/{} to {}/{}",
+                rfc724_mid,
+                old_server_folder,
+                old_server_uid,
+                server_folder,
+                server_uid
+            );
+        } else if old_server_uid != server_uid {
+            warn!(
+                context,
+                "UID for message {} in folder {} changed from {} to {}",
+                rfc724_mid,
+                server_folder,
+                old_server_uid,
+                server_uid
+            );
        }

        if old_server_folder != server_folder || old_server_uid != server_uid {
@@ -1316,30 +1338,27 @@ fn get_fetch_headers(prefetch_msg: &Fetch) -> Result<Vec<mailparse::MailHeader>>
 }

 fn prefetch_get_message_id(headers: &[mailparse::MailHeader]) -> Result<String> {
-    if let Some(message_id) = headers.get_header_value(HeaderDef::MessageId)? {
+    if let Some(message_id) = headers.get_header_value(HeaderDef::MessageId) {
        Ok(crate::mimeparser::parse_message_id(&message_id)?)
    } else {
        Err(Error::Other("prefetch: No message ID found".to_string()))
    }
 }

-fn prefetch_is_reply_to_chat_message(
-    context: &Context,
-    headers: &[mailparse::MailHeader],
-) -> Result<bool> {
-    if let Some(value) = headers.get_header_value(HeaderDef::InReplyTo)? {
+fn prefetch_is_reply_to_chat_message(context: &Context, headers: &[mailparse::MailHeader]) -> bool {
+    if let Some(value) = headers.get_header_value(HeaderDef::InReplyTo) {
        if is_msgrmsg_rfc724_mid_in_list(context, &value) {
-            return Ok(true);
+            return true;
        }
    }

-    if let Some(value) = headers.get_header_value(HeaderDef::References)? {
+    if let Some(value) = headers.get_header_value(HeaderDef::References) {
        if is_msgrmsg_rfc724_mid_in_list(context, &value) {
-            return Ok(true);
+            return true;
        }
    }

-    Ok(false)
+    false
 }

 fn prefetch_should_download(
@@ -1347,19 +1366,23 @@ fn prefetch_should_download(
    headers: &[mailparse::MailHeader],
    show_emails: ShowEmails,
 ) -> Result<bool> {
-    let is_chat_message = headers.get_header_value(HeaderDef::ChatVersion)?.is_some();
-    let is_reply_to_chat_message = prefetch_is_reply_to_chat_message(context, &headers)?;
+    let is_chat_message = headers.get_header_value(HeaderDef::ChatVersion).is_some();
+    let is_reply_to_chat_message = prefetch_is_reply_to_chat_message(context, &headers);

    // Autocrypt Setup Message should be shown even if it is from non-chat client.
    let is_autocrypt_setup_message = headers
-        .get_header_value(HeaderDef::AutocryptSetupMessage)?
+        .get_header_value(HeaderDef::AutocryptSetupMessage)
        .is_some();

    let from_field = headers
-        .get_header_value(HeaderDef::From_)?
+        .get_header_value(HeaderDef::From_)
        .unwrap_or_default();

-    let (_contact_id, blocked_contact, origin) = from_field_to_contact_id(context, &from_field)?;
+    let (_contact_id, blocked_contact, origin) = from_field_to_contact_id(
+        context,
+        &from_field,
+        headers.get_header_value(HeaderDef::ListId).as_ref(),
+    )?;
    let accepted_contact = origin.is_known();

    let show = is_autocrypt_setup_message
--- a/src/imap/select_folder.rs
+++ b/src/imap/select_folder.rs
@@ -4,21 +4,21 @@ use crate::context::Context;

 type Result<T> = std::result::Result<T, Error>;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "IMAP Could not obtain imap-session object.")]
+    #[error("IMAP Could not obtain imap-session object.")]
    NoSession,

-    #[fail(display = "IMAP Connection Lost or no connection established")]
+    #[error("IMAP Connection Lost or no connection established")]
    ConnectionLost,

-    #[fail(display = "IMAP Folder name invalid: {:?}", _0)]
+    #[error("IMAP Folder name invalid: {0}")]
    BadFolderName(String),

-    #[fail(display = "IMAP close/expunge failed: {}", _0)]
-    CloseExpungeFailed(#[cause] async_imap::error::Error),
+    #[error("IMAP close/expunge failed")]
+    CloseExpungeFailed(#[from] async_imap::error::Error),

-    #[fail(display = "IMAP other error: {:?}", _0)]
+    #[error("IMAP other error: {0}")]
    Other(String),
 }

--- a/src/imex.rs
+++ b/src/imex.rs
@@ -756,7 +756,6 @@ mod tests {
        assert!(msg.contains("-----BEGIN PGP MESSAGE-----\r\n"));
        assert!(msg.contains("Passphrase-Format: numeric9x4\r\n"));
        assert!(msg.contains("Passphrase-Begin: he\n"));
-        assert!(msg.contains("==\n"));
        assert!(msg.contains("-----END PGP MESSAGE-----\n"));
    }

--- a/src/job.rs
+++ b/src/job.rs
@@ -9,6 +9,9 @@ use deltachat_derive::{FromSql, ToSql};
 use itertools::Itertools;
 use rand::{thread_rng, Rng};

+use async_smtp::smtp::response::Category;
+use async_smtp::smtp::response::Code;
+use async_smtp::smtp::response::Detail;
 use async_std::task;

 use crate::blob::BlobObject;
@@ -19,7 +22,7 @@ use crate::constants::*;
 use crate::contact::Contact;
 use crate::context::{Context, PerformJobsNeeded};
 use crate::dc_tools::*;
-use crate::error::{Error, Result};
+use crate::error::{bail, ensure, format_err, Error, Result};
 use crate::events::Event;
 use crate::imap::*;
 use crate::imex::*;
@@ -80,10 +83,14 @@ pub enum Action {
    // Jobs in the INBOX-thread, range from DC_IMAP_THREAD..DC_IMAP_THREAD+999
    Housekeeping = 105, // low priority ...
    EmptyServer = 107,
-    DeleteMsgOnImap = 110,
-    MarkseenMdnOnImap = 120,
+    OldDeleteMsgOnImap = 110,
    MarkseenMsgOnImap = 130,
+
+    // Moving message is prioritized lower than deletion so we don't
+    // bother moving message if it is already scheduled for deletion.
    MoveMsg = 200,
+
+    DeleteMsgOnImap = 210,
    ConfigureImap = 900,
    ImexImap = 910, // ... high priority

@@ -108,9 +115,9 @@ impl From<Action> for Thread {
            Unknown => Thread::Unknown,

            Housekeeping => Thread::Imap,
+            OldDeleteMsgOnImap => Thread::Imap,
            DeleteMsgOnImap => Thread::Imap,
            EmptyServer => Thread::Imap,
-            MarkseenMdnOnImap => Thread::Imap,
            MarkseenMsgOnImap => Thread::Imap,
            MoveMsg => Thread::Imap,
            ConfigureImap => Thread::Imap,
@@ -196,8 +203,37 @@ impl Job {
                self.pending_error = Some(err.to_string());

                let res = match err {
-                    async_smtp::smtp::error::Error::Permanent(_) => {
-                        Status::Finished(Err(format_err!("Permanent SMTP error: {}", err)))
+                    async_smtp::smtp::error::Error::Permanent(ref response) => {
+                        match response.code {
+                            // Sometimes servers send a permanent error when actually it is a temporary error
+                            // For documentation see https://tools.ietf.org/html/rfc3463
+
+                            // Code 5.5.0, see https://support.delta.chat/t/every-other-message-gets-stuck/877/2
+                            Code {
+                                category: Category::MailSystem,
+                                detail: Detail::Zero,
+                                ..
+                            } => Status::RetryLater,
+
+                            _ => {
+                                // If we do not retry, add an info message to the chat
+                                // Error 5.7.1 should definitely go here: Yandex sends 5.7.1 with a link when it thinks that the email is SPAM.
+                                match Message::load_from_db(context, MsgId::new(self.foreign_id)) {
+                                    Ok(message) => chat::add_info_msg(
+                                        context,
+                                        message.chat_id,
+                                        err.to_string(),
+                                    ),
+                                    Err(e) => warn!(
+                                        context,
+                                        "couldn't load chat_id to inform user about SMTP error: {}",
+                                        e
+                                    ),
+                                };
+
+                                Status::Finished(Err(format_err!("Permanent SMTP error: {}", err)))
+                            }
+                        }
                    }
                    async_smtp::smtp::error::Error::Transient(_) => {
                        // We got a transient 4xx response from SMTP server.
@@ -223,7 +259,7 @@ impl Job {
                // Local error, job is invalid, do not retry.
                smtp.disconnect();
                warn!(context, "SMTP job is invalid: {}", err);
-                Status::Finished(Err(Error::SmtpError(err)))
+                Status::Finished(Err(err.into()))
            }
            Err(crate::smtp::send::Error::NoTransport) => {
                // Should never happen.
@@ -413,18 +449,12 @@ impl Job {

        if let Some(dest_folder) = dest_folder {
            let server_folder = msg.server_folder.as_ref().unwrap();
-            let mut dest_uid = 0;

-            match imap_inbox.mv(
-                context,
-                server_folder,
-                msg.server_uid,
-                &dest_folder,
-                &mut dest_uid,
-            ) {
+            match imap_inbox.mv(context, server_folder, msg.server_uid, &dest_folder) {
                ImapActionResult::RetryLater => Status::RetryLater,
                ImapActionResult::Success => {
-                    message::update_server_uid(context, &msg.rfc724_mid, &dest_folder, dest_uid);
+                    // XXX Rust-Imap provides no target uid on mv, so just set it to 0
+                    message::update_server_uid(context, &msg.rfc724_mid, &dest_folder, 0);
                    Status::Finished(Ok(()))
                }
                ImapActionResult::Failed => {
@@ -437,14 +467,29 @@ impl Job {
        }
    }

+    /// Deletes a message on the server.
+    ///
+    /// foreign_id is a MsgId pointing to a message in the trash chat
+    /// or a hidden message.
+    ///
+    /// This job removes the database record. If there are no more
+    /// records pointing to the same message on the server, the job
+    /// also removes the message on the server.
    #[allow(non_snake_case)]
    fn DeleteMsgOnImap(&mut self, context: &Context) -> Status {
        let imap_inbox = &context.inbox_thread.read().unwrap().imap;

-        let mut msg = job_try!(Message::load_from_db(context, MsgId::new(self.foreign_id)));
+        let msg = job_try!(Message::load_from_db(context, MsgId::new(self.foreign_id)));

        if !msg.rfc724_mid.is_empty() {
-            if message::rfc724_mid_cnt(context, &msg.rfc724_mid) > 1 {
+            let cnt = message::rfc724_mid_cnt(context, &msg.rfc724_mid);
+            info!(
+                context,
+                "Running delete job for message {} which has {} entries in the database",
+                &msg.rfc724_mid,
+                cnt
+            );
+            if cnt > 1 {
                info!(
                    context,
                    "The message is deleted from the server when all parts are deleted.",
@@ -454,13 +499,47 @@ impl Job {
                we delete the message from the server */
                let mid = msg.rfc724_mid;
                let server_folder = msg.server_folder.as_ref().unwrap();
-                let res = imap_inbox.delete_msg(context, &mid, server_folder, &mut msg.server_uid);
-                if res == ImapActionResult::RetryLater {
-                    // XXX RetryLater is converted to RetryNow here
-                    return Status::RetryNow;
+                let res = if msg.server_uid == 0 {
+                    // Message is already deleted on IMAP server.
+                    ImapActionResult::AlreadyDone
+                } else {
+                    imap_inbox.delete_msg(context, &mid, server_folder, msg.server_uid)
+                };
+                match res {
+                    ImapActionResult::AlreadyDone | ImapActionResult::Success => {}
+                    ImapActionResult::RetryLater | ImapActionResult::Failed => {
+                        // If job has failed, for example due to some
+                        // IMAP bug, we postpone it instead of failing
+                        // immediately. This will prevent adding it
+                        // immediately again if user has enabled
+                        // automatic message deletion. Without this,
+                        // we might waste a lot of traffic constantly
+                        // retrying message deletion.
+                        return Status::RetryLater;
+                    }
                }
            }
-            Message::delete_from_db(context, msg.id);
+            if msg.chat_id.is_trash() || msg.hidden {
+                // Messages are stored in trash chat only to keep
+                // their server UID and Message-ID. Once message is
+                // deleted from the server, database record can be
+                // removed as well.
+                //
+                // Hidden messages are similar to trashed, but are
+                // related to some chat. We also delete their
+                // database records.
+                job_try!(msg.id.delete_from_db(context))
+            } else {
+                // Remove server UID from the database record.
+                //
+                // We have either just removed the message from the
+                // server, in which case UID is not valid anymore, or
+                // we have more refernces to the same server UID, so
+                // we remove UID to reduce the number of messages
+                // pointing to the corresponding UID. Once the counter
+                // reaches zero, we will remove the message.
+                job_try!(msg.id.unlink(context));
+            }
            Status::Finished(Ok(()))
        } else {
            /* eg. device messages have no Message-ID */
@@ -512,43 +591,6 @@ impl Job {
            }
        }
    }
-
-    #[allow(non_snake_case)]
-    fn MarkseenMdnOnImap(&mut self, context: &Context) -> Status {
-        let folder = self
-            .param
-            .get(Param::ServerFolder)
-            .unwrap_or_default()
-            .to_string();
-        let uid = self.param.get_int(Param::ServerUid).unwrap_or_default() as u32;
-        let imap_inbox = &context.inbox_thread.read().unwrap().imap;
-        if imap_inbox.set_seen(context, &folder, uid) == ImapActionResult::RetryLater {
-            return Status::RetryLater;
-        }
-        if self.param.get_bool(Param::AlsoMove).unwrap_or_default() {
-            if let Err(err) = imap_inbox.ensure_configured_folders(context, true) {
-                warn!(context, "configuring folders failed: {:?}", err);
-                return Status::RetryLater;
-            }
-            let dest_folder = context
-                .sql
-                .get_raw_config(context, "configured_mvbox_folder");
-            if let Some(dest_folder) = dest_folder {
-                let mut dest_uid = 0;
-                if ImapActionResult::RetryLater
-                    == imap_inbox.mv(context, &folder, uid, &dest_folder, &mut dest_uid)
-                {
-                    Status::RetryLater
-                } else {
-                    Status::Finished(Ok(()))
-                }
-            } else {
-                Status::Finished(Err(format_err!("MVBOX is not configured")))
-            }
-        } else {
-            Status::Finished(Ok(()))
-        }
-    }
 }

 /* delete all pending jobs with the given action */
@@ -821,7 +863,11 @@ pub fn job_send_msg(context: &Context, msg_id: MsgId) -> Result<()> {
        .get_config(Config::ConfiguredAddr)
        .unwrap_or_default();
    let lowercase_from = from.to_lowercase();
+
+    // Send BCC to self if it is enabled and we are not going to
+    // delete it immediately.
    if context.get_config_bool(Config::BccSelf)
+        && context.get_config_delete_server_after() != Some(0)
        && !recipients
            .iter()
            .any(|x| x.to_lowercase() == lowercase_from)
@@ -897,6 +943,41 @@ pub fn job_send_msg(context: &Context, msg_id: MsgId) -> Result<()> {
    Ok(())
 }

+fn add_imap_deletion_jobs(context: &Context) -> sql::Result<()> {
+    if let Some(delete_server_after) = context.get_config_delete_server_after() {
+        let threshold_timestamp = time() - delete_server_after;
+
+        // Select all expired messages which don't have a
+        // corresponding message deletion job yet.
+        let msg_ids = context.sql.query_map(
+            "SELECT id FROM msgs \
+             WHERE timestamp < ? \
+             AND server_uid != 0 \
+             AND NOT EXISTS (SELECT 1 FROM jobs WHERE foreign_id = msgs.id \
+             AND action = ?)",
+            params![threshold_timestamp, Action::DeleteMsgOnImap],
+            |row| row.get::<_, MsgId>(0),
+            |ids| {
+                ids.collect::<std::result::Result<Vec<_>, _>>()
+                    .map_err(Into::into)
+            },
+        )?;
+
+        // Schedule IMAP deletion for expired messages.
+        for msg_id in msg_ids {
+            job_add(
+                context,
+                Action::DeleteMsgOnImap,
+                msg_id.to_u32() as i32,
+                Params::new(),
+                0,
+            )
+        }
+    }
+
+    Ok(())
+}
+
 pub fn perform_inbox_jobs(context: &Context) {
    info!(context, "dc_perform_inbox_jobs starting.",);

@@ -904,6 +985,9 @@ pub fn perform_inbox_jobs(context: &Context) {
    *context.probe_imap_network.write().unwrap() = false;
    *context.perform_inbox_jobs_needed.write().unwrap() = false;

+    if let Err(err) = add_imap_deletion_jobs(context) {
+        warn!(context, "Can't add IMAP message deletion jobs: {}", err);
+    }
    job_perform(context, Thread::Imap, probe_imap_network);
    info!(context, "dc_perform_inbox_jobs ended.",);
 }
@@ -1045,9 +1129,9 @@ fn perform_job_action(context: &Context, mut job: &mut Job, thread: Thread, trie
        Action::Unknown => Status::Finished(Err(format_err!("Unknown job id found"))),
        Action::SendMsgToSmtp => job.SendMsgToSmtp(context),
        Action::EmptyServer => job.EmptyServer(context),
+        Action::OldDeleteMsgOnImap => job.DeleteMsgOnImap(context),
        Action::DeleteMsgOnImap => job.DeleteMsgOnImap(context),
        Action::MarkseenMsgOnImap => job.MarkseenMsgOnImap(context),
-        Action::MarkseenMdnOnImap => job.MarkseenMdnOnImap(context),
        Action::MoveMsg => job.MoveMsg(context),
        Action::SendMdn => job.SendMdn(context),
        Action::ConfigureImap => JobConfigureImap(context),
--- a/src/job_thread.rs
+++ b/src/job_thread.rs
@@ -1,7 +1,7 @@
 use std::sync::{Arc, Condvar, Mutex};

 use crate::context::Context;
-use crate::error::{Error, Result};
+use crate::error::{format_err, Result};
 use crate::imap::Imap;

 #[derive(Debug)]
@@ -99,25 +99,21 @@ impl JobThread {

    async fn connect_and_fetch(&mut self, context: &Context) -> Result<()> {
        let prefix = format!("{}-fetch", self.name);
-        match self.imap.connect_configured(context) {
-            Ok(()) => {
-                if let Some(watch_folder) = self.get_watch_folder(context) {
-                    let start = std::time::Instant::now();
-                    info!(context, "{} started...", prefix);
-                    let res = self
-                        .imap
-                        .fetch(context, &watch_folder)
-                        .await
-                        .map_err(Into::into);
-                    let elapsed = start.elapsed().as_millis();
-                    info!(context, "{} done in {:.3} ms.", prefix, elapsed);
+        self.imap.connect_configured(context)?;
+        if let Some(watch_folder) = self.get_watch_folder(context) {
+            let start = std::time::Instant::now();
+            info!(context, "{} started...", prefix);
+            let res = self
+                .imap
+                .fetch(context, &watch_folder)
+                .await
+                .map_err(Into::into);
+            let elapsed = start.elapsed().as_millis();
+            info!(context, "{} done in {:.3} ms.", prefix, elapsed);

-                    res
-                } else {
-                    Err(Error::WatchFolderNotFound("not-set".to_string()))
-                }
-            }
-            Err(err) => Err(crate::error::Error::Message(err.to_string())),
+            res
+        } else {
+            Err(format_err!("WatchFolder not found: not-set"))
        }
    }

--- a/src/key.rs
+++ b/src/key.rs
@@ -18,24 +18,12 @@ pub use crate::pgp::KeyPair;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};

 /// Error type for deltachat key handling.
-#[derive(Fail, Debug)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "Could not decode base64")]
-    Base64Decode(#[cause] base64::DecodeError, failure::Backtrace),
-    #[fail(display = "rPGP error: {}", _0)]
-    PgpError(#[cause] pgp::errors::Error, failure::Backtrace),
-}
-
-impl From<base64::DecodeError> for Error {
-    fn from(err: base64::DecodeError) -> Error {
-        Error::Base64Decode(err, failure::Backtrace::new())
-    }
-}
-
-impl From<pgp::errors::Error> for Error {
-    fn from(err: pgp::errors::Error) -> Error {
-        Error::PgpError(err, failure::Backtrace::new())
-    }
+    #[error("Could not decode base64")]
+    Base64Decode(#[from] base64::DecodeError),
+    #[error("rPGP error: {0}")]
+    PgpError(#[from] pgp::errors::Error),
 }

 pub type Result<T> = std::result::Result<T, Error>;
@@ -316,21 +304,19 @@ pub enum KeyPairUse {
 }

 /// Error saving a keypair to the database.
-#[derive(Fail, Debug)]
-#[fail(display = "SaveKeyError: {}", message)]
+#[derive(Debug, thiserror::Error)]
+#[error("SaveKeyError: {message}")]
 pub struct SaveKeyError {
    message: String,
-    #[cause]
-    cause: failure::Error,
-    backtrace: failure::Backtrace,
+    #[source]
+    cause: anyhow::Error,
 }

 impl SaveKeyError {
-    fn new(message: impl Into<String>, cause: impl Into<failure::Error>) -> Self {
+    fn new(message: impl Into<String>, cause: impl Into<anyhow::Error>) -> Self {
        Self {
            message: message.into(),
            cause: cause.into(),
-            backtrace: failure::Backtrace::new(),
        }
    }
 }
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -2,8 +2,6 @@
 #![deny(clippy::correctness, missing_debug_implementations, clippy::all)]
 #![allow(clippy::match_bool)]

-#[macro_use]
-extern crate failure_derive;
 #[macro_use]
 extern crate num_derive;
 #[macro_use]
--- a/src/location.rs
+++ b/src/location.rs
@@ -1,7 +1,6 @@
 //! Location handling

 use bitflags::bitflags;
-use quick_xml;
 use quick_xml::events::{BytesEnd, BytesStart, BytesText};

 use crate::chat::{self, ChatId};
@@ -9,7 +8,7 @@ use crate::config::Config;
 use crate::constants::*;
 use crate::context::*;
 use crate::dc_tools::*;
-use crate::error::Error;
+use crate::error::{ensure, Error};
 use crate::events::Event;
 use crate::job::{self, job_action_exists, job_add, Job};
 use crate::message::{Message, MsgId};
@@ -123,9 +122,9 @@ impl Kml {
                }
            } else if self.tag.contains(KmlTag::COORDINATES) {
                let parts = val.splitn(2, ',').collect::<Vec<_>>();
-                if parts.len() == 2 {
-                    self.curr.longitude = parts[0].parse().unwrap_or_default();
-                    self.curr.latitude = parts[1].parse().unwrap_or_default();
+                if let [longitude, latitude] = &parts[..] {
+                    self.curr.longitude = longitude.parse().unwrap_or_default();
+                    self.curr.latitude = latitude.parse().unwrap_or_default();
                }
            }
        }
--- a/src/lot.rs
+++ b/src/lot.rs
@@ -40,11 +40,11 @@ impl Lot {
    }

    pub fn get_text1(&self) -> Option<&str> {
-        self.text1.as_ref().map(|s| s.as_str())
+        self.text1.as_deref()
    }

    pub fn get_text2(&self) -> Option<&str> {
-        self.text2.as_ref().map(|s| s.as_str())
+        self.text2.as_deref()
    }

    pub fn get_text1_meaning(&self) -> Meaning {
--- a/src/message.rs
+++ b/src/message.rs
@@ -3,7 +3,7 @@
 use std::path::{Path, PathBuf};

 use deltachat_derive::{FromSql, ToSql};
-use failure::Fail;
+use lazy_static::lazy_static;
 use serde::{Deserialize, Serialize};

 use crate::chat::{self, Chat, ChatId};
@@ -11,7 +11,7 @@ use crate::constants::*;
 use crate::contact::*;
 use crate::context::*;
 use crate::dc_tools::*;
-use crate::error::Error;
+use crate::error::{ensure, Error};
 use crate::events::Event;
 use crate::job::*;
 use crate::lot::{Lot, LotState, Meaning};
@@ -21,6 +21,10 @@ use crate::pgp::*;
 use crate::sql;
 use crate::stock::StockMessage;

+lazy_static! {
+    static ref UNWRAP_RE: regex::Regex = regex::Regex::new(r"\s+").unwrap();
+}
+
 // In practice, the user additionally cuts the string themselves
 // pixel-accurate.
 const SUMMARY_CHARACTERS: usize = 160;
@@ -80,6 +84,55 @@ impl MsgId {
        self.0 == DC_MSG_ID_DAYMARKER
    }

+    /// Put message into trash chat and delete message text.
+    ///
+    /// It means the message is deleted locally, but not on the server
+    /// yet.
+    pub fn trash(self, context: &Context) -> crate::sql::Result<()> {
+        let chat_id = ChatId::new(DC_CHAT_ID_TRASH);
+        sql::execute(
+            context,
+            &context.sql,
+            "UPDATE msgs SET chat_id=?, txt='', txt_raw='' WHERE id=?",
+            params![chat_id, self],
+        )
+    }
+
+    /// Deletes a message and corresponding MDNs from the database.
+    pub fn delete_from_db(self, context: &Context) -> crate::sql::Result<()> {
+        // We don't use transactions yet, so remove MDNs first to make
+        // sure they are not left while the message is deleted.
+        sql::execute(
+            context,
+            &context.sql,
+            "DELETE FROM msgs_mdns WHERE msg_id=?;",
+            params![self],
+        )?;
+        sql::execute(
+            context,
+            &context.sql,
+            "DELETE FROM msgs WHERE id=?;",
+            params![self],
+        )?;
+        Ok(())
+    }
+
+    /// Removes IMAP server UID and folder from the database record.
+    ///
+    /// It is used to avoid trying to remove the message from the
+    /// server multiple times when there are multiple message records
+    /// pointing to the same server UID.
+    pub(crate) fn unlink(self, context: &Context) -> sql::Result<()> {
+        sql::execute(
+            context,
+            &context.sql,
+            "UPDATE msgs \
+             SET server_folder='', server_uid=0 \
+             WHERE id=?",
+            params![self],
+        )
+    }
+
    /// Bad evil escape hatch.
    ///
    /// Avoid using this, eventually types should be cleaned up enough
@@ -116,7 +169,7 @@ impl rusqlite::types::ToSql for MsgId {
    fn to_sql(&self) -> rusqlite::Result<rusqlite::types::ToSqlOutput> {
        if self.0 <= DC_MSG_ID_LAST_SPECIAL {
            return Err(rusqlite::Error::ToSqlConversionFailure(Box::new(
-                InvalidMsgId.compat(),
+                InvalidMsgId,
            )));
        }
        let val = rusqlite::types::Value::Integer(self.0 as i64);
@@ -144,8 +197,8 @@ impl rusqlite::types::FromSql for MsgId {
 /// This usually occurs when trying to use a message ID of
 /// [DC_MSG_ID_LAST_SPECIAL] or below in a situation where this is not
 /// possible.
-#[derive(Debug, Fail)]
-#[fail(display = "Invalid Message ID.")]
+#[derive(Debug, thiserror::Error)]
+#[error("Invalid Message ID.")]
 pub struct InvalidMsgId;

 #[derive(
@@ -300,25 +353,6 @@ impl Message {
            .map_err(Into::into)
    }

-    pub fn delete_from_db(context: &Context, msg_id: MsgId) {
-        if let Ok(msg) = Message::load_from_db(context, msg_id) {
-            sql::execute(
-                context,
-                &context.sql,
-                "DELETE FROM msgs WHERE id=?;",
-                params![msg.id],
-            )
-            .ok();
-            sql::execute(
-                context,
-                &context.sql,
-                "DELETE FROM msgs_mdns WHERE msg_id=?;",
-                params![msg.id],
-            )
-            .ok();
-        }
-    }
-
    pub fn get_filemime(&self) -> Option<String> {
        if let Some(m) = self.param.get(Param::MimeType) {
            return Some(m.to_string());
@@ -438,7 +472,7 @@ impl Message {
    pub fn get_text(&self) -> Option<String> {
        self.text
            .as_ref()
-            .map(|text| dc_truncate(text, 30000, false).to_string())
+            .map(|text| dc_truncate(text, 30000).to_string())
    }

    pub fn get_filename(&self) -> Option<String> {
@@ -809,7 +843,7 @@ pub fn get_msg_info(context: &Context, msg_id: MsgId) -> String {
        return ret;
    }
    let rawtxt = rawtxt.unwrap_or_default();
-    let rawtxt = dc_truncate(rawtxt.trim(), 100_000, false);
+    let rawtxt = dc_truncate(rawtxt.trim(), 100_000);

    let fts = dc_timestamp_to_str(msg.get_timestamp());
    ret += &format!("Sent: {}", fts);
@@ -946,13 +980,15 @@ pub fn get_mime_headers(context: &Context, msg_id: MsgId) -> Option<String> {
 }

 pub fn delete_msgs(context: &Context, msg_ids: &[MsgId]) {
-    for msg_id in msg_ids.iter() {
+    for msg_id in msg_ids {
        if let Ok(msg) = Message::load_from_db(context, *msg_id) {
            if msg.location_id > 0 {
                delete_poi_location(context, msg.location_id);
            }
        }
-        update_msg_chat_id(context, *msg_id, ChatId::new(DC_CHAT_ID_TRASH));
+        if let Err(err) = msg_id.trash(context) {
+            error!(context, "Unable to trash message {}: {}", msg_id, err);
+        }
        job_add(
            context,
            Action::DeleteMsgOnImap,
@@ -972,16 +1008,6 @@ pub fn delete_msgs(context: &Context, msg_ids: &[MsgId]) {
    };
 }

-fn update_msg_chat_id(context: &Context, msg_id: MsgId, chat_id: ChatId) -> bool {
-    sql::execute(
-        context,
-        &context.sql,
-        "UPDATE msgs SET chat_id=? WHERE id=?;",
-        params![chat_id, msg_id],
-    )
-    .is_ok()
-}
-
 fn delete_poi_location(context: &Context, location_id: u32) -> bool {
    sql::execute(
        context,
@@ -1141,18 +1167,20 @@ pub fn get_summarytext_by_raw(
        return prefix;
    }

-    if let Some(text) = text {
+    let summary = if let Some(text) = text {
        if text.as_ref().is_empty() {
            prefix
        } else if prefix.is_empty() {
-            dc_truncate(text.as_ref(), approx_characters, true).to_string()
+            dc_truncate(text.as_ref(), approx_characters).to_string()
        } else {
            let tmp = format!("{} – {}", prefix, text.as_ref());
-            dc_truncate(&tmp, approx_characters, true).to_string()
+            dc_truncate(&tmp, approx_characters).to_string()
        }
    } else {
        prefix
-    }
+    };
+
+    UNWRAP_RE.replace_all(&summary, " ").to_string()
 }

 // as we do not cut inside words, this results in about 32-42 characters.
@@ -1340,10 +1368,55 @@ pub fn get_deaddrop_msg_cnt(context: &Context) -> usize {
    }
 }

+pub fn estimate_deletion_cnt(
+    context: &Context,
+    from_server: bool,
+    seconds: i64,
+) -> Result<usize, Error> {
+    let self_chat_id = chat::lookup_by_contact_id(context, DC_CONTACT_ID_SELF)
+        .unwrap_or_default()
+        .0;
+    let threshold_timestamp = time() - seconds;
+
+    let cnt: isize = if from_server {
+        context.sql.query_row(
+            "SELECT COUNT(*)
+             FROM msgs m
+             WHERE m.id > ?
+               AND timestamp < ?
+               AND chat_id != ?
+               AND server_uid != 0;",
+            params![DC_MSG_ID_LAST_SPECIAL, threshold_timestamp, self_chat_id],
+            |row| row.get(0),
+        )?
+    } else {
+        context.sql.query_row(
+            "SELECT COUNT(*)
+             FROM msgs m
+             WHERE m.id > ?
+               AND timestamp < ?
+               AND chat_id != ?
+               AND chat_id != ? AND hidden = 0;",
+            params![
+                DC_MSG_ID_LAST_SPECIAL,
+                threshold_timestamp,
+                self_chat_id,
+                ChatId::new(DC_CHAT_ID_TRASH)
+            ],
+            |row| row.get(0),
+        )?
+    };
+    Ok(cnt as usize)
+}
+
+/// Counts number of database records pointing to specified
+/// Message-ID.
+///
+/// Unlinked messages are excluded.
 pub fn rfc724_mid_cnt(context: &Context, rfc724_mid: &str) -> i32 {
    // check the number of messages with the same rfc724_mid
    match context.sql.query_row(
-        "SELECT COUNT(*) FROM msgs WHERE rfc724_mid=?;",
+        "SELECT COUNT(*) FROM msgs WHERE rfc724_mid=? AND NOT server_uid = 0",
        &[rfc724_mid],
        |row| row.get(0),
    ) {
@@ -1384,7 +1457,8 @@ pub fn update_server_uid(
    server_uid: u32,
 ) {
    match context.sql.execute(
-        "UPDATE msgs SET server_folder=?, server_uid=? WHERE rfc724_mid=?;",
+        "UPDATE msgs SET server_folder=?, server_uid=? \
+         WHERE rfc724_mid=?",
        params![server_folder.as_ref(), server_uid, rfc724_mid],
    ) {
        Ok(_) => {}
--- a/src/mimefactory.rs
+++ b/src/mimefactory.rs
@@ -9,7 +9,7 @@ use crate::contact::*;
 use crate::context::{get_version_str, Context};
 use crate::dc_tools::*;
 use crate::e2ee::*;
-use crate::error::Error;
+use crate::error::{bail, ensure, format_err, Error};
 use crate::location;
 use crate::message::{self, Message};
 use crate::mimeparser::SystemMessage;
@@ -106,21 +106,6 @@ impl<'a, 'b> MimeFactory<'a, 'b> {

            let command = msg.param.get_cmd();

-            /* for added members, the list is just fine */
-            if command == SystemMessage::MemberRemovedFromGroup {
-                let email_to_remove = msg.param.get(Param::Arg).unwrap_or_default();
-
-                let self_addr = context
-                    .get_config(Config::ConfiguredAddr)
-                    .unwrap_or_default();
-
-                if !email_to_remove.is_empty()
-                    && !addr_cmp(email_to_remove, self_addr)
-                    && !recipients_contain_addr(&recipients, &email_to_remove)
-                {
-                    recipients.push(("".to_string(), email_to_remove.to_string()));
-                }
-            }
            if command != SystemMessage::AutocryptSetupMessage
                && command != SystemMessage::SecurejoinMessage
                && context.get_config_bool(Config::MdnsEnabled)
@@ -368,7 +353,7 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            self.from_addr.clone(),
        );

-        let mut to = Vec::with_capacity(self.recipients.len());
+        let mut to = Vec::new();
        for (name, addr) in self.recipients.iter() {
            if name.is_empty() {
                to.push(Address::new_mailbox(addr.clone()));
@@ -380,6 +365,10 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            }
        }

+        if to.is_empty() {
+            to.push(from.clone());
+        }
+
        if !self.references.is_empty() {
            unprotected_headers.push(Header::new("References".into(), self.references.clone()));
        }
@@ -1106,7 +1095,7 @@ fn is_file_size_okay(context: &Context, msg: &Message) -> bool {
 fn render_rfc724_mid(rfc724_mid: &str) -> String {
    let rfc724_mid = rfc724_mid.trim().to_string();

-    if rfc724_mid.chars().nth(0).unwrap_or_default() == '<' {
+    if rfc724_mid.chars().next().unwrap_or_default() == '<' {
        rfc724_mid
    } else {
        format!("<{}>", rfc724_mid)
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -1,23 +1,21 @@
 use std::collections::{HashMap, HashSet};

+use anyhow::Context as _;
 use deltachat_derive::{FromSql, ToSql};
 use lettre_email::mime::{self, Mime};
 use mailparse::{DispositionType, MailAddr, MailHeaderMap};

 use crate::aheader::Aheader;
-use crate::bail;
 use crate::blob::BlobObject;
-use crate::config::Config;
 use crate::constants::Viewtype;
 use crate::contact::*;
 use crate::context::Context;
 use crate::dc_tools::*;
 use crate::dehtml::dehtml;
 use crate::e2ee;
-use crate::error::Result;
+use crate::error::{bail, Result};
 use crate::events::Event;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
-use crate::job::{job_add, Action};
 use crate::location;
 use crate::message;
 use crate::param::*;
@@ -85,7 +83,7 @@ impl MimeMessage {

        let message_time = mail
            .headers
-            .get_header_value(HeaderDef::Date)?
+            .get_header_value(HeaderDef::Date)
            .and_then(|v| mailparse::dateparse(&v).ok())
            .unwrap_or_default();

@@ -94,6 +92,9 @@ impl MimeMessage {
        // init known headers with what mailparse provided us
        MimeMessage::merge_headers(&mut headers, &mail.headers);

+        // remove headers that are allowed _only_ in the encrypted part
+        headers.remove("secure-join-fingerprint");
+
        // Memory location for a possible decrypted message.
        let mail_raw;
        let mut gossipped_addr = Default::default();
@@ -111,8 +112,7 @@ impl MimeMessage {

                    // Handle any gossip headers if the mail was encrypted.  See section
                    // "3.6 Key Gossip" of https://autocrypt.org/autocrypt-spec-1.1.0.pdf
-                    let gossip_headers =
-                        decrypted_mail.headers.get_all_values("Autocrypt-Gossip")?;
+                    let gossip_headers = decrypted_mail.headers.get_all_values("Autocrypt-Gossip");
                    gossipped_addr =
                        update_gossip_peerstates(context, message_time, &mail, gossip_headers)?;

@@ -203,10 +203,8 @@ impl MimeMessage {
    /// Delta Chat sends attachments, such as images, in two-part messages, with the first message
    /// containing an explanation. If such a message is detected, first part can be safely dropped.
    fn squash_attachment_parts(&mut self) {
-        if self.has_chat_version() && self.parts.len() == 2 {
+        if let [textpart, filepart] = &self.parts[..] {
            let need_drop = {
-                let textpart = &self.parts[0];
-                let filepart = &self.parts[1];
                textpart.typ == Viewtype::Text
                    && (filepart.typ == Viewtype::Image
                        || filepart.typ == Viewtype::Gif
@@ -284,18 +282,16 @@ impl MimeMessage {
                    prepend_subject = false
                }
            }
+            // For mailing lists, always add the subject because sometimes there are different topics
+            // and otherwise it might be hard to keep track:
+            if self.get(HeaderDef::ListId).is_some() {
+                prepend_subject = true;
+            }
            if prepend_subject {
-                let subj = if let Some(n) = subject.find('[') {
-                    &subject[0..n]
-                } else {
-                    subject
-                }
-                .trim();
-
-                if !subj.is_empty() {
+                if !subject.is_empty() {
                    for part in self.parts.iter_mut() {
                        if part.typ == Viewtype::Text {
-                            part.msg = format!("{} – {}", subj, part.msg);
+                            part.msg = format!("{} – {}", subject, part.msg);
                            break;
                        }
                    }
@@ -474,7 +470,9 @@ impl MimeMessage {
            apple mail: "plaintext" as an alternative to "html+PDF attachment") */
            (mime::MULTIPART, "alternative") => {
                for cur_data in &mail.subparts {
-                    if get_mime_type(cur_data)?.0 == "multipart/mixed" {
+                    if get_mime_type(cur_data)?.0 == "multipart/mixed"
+                        || get_mime_type(cur_data)?.0 == "multipart/related"
+                    {
                        any_part_added = self.parse_mime_recursive(context, cur_data)?;
                        break;
                    }
@@ -498,15 +496,6 @@ impl MimeMessage {
                    }
                }
            }
-            (mime::MULTIPART, "related") => {
-                /* add the "root part" - the other parts may be referenced which is
-                not interesting for us (eg. embedded images) we assume he "root part"
-                being the first one, which may not be always true ...
-                however, most times it seems okay. */
-                if let Some(first) = mail.subparts.iter().next() {
-                    any_part_added = self.parse_mime_recursive(context, first)?;
-                }
-            }
            (mime::MULTIPART, "encrypted") => {
                // we currently do not try to decrypt non-autocrypt messages
                // at all. If we see an encrypted part, we set
@@ -545,6 +534,16 @@ impl MimeMessage {
                            if let Some(report) = self.process_report(context, mail)? {
                                self.reports.push(report);
                            }
+
+                            // Add MDN part so we can track it, avoid
+                            // downloading the message again and
+                            // delete if automatic message deletion is
+                            // enabled.
+                            let mut part = Part::default();
+                            part.typ = Viewtype::Unknown;
+                            self.parts.push(part);
+
+                            any_part_added = true;
                        } else {
                            /* eg. `report-type=delivery-status`;
                            maybe we should show them as a little error icon */
@@ -746,16 +745,13 @@ impl MimeMessage {

    fn merge_headers(headers: &mut HashMap<String, String>, fields: &[mailparse::MailHeader<'_>]) {
        for field in fields {
-            if let Ok(key) = field.get_key() {
-                // lowercasing all headers is technically not correct, but makes things work better
-                let key = key.to_lowercase();
-                if !headers.contains_key(&key) || // key already exists, only overwrite known types (protected headers)
+            // lowercasing all headers is technically not correct, but makes things work better
+            let key = field.get_key().to_lowercase();
+            if !headers.contains_key(&key) || // key already exists, only overwrite known types (protected headers)
                    is_known(&key) || key.starts_with("chat-")
-                {
-                    if let Ok(value) = field.get_value() {
-                        headers.insert(key, value);
-                    }
-                }
+            {
+                let value = field.get_value();
+                headers.insert(key.to_string(), value);
            }
        }
    }
@@ -770,21 +766,13 @@ impl MimeMessage {
        let (report_fields, _) = mailparse::parse_headers(&report_body)?;

        // must be present
-        if let Some(_disposition) = report_fields
-            .get_header_value(HeaderDef::Disposition)
-            .ok()
-            .flatten()
-        {
+        if let Some(_disposition) = report_fields.get_header_value(HeaderDef::Disposition) {
            if let Some(original_message_id) = report_fields
                .get_header_value(HeaderDef::OriginalMessageId)
-                .ok()
-                .flatten()
                .and_then(|v| parse_message_id(&v).ok())
            {
                let additional_message_ids = report_fields
                    .get_header_value(HeaderDef::AdditionalMessageIds)
-                    .ok()
-                    .flatten()
                    .map_or_else(Vec::new, |v| {
                        v.split(' ')
                            .filter_map(|s| parse_message_id(s).ok())
@@ -800,26 +788,18 @@ impl MimeMessage {
        warn!(
            context,
            "ignoring unknown disposition-notification, Message-Id: {:?}",
-            report_fields.get_header_value(HeaderDef::MessageId).ok()
+            report_fields.get_header_value(HeaderDef::MessageId)
        );

        Ok(None)
    }

    /// Handle reports (only MDNs for now)
-    pub fn handle_reports(
-        &self,
-        context: &Context,
-        from_id: u32,
-        sent_timestamp: i64,
-        server_folder: impl AsRef<str>,
-        server_uid: u32,
-    ) {
+    pub fn handle_reports(&self, context: &Context, from_id: u32, sent_timestamp: i64) {
        if self.reports.is_empty() {
            return;
        }

-        let mut mdn_recognized = false;
        for report in &self.reports {
            for original_message_id in
                std::iter::once(&report.original_message_id).chain(&report.additional_message_ids)
@@ -828,20 +808,9 @@ impl MimeMessage {
                    message::mdn_from_ext(context, from_id, original_message_id, sent_timestamp)
                {
                    context.call_cb(Event::MsgRead { chat_id, msg_id });
-                    mdn_recognized = true;
                }
            }
        }
-
-        if self.has_chat_version() || mdn_recognized {
-            let mut param = Params::new();
-            param.set(Param::ServerFolder, server_folder.as_ref());
-            param.set_int(Param::ServerUid, server_uid as i32);
-            if self.has_chat_version() && context.get_config_bool(Config::MvboxMove) {
-                param.set_int(Param::AlsoMove, 1);
-            }
-            job_add(context, Action::MarkseenMdnOnImap, 0, param, 0);
-        }
    }
 }

@@ -860,14 +829,9 @@ fn update_gossip_peerstates(

        if let Ok(ref header) = gossip_header {
            if recipients.is_none() {
-                recipients = Some(get_recipients(mail.headers.iter().filter_map(|v| {
-                    let key = v.get_key();
-                    let value = v.get_value();
-                    if key.is_err() || value.is_err() {
-                        return None;
-                    }
-                    Some((v.get_key().unwrap(), v.get_value().unwrap()))
-                })));
+                recipients = Some(get_recipients(
+                    mail.headers.iter().map(|v| (v.get_key(), v.get_value())),
+                ));
            }

            if recipients
@@ -912,16 +876,10 @@ pub(crate) struct Report {
 }

 pub(crate) fn parse_message_id(value: &str) -> crate::error::Result<String> {
-    let ids = mailparse::msgidparse(value)
-        .map_err(|err| format_err!("failed to parse message id {:?}", err))?;
+    let ids = mailparse::msgidparse(value).context("failed to parse message id")?;

-    if ids.len() == 1 {
-        let id = &ids[0];
-        if id.starts_with('<') && id.ends_with('>') {
-            Ok(id.chars().skip(1).take(id.len() - 2).collect())
-        } else {
-            bail!("message-ID {} is not enclosed in < and >", value);
-        }
+    if let Some(id) = ids.first() {
+        Ok(id.to_string())
    } else {
        bail!("could not parse message_id: {}", value);
    }
@@ -987,15 +945,12 @@ fn get_mime_type(mail: &mailparse::ParsedMail<'_>) -> Result<(Mime, Viewtype)> {
 }

 fn is_attachment_disposition(mail: &mailparse::ParsedMail<'_>) -> bool {
-    if let Ok(ct) = mail.get_content_disposition() {
-        return ct.disposition == DispositionType::Attachment
-            && ct
-                .params
-                .iter()
-                .any(|(key, _value)| key.starts_with("filename"));
-    }
-
-    false
+    let ct = mail.get_content_disposition();
+    ct.disposition == DispositionType::Attachment
+        && ct
+            .params
+            .iter()
+            .any(|(key, _value)| key.starts_with("filename"))
 }

 /// Tries to get attachment filename.
@@ -1010,7 +965,7 @@ fn get_attachment_filename(mail: &mailparse::ParsedMail) -> Result<Option<String
    // or `Content-Disposition: ... filename*0*=... filename*1*=... filename*2*=...`
    // or `Content-Disposition: ... filename=...`

-    let ct = mail.get_content_disposition()?;
+    let ct = mail.get_content_disposition();

    let desired_filename: Option<String> = ct
        .params
@@ -1211,14 +1166,16 @@ mod tests {
                    Content-Type: multipart/mixed; boundary=\"==break==\";\n\
                    Subject: outer-subject\n\
                    Secure-Join-Group: no\n\
-                    Test-Header: Bar\nChat-Version: 0.0\n\
+                    Secure-Join-Fingerprint: 123456\n\
+                    Test-Header: Bar\n\
+                    chat-VERSION: 0.0\n\
                    \n\
                    --==break==\n\
                    Content-Type: text/plain; protected-headers=\"v1\";\n\
                    Subject: inner-subject\n\
                    SecureBar-Join-Group: yes\n\
                    Test-Header: Xy\n\
-                    Chat-Version: 1.0\n\
+                    chat-VERSION: 1.0\n\
                    \n\
                    test1\n\
                    \n\
@@ -1237,12 +1194,17 @@ mod tests {

        // the following fields would bubble up
        // if the test would really use encryption for the protected part
-        // however, as this is not the case, the outer things stay valid
+        // however, as this is not the case, the outer things stay valid.
+        // for Chat-Version, also the case-insensivity is tested.
        assert_eq!(mimeparser.get_subject(), Some("outer-subject".into()));

        let of = mimeparser.get(HeaderDef::ChatVersion).unwrap();
        assert_eq!(of, "0.0");
        assert_eq!(mimeparser.parts.len(), 1);
+
+        // make sure, headers that are only allowed in the encrypted part
+        // cannot be set from the outer part
+        assert!(mimeparser.get(HeaderDef::SecureJoinFingerprint).is_none());
    }

    #[test]
@@ -1369,7 +1331,7 @@ Disposition: manual-action/MDN-sent-automatically; displayed\n\
            Some("Chat: Message opened".to_string())
        );

-        assert_eq!(message.parts.len(), 0);
+        assert_eq!(message.parts.len(), 1);
        assert_eq!(message.reports.len(), 1);
    }

@@ -1447,7 +1409,7 @@ Disposition: manual-action/MDN-sent-automatically; displayed\n\
            Some("Chat: Message opened".to_string())
        );

-        assert_eq!(message.parts.len(), 0);
+        assert_eq!(message.parts.len(), 2);
        assert_eq!(message.reports.len(), 2);
    }

@@ -1492,7 +1454,7 @@ Additional-Message-IDs: <foo@example.com> <foo@example.net>\n\
            Some("Chat: Message opened".to_string())
        );

-        assert_eq!(message.parts.len(), 0);
+        assert_eq!(message.parts.len(), 1);
        assert_eq!(message.reports.len(), 1);
        assert_eq!(message.reports[0].original_message_id, "foo@example.org");
        assert_eq!(
@@ -1534,6 +1496,122 @@ MDYyMDYxNTE1RTlDOEE4Cj4+CnN0YXJ0eHJlZgo4Mjc4CiUlRU9GCg==
            Some("Mail with inline attachment".to_string())
        );

-        assert_eq!(message.parts.len(), 2);
+        assert_eq!(message.parts.len(), 1);
+        assert_eq!(message.parts[0].typ, Viewtype::File);
+        assert_eq!(message.parts[0].msg, "Hello!");
+    }
+
+    #[test]
+    fn parse_inline_image() {
+        let context = dummy_context();
+        let raw = br#"Message-ID: <foobar@example.org>
+From: foo <foo@example.org>
+Subject: example
+To: bar@example.org
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="--11019878869865180"
+
+----11019878869865180
+Content-Type: text/plain; charset=utf-8
+
+Test
+
+----11019878869865180
+Content-Type: image/jpeg;
+ name="JPEG_filename.jpg"
+Content-Transfer-Encoding: base64
+Content-Disposition: inline;
+ filename="JPEG_filename.jpg"
+
+ISVb1L3m7z15Wy5w97a2cJg6W8P8YKOYfWn3PJ/UCSFcvCPtvBhcXieiN3M3ljguzG4XK7BnGgxG
+acAQdY8e0cWz1n+zKPNeNn4Iu3GXAXz4/IPksHk54inl1//0Lv8ggZjljfjnf0q1SPftYI7lpZWT
+/4aTCkimRrAIcwrQJPnZJRb7BPSC6kfn1QJHMv77mRMz2+4WbdfpyPQQ0CWLJsgVXtBsSMf2Awal
+n+zZzhGpXyCbWTEw1ccqZcK5KaiKNqWv51N4yVXw9dzJoCvxbYtCFGZZJdx7c+ObDotaF1/9KY4C
+xJjgK9/NgTXCZP1jYm0XIBnJsFSNg0pnMRETttTuGbOVi1/s/F1RGv5RNZsCUt21d9FhkWQQXsd2
+rOzDgTdag6BQCN3hSU9eKW/GhNBuMibRN9eS7Sm1y2qFU1HgGJBQfPPRPLKxXaNi++Zt0tnon2IU
+8pg5rP/IvStXYQNUQ9SiFdfAUkLU5b1j8ltnka8xl+oXsleSG44GPz6kM0RmwUrGkl4z/+NfHSsI
+K+TuvC7qOah0WLFhcsXWn2+dDV1bXuAeC769TkqkpHhdXfUHnVgK3Pv7u3rVPT5AMeFUGxRB2dP4
+CWt6wx7fiLp0qS9RrX75g6Gqw7nfCs6EcBERcIPt7DTe8VStJwf3LWqVwxl4gQl46yhfoqwEO+I=
+
+
+----11019878869865180--
+"#;
+
+        let message = MimeMessage::from_bytes(&context.ctx, &raw[..]).unwrap();
+        assert_eq!(message.get_subject(), Some("example".to_string()));
+
+        assert_eq!(message.parts.len(), 1);
+        assert_eq!(message.parts[0].typ, Viewtype::Image);
+        assert_eq!(message.parts[0].msg, "Test");
+    }
+
+    #[test]
+    fn parse_thunderbird_html_embedded_image() {
+        let context = dummy_context();
+        let raw = br#"To: Alice <alice@example.org>
+From: Bob <bob@example.org>
+Subject: Test subject
+Message-ID: <foobarbaz@example.org>
+User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
+ Thunderbird/68.7.0
+MIME-Version: 1.0
+Content-Type: multipart/alternative;
+ boundary="------------779C1631600DF3DB8C02E53A"
+Content-Language: en-US
+
+This is a multi-part message in MIME format.
+--------------779C1631600DF3DB8C02E53A
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 7bit
+
+Test
+
+
+--------------779C1631600DF3DB8C02E53A
+Content-Type: multipart/related;
+ boundary="------------10CC6C2609EB38DA782C5CA9"
+
+
+--------------10CC6C2609EB38DA782C5CA9
+Content-Type: text/html; charset=utf-8
+Content-Transfer-Encoding: 7bit
+
+<html>
+<head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+</head>
+<body>
+Test<br>
+<p><img moz-do-not-send="false" src="cid:part1.9DFA679B.52A88D69@example.org" alt=""></p>
+</body>
+</html>
+
+--------------10CC6C2609EB38DA782C5CA9
+Content-Type: image/png;
+ name="1.png"
+Content-Transfer-Encoding: base64
+Content-ID: <part1.9DFA679B.52A88D69@example.org>
+Content-Disposition: inline;
+ filename="1.png"
+
+ISVb1L3m7z15Wy5w97a2cJg6W8P8YKOYfWn3PJ/UCSFcvCPtvBhcXieiN3M3ljguzG4XK7BnGgxG
+acAQdY8e0cWz1n+zKPNeNn4Iu3GXAXz4/IPksHk54inl1//0Lv8ggZjljfjnf0q1SPftYI7lpZWT
+/4aTCkimRrAIcwrQJPnZJRb7BPSC6kfn1QJHMv77mRMz2+4WbdfpyPQQ0CWLJsgVXtBsSMf2Awal
+n+zZzhGpXyCbWTEw1ccqZcK5KaiKNqWv51N4yVXw9dzJoCvxbYtCFGZZJdx7c+ObDotaF1/9KY4C
+xJjgK9/NgTXCZP1jYm0XIBnJsFSNg0pnMRETttTuGbOVi1/s/F1RGv5RNZsCUt21d9FhkWQQXsd2
+rOzDgTdag6BQCN3hSU9eKW/GhNBuMibRN9eS7Sm1y2qFU1HgGJBQfPPRPLKxXaNi++Zt0tnon2IU
+8pg5rP/IvStXYQNUQ9SiFdfAUkLU5b1j8ltnka8xl+oXsleSG44GPz6kM0RmwUrGkl4z/+NfHSsI
+K+TuvC7qOah0WLFhcsXWn2+dDV1bXuAeC769TkqkpHhdXfUHnVgK3Pv7u3rVPT5AMeFUGxRB2dP4
+CWt6wx7fiLp0qS9RrX75g6Gqw7nfCs6EcBERcIPt7DTe8VStJwf3LWqVwxl4gQl46yhfoqwEO+I=
+--------------10CC6C2609EB38DA782C5CA9--
+
+--------------779C1631600DF3DB8C02E53A--"#;
+
+        let message = MimeMessage::from_bytes(&context.ctx, &raw[..]).unwrap();
+        assert_eq!(message.get_subject(), Some("Test subject".to_string()));
+
+        assert_eq!(message.parts.len(), 1);
+        assert_eq!(message.parts[0].typ, Viewtype::Image);
+        assert_eq!(message.parts[0].msg, "Test");
    }
 }
--- a/src/param.rs
+++ b/src/param.rs
@@ -8,7 +8,7 @@ use serde::{Deserialize, Serialize};

 use crate::blob::{BlobError, BlobObject};
 use crate::context::Context;
-use crate::error;
+use crate::error::{self, bail, ensure};
 use crate::message::MsgId;
 use crate::mimeparser::SystemMessage;

@@ -88,12 +88,6 @@ pub enum Param {
    /// For Jobs
    SetLongitude = b'n',

-    /// For Jobs
-    ServerFolder = b'Z',
-
-    /// For Jobs
-    ServerUid = b'z',
-
    /// For Jobs
    AlsoMove = b'M',

@@ -123,6 +117,8 @@ pub enum Param {

    /// For MDN-sending job
    MsgId = b'I',
+
+    MailingList = b't',
 }

 /// Possible values for `Param::ForcePlaintext`.
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -18,7 +18,7 @@ use rand::{thread_rng, CryptoRng, Rng};

 use crate::constants::KeyGenType;
 use crate::dc_tools::EmailAddress;
-use crate::error::Result;
+use crate::error::{bail, ensure, format_err, Result};
 use crate::key::*;
 use crate::keyring::*;

@@ -117,21 +117,19 @@ pub fn split_armored_data(buf: &[u8]) -> Result<(BlockType, BTreeMap<String, Str
 ///
 /// Most of these are likely coding errors rather than user errors
 /// since all variability is hardcoded.
-#[derive(Fail, Debug)]
-#[fail(display = "PgpKeygenError: {}", message)]
+#[derive(Debug, thiserror::Error)]
+#[error("PgpKeygenError: {message}")]
 pub(crate) struct PgpKeygenError {
    message: String,
-    #[cause]
-    cause: failure::Error,
-    backtrace: failure::Backtrace,
+    #[source]
+    cause: anyhow::Error,
 }

 impl PgpKeygenError {
-    fn new(message: impl Into<String>, cause: impl Into<failure::Error>) -> Self {
+    fn new(message: impl Into<String>, cause: impl Into<anyhow::Error>) -> Self {
        Self {
            message: message.into(),
            cause: cause.into(),
-            backtrace: failure::Backtrace::new(),
        }
    }
 }
@@ -153,8 +151,8 @@ pub(crate) fn create_keypair(
    keygen_type: KeyGenType,
 ) -> std::result::Result<KeyPair, PgpKeygenError> {
    let (secret_key_type, public_key_type) = match keygen_type {
-        KeyGenType::Rsa2048 | KeyGenType::Default => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
-        KeyGenType::Ed25519 => (PgpKeyType::EdDSA, PgpKeyType::ECDH),
+        KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
+        KeyGenType::Ed25519 | KeyGenType::Default => (PgpKeyType::EdDSA, PgpKeyType::ECDH),
    };

    let user_id = format!("<{}>", addr);
@@ -189,7 +187,7 @@ pub(crate) fn create_keypair(
                .unwrap(),
        )
        .build()
-        .map_err(|err| PgpKeygenError::new("invalid key params", failure::err_msg(err)))?;
+        .map_err(|err| PgpKeygenError::new("invalid key params", format_err!(err)))?;
    let key = key_params
        .generate()
        .map_err(|err| PgpKeygenError::new("invalid params", err))?;
@@ -394,7 +392,6 @@ mod tests {
    }

    #[test]
-    #[ignore] // is too expensive
    fn test_create_keypair() {
        let keypair0 = create_keypair(
            EmailAddress::new("foo@bar.de").unwrap(),
--- a/src/qr.rs
+++ b/src/qr.rs
@@ -2,20 +2,20 @@

 use lazy_static::lazy_static;
 use percent_encoding::percent_decode_str;
+use reqwest::Url;
+use serde::Deserialize;

 use crate::chat;
 use crate::config::*;
 use crate::constants::Blocked;
 use crate::contact::*;
 use crate::context::Context;
-use crate::error::Error;
+use crate::error::{bail, ensure, format_err, Error};
 use crate::key::dc_format_fingerprint;
 use crate::key::dc_normalize_fingerprint;
 use crate::lot::{Lot, LotState};
 use crate::param::*;
 use crate::peerstate::*;
-use reqwest::Url;
-use serde::Deserialize;

 const OPENPGP4FPR_SCHEME: &str = "OPENPGP4FPR:"; // yes: uppercase
 const DCACCOUNT_SCHEME: &str = "DCACCOUNT:";
@@ -221,27 +221,20 @@ pub fn set_config_from_qr(context: &Context, qr: &str) -> Result<(), Error> {

    let response = reqwest::blocking::Client::new().post(url_str).send();
    if response.is_err() {
-        return Err(format_err!(
-            "Cannot create account, request to {} failed",
-            url_str
-        ));
+        bail!("Cannot create account, request to {} failed", url_str);
    }
    let response = response.unwrap();
    if !response.status().is_success() {
-        return Err(format_err!(
-            "Request to {} unsuccessful: {:?}",
-            url_str,
-            response
-        ));
+        bail!("Request to {} unsuccessful: {:?}", url_str, response);
    }

    let parsed: reqwest::Result<CreateAccountResponse> = response.json();
    if parsed.is_err() {
-        return Err(format_err!(
+        bail!(
            "Failed to parse JSON response from {}: error: {:?}",
            url_str,
            parsed
-        ));
+        );
    }
    println!("response: {:?}", &parsed);
    let parsed = parsed.unwrap();
@@ -289,7 +282,6 @@ fn decode_smtp(context: &Context, qr: &str) -> Lot {
        Ok(addr) => addr,
        Err(err) => return err.into(),
    };
-
    let name = "".to_string();
    Lot::from_address(context, name, addr)
 }
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -9,7 +9,7 @@ use crate::constants::*;
 use crate::contact::*;
 use crate::context::Context;
 use crate::e2ee::*;
-use crate::error::Error;
+use crate::error::{bail, Error};
 use crate::events::Event;
 use crate::headerdef::HeaderDef;
 use crate::key::{dc_normalize_fingerprint, Key};
@@ -343,24 +343,21 @@ fn fingerprint_equals_sender(
    }
    false
 }
-#[derive(Fail, Debug)]
+#[derive(Debug, thiserror::Error)]
 pub(crate) enum HandshakeError {
-    #[fail(display = "Can not be called with special contact ID")]
+    #[error("Can not be called with special contact ID")]
    SpecialContactId,
-    #[fail(display = "Not a Secure-Join message")]
+    #[error("Not a Secure-Join message")]
    NotSecureJoinMsg,
-    #[fail(
-        display = "Failed to look up or create chat for contact #{}",
-        contact_id
-    )]
+    #[error("Failed to look up or create chat for contact #{contact_id}")]
    NoChat {
        contact_id: u32,
-        #[cause]
+        #[source]
        cause: Error,
    },
-    #[fail(display = "Chat for group {} not found", group)]
+    #[error("Chat for group {group} not found")]
    ChatNotFound { group: String },
-    #[fail(display = "No configured self address found")]
+    #[error("No configured self address found")]
    NoSelfAddr,
 }

@@ -393,8 +390,6 @@ pub(crate) fn handle_securejoin_handshake(
    mime_message: &MimeMessage,
    contact_id: u32,
 ) -> Result<HandshakeMessage, HandshakeError> {
-    let own_fingerprint: String;
-
    if contact_id <= DC_CONTACT_ID_LAST_SPECIAL {
        return Err(HandshakeError::SpecialContactId);
    }
@@ -510,7 +505,7 @@ pub(crate) fn handle_securejoin_handshake(
                return Ok(HandshakeMessage::Ignore);
            }
            info!(context, "Fingerprint verified.",);
-            own_fingerprint = get_self_fingerprint(context).unwrap();
+            let own_fingerprint = get_self_fingerprint(context).unwrap();
            joiner_progress!(context, contact_id, 400);
            context.bob.write().unwrap().expects = DC_VC_CONTACT_CONFIRM;

@@ -622,10 +617,17 @@ pub(crate) fn handle_securejoin_handshake(
                }
            } else {
                // Alice -> Bob
-                send_handshake_msg(context, contact_chat_id, "vc-contact-confirm", "", None, "");
+                send_handshake_msg(
+                    context,
+                    contact_chat_id,
+                    "vc-contact-confirm",
+                    "",
+                    Some(fingerprint.clone()),
+                    "",
+                );
                inviter_progress!(context, contact_id, 1000);
            }
-            Ok(HandshakeMessage::Done)
+            Ok(HandshakeMessage::Ignore) // "Done" would delete the message and break multi-device (the key from Autocrypt-header is needed)
        }
        "vg-member-added" | "vc-contact-confirm" => {
            /*=======================================================
@@ -710,26 +712,30 @@ pub(crate) fn handle_securejoin_handshake(
            }
            secure_connection_established(context, contact_chat_id);
            context.bob.write().unwrap().expects = 0;
-            if join_vg {
-                // Bob -> Alice
-                send_handshake_msg(
-                    context,
-                    contact_chat_id,
-                    "vg-member-added-received",
-                    "",
-                    None,
-                    "",
-                );
-            }
+
+            // Bob -> Alice
+            send_handshake_msg(
+                context,
+                contact_chat_id,
+                if join_vg {
+                    "vg-member-added-received"
+                } else {
+                    "vc-contact-confirm-received" // only for observe_securejoin_on_other_device()
+                },
+                "",
+                Some(scanned_fingerprint_of_alice),
+                "",
+            );
+
            context.bob.write().unwrap().status = 1;
            context.stop_ongoing();
            Ok(if join_vg {
                HandshakeMessage::Propagate
            } else {
-                HandshakeMessage::Done
+                HandshakeMessage::Ignore // "Done" deletes the message and breaks multi-device
            })
        }
-        "vg-member-added-received" => {
+        "vg-member-added-received" | "vc-contact-confirm-received" => {
            /*==========================================================
            ====              Alice - the inviter side              ====
            ====  Step 8 in "Out-of-band verified groups" protocol  ====
@@ -737,29 +743,31 @@ pub(crate) fn handle_securejoin_handshake(

            if let Ok(contact) = Contact::get_by_id(context, contact_id) {
                if contact.is_verified(context) == VerifiedStatus::Unverified {
-                    warn!(context, "vg-member-added-received invalid.",);
+                    warn!(context, "{} invalid.", step);
                    return Ok(HandshakeMessage::Ignore);
                }
-                inviter_progress!(context, contact_id, 800);
-                inviter_progress!(context, contact_id, 1000);
-                let field_grpid = mime_message
-                    .get(HeaderDef::SecureJoinGroup)
-                    .map(|s| s.as_str())
-                    .unwrap_or_else(|| "");
-                let (group_chat_id, _, _) = chat::get_chat_id_by_grpid(context, &field_grpid)
-                    .map_err(|err| {
+                if join_vg {
+                    inviter_progress!(context, contact_id, 800);
+                    inviter_progress!(context, contact_id, 1000);
+                    let field_grpid = mime_message
+                        .get(HeaderDef::SecureJoinGroup)
+                        .map(|s| s.as_str())
+                        .unwrap_or_else(|| "");
+                    let (group_chat_id, _, _) = chat::get_chat_id_by_grpid(context, &field_grpid)
+                        .map_err(|err| {
                        warn!(context, "Failed to lookup chat_id from grpid: {}", err);
                        HandshakeError::ChatNotFound {
                            group: field_grpid.to_string(),
                        }
                    })?;
-                context.call_cb(Event::SecurejoinMemberAdded {
-                    chat_id: group_chat_id,
-                    contact_id,
-                });
-                Ok(HandshakeMessage::Done)
+                    context.call_cb(Event::MemberAdded {
+                        chat_id: group_chat_id,
+                        contact_id,
+                    });
+                }
+                Ok(HandshakeMessage::Ignore) // "Done" deletes the message and breaks multi-device
            } else {
-                warn!(context, "vg-member-added-received invalid.",);
+                warn!(context, "{} invalid.", step);
                Ok(HandshakeMessage::Ignore)
            }
        }
@@ -770,6 +778,98 @@ pub(crate) fn handle_securejoin_handshake(
    }
 }

+/// observe_securejoin_on_other_device() must be called when a self-sent securejoin message is seen.
+///
+/// in a multi-device-setup, there may be other devices that "see" the handshake messages.
+/// if the seen messages seen are self-sent messages encrypted+signed correctly with our key,
+/// we can make some conclusions of it:
+///
+/// - if we see the self-sent-message vg-member-added/vc-contact-confirm,
+///   we know that we're an inviter-observer.
+///   the inviting device has marked a peer as verified on vg-request-with-auth/vc-request-with-auth
+///   before sending vg-member-added/vc-contact-confirm - so, if we observe vg-member-added/vc-contact-confirm,
+///   we can mark the peer as verified as well.
+///
+/// - if we see the self-sent-message vg-member-added-received
+///   we know that we're an joiner-observer.
+///   the joining device has marked the peer as verified on vg-member-added/vc-contact-confirm
+///   before sending vg-member-added-received - so, if we observe vg-member-added-received,
+///   we can mark the peer as verified as well.
+pub(crate) fn observe_securejoin_on_other_device(
+    context: &Context,
+    mime_message: &MimeMessage,
+    contact_id: u32,
+) -> Result<HandshakeMessage, HandshakeError> {
+    if contact_id <= DC_CONTACT_ID_LAST_SPECIAL {
+        return Err(HandshakeError::SpecialContactId);
+    }
+    let step = mime_message
+        .get(HeaderDef::SecureJoin)
+        .ok_or(HandshakeError::NotSecureJoinMsg)?;
+    info!(context, "observing secure-join message \'{}\'", step);
+
+    let contact_chat_id =
+        match chat::create_or_lookup_by_contact_id(context, contact_id, Blocked::Not) {
+            Ok((chat_id, blocked)) => {
+                if blocked != Blocked::Not {
+                    chat_id.unblock(context);
+                }
+                chat_id
+            }
+            Err(err) => {
+                return Err(HandshakeError::NoChat {
+                    contact_id,
+                    cause: err,
+                });
+            }
+        };
+
+    match step.as_str() {
+        "vg-member-added"
+        | "vc-contact-confirm"
+        | "vg-member-added-received"
+        | "vc-contact-confirm-received" => {
+            if !encrypted_and_signed(
+                context,
+                mime_message,
+                get_self_fingerprint(context).unwrap_or_default(),
+            ) {
+                could_not_establish_secure_connection(
+                    context,
+                    contact_chat_id,
+                    "Message not encrypted correctly.",
+                );
+                return Ok(HandshakeMessage::Ignore);
+            }
+            let fingerprint = match mime_message.get(HeaderDef::SecureJoinFingerprint) {
+                Some(fp) => fp,
+                None => {
+                    could_not_establish_secure_connection(
+                        context,
+                        contact_chat_id,
+                        "Fingerprint not provided, please update Delta Chat on all your devices.",
+                    );
+                    return Ok(HandshakeMessage::Ignore);
+                }
+            };
+            if mark_peer_as_verified(context, fingerprint).is_err() {
+                could_not_establish_secure_connection(
+                    context,
+                    contact_chat_id,
+                    format!("Fingerprint mismatch on observing {}.", step).as_ref(),
+                );
+                return Ok(HandshakeMessage::Ignore);
+            }
+            Ok(if step.as_str() == "vg-member-added" {
+                HandshakeMessage::Propagate
+            } else {
+                HandshakeMessage::Ignore
+            })
+        }
+        _ => Ok(HandshakeMessage::Ignore),
+    }
+}
+
 fn secure_connection_established(context: &Context, contact_chat_id: ChatId) {
    let contact_id: u32 = chat_id_2_contact_id(context, contact_chat_id);
    let contact = Contact::get_by_id(context, contact_id);
--- a/src/simplify.rs
+++ b/src/simplify.rs
@@ -67,14 +67,13 @@ pub fn simplify(mut input: String, is_chat_message: bool) -> (String, bool) {
 /// Returns message body lines and a boolean indicating whether
 /// a message is forwarded or not.
 fn skip_forward_header<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
-    if lines.len() >= 3
-        && lines[0] == "---------- Forwarded message ----------"
-        && lines[1].starts_with("From: ")
-        && lines[2].is_empty()
-    {
-        (&lines[3..], true)
-    } else {
-        (lines, false)
+    match lines {
+        ["---------- Forwarded message ----------", first_line, "", rest @ ..]
+            if first_line.starts_with("From: ") =>
+        {
+            (rest, true)
+        }
+        _ => (lines, false),
    }
 }

--- a/src/smtp/mod.rs
+++ b/src/smtp/mod.rs
@@ -16,35 +16,29 @@ use crate::oauth2::*;
 /// SMTP write and read timeout in seconds.
 const SMTP_TIMEOUT: u64 = 30;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "Bad parameters")]
+    #[error("Bad parameters")]
    BadParameters,

-    #[fail(display = "Invalid login address {}: {}", address, error)]
+    #[error("Invalid login address {address}: {error}")]
    InvalidLoginAddress {
        address: String,
-        #[cause]
+        #[source]
        error: error::Error,
    },

-    #[fail(display = "SMTP failed to connect: {:?}", _0)]
-    ConnectionFailure(#[cause] smtp::error::Error),
+    #[error("SMTP: failed to connect: {0:?}")]
+    ConnectionFailure(#[source] smtp::error::Error),

-    #[fail(display = "SMTP: failed to setup connection {:?}", _0)]
-    ConnectionSetupFailure(#[cause] smtp::error::Error),
+    #[error("SMTP: failed to setup connection {0:?}")]
+    ConnectionSetupFailure(#[source] smtp::error::Error),

-    #[fail(display = "SMTP: oauth2 error {:?}", _0)]
+    #[error("SMTP: oauth2 error {address}")]
    Oauth2Error { address: String },

-    #[fail(display = "TLS error")]
-    Tls(#[cause] async_native_tls::Error),
-}
-
-impl From<async_native_tls::Error> for Error {
-    fn from(err: async_native_tls::Error) -> Error {
-        Error::Tls(err)
-    }
+    #[error("TLS error")]
+    Tls(#[from] async_native_tls::Error),
 }

 pub type Result<T> = std::result::Result<T, Error>;
@@ -175,7 +169,11 @@ impl Smtp {
            .timeout(Some(Duration::from_secs(SMTP_TIMEOUT)));

        let mut trans = client.into_transport();
-        trans.connect().await.map_err(Error::ConnectionFailure)?;
+
+        trans.connect().await.map_err(|err| {
+            emit_event!(context, Event::ErrorNetwork(err.to_string()));
+            Error::ConnectionFailure(err)
+        })?;

        self.transport = Some(trans);
        self.last_success = Some(Instant::now());
--- a/src/smtp/send.rs
+++ b/src/smtp/send.rs
@@ -8,15 +8,15 @@ use crate::events::Event;

 pub type Result<T> = std::result::Result<T, Error>;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "Envelope error: {}", _0)]
-    EnvelopeError(#[cause] async_smtp::error::Error),
+    #[error("Envelope error: {}", _0)]
+    EnvelopeError(#[from] async_smtp::error::Error),

-    #[fail(display = "Send error: {}", _0)]
-    SendError(#[cause] async_smtp::smtp::error::Error),
+    #[error("Send error: {}", _0)]
+    SendError(#[from] async_smtp::smtp::error::Error),

-    #[fail(display = "SMTP has no transport")]
+    #[error("SMTP has no transport")]
    NoTransport,
 }

--- a/src/sql.rs
+++ b/src/sql.rs
@@ -8,56 +8,34 @@ use rusqlite::{Connection, OpenFlags, Statement, NO_PARAMS};
 use thread_local_object::ThreadLocal;

 use crate::chat::{update_device_icon, update_saved_messages_icon};
-use crate::constants::ShowEmails;
+use crate::constants::{ShowEmails, DC_CHAT_ID_TRASH};
 use crate::context::Context;
 use crate::dc_tools::*;
 use crate::param::*;
 use crate::peerstate::*;

-#[derive(Debug, Fail)]
+#[derive(Debug, thiserror::Error)]
 pub enum Error {
-    #[fail(display = "Sqlite Error: {:?}", _0)]
-    Sql(#[cause] rusqlite::Error),
-    #[fail(display = "Sqlite Connection Pool Error: {:?}", _0)]
-    ConnectionPool(#[cause] r2d2::Error),
-    #[fail(display = "Sqlite: Connection closed")]
+    #[error("Sqlite Error: {0:?}")]
+    Sql(#[from] rusqlite::Error),
+    #[error("Sqlite Connection Pool Error: {0:?}")]
+    ConnectionPool(#[from] r2d2::Error),
+    #[error("Sqlite: Connection closed")]
    SqlNoConnection,
-    #[fail(display = "Sqlite: Already open")]
+    #[error("Sqlite: Already open")]
    SqlAlreadyOpen,
-    #[fail(display = "Sqlite: Failed to open")]
+    #[error("Sqlite: Failed to open")]
    SqlFailedToOpen,
-    #[fail(display = "{:?}", _0)]
-    Io(#[cause] std::io::Error),
-    #[fail(display = "{:?}", _0)]
-    BlobError(#[cause] crate::blob::BlobError),
+    #[error("{0}")]
+    Io(#[from] std::io::Error),
+    #[error("{0:?}")]
+    BlobError(#[from] crate::blob::BlobError),
+    #[error("{0}")]
+    Other(#[from] crate::error::Error),
 }

 pub type Result<T> = std::result::Result<T, Error>;

-impl From<rusqlite::Error> for Error {
-    fn from(err: rusqlite::Error) -> Error {
-        Error::Sql(err)
-    }
-}
-
-impl From<r2d2::Error> for Error {
-    fn from(err: r2d2::Error) -> Error {
-        Error::ConnectionPool(err)
-    }
-}
-
-impl From<std::io::Error> for Error {
-    fn from(err: std::io::Error) -> Error {
-        Error::Io(err)
-    }
-}
-
-impl From<crate::blob::BlobError> for Error {
-    fn from(err: crate::blob::BlobError) -> Error {
-        Error::BlobError(err)
-    }
-}
-
 /// A wrapper around the underlying Sqlite3 object.
 #[derive(DebugStub)]
 pub struct Sql {
@@ -96,7 +74,7 @@ impl Sql {
    pub fn open(&self, context: &Context, dbfile: &std::path::Path, readonly: bool) -> bool {
        match open(context, self, dbfile, readonly) {
            Ok(_) => true,
-            Err(crate::error::Error::SqlError(Error::SqlAlreadyOpen)) => false,
+            Err(Error::SqlAlreadyOpen) => false,
            Err(_) => {
                self.close(context);
                false
@@ -212,6 +190,30 @@ impl Sql {
        self.with_conn(|conn| conn.query_row(sql.as_ref(), params, f).map_err(Into::into))
    }

+    /// Execute a query which is expected to return zero or one row.
+    pub fn query_row_optional<T, P, F>(
+        &self,
+        sql: impl AsRef<str>,
+        params: P,
+        f: F,
+    ) -> Result<Option<T>>
+    where
+        P: IntoIterator,
+        P::Item: rusqlite::ToSql,
+        F: FnOnce(&rusqlite::Row) -> rusqlite::Result<T>,
+    {
+        match self.query_row(sql, params, f) {
+            Ok(res) => Ok(Some(res)),
+            Err(Error::Sql(rusqlite::Error::QueryReturnedNoRows)) => Ok(None),
+            Err(Error::Sql(rusqlite::Error::InvalidColumnType(
+                _,
+                _,
+                rusqlite::types::Type::Null,
+            ))) => Ok(None),
+            Err(err) => Err(err),
+        }
+    }
+
    pub fn table_exists(&self, name: impl AsRef<str>) -> bool {
        self.with_conn(|conn| table_exists(conn, name))
            .unwrap_or_default()
@@ -226,16 +228,7 @@ impl Sql {
        P::Item: rusqlite::ToSql,
        T: rusqlite::types::FromSql,
    {
-        match self.query_row(query, params, |row| row.get::<_, T>(0)) {
-            Ok(res) => Ok(Some(res)),
-            Err(Error::Sql(rusqlite::Error::QueryReturnedNoRows)) => Ok(None),
-            Err(Error::Sql(rusqlite::Error::InvalidColumnType(
-                _,
-                _,
-                rusqlite::types::Type::Null,
-            ))) => Ok(None),
-            Err(err) => Err(err),
-        }
+        self.query_row_optional(query, params, |row| row.get::<_, T>(0))
    }

    /// Not resultified version of `query_get_value_result`. Returns
@@ -388,14 +381,14 @@ fn open(
    sql: &Sql,
    dbfile: impl AsRef<std::path::Path>,
    readonly: bool,
-) -> crate::error::Result<()> {
+) -> Result<()> {
    if sql.is_open() {
        error!(
            context,
            "Cannot open, database \"{:?}\" already opened.",
            dbfile.as_ref(),
        );
-        return Err(Error::SqlAlreadyOpen.into());
+        return Err(Error::SqlAlreadyOpen);
    }

    let mut open_flags = OpenFlags::SQLITE_OPEN_NO_MUTEX;
@@ -545,7 +538,7 @@ fn open(
                    dbfile.as_ref(),
                );
                // cannot create the tables - maybe we cannot write?
-                return Err(Error::SqlFailedToOpen.into());
+                return Err(Error::SqlFailedToOpen);
            } else {
                sql.set_raw_config_int(context, "dbversion", 0)?;
            }
@@ -1053,6 +1046,18 @@ pub fn get_rowid2_with_conn(
    }
 }

+/// Removes from the database locally deleted messages that also don't
+/// have a server UID.
+fn prune_tombstones(context: &Context) -> Result<()> {
+    context.sql.execute(
+        "DELETE FROM msgs \
+         WHERE (chat_id = ? OR hidden) \
+         AND server_uid = 0",
+        params![DC_CHAT_ID_TRASH],
+    )?;
+    Ok(())
+}
+
 pub fn housekeeping(context: &Context) {
    let mut files_in_use = HashSet::new();
    let mut unreferenced_count = 0;
@@ -1165,6 +1170,13 @@ pub fn housekeeping(context: &Context) {
        }
    }

+    if let Err(err) = prune_tombstones(context) {
+        warn!(
+            context,
+            "Houskeeping: Cannot prune message tombstones: {}", err
+        );
+    }
+
    info!(context, "Housekeeping done.",);
 }

--- a/src/stock.rs
+++ b/src/stock.rs
@@ -10,7 +10,7 @@ use crate::chat;
 use crate::constants::{Viewtype, DC_CONTACT_ID_SELF};
 use crate::contact::*;
 use crate::context::Context;
-use crate::error::Error;
+use crate::error::{bail, Error};
 use crate::message::Message;
 use crate::param::Param;
 use crate::stock::StockMessage::{DeviceMessagesHint, WelcomeMessage};
@@ -314,7 +314,7 @@ impl Context {
        from_id: u32,
    ) -> String {
        let insert1 = if id == StockMessage::MsgAddMember || id == StockMessage::MsgDelMember {
-            let contact_id = Contact::lookup_id_by_addr(self, param1.as_ref());
+            let contact_id = Contact::lookup_id_by_addr(self, param1.as_ref(), Origin::Unknown);
            if contact_id != 0 {
                Contact::get_by_id(self, contact_id)
                    .map(|contact| contact.get_name_n_addr())
--- a/test-data/key/alice-public.asc
+++ b/test-data/key/alice-public.asc
@@ -1 +1 @@
-xsBNBF425W8BCADLIbltPzG1vk/V2ov2+eBeJJJnRu1kJHdo6e3oNB+HTIxVde5+7Uq8tTEDZB1O7m9NBUFrXr7UYQsA/86G2jmsyWKTzIu1O/t5kdcNDqsNcTVZAhBu2ixYsYVc3ws6kJONjpXLtD2u3P7vEXU3INiOb2JrBQDT8/ubEm1xas/UirYnP5DMaH068IHRdVEYs9ULFaD5scw1m/94buXYZ1CRt/2hT8iRrtBi6ki8kArnhsZC2Xr0+jRQNMUnG5k7Bwi6saCqVmd7IlqSM6MbfYank30Gi/UyDmyIrOk7daTg6WIqgiVOTHav65EK/aUvvjlr+awM+C+u35rQytzyTitZABEBAAHNEzxhbGljZUBleGFtcGxlLmNvbT7CwIkEEAEIADMCGQEFAl425ZQCGwMECwkIBwYVCAkKCwIDFgIBFiEEsBJRVVptIGB7DRLzYuJiDHjRb8EACgkQYuJiDHjRb8HiZQf+PLDxzWchkHAdQFbxxtoXj66aiknofjlRWHDWvUG4nULZ15tjDjnv3z22Meldr8kSV4r1+ejhLFHou9gTzAYk7eAxiybDd8AJOdK+ZgK/Nn7xjdO+HTZLhNdi+R7EektDyf8WDNktEaS8pZc74VKu4984ESi4PoqVxqGHRiSisH4cw4b2pQYxp32BkIdil7sWnqRUEoCpMoKdw2h0N7/lm+rS7/JR9cdjXaVzy1dYTqAVsTL1FTGy4osOKGOyQbkP+Cm6uNq7kC/Bt+fefsb+c2JycmI1uwdvnG7PoFslKv3lRnfkNSmrcIYlJHUl5z0yAgliophr5fqMfzQpO4zMc87ATQReNuVvAQgAuNjE1i+g4v25UNDPIMgXODU4WztE30074gQs5sZa0DQnDUMsdWc2g1o060YZDojMYJQAtBjlW1Dz8FEE7WsLNohGtRyUWmIgNxE5CpodjpwIZ0MdO4Aji0YM+g+WsOSS8kiHMs+dMFfQJuNKjujGFaMIciSaMMrUmPtzkQ/o8NEJs2Aftw90fpVR+M7Mue3++rcEX09ntbgqkgm8SV6OIrOY2kfILudtybocgYkCTeNVqz5VFXuxrnT4ceyFQ64JkwsZxb+X/pCm4V5Q2TbKRwtdonU8HfAz0nAd5tsNeGmf/dPLOKBCxlNEme399YmzWrT+kJBp7CIH5jlWQKyuLwARAQABwsB2BBgBCAAgBQJeNuWUAhsMFiEEsBJRVVptIGB7DRLzYuJiDHjRb8EACgkQYuJiDHjRb8HrEgf/Xu8eRPPdskwtyd98y64teidBpkHuIjuZKJpNyy2HhdGXQwYbNIzwINg0EJ+u2nkreNF/h2Lu+/saqI8Dai02dpYXjvxJIlCgP2os7sNhVaZSaS4XmmJjkHCfZuIKblZypKDJVc5AceZxrtvUbgG+94+H3zeRWVAA30S5ep6YPvxigvhmQah/sdzY7708/jd9uXcCbkP47PBaXCpuPiYLb3t7z8mOteJb7LOZUmSI1efiLDLTGj7ofkdDfA7E6/nF/1+nq+UIDWqljwiUzeNIJsFlZRa/9/uDEjcQbaDe9/knBs7k9pEDZX5u8SSwSED75L+OvRpFWenp4SSKvd2BUw==
+mDMEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5C0GUFsaWNlIDxhbGljZUBleGFtcGxlLm9yZz6IkAQTFggAOBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGSwj2Gp7ZRDE3oA/i4MCyDMTsjWqDZoQwX/A/GoTO2/V0wKPhjJJy/8m2pMAPkBjOnGOtx2SZpQvJGTa9h804RY6iDrRuI8A/8tEEXAA7g4BF5Ydd0SCisGAQQBl1UBBQEBB0AG7cjWy2SFAU8KnltlubVW67rFiyfp01JrRe6Xqy22HQMBCAeIeAQYFggAIBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsMAAoJEGSwj2Gp7ZRDLo8BAObE8GnsGVwKzNqCvHeWgJsqhjS3C6gvSlV3tEm9XmF6AQDXucIyVfoBwoyMh2h6cSn/ATn5QJb35pgo+ivp3jsMAg==
--- a/test-data/key/alice-secret.asc
+++ b/test-data/key/alice-secret.asc
@@ -1 +1 @@
-xcLYBF425W8BCADLIbltPzG1vk/V2ov2+eBeJJJnRu1kJHdo6e3oNB+HTIxVde5+7Uq8tTEDZB1O7m9NBUFrXr7UYQsA/86G2jmsyWKTzIu1O/t5kdcNDqsNcTVZAhBu2ixYsYVc3ws6kJONjpXLtD2u3P7vEXU3INiOb2JrBQDT8/ubEm1xas/UirYnP5DMaH068IHRdVEYs9ULFaD5scw1m/94buXYZ1CRt/2hT8iRrtBi6ki8kArnhsZC2Xr0+jRQNMUnG5k7Bwi6saCqVmd7IlqSM6MbfYank30Gi/UyDmyIrOk7daTg6WIqgiVOTHav65EK/aUvvjlr+awM+C+u35rQytzyTitZABEBAAEAB/oDQFnwdrd7+jza5nGhFWTS/PDe+FKqbK8AneXx9ouepcoFQCr+Gxw8IwZS0JJrhgOADxp59n1FdvwvGukaXXnY2yxZw0dlMj2XN49ipR51y58X+qF6tMFK9iR1VRif6lqCRIr/RLZMCzuFZhkjNcJhnUTNA7p8qgYX+FaKHzSOaVat/v0kIUHUcZDkREWPUESYDmc1Nv6FXhB0WBiTsBglF+fq5Rm7UWPSmA59Cr7BrW8DctbzTh0+6bkzum2xdOcZ59nuTZa+IKcReI1+kVne5JPNFNJ2tP2f9GSSlL7u+NBtx3zRxZgAotXcJK9cVNIWtegqf+2hoLvm7m2CkWKRBADglpC7TpjV+8wJH+KuyGQ7jepqzf5EHwMrK2i6lPnnmoi0nkKvkklvtdcC7FoFGtLCDJ7vwlUdeN+itDxPlP8bbbUabcy0lLuzyGOVt5NwYXgIuPicpdt2ZTJgvChd9oWi1DG8pVpm+EMJZPyYVEpvDGl6q95oktrytbqjASZbBQQA54roJnwBcptLMTrttDrglULX7ciSKY5HXN1c0rqZn1dTKB1nPYB26hNbu6lZ8ixSOyZm3KwpeDUNW7A3hyzXOfoGFPaddH6WMSFFsGGC/orRVxnuPZLr3UJ3uFX7J0JOav90n/6A4YmS7uImRAG4/vTrAbEfmlBl5msHVUaYh0UD/jSX22JLenO1o8pNU04JQl3lQ4mWY6MvgTyCvpchTzDDva+wdOBTUeVUmb/KqYkYBq98tXl1VnGnNpeEymUISSi60RjaXDhbg7a3ELV0yvvWcBN9zreyyINuCU5OmNefPRvPt4Co12KtIxPACByFNTevzPKbrXd1cyhHOxAuqfzLRbDNEzxhbGljZUBleGFtcGxlLmNvbT7CwIkEEAEIADMCGQEFAl425ZQCGwMECwkIBwYVCAkKCwIDFgIBFiEEsBJRVVptIGB7DRLzYuJiDHjRb8EACgkQYuJiDHjRb8HiZQf+PLDxzWchkHAdQFbxxtoXj66aiknofjlRWHDWvUG4nULZ15tjDjnv3z22Meldr8kSV4r1+ejhLFHou9gTzAYk7eAxiybDd8AJOdK+ZgK/Nn7xjdO+HTZLhNdi+R7EektDyf8WDNktEaS8pZc74VKu4984ESi4PoqVxqGHRiSisH4cw4b2pQYxp32BkIdil7sWnqRUEoCpMoKdw2h0N7/lm+rS7/JR9cdjXaVzy1dYTqAVsTL1FTGy4osOKGOyQbkP+Cm6uNq7kC/Bt+fefsb+c2JycmI1uwdvnG7PoFslKv3lRnfkNSmrcIYlJHUl5z0yAgliophr5fqMfzQpO4zMc8fC2AReNuVvAQgAuNjE1i+g4v25UNDPIMgXODU4WztE30074gQs5sZa0DQnDUMsdWc2g1o060YZDojMYJQAtBjlW1Dz8FEE7WsLNohGtRyUWmIgNxE5CpodjpwIZ0MdO4Aji0YM+g+WsOSS8kiHMs+dMFfQJuNKjujGFaMIciSaMMrUmPtzkQ/o8NEJs2Aftw90fpVR+M7Mue3++rcEX09ntbgqkgm8SV6OIrOY2kfILudtybocgYkCTeNVqz5VFXuxrnT4ceyFQ64JkwsZxb+X/pCm4V5Q2TbKRwtdonU8HfAz0nAd5tsNeGmf/dPLOKBCxlNEme399YmzWrT+kJBp7CIH5jlWQKyuLwARAQABAAf/YmpfWp5fLZvjJ8kVDqIZ4r5LNB+5Sp7nbC3G7lPblBDAXgpOyG9ckdDcbguTWa6yChWizkCXFOhkCKZKVlHw1Wb3JoSB5CFsf4U29pMZe41N2BTeoohV5Fg2nojgNWxtZHwDJ6VsTonidGH9l1sN5AU6gPNF+QZ07MKsRCbRYi0yMgX064gwZXRtkm8AECz8ay1wDzoBy14ALe9aDClafVwfxdYUcxDBqtvjLhGeTWX5lMMAQ1Ix8D0Gp4r0Zvtl+oxlTSZFAt9m6sbRBbJf4LJjRQh07aWF2gUOiyIyz7YymYdwsyFnCPn2Aj84uRdqYCekAUfzBeNTBukUQq1DYQQA3BeH38pnr34m0UyD/tCrTvrX60MOJVvFuaTQw+IgY4XmT9UiiiqYMaoLfzxeevdMCQ9EtMdXUTjI27/II3dR5Obg6J0QTybj78IKPbH8Vdlg0etllRjC3bV/M4a5UcXPKG6W5CvB0UJg7eqn/8wUqwiL9x+hZoLy+nU5rCAjzZEEANcBK8Vy9eBxkKmEfH/mChDSKE82ua0xdQuZiTvvGedUYG3ucH4rAlkZaZcZrtJTod1BKhAhDBrjxk/yLCjK3z5JDsacdDGGfaqga3zdPBJubWE7f4mg6uYVs04Uf90YVY7t0LEQAh7i9QYiIqUOJDy3L8y3+bNgNz2r1p8pFd+/A/0YoYE0YDgABbLKmBQFoWjF3Op7P+k6Z4ENK4Me1fkNSAU451QX7ZduI7i3pGTM06bXG2umhTI1lg48ZveMRk1vBezHU+ThnciEkuhYafnq7NRdkEtI20MyFmN7dZF8LQ/joYKsJbeSG5svj8f1ue2eHkiIIlTtDqVUTizDU3ddlzUZwsB2BBgBCAAgBQJeNuWUAhsMFiEEsBJRVVptIGB7DRLzYuJiDHjRb8EACgkQYuJiDHjRb8HrEgf/Xu8eRPPdskwtyd98y64teidBpkHuIjuZKJpNyy2HhdGXQwYbNIzwINg0EJ+u2nkreNF/h2Lu+/saqI8Dai02dpYXjvxJIlCgP2os7sNhVaZSaS4XmmJjkHCfZuIKblZypKDJVc5AceZxrtvUbgG+94+H3zeRWVAA30S5ep6YPvxigvhmQah/sdzY7708/jd9uXcCbkP47PBaXCpuPiYLb3t7z8mOteJb7LOZUmSI1efiLDLTGj7ofkdDfA7E6/nF/1+nq+UIDWqljwiUzeNIJsFlZRa/9/uDEjcQbaDe9/knBs7k9pEDZX5u8SSwSED75L+OvRpFWenp4SSKvd2BUw==
+lFgEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5AAAQDMpCY4sD5/DUR0jRjGC5WstwShz1q+5Vofo5mY9+XRXRA3tBlBbGljZSA8YWxpY2VAZXhhbXBsZS5vcmc+iJAEExYIADgWIQQub6LLI7Uy1yhjS1hksI9hqe2UQwUCXlh13QIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBksI9hqe2UQxN6AP4uDAsgzE7I1qg2aEMF/wPxqEztv1dMCj4YyScv/JtqTAD5AYzpxjrcdkmaULyRk2vYfNOEWOog60biPAP/LRBFwAOcXQReWHXdEgorBgEEAZdVAQUBAQdABu3I1stkhQFPCp5bZbm1Vuu6xYsn6dNSa0Xul6stth0DAQgHAAD/X9y9I/JFBeArkgR3U363cWXXxMCWftS+BDwM9zE4PrgQb4h4BBgWCAAgFiEELm+iyyO1MtcoY0tYZLCPYantlEMFAl5Ydd0CGwwACgkQZLCPYantlEMujwEA5sTwaewZXArM2oK8d5aAmyqGNLcLqC9KVXe0Sb1eYXoBANe5wjJV+gHCjIyHaHpxKf8BOflAlvfmmCj6K+neOwwC
--- a/tests/stress.rs
+++ b/tests/stress.rs
@@ -44,9 +44,9 @@ fn stress_functions(context: &Context) {
    // assert!(dc_is_configured(context) != 0, "Missing configured context");

    // let setupcode = dc_create_setup_code(context);
-    // let setupcode_c = CString::yolo(setupcode.clone());
+    // let setupcode_c = CString::new(setupcode.clone()).unwrap();
    // let setupfile = dc_render_setup_file(context, &setupcode).unwrap();
-    // let setupfile_c = CString::yolo(setupfile);
+    // let setupfile_c = CString::new(setupfile).unwrap();
    // let mut headerline_2: *const libc::c_char = ptr::null();
    // let payload = dc_decrypt_setup_file(context, setupcode_c.as_ptr(), setupfile_c.as_ptr());