chore(release): prepare for 2.42.0

chore(cargo): bump quick-xml from 0.38.4 to 0.39.0
Bumps [quick-xml](https://github.com/tafia/quick-xml) from 0.38.4 to 0.39.0. - [Release notes](https://github.com/tafia/quick-xml/releases) - [Changelog](https://github.com/tafia/quick-xml/blob/master/Changelog.md) - [Commits](https://github.com/tafia/quick-xml/compare/v0.38.4...v0.39.0) --- updated-dependencies: - dependency-name: quick-xml dependency-version: 0.39.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2026-04-04 14:32:11 +03:00 · 2026-02-10 00:37:13 +00:00 · 2026-02-09 04:19:06 -03:00 · 2026-02-08 21:09:38 +00:00 · 2026-02-08 01:58:23 +00:00 · 2026-02-08 01:57:10 +00:00
226 changed files with 20659 additions and 11632 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -7,6 +7,8 @@ updates:
    commit-message:
      prefix: "chore(cargo)"
    open-pull-requests-limit: 50
+    cooldown:
+      default-days: 7

  # Keep GitHub Actions up to date.
  # <https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot>
@@ -14,3 +16,5 @@ updates:
    directory: "/"
    schedule:
      interval: "weekly"
+    cooldown:
+      default-days: 7
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,17 +20,18 @@ permissions: {}

 env:
  RUSTFLAGS: -Dwarnings
-  RUST_VERSION: 1.90.0
+  RUST_VERSION: 1.93.0

  # Minimum Supported Rust Version
-  MSRV: 1.85.0
+  MSRV: 1.88.0

 jobs:
  lint_rust:
    name: Lint Rust
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -39,7 +40,7 @@ jobs:
      - run: rustup override set $RUST_VERSION
        shell: bash
      - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@v2
+        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
      - name: Run rustfmt
        run: cargo fmt --all -- --check
      - name: Run clippy
@@ -52,22 +53,24 @@ jobs:
  cargo_deny:
    name: cargo deny
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: EmbarkStudios/cargo-deny-action@v2
+      - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979
        with:
-          arguments: --all-features --workspace
+          arguments: --workspace --all-features --locked
          command: check
          command-arguments: "-Dwarnings"

  provider_database:
    name: Check provider database
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -79,15 +82,16 @@ jobs:
  docs:
    name: Rust doc comments
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    env:
      RUSTDOCFLAGS: -Dwarnings
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
      - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@v2
+        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
      - name: Rustdoc
        run: cargo doc --document-private-items --no-deps

@@ -107,6 +111,7 @@ jobs:
          - os: ubuntu-latest
            rust: minimum
    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
    steps:
      - run:
          echo "RUSTUP_TOOLCHAIN=$MSRV" >> $GITHUB_ENV
@@ -117,7 +122,7 @@ jobs:
        shell: bash
        if: matrix.rust == 'latest'

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -129,10 +134,10 @@ jobs:
        shell: bash

      - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@v2
+        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5

      - name: Install nextest
-        uses: taiki-e/install-action@v2
+        uses: taiki-e/install-action@69e777b377e4ec209ddad9426ae3e0c1008b0ef3
        with:
          tool: nextest

@@ -155,20 +160,21 @@ jobs:
      matrix:
        os: [ubuntu-latest, macos-latest]
    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false

      - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@v2
+        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5

      - name: Build C library
        run: cargo build -p deltachat_ffi

      - name: Upload C library
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: ${{ matrix.os }}-libdeltachat.a
          path: target/debug/libdeltachat.a
@@ -180,20 +186,21 @@ jobs:
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false

      - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@v2
+        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5

      - name: Build deltachat-rpc-server
        run: cargo build -p deltachat-rpc-server

      - name: Upload deltachat-rpc-server
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: ${{ matrix.os }}-deltachat-rpc-server
          path: ${{ matrix.os == 'windows-latest' && 'target/debug/deltachat-rpc-server.exe' || 'target/debug/deltachat-rpc-server' }}
@@ -202,8 +209,9 @@ jobs:
  python_lint:
    name: Python lint
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -219,6 +227,38 @@ jobs:
        working-directory: deltachat-rpc-client
        run: tox -e lint

+  # mypy does not work with PyPy since mypy 1.19
+  # as it introduced native `librt` dependency
+  # that uses CPython internals.
+  # We only run mypy with CPython because of this.
+  cffi_python_mypy:
+    name: CFFI Python mypy
+    needs: ["c_library", "python_lint"]
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+
+      - name: Download libdeltachat.a
+        uses: actions/download-artifact@v7
+        with:
+          name: ubuntu-latest-libdeltachat.a
+          path: target/debug
+
+      - name: Install tox
+        run: pip install tox
+
+      - name: Run mypy
+        env:
+          DCC_RS_TARGET: debug
+          DCC_RS_DEV: ${{ github.workspace }}
+        working-directory: python
+        run: tox -e mypy
+
+
  cffi_python_tests:
    name: CFFI Python tests
    needs: ["c_library", "python_lint"]
@@ -238,21 +278,22 @@ jobs:
          - os: macos-latest
            python: pypy3.10

-          # Minimum Supported Python Version = 3.8
+          # Minimum Supported Python Version = 3.10
          # This is the minimum version for which manylinux Python wheels are
          # built. Test it with minimum supported Rust version.
          - os: ubuntu-latest
-            python: 3.8
+            python: "3.10"

    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false

      - name: Download libdeltachat.a
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: ${{ matrix.os }}-libdeltachat.a
          path: target/debug
@@ -271,7 +312,7 @@ jobs:
          DCC_RS_TARGET: debug
          DCC_RS_DEV: ${{ github.workspace }}
        working-directory: python
-        run: tox -e mypy,doc,py
+        run: tox -e doc,py

  rpc_python_tests:
    name: JSON-RPC Python tests
@@ -293,13 +334,14 @@ jobs:
          - os: macos-latest
            python: pypy3.10

-          # Minimum Supported Python Version = 3.8
+          # Minimum Supported Python Version = 3.10
          - os: ubuntu-latest
-            python: 3.8
+            python: "3.10"

    runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -313,7 +355,7 @@ jobs:
        run: pip install tox

      - name: Download deltachat-rpc-server
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: ${{ matrix.os }}-deltachat-rpc-server
          path: target/debug
--- a/.github/workflows/deltachat-rpc-server.yml
+++ b/.github/workflows/deltachat-rpc-server.yml
@@ -30,22 +30,46 @@ jobs:
        arch: [aarch64, armv7l, armv6l, i686, x86_64]
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31

      - name: Build deltachat-rpc-server binaries
        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-linux

      - name: Upload binary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: deltachat-rpc-server-${{ matrix.arch }}-linux
          path: result/bin/deltachat-rpc-server
          if-no-files-found: error

+  build_linux_wheel:
+    name: Linux wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [aarch64, armv7l, armv6l, i686, x86_64]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-linux-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v6
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-linux-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
  build_windows:
    name: Windows
    strategy:
@@ -54,22 +78,46 @@ jobs:
        arch: [win32, win64]
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31

      - name: Build deltachat-rpc-server binaries
        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}

      - name: Upload binary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: deltachat-rpc-server-${{ matrix.arch }}
          path: result/bin/deltachat-rpc-server.exe
          if-no-files-found: error

+  build_windows_wheel:
+    name: Windows wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [win32, win64]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v6
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
  build_macos:
    name: macOS
    strategy:
@@ -79,7 +127,7 @@ jobs:

    runs-on: macos-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -91,7 +139,7 @@ jobs:
        run: cargo build --release --package deltachat-rpc-server --target ${{ matrix.arch }}-apple-darwin --features vendored

      - name: Upload binary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: deltachat-rpc-server-${{ matrix.arch }}-macos
          path: target/${{ matrix.arch }}-apple-darwin/release/deltachat-rpc-server
@@ -105,25 +153,49 @@ jobs:
        arch: [arm64-v8a, armeabi-v7a]
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31

      - name: Build deltachat-rpc-server binaries
        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-android

      - name: Upload binary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: deltachat-rpc-server-${{ matrix.arch }}-android
          path: result/bin/deltachat-rpc-server
          if-no-files-found: error

+  build_android_wheel:
+    name: Android wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [arm64-v8a, armeabi-v7a]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-android-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v6
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-android-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
  publish:
    name: Build wheels and upload binaries to the release
-    needs: ["build_linux", "build_windows", "build_macos"]
+    needs: ["build_linux", "build_linux_wheel", "build_windows", "build_windows_wheel", "build_macos", "build_android", "build_android_wheel"]
    environment:
      name: pypi
      url: https://pypi.org/p/deltachat-rpc-server
@@ -132,78 +204,132 @@ jobs:
      contents: write
    runs-on: "ubuntu-latest"
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31

      - name: Download Linux aarch64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-aarch64-linux
          path: deltachat-rpc-server-aarch64-linux.d

+      - name: Download Linux aarch64 wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-aarch64-linux-wheel
+          path: deltachat-rpc-server-aarch64-linux-wheel.d
+
      - name: Download Linux armv7l binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armv7l-linux
          path: deltachat-rpc-server-armv7l-linux.d

+      - name: Download Linux armv7l wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-armv7l-linux-wheel
+          path: deltachat-rpc-server-armv7l-linux-wheel.d
+
      - name: Download Linux armv6l binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armv6l-linux
          path: deltachat-rpc-server-armv6l-linux.d

+      - name: Download Linux armv6l wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-armv6l-linux-wheel
+          path: deltachat-rpc-server-armv6l-linux-wheel.d
+
      - name: Download Linux i686 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-i686-linux
          path: deltachat-rpc-server-i686-linux.d

+      - name: Download Linux i686 wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-i686-linux-wheel
+          path: deltachat-rpc-server-i686-linux-wheel.d
+
      - name: Download Linux x86_64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-x86_64-linux
          path: deltachat-rpc-server-x86_64-linux.d

+      - name: Download Linux x86_64 wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-x86_64-linux-wheel
+          path: deltachat-rpc-server-x86_64-linux-wheel.d
+
      - name: Download Win32 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-win32
          path: deltachat-rpc-server-win32.d

+      - name: Download Win32 wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-win32-wheel
+          path: deltachat-rpc-server-win32-wheel.d
+
      - name: Download Win64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-win64
          path: deltachat-rpc-server-win64.d

+      - name: Download Win64 wheel
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-win64-wheel
+          path: deltachat-rpc-server-win64-wheel.d
+
      - name: Download macOS binary for x86_64
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-x86_64-macos
          path: deltachat-rpc-server-x86_64-macos.d

      - name: Download macOS binary for aarch64
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-aarch64-macos
          path: deltachat-rpc-server-aarch64-macos.d

      - name: Download Android binary for arm64-v8a
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-arm64-v8a-android
          path: deltachat-rpc-server-arm64-v8a-android.d

+      - name: Download Android wheel for arm64-v8a
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-arm64-v8a-android-wheel
+          path: deltachat-rpc-server-arm64-v8a-android-wheel.d
+
      - name: Download Android binary for armeabi-v7a
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armeabi-v7a-android
          path: deltachat-rpc-server-armeabi-v7a-android.d

+      - name: Download Android wheel for armeabi-v7a
+        uses: actions/download-artifact@v7
+        with:
+          name: deltachat-rpc-server-armeabi-v7a-android-wheel
+          path: deltachat-rpc-server-armeabi-v7a-android-wheel.d
+
      - name: Create bin/ directory
        run: |
          mkdir -p bin
@@ -222,38 +348,21 @@ jobs:
      - name: List binaries
        run: ls -l bin/

-      # Python 3.11 is needed for tomllib used in scripts/wheel-rpc-server.py
-      - name: Install python 3.12
-        uses: actions/setup-python@v6
-        with:
-          python-version: 3.12
-
      - name: Install wheel
        run: pip install wheel

-      - name: Build deltachat-rpc-server Python wheels and source package
+      - name: Build deltachat-rpc-server Python wheels
        run: |
          mkdir -p dist
-          nix build .#deltachat-rpc-server-x86_64-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armv7l-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armv6l-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-aarch64-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-i686-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-win64-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-win32-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-arm64-v8a-android-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armeabi-v7a-android-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-source
-          cp result/*.tar.gz dist/
+          mv deltachat-rpc-server-aarch64-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armv7l-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armv6l-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-i686-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-x86_64-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-win64-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-win32-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-arm64-v8a-android-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armeabi-v7a-android-wheel.d/*.whl dist/
          python3 scripts/wheel-rpc-server.py x86_64-darwin bin/deltachat-rpc-server-x86_64-macos
          python3 scripts/wheel-rpc-server.py aarch64-darwin bin/deltachat-rpc-server-aarch64-macos
          mv *.whl dist/
@@ -271,21 +380,24 @@ jobs:
            --repo ${{ github.repository }} \
            bin/* dist/*

-      - name: Publish deltachat-rpc-client to PyPI
+      - name: Publish deltachat-rpc-server to PyPI
        if: github.event_name == 'release'
-        uses: pypa/gh-action-pypi-publish@release/v1
+        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e

  publish_npm_package:
    name: Build & Publish npm prebuilds and deltachat-rpc-server
    needs: ["build_linux", "build_windows", "build_macos"]
    runs-on: "ubuntu-latest"
+    environment:
+      name: npm-stdio-rpc-server
+      url: https://www.npmjs.com/package/@deltachat/stdio-rpc-server
    permissions:
      id-token: write

      # Needed to publish the binaries to the release.
      contents: write
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -294,67 +406,67 @@ jobs:
          python-version: "3.11"

      - name: Download Linux aarch64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-aarch64-linux
          path: deltachat-rpc-server-aarch64-linux.d

      - name: Download Linux armv7l binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armv7l-linux
          path: deltachat-rpc-server-armv7l-linux.d

      - name: Download Linux armv6l binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armv6l-linux
          path: deltachat-rpc-server-armv6l-linux.d

      - name: Download Linux i686 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-i686-linux
          path: deltachat-rpc-server-i686-linux.d

      - name: Download Linux x86_64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-x86_64-linux
          path: deltachat-rpc-server-x86_64-linux.d

      - name: Download Win32 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-win32
          path: deltachat-rpc-server-win32.d

      - name: Download Win64 binary
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-win64
          path: deltachat-rpc-server-win64.d

      - name: Download macOS binary for x86_64
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-x86_64-macos
          path: deltachat-rpc-server-x86_64-macos.d

      - name: Download macOS binary for aarch64
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-aarch64-macos
          path: deltachat-rpc-server-aarch64-macos.d

      - name: Download Android binary for arm64-v8a
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-arm64-v8a-android
          path: deltachat-rpc-server-arm64-v8a-android.d

      - name: Download Android binary for armeabi-v7a
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: deltachat-rpc-server-armeabi-v7a-android
          path: deltachat-rpc-server-armeabi-v7a-android.d
@@ -384,7 +496,7 @@ jobs:
          ls -lah

      - name: Upload to artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: deltachat-rpc-server-npm-package
          path: deltachat-rpc-server/npm-package/*.tgz
@@ -401,16 +513,19 @@ jobs:
            deltachat-rpc-server/npm-package/*.tgz

      # Configure Node.js for publishing.
-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v6
        with:
          node-version: 20
          registry-url: "https://registry.npmjs.org"

+      # Ensure npm 11.5.1 or later is installed.
+      # It is needed for <https://docs.npmjs.com/trusted-publishers>
+      - name: Update npm
+        run: npm install -g npm@latest
+
      - name: Publish npm packets for prebuilds and `@deltachat/stdio-rpc-server`
        if: github.event_name == 'release'
        working-directory: deltachat-rpc-server/npm-package
        run: |
          ls -lah platform_package
          for platform in *.tgz; do npm publish --provenance "$platform" --access public; done
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
--- a/.github/workflows/jsonrpc-client-npm-package.yml
+++ b/.github/workflows/jsonrpc-client-npm-package.yml
@@ -10,20 +10,28 @@ jobs:
  pack-module:
    name: "Publish @deltachat/jsonrpc-client"
    runs-on: ubuntu-latest
+    environment:
+      name: npm-jsonrpc-client
+      url: https://www.npmjs.com/package/@deltachat/jsonrpc-client
    permissions:
      id-token: write
      contents: read
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false

-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v6
        with:
          node-version: 20
          registry-url: "https://registry.npmjs.org"

+      # Ensure npm 11.5.1 or later is installed.
+      # It is needed for <https://docs.npmjs.com/trusted-publishers>
+      - name: Update npm
+        run: npm install -g npm@latest
+
      - name: Install dependencies without running scripts
        working-directory: deltachat-jsonrpc/typescript
        run: npm install --ignore-scripts
@@ -37,5 +45,3 @@ jobs:
      - name: Publish
        working-directory: deltachat-jsonrpc/typescript
        run: npm publish --provenance deltachat-jsonrpc-client-* --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
--- a/.github/workflows/jsonrpc.yml
+++ b/.github/workflows/jsonrpc.yml
@@ -16,16 +16,16 @@ jobs:
  build_and_test:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
      - name: Use Node.js 18.x
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
        with:
          node-version: 18.x
      - name: Add Rust cache
-        uses: Swatinem/rust-cache@v2
+        uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
      - name: npm install
        working-directory: deltachat-jsonrpc/typescript
        run: npm install
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -21,11 +21,11 @@ jobs:
    name: check flake formatting
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - run: nix fmt flake.nix -- --check

  build:
@@ -80,11 +80,11 @@ jobs:
          #- deltachat-rpc-server-x86_64-android
          #- deltachat-rpc-server-x86-android
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - run: nix build .#${{ matrix.installable }}

  build-macos:
@@ -95,14 +95,15 @@ jobs:
      matrix:
        installable:
          - deltachat-rpc-server
+          - deltachat-rpc-server-x86_64-darwin

-          # Fails to bulid
+          # Fails to build
+          # because of <https://github.com/NixOS/nixpkgs/issues/413910>.
          # - deltachat-rpc-server-aarch64-darwin
-          # - deltachat-rpc-server-x86_64-darwin
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - run: nix build .#${{ matrix.installable }}
--- a/.github/workflows/publish-deltachat-rpc-client-pypi.yml
+++ b/.github/workflows/publish-deltachat-rpc-client-pypi.yml
@@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -23,7 +23,7 @@ jobs:
        working-directory: deltachat-rpc-client
        run: python3 -m build
      - name: Store the distribution packages
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: python-package-distributions
          path: deltachat-rpc-client/dist/
@@ -42,9 +42,9 @@ jobs:

    steps:
      - name: Download all the dists
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v7
        with:
          name: python-package-distributions
          path: dist/
      - name: Publish deltachat-rpc-client to PyPI
-        uses: pypa/gh-action-pypi-publish@release/v1
+        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
--- a/.github/workflows/repl.yml
+++ b/.github/workflows/repl.yml
@@ -14,15 +14,15 @@ jobs:
    name: Build REPL example
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - name: Build
        run: nix build .#deltachat-repl-win64
      - name: Upload binary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: repl.exe
          path: "result/bin/deltachat-repl.exe"
--- a/.github/workflows/upload-docs.yml
+++ b/.github/workflows/upload-docs.yml
@@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
@@ -31,12 +31,12 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
          fetch-depth: 0 # Fetch history to calculate VCS version number.
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - name: Build Python documentation
        run: nix build .#python-docs
      - name: Upload to py.delta.chat
@@ -50,12 +50,12 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
          fetch-depth: 0 # Fetch history to calculate VCS version number.
-      - uses: cachix/install-nix-action@9280e7aca88deada44c930f1e2c78e21c3ae3edd # v31
+      - uses: cachix/install-nix-action@4e002c8ec80594ecd40e759629461e26c8abed15 # v31
      - name: Build C documentation
        run: nix build .#docs
      - name: Upload to c.delta.chat
@@ -72,13 +72,13 @@ jobs:
        working-directory: ./deltachat-jsonrpc/typescript

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
          fetch-depth: 0 # Fetch history to calculate VCS version number.
      - name: Use Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
        with:
          node-version: '18'
      - name: npm install
--- a/.github/workflows/upload-ffi-docs.yml
+++ b/.github/workflows/upload-ffi-docs.yml
@@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          show-progress: false
          persist-credentials: false
--- a/.github/workflows/zizmor-scan.yml
+++ b/.github/workflows/zizmor-scan.yml
@@ -14,18 +14,18 @@ jobs:
      security-events: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          persist-credentials: false

      - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867

      - name: Run zizmor
        run: uvx zizmor --format sarif . > results.sarif

      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
        with:
          sarif_file: results.sarif
          category: zizmor
--- a/.gitignore
+++ b/.gitignore
@@ -36,6 +36,7 @@ deltachat-ffi/xml
 coverage/
 .DS_Store
 .vscode
+.zed
 python/accounts.txt
 python/all-testaccounts.txt
 tmp/
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,800 @@
 # Changelog

+## [2.42.0] - 2026-02-10
+
+### Fixes
+
+- Set `mvbox_move` to '0' explicitly for existing chatmail profiles.
+  It's needed to prevent device message about deprecated `mvbox_move` option from appearing in chatmail profiles.
+
+### Features / Changes
+
+- Do not scan not watched folders.
+
+### Miscellaneous Tasks
+
+- Update rPGP from 0.18.0 to 0.19.0.
+- cargo: Bump quick-xml from 0.38.4 to 0.39.0.
+
+### Tests
+
+- Remove test_dont_show_emails.
+
+### Other
+
+- Fix typo in CHANGELOG for marknoticed_all_chats.
+
+## [2.41.0] - 2026-02-06
+
+### Features / Changes
+
+- Do not require `ShowEmails` to be set to `All` for adding second relay.
+- Use different strings for audio and video calls.
+
+### Fixes
+
+- Don't set download state to Failure if message is available on another Session's transport ([#7684](https://github.com/chatmail/core/pull/7684)).
+- Make use of call stock strings.
+
+### Miscellaneous Tasks
+
+- cargo: Bump `time` from 0.3.37 to 0.3.47.
+
+## [2.40.0] - 2026-02-04
+
+### Features / Changes
+
+- Receive_imf: Log reasoning for chat assignment.
+- Use more fitting encryption info message.
+- Send Intended Recipient Fingerprint subpackets.
+- Trash messages with intended recipient fingerprints, but w/o our one included.
+- Do not collect email addresses from messages after configuration.
+- Add device message about legacy `mvbox_move`.
+- Never create IMAP folders.
+- Make summary for pre-messages look like summary for fully downloaded messages ([#7775](https://github.com/chatmail/core/pull/7775)).
+- Don't call `BlobObject::create_and_deduplicate()` when forwarding message to the same account.
+- Allow clients to specify whether a call has video initially or not ([#7740](https://github.com/chatmail/core/pull/7740)).
+- Do not load more than one own key from the keychain.
+
+### Fixes
+
+- Cross-account forwarding of a message which `has_html()` ([#7791](https://github.com/chatmail/core/pull/7791)).
+- Make self-contact a key-contact even if key isn't generated yet.
+- `apply_group_changes()`: Check whether From is key-contact.
+- Don't add SELF to unencrypted chat created from encrypted message ([#7661](https://github.com/chatmail/core/pull/7661)).
+- Don't upscale images and test that image resolution isn't changed unnecessarily ([#7769](https://github.com/chatmail/core/pull/7769)).
+- Restart i/o when there are new transports in a sync message ([#7640](https://github.com/chatmail/core/pull/7640)).
+- `add_or_lookup_key_contacts*()`: Advance fingerprint_iter on invalid address.
+- `receive_imf`: Look up key contact by intended recipient fingerprint ([#7661](https://github.com/chatmail/core/pull/7661)).
+- Remove `Config::DeleteToTrash` and `Config::ConfiguredTrashFolder`.
+
+### API-Changes
+
+- jsonrpc(python): Process events forever by default.
+
+### CI
+
+- Make scripts/deny.sh test the locked version of dependencies.
+
+### Refactor
+
+- Remove unneeded dbg! statements ([#7776](https://github.com/chatmail/core/pull/7776)).
+- Remove unused Context.is_inbox().
+- Rename lookup_key_contacts_by_address_list() to lookup_key_contacts_fallback_to_chat().
+- Mark `ProviderOptions` as `non_exhaustive`.
+
+### Miscellaneous Tasks
+
+- Update provider database.
+- cargo: Update `bytes` from 1.11.0 to 1.11.1.
+- cargo: Bump tokio from 1.48.0 to 1.49.0.
+- cargo: Bump tokio-util from 0.7.17 to 0.7.18.
+- cargo: Bump libc from 0.2.178 to 0.2.180.
+- cargo: Bump quote from 1.0.42 to 1.0.44.
+- cargo: Bump syn from 2.0.111 to 2.0.114.
+- cargo: Bump human-panic from 2.0.4 to 2.0.6.
+- cargo: Bump chrono from 0.4.42 to 0.4.43.
+- cargo: Bump data-encoding from 2.9.0 to 2.10.0.
+- cargo: Bump colorutils-rs from 0.7.5 to 0.7.6.
+- Update provider database.
+- cargo: Bump thiserror from 2.0.17 to 2.0.18.
+- deps: Bump EmbarkStudios/cargo-deny-action from 2.0.14 to 2.0.15.
+- Remove RUSTSEC-2026-0002 exception from deny.toml.
+- cargo: Bump tokio-stream from 0.1.17 to 0.1.18.
+- cargo: Bump toml from 0.9.10+spec-1.1.0 to 0.9.11+spec-1.1.0.
+- cargo: Bump serde_json from 1.0.148 to 1.0.149.
+- cargo: Bump uuid from 1.19.0 to 1.20.0.
+- cargo: Bump rustls-pki-types from 1.13.2 to 1.14.0.
+- cargo: Bump tracing-subscriber from 0.3.20 to 0.3.22.
+
+### Tests
+
+- 2nd device receives message via new primary transport.
+- Make `test_dont_move_sync_msgs` less flaky.
+- Encrypted incoming message goes to encrypted 1:1 chat even if references messages in ad-hoc group.
+- Message in blocked chat arrives as InSeen.
+- Set `mvbox_move` to 0 for test rust accounts.
+
+## [2.39.0] - 2026-01-23
+
+### CI
+
+- Update Rust to 1.93.0.
+
+### Documentation
+
+- RELEASE.md: Push preparation commit to the main branch before tagging.
+- RELEASE.md: Add section about dealing with failed releases.
+
+### Fixes
+
+- Forward message with file ([#7755](https://github.com/chatmail/core/pull/7755)).
+- Do not additionally reduce the resolution of images that fit into the resolution-limit and are larger than the file-size-limit ([#7760](https://github.com/chatmail/core/pull/7760)).
+
+### Miscellaneous Tasks
+
+- Merge v2.38.0 into main branch.
+- Cleanup deprecated functions/defines ([#7763](https://github.com/chatmail/core/pull/7763)).
+
+## [2.38.0] - 2026-01-22
+
+### API-Changes
+
+- [**breaking**] Jsonrpc: remove `contacts` from `FullChat`. To migrate load contacts on demand via `get_contacts_by_ids` using `FullChat.contactIds` ([#7282](https://github.com/chatmail/core/pull/7282)).
+- jsonrpc: Add run_until parameter for bots ([#7688](https://github.com/chatmail/core/pull/7688)).
+- rust, jsonrpc: Add `get_message_read_receipt_count` method ([#7732](https://github.com/chatmail/core/pull/7732)).
+- rust and jsonrpc: Marknoticed_all_chats method to mark all chats as noticed, including muted ones. ([#7709](https://github.com/chatmail/core/pull/7709)).
+- Public re-export of Connectivity ([#7737](https://github.com/chatmail/core/pull/7737)).
+
+### Documentation
+
+- Fix chat types.
+- Set_config_from_qr() configures context for "DCACCOUNT:" and "DCLOGIN:" QRs ([#7450](https://github.com/chatmail/core/pull/7450)).
+- Fix formatting of `indoc!` link.
+
+### Features / Changes
+
+- Pre-messages / next version of download on demand ([#7371](https://github.com/chatmail/core/pull/7371)).
+- Connectivity view: move quota up and combine with IMAP state. ([#7653](https://github.com/chatmail/core/pull/7653)).
+- Execute sync message before checking for primary transport update.
+- Disable partial search by contact address.
+- Don't put text into post-message ([#7714](https://github.com/chatmail/core/pull/7714)).
+- Don't scale up Origin of multiple and broadcast recipients when sending a message.
+- pgp: Use preferred hash algorithm for signing instead of hardcoded SHA256.
+- In teamprofiles, don't mark chat as read on outgoing message ([#7717](https://github.com/chatmail/core/pull/7717)).
+- Send and apply MDNs to self ([#7005](https://github.com/chatmail/core/pull/7005))
+
+### Fixes
+
+- Do not show contact address in message info ([#7695](https://github.com/chatmail/core/pull/7695)).
+- Take transport_id into account when marking messages with \Seen flags.
+- Send bcc-self messages to all own relays ([#7656](https://github.com/chatmail/core/pull/7656)).
+- Only emit TransportsModified if transports are really modified.
+- Logging errors in deltachat-rpc-server during startup ([#7707](https://github.com/chatmail/core/pull/7707)).
+- Use only lowercase letters for stats id ([#7700](https://github.com/chatmail/core/pull/7700)).
+- Hide incoming broadcasts in `DC_GCL_FOR_FORWARDING` ([#7726](https://github.com/chatmail/core/pull/7726)).
+- Do not resolve ICE server hostnames during IMAP loop.
+- More reliable parsing of `dclogin:` links with ip address as host ([#7734](https://github.com/chatmail/core/pull/7734)).
+- Don't remember old channel members in the database ([#7716](https://github.com/chatmail/core/pull/7716)).
+- Make it possible to leave and immediately delete a chat ([#7744](https://github.com/chatmail/core/pull/7744)).
+- Emit MsgsChanged instead of MsgsNoticed on self-MDN if chat still has fresh messages.
+- Prevent possible infinite loop with invalid `smtp` row ([#7746](https://github.com/chatmail/core/pull/7746)).
+- Sync broadcast subscribers list ([#7578](https://github.com/chatmail/core/pull/7578))
+
+### Refactor
+
+- Don't use `concat!` in sql statements ([#7720](https://github.com/chatmail/core/pull/7720)).
+
+### Tests
+
+- Port test_dont_move_sync_msgs to JSON-RPC ([#7676](https://github.com/chatmail/core/pull/7676)).
+- rpc-client: Replace remaining print()s with `logging` ([#6082](https://github.com/chatmail/core/pull/6082)).
+
+## [2.37.0] - 2026-01-08
+
+### API-Changes
+
+- JSON-RPC API `get_all_ui_config_keys` to get all "ui.*" config keys ([#7579](https://github.com/chatmail/core/pull/7579)).
+- Add `who_can_call_me` config option.
+- cffi api to create account manager with existing events channel to see events emitted during startup. `dc_event_channel_new`, `dc_event_channel_unref`, `dc_event_channel_get_event_emitter` and `dc_accounts_new_with_event_channel` ([#7609](https://github.com/chatmail/core/pull/7609)).
+
+### Features / Changes
+
+- Config option to skip seen synchronization ([#7694](https://github.com/chatmail/core/pull/7694)).
+- More text instead of sender in channel summary.
+
+### Fixes
+
+- Do not rely on Secure-Join header to detect {vc,vg}-request.
+
+### Documentation
+
+- Update instructions to UI where to display the address.
+
+### Miscellaneous Tasks
+
+- cargo: bump rsa from 0.9.9 to 0.9.10.
+- Update lru 0.12.3 to 0.12.5 and add RUSTSEC-2026-0002 exception.
+
+### Refactor
+
+- ffi: Replace implicit drop in cffi with explicit `drop(Arc::from_raw(var))` ([#7664](https://github.com/chatmail/core/pull/7664)).
+
+### Tests
+
+- Regression test for vc-request encrypted by the server.
+- Test that channel summary does not have sender name.
+
+## [2.36.0] - 2026-01-03
+
+### CI
+
+- Pin GitHub Action references.
+
+### API-Changes
+
+- Add transports event to FFI.
+
+### Features / Changes
+
+- Add core version to `receive_imf` failure message.
+- Connectivity view: quota for all transports ([#7630](https://github.com/chatmail/core/pull/7630)).
+- Send sync messages over SMTP and do not move them to mvbox.
+
+### Fixes
+
+- When accepting group, add members with `Origin::IncomingTo` and sort them down in the contact list (7592).
+- Update fallback welcome message.
+- `inner_configure`: Check Config::OnlyFetchMvbox before MvboxMove for multi-transport ([#7637](https://github.com/chatmail/core/pull/7637)).
+- Reset options not available for chatmail on chatmail profiles.
+- Don't send webxdc notification for `notify: "*"` when chat is muted ([#7658](https://github.com/chatmail/core/pull/7658)).
+
+### Documentation
+
+- `delete_chat()`: don't lie that messages aren't deleted from server.
+- Remove references to removed `sentbox_watch` config.
+- Update documentation for `TransportsModified` event.
+
+### Tests
+
+- Contact list after accepting group with unknown contacts ([#7592](https://github.com/chatmail/core/pull/7592)).
+- Port test_import_export_online_all to JSON-RPC ([#7411](https://github.com/chatmail/core/pull/7411)).
+
+### Refactor
+
+- Turn `DC_VERSION_STR` into `&str`.
+- ffi: Remove one pointer indirection for `dc_accounts_t`.
+
+### Miscellaneous Tasks
+
+- deps: Bump actions/download-artifact from 6 to 7.
+- deps: Bump actions/upload-artifact from 5 to 6.
+- deps: Bump astral-sh/setup-uv from 7.1.4 to 7.1.6.
+- deps: Bump cachix/install-nix-action from 31.8.4 to 31.9.0.
+- cargo: Bump serde_json from 1.0.145 to 1.0.147.
+- cargo: Bump uuid from 1.18.1 to 1.19.0.
+- cargo: Bump toml from 0.9.8 to 0.9.10+spec-1.1.0.
+- cargo: Bump tempfile from 3.23.0 to 3.24.0.
+- cargo: Bump libc from 0.2.177 to 0.2.178.
+- cargo: Bump tracing from 0.1.41 to 0.1.44.
+- cargo: Bump hyper-util from 0.1.18 to 0.1.19.
+- cargo: Bump log from 0.4.28 to 0.4.29.
+- cargo: Bump rustls-pki-types from 1.13.0 to 1.13.2.
+- cargo: Bump criterion from 0.7.0 to 0.8.1.
+
+## [2.35.0] - 2025-12-16
+
+### API-Changes
+
+- Add blob dir size to storage info ([#7605](https://github.com/chatmail/core/pull/7605)).
+
+### Features / Changes
+
+- Use `turn.delta.chat` as fallback TURN server ([#7382](https://github.com/chatmail/core/pull/7382)).
+- Add ip addresses of known public chatmail relays from https://chatmail.at/relays to DNS cache ([#7607](https://github.com/chatmail/core/pull/7607)).
+- Improve error messages on adding relays.
+- Add transport addresses to IMAP URLs in message info.
+- `lookup_host_with_cache()`: Don't return empty address list ([#7596](https://github.com/chatmail/core/pull/7596)).
+
+### Fixes
+
+- `get_chat_msgs_ex()`: Don't match on "S=" (Cmd) in param payload.
+- Remove `SecurejoinWait` info message when received Alice's key ([#7585](https://github.com/chatmail/core/pull/7585)).
+- Do not set normalized name for existing chats and contacts in a migration.
+- Remove now redundant "used_account_settings" and "entered_account_settings" from `Context.get_info()` ([#7587](https://github.com/chatmail/core/pull/7587)).
+- Don't use fallback servers if got TURN servers from IMAP METADATA.
+- Use fallback ICE servers if server can't IMAP METADATA ([#7382](https://github.com/chatmail/core/pull/7382)).
+- Add explicit limit for adding relays (5 at the moment) ([#7611](https://github.com/chatmail/core/pull/7611)).
+- Take `transport_id` into account when using `imap` table.
+
+### CI
+
+- Update Rust to 1.92.0.
+
+### Miscellaneous Tasks
+
+- Apply Rust 1.92.0 clippy suggestions.
+
+### Other
+
+- Log entered login params and actual used params on configuration failure ([#7610](https://github.com/chatmail/core/pull/7610)).
+
+## [2.34.0] - 2025-12-11
+
+### API-Changes
+
+- rpc-client: Accept `Account` for `Chat.{add,remove}_contact()`.
+- rpc-client: Add `Chat.num_contacts()`.
+- Forwarding messages to another profile ([#7491](https://github.com/chatmail/core/pull/7491)).
+
+### Features / Changes
+
+- Double ringing time to 120 seconds.
+- Better logging for failing securejoin messages ([#7593](https://github.com/chatmail/core/pull/7593)).
+- Add multi-transport information to `Context.get_info` ([#7583](https://github.com/chatmail/core/pull/7583))
+
+### Fixes
+
+- Multi-transport: all transports were shown as "inbox" in connectivity view, now they are shown by their hostname ([#7582](https://github.com/chatmail/core/pull/7582)).
+- Multi-transport: Synchronize primary transport immediately after changing it.
+- Use u64 instead of usize to calculate storage usage.
+- Use u64 to represent the number of bytes in backup files.
+- Use u64 to count the number of bytes sent/received over the network.
+- Use logging macros instead of emitting event directly, so that it is also logged by tracing ([#7459](https://github.com/chatmail/core/pull/7459)).
+- Let securejoin succeed even if the chat was deleted in the meantime ([#7594](https://github.com/chatmail/core/pull/7594)).
+
+### Miscellaneous Tasks
+
+- Add RUSTSEC-2025-0134 exception to deny.toml.
+
+### Refactor
+
+- Use u16 instead of usize to represent progress bar.
+- Remove EncryptHelper.prefer_encrypt.
+- Add params when forwarding message instead of removing unneeded ones.
+
+### Tests
+
+- Port test_synchronize_member_list_on_group_rejoin to JSON-RPC.
+- Test setting up second device between core versions.
+
+## [2.33.0] - 2025-12-05
+
+### Features / Changes
+
+- Case-insensitive search for non-ASCII chat and contact names ([#7477](https://github.com/chatmail/core/pull/7477)).
+
+### Fixes
+
+- Recognize all transport addresses as own addresses.
+
+## [2.32.0] - 2025-12-04
+
+Version bump to trigger publishing of npm prebuilds
+that failed to be published for 2.31.0 due to not configured "trusted publishers".
+
+### Features / Changes
+
+- Lookup_or_create_adhoc_group(): Add context to SQL errors ([#7554](https://github.com/chatmail/core/pull/7554)).
+
+## [2.31.0] - 2025-12-04
+
+### CI
+
+- Update npm before publishing packages.
+
+### Features / Changes
+
+- Use v2 SEIPD when sending messages to self.
+
+## [2.30.0] - 2025-12-04
+
+### Features / Changes
+
+- Disable SNI for STARTTLS ([#7499](https://github.com/chatmail/core/pull/7499)).
+- Introduce cross-core testing along with improvements to test frameworking.
+- Synchronize transports via sync messages.
+
+### Fixes
+
+- Fix shutdown shortly after call.
+
+### API-Changes
+
+- Add `TransportsModified` event (for tests).
+
+### CI
+
+- Use "trusted publishing" for NPM packages.
+
+### Miscellaneous Tasks
+
+- deps: Bump actions/checkout from 5 to 6.
+- cargo: Bump syn from 2.0.110 to 2.0.111.
+- deps: Bump astral-sh/setup-uv from 7.1.3 to 7.1.4.
+- cargo: Bump sdp from 0.8.0 to 0.10.0.
+- Remove two outdated todo comments ([#7550](https://github.com/chatmail/core/pull/7550)).
+
+## [2.29.0] - 2025-12-01
+
+### API-Changes
+
+- deltachat-rpc-client: Add Message.exists().
+
+### Features / Changes
+
+- [**breaking**] Increase backup version from 3 to 4.
+- Hide `To` header in encrypted messages.
+- `deltachat_rpc_client.Rpc` accepts `rpc_server_path` for using a particular deltachat-rpc-server ([#7493](https://github.com/chatmail/core/pull/7493)).
+- Don't send `Chat-Group-Avatar` header in unencrypted groups.
+- Don't update `self-{avatar,status}` from received messages ([#7002](https://github.com/chatmail/core/pull/7002)).
+
+### Fixes
+
+- `CREATE INDEX imap_only_rfc724_mid ON imap(rfc724_mid)` ([#7490](https://github.com/chatmail/core/pull/7490)).
+- Use the same webxdc ratelimit for all email servers.
+- Handle the case when account does not exist in `get_existing_msg_ids()`.
+- Don't send self-avatar in unencrypted messages ([#7136](https://github.com/chatmail/core/pull/7136)).
+- Do not configure folders during transport configuration.
+- Upload sync messages only with the primary transport.
+- Do not use deprecated ConfiguredProvider in get_configured_provider.
+
+### Build system
+
+- Make scripts for remote testing usable.
+- Increase minimum supported Python version to 3.10.
+- Use SPDX license expression in Python package metadata.
+
+### CI
+
+- Set timeout-minutes for all jobs in ci.yaml workflow.
+- Do not install Python manually to bulid RPC server wheels.
+- Do not build fake RPC server source packages.
+- Build Python wheels in separate jobs.
+
+### Refactor
+
+- [**breaking**] Remove some unneeded stock strings ([#7496](https://github.com/chatmail/core/pull/7496)).
+- Strike events in rpc-client request handling, get result from queue.
+- Use ConfiguredProvider config directly when loading legacy settings.
+- Remove update_icons and disable_server_delete migrations.
+- Use `SYMMETRIC_KEY_ALGORITHM` constant in `symm_encrypt_message()`.
+- Make signing key non-optional for `pk_encrypt`.
+
+### Tests
+
+- `test_remove_member_bcc`: Test unencrypted group as it was initially.
+
+### Miscellaneous Tasks
+
+- deps: Bump cachix/install-nix-action from 31.8.1 to 31.8.4.
+- cargo: Bump hyper from 1.7.0 to 1.8.1.
+- cargo: Bump human-panic from 2.0.3 to 2.0.4.
+- cargo: Bump hyper-util from 0.1.17 to 0.1.18.
+- cargo: Bump rusqlite from 0.36.0 to 0.37.0.
+- cargo: Bump tokio-util from 0.7.16 to 0.7.17.
+- cargo: Bump toml from 0.9.7 to 0.9.8.
+- cargo: Bump proptest from 1.8.0 to 1.9.0.
+- cargo: Bump parking_lot from 0.12.4 to 0.12.5.
+- cargo: Bump syn from 2.0.106 to 2.0.110.
+- cargo: Bump quick-xml from 0.38.3 to 0.38.4.
+- cargo: Bump rustls-pki-types from 1.12.0 to 1.13.0.
+- cargo: Bump nu-ansi-term from 0.50.1 to 0.50.3.
+- cargo: Bump sanitize-filename from 0.5.0 to 0.6.0.
+- cargo: Bump quote from 1.0.41 to 1.0.42.
+- cargo: Bump libc from 0.2.176 to 0.2.177.
+- cargo: Bump bytes from 1.10.1 to 1.11.0.
+- cargo: Bump image from 0.25.8 to 0.25.9.
+- cargo: Bump rand from 0.9.0 to 0.9.2 ([#7501](https://github.com/chatmail/core/pull/7501)).
+- cargo: Bump tokio from 1.45.1 to 1.48.0.
+
+## [2.28.0] - 2025-11-23
+
+### API-Changes
+
+- New API `get_existing_msg_ids()` to check if the messages with given IDs exist.
+- Add API to get storage usage information. (JSON-RPC method: `get_storage_usage_report_string`) ([#7486](https://github.com/chatmail/core/pull/7486)).
+
+### Features / Changes
+
+- Experimentaly allow adding second transport.
+  There is no synchronization yet, so UIs should not allow the user to change the address manually and only expose the ability to add transports if `bcc_self` is disabled.
+- Default `bcc_self` to 0 for all new accounts.
+- Rephrase "Establishing end-to-end encryption" -> "Establishing connection".
+- Stock string for joining a channel ([#7480](https://github.com/chatmail/core/pull/7480)).
+
+### Fixes
+
+- Limit the range of `Date` to up to 6 days in the past.
+- `ContactId::set_name_ex()`: Emit ContactsChanged when transaction is completed.
+- Set SQLite busy timeout to 1 minute on iOS.
+- Sort system messages to the bottom of the chat.
+- Assign outgoing self-sent unencrypted messages to ad-hoc groups with only SELF ([#7409](https://github.com/chatmail/core/pull/7409)).
+- Add missing stock strings.
+- Look up or create ad-hoc group if there are duplicate addresses in "To".
+
+### Documentation
+
+- Add missing RFC 9788, link 'Header Protection for Cryptographically Protected Email' as other RFC.
+- Remove unsupported RFC 3503 (`$MDNSent` flag) from the list of standards.
+- Mark database encryption support as deprecated ([#7403](https://github.com/chatmail/core/pull/7403)).
+
+### Build system
+
+- Increase Minimum Supported Rust Version to 1.88.0.
+- Update rPGP from 0.17.0 to 0.18.0.
+- nix: Update `fenix` and use it for all Rust builds.
+
+### CI
+
+- Do not use --encoding option for rst-lint.
+
+### Refactor
+
+- Use `HashMap::extract_if()` stabilized in Rust 1.88.0.
+- Remove some easy to remove unwrap() calls.
+
+### Tests
+
+- Contact shalln't be verified by another having unknown verifier.
+
+## [2.27.0] - 2025-11-16
+
+### API-Changes
+
+- Add APIs to stop background fetch.
+- [**breaking**]: rename JSON-RPC method accounts_background_fetch() into background_fetch()
+- rpc-client: Add APIs for background fetch.
+- rpc-client: Add Account.wait_for_msg().
+- Deprecate deletion timer string for '1 Minute'.
+
+### Features / Changes
+
+- Implement RFC 9788 (Header Protection for Cryptographically Protected Email) ([#7130](https://github.com/chatmail/core/pull/7130)).
+- Tweak initial info-message for unencrypted chats ([#7427](https://github.com/chatmail/core/pull/7427)).
+- Add Contact::get_or_gen_color. Use it in CFFI and JSON-RPC to avoid gray self-color ([#7374](https://github.com/chatmail/core/pull/7374)).
+- [**breaking**] Withdraw broadcast invites. Add Qr::WithdrawJoinBroadcast and Qr::ReviveJoinBroadcast QR code types. ([#7439](https://github.com/chatmail/core/pull/7439)).
+
+### Fixes
+
+- Set `get_max_smtp_rcpt_to` for chatmail to the actual limit of 1000 instead of unlimited. ([#7432](https://github.com/chatmail/core/pull/7432)).
+- Always set bcc_self on backup import/export.
+- Escape connectivity HTML.
+- Send webm as file, it is not supported by all UI.
+
+### Build system
+
+- nix: Exclude CONTRIBUTING.md from the source files.
+
+### Refactor
+
+- Use wait_for_incoming_msg() in more tests.
+
+### Tests
+
+- Fix flaky test_send_receive_locations.
+- Port folder-related CFFI tests to JSON-RPC.
+- HP-Outer headers are added to messages with standard Header Protection ([#7130](https://github.com/chatmail/core/pull/7130)).
+- rpc-client: Test_qr_securejoin_broadcast: Wait for incoming message before getting chatlist ([#7442](https://github.com/chatmail/core/pull/7442)).
+- Add pytest fixture for account manager.
+- Test background_fetch() and stop_background_fetch().
+
+## [2.26.0] - 2025-11-11
+
+### API-Changes
+
+- [**breaking**] JSON-RPC: `chat_type` now contains a variant of a string enum/union. Affected places: `FullChat.chat_type`, `BasicChat.chat_type`, `ChatListItemFetchResult::ChatListItem.chat_type`, `Event:: SecurejoinInviterProgress.chat_type` and `MessageSearchResult.chat_type` ([#7285](https://github.com/chatmail/core/pull/7285))
+
+### Features / Changes
+
+- Error toast for "Not creating securejoin QR for old broadcast".
+
+### Fixes
+
+- `is_encrypted()` should be true for Saved Messages chat so messages there are editable.
+- Do not return an error from `receive_imf` if we fail to add a member because we are not in chat.
+- Do not add QR inviter to groups immediately.
+- Do not ignore I/O errors in `BlobObject::store_from_base64`.
+
+### Miscellaneous Tasks
+
+- Rustfmt.
+
+### Refactor
+
+- imap: Move resync request from Context to Imap.
+- Replace imap:: calls in migration 73 with SQL queries.
+- Remove unused imports.
+
+### Documentation
+
+- Readme: update language binding section to avoid usage of cffi in new projects ([#7380](https://github.com/chatmail/core/pull/7380)).
+- Fix Context::set_stock_translation reference.
+
+### Tests
+
+- Test editing saved messages.
+- Remove ThreadPoolExecutor from test_wait_next_messages.
+- Move test_two_group_securejoins from receive_imf to securejoin module.
+- At the end of securejoin Bob has two members in a group chat.
+- Bob has 0 members in the chat until securejoin finishes.
+- Do not add QR inviter to groups right after scanning the code.
+
+## [2.25.0] - 2025-11-05
+
+### Features / Changes
+
+- Put self-name into group invite codes ([#7398](https://github.com/chatmail/core/pull/7398)).
+- Slightly nicer and shorter QR and invite codes ([#7390](https://github.com/chatmail/core/pull/7390))
+
+### Fixes
+
+- Add device message instead of partial message when receive_imf fails. This fixes a rare bug where the IMAP loop got stuck.
+- Add info message if user tries to create a QR code for deprecated channel ([#7399](https://github.com/chatmail/core/pull/7399)).
+
+### Miscellaneous Tasks
+
+- deps: Bump actions/upload-artifact from 4 to 5.
+- deps: Bump actions/download-artifact from 5 to 6.
+- deps: Bump astral-sh/setup-uv from 7.1.0 to 7.1.2.
+
+### Refactor
+
+- sql: Do not expose rusqlite Error type in query_map methods.
+
+## [2.24.0] - 2025-11-03
+
+***Note that in v2.24.0, the IMAP loop can get stuck in rare circumstances;
+use v2.23.0 or v2.25.0 instead.***
+
+### Documentation
+
+- Comment why spaced en dash is used to separate message Subject from text.
+
+### Features / Changes
+
+- [**breaking**] QR codes and symmetric encryption for broadcast channels ([#7268](https://github.com/chatmail/core/pull/7268)).
+  - A new QR type AskJoinBroadcast; cloning a broadcast
+    channel is no longer possible; manually adding a member to a broadcast
+    channel is no longer possible (the only way to join a channel is scanning a QR code or clicking a link)
+
+### Refactor
+
+- Split "transport" module out of "login_param".
+
+## [2.23.0] - 2025-11-01
+
+### API-Changes
+
+- Make `dc_chat_is_protected` always return 0.
+- [**breaking**] Remove public APIs to check if the chat is protected.
+- [**breaking**] Remove APIs to create protected chats.
+- [**breaking**] Remove Chat.is_protected().
+- deltachat-rpc-client: Add Account.add_transport_from_qr() API.
+- JSON-RPC: add `get_push_state` to check push notification state ([#7356](https://github.com/chatmail/core/pull/7356)).
+- JSON-RPC: remove unused TypeScript constants ([#7355](https://github.com/chatmail/core/pull/7355)).
+- Remove `Config::SentboxWatch` ([#7178](https://github.com/chatmail/core/pull/7178)).
+- Remove `Config::ConfiguredSentboxFolder` and everything related.
+
+### Build system
+
+- Ignore configuration for the zed editor ([#7322](https://github.com/chatmail/core/pull/7322)).
+- nix: Fix build of deltachat-rpc-server-x86_64-darwin.
+- Update rand to 0.9.
+- Do not install `pdbpp` in the test environment for CFFI Python bindings.
+- Migrate from tokio-tar to astral-tokio-tar.
+- deps: Bump actions/setup-node from 5 to 6.
+- deps: Bump cachix/install-nix-action from 31.8.0 to 31.8.1.
+- Fix Rust 1.91.0 lint for derivable Default.
+
+### CI
+
+- Pin GitHub action `astral-sh/setup-uv`.
+- Set 7 days cooldown on Dependabot updates.
+- Update Rust to 1.91.0.
+
+### Documentation
+
+- Document Autocrypt-Gossip `_verified` attribute.
+
+### Features/Changes
+
+Metadata reduction:
+- Protect Autocrypt header.
+- Anonymize OpenPGP recipients (temorarily disabled due to interoperability problems, see <https://github.com/chatmail/core/issues/7384>).
+- Protect the `Date` header.
+
+Onboarding improvements:
+- Allow plain domain in `dcaccount:` scheme.
+- Do not resolve MX records during configuration.
+
+Preparation for multi-transport:
+- Move the messages only from INBOX and Spam folders.
+- deltachat-rpc-client: Support multiple transports in resetup_account().
+
+Various other changes:
+- Opt-in weekly sending of statistics ([#6851](https://github.com/chatmail/core/pull/6851))
+- Synchronize encrypted groups creation across devices ([#7001](https://github.com/chatmail/core/pull/7001)).
+- Do not send Autocrypt in MDNs.
+- Do not run SecureJoin if we are already in the group.
+- Show if proxy is enabled in connectivity view ([#7359](https://github.com/chatmail/core/pull/7359)).
+
+### Fixes
+
+- Don't ignore QR token timestamp from sync messages.
+- Do not allow sync item timestamps to be in the future.
+- jsonrpc: Fix `ChatListItem::is_self_in_group`.
+- Delete obsolete "configured*" keys from `config` table ([#7171](https://github.com/chatmail/core/pull/7171)).
+- Fix flaky tests::verified_chats::test_verified_chat_editor_reordering and receive_imf::receive_imf_tests::test_two_group_securejoins.
+- Stop using `leftgrps` table.
+- Stop notifying about messages in contact request chats.
+
+### Refactor
+
+- Remove invalid Gmail OAuth2 tokens.
+- Remove ProtectionStatus.
+- Rename chat::create_group_chat() to create_group().
+- Remove error stock strings that are rarely used these days ([#7327](https://github.com/chatmail/core/pull/7327)).
+- Jsonrpc rename change casing in names of jsonrpc structs/enums to comply with rust naming conventions. ([#7324](https://github.com/chatmail/core/pull/7324)).
+- Stop using deprecated Account.configure().
+- add_transport_from_qr: Do not set deprecated config values.
+- sql: Change second query_map function from FnMut to FnOnce.
+- sql: Add query_map_vec().
+- sql: Add query_map_collect().
+- Use rand::fill() instead of rand::rng().fill().
+- Use SampleString.
+- Remove unused call to get_credentials().
+
+### Tests
+
+- rpc-client: VCard color is the same as the contact color ([#7294](https://github.com/chatmail/core/pull/7294)).
+- Add unique offsets to ids generated by `TestContext` to increase test correctness ([#7297](https://github.com/chatmail/core/pull/7297)).
+
+## [2.22.0] - 2025-10-17
+
+### Fixes
+
+- Do not notify about incoming calls for contact requests and blocked contacts.
+
+### Tests
+
+- Accept the chat with the caller before accepting calls.
+
+## [2.21.0] - 2025-10-16
+
+### Build system
+
+- nix: Remove unused dependencies.
+
+### Features / Changes
+
+- TLS 1.3 session resumption.
+- REPL: Add send-sync command.
+- Set `User-Agent` for tile.openstreetmap.org requests.
+- Cache tile.openstreetmap.org tiles for 7 days.
+
+### Fixes
+
+- Remove Exif with non-fatal errors from images.
+- jsonrpc: Use Core's logic for computing VcardContact.color ([#7294](https://github.com/chatmail/core/pull/7294)).
+
+### Miscellaneous Tasks
+
+- deps: Bump cachix/install-nix-action from 31.7.0 to 31.8.0.
+- cargo: Bump async_zip from 0.0.17 to 0.0.18 ([#7257](https://github.com/chatmail/core/pull/7257)).
+- deps: Bump github/codeql-action from 3 to 4 ([#7304](https://github.com/chatmail/core/pull/7304)).
+
+### Refactor
+
+- Use rustls reexported from tokio_rustls.
+- Pass ALPN around as &str.
+- mimeparser: Store only one signature fingerprint.
+
+### Tests
+
+- Test expiration of ephemeral messages with unknown viewtype.
+- Test expiration of non-ephemeral message with unknown viewtype.
+
 ## [2.20.0] - 2025-10-13

 This release fixes a bug that resulted in ephemeral loop getting stuck in infinite loop
@@ -6921,3 +7716,25 @@ https://github.com/chatmail/core/pulls?q=is%3Apr+is%3Aclosed
 [2.18.0]: https://github.com/chatmail/core/compare/v2.17.0..v2.18.0
 [2.19.0]: https://github.com/chatmail/core/compare/v2.18.0..v2.19.0
 [2.20.0]: https://github.com/chatmail/core/compare/v2.19.0..v2.20.0
+[2.21.0]: https://github.com/chatmail/core/compare/v2.20.0..v2.21.0
+[2.22.0]: https://github.com/chatmail/core/compare/v2.21.0..v2.22.0
+[2.23.0]: https://github.com/chatmail/core/compare/v2.22.0..v2.23.0
+[2.24.0]: https://github.com/chatmail/core/compare/v2.23.0..v2.24.0
+[2.25.0]: https://github.com/chatmail/core/compare/v2.24.0..v2.25.0
+[2.26.0]: https://github.com/chatmail/core/compare/v2.25.0..v2.26.0
+[2.27.0]: https://github.com/chatmail/core/compare/v2.26.0..v2.27.0
+[2.28.0]: https://github.com/chatmail/core/compare/v2.27.0..v2.28.0
+[2.29.0]: https://github.com/chatmail/core/compare/v2.28.0..v2.29.0
+[2.30.0]: https://github.com/chatmail/core/compare/v2.29.0..v2.30.0
+[2.31.0]: https://github.com/chatmail/core/compare/v2.30.0..v2.31.0
+[2.32.0]: https://github.com/chatmail/core/compare/v2.31.0..v2.32.0
+[2.33.0]: https://github.com/chatmail/core/compare/v2.32.0..v2.33.0
+[2.34.0]: https://github.com/chatmail/core/compare/v2.33.0..v2.34.0
+[2.35.0]: https://github.com/chatmail/core/compare/v2.34.0..v2.35.0
+[2.36.0]: https://github.com/chatmail/core/compare/v2.35.0..v2.36.0
+[2.37.0]: https://github.com/chatmail/core/compare/v2.36.0..v2.37.0
+[2.38.0]: https://github.com/chatmail/core/compare/v2.37.0..v2.38.0
+[2.39.0]: https://github.com/chatmail/core/compare/v2.38.0..v2.39.0
+[2.40.0]: https://github.com/chatmail/core/compare/v2.39.0..v2.40.0
+[2.41.0]: https://github.com/chatmail/core/compare/v2.40.0..v2.41.0
+[2.42.0]: https://github.com/chatmail/core/compare/v2.41.0..v2.42.0
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,4 +1,4 @@
-# Contributing to Delta Chat
+# Contributing to chatmail core

 ## Bug reports

--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,9 +1,9 @@
 [package]
 name = "deltachat"
-version = "2.20.0"
+version = "2.42.0"
 edition = "2024"
 license = "MPL-2.0"
-rust-version = "1.85"
+rust-version = "1.88"
 repository = "https://github.com/chatmail/core"

 [profile.dev]
@@ -47,7 +47,7 @@ async-channel = { workspace = true }
 async-imap = { version = "0.11.1", default-features = false, features = ["runtime-tokio", "compress"] }
 async-native-tls = { version = "0.5", default-features = false, features = ["runtime-tokio"] }
 async-smtp = { version = "0.10.2", default-features = false, features = ["runtime-tokio"] }
-async_zip = { version = "0.0.17", default-features = false, features = ["deflate", "tokio-fs"] }
+async_zip = { version = "0.0.18", default-features = false, features = ["deflate", "tokio-fs"] }
 base64 = { workspace = true }
 blake3 = "1.8.2"
 brotli = { version = "8", default-features=false, features = ["std"] }
@@ -61,7 +61,6 @@ fd-lock = "4"
 futures-lite = { workspace = true }
 futures = { workspace = true }
 hex = "0.4.0"
-hickory-resolver = "0.25.2"
 http-body-util = "0.1.3"
 humansize = "2"
 hyper = "1"
@@ -79,17 +78,17 @@ num-derive = "0.4"
 num-traits = { workspace = true }
 parking_lot = "0.12.4"
 percent-encoding = "2.3"
-pgp = { version = "0.17.0", default-features = false }
+pgp = { version = "0.19.0", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
-quick-xml = { version = "0.38", features = ["escape-html"] }
+quick-xml = { version = "0.39", features = ["escape-html"] }
+rand-old = { package = "rand", version = "0.8" }
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
 rustls-pki-types = "1.12.0"
-rustls = { version = "0.23.22", default-features = false }
 sanitize-filename = { workspace = true }
-sdp = "0.8.0"
+sdp = "0.10.0"
 serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
@@ -105,18 +104,19 @@ thiserror = { workspace = true }
 tokio-io-timeout = "1.2.1"
 tokio-rustls = { version = "0.26.2", default-features = false }
 tokio-stream = { version = "0.1.17", features = ["fs"] }
-tokio-tar = { version = "0.3" } # TODO: integrate tokio into async-tar
+astral-tokio-tar = { version = "0.5.6", default-features = false }
 tokio-util = { workspace = true }
 tokio = { workspace = true, features = ["fs", "rt-multi-thread", "macros"] }
 toml = "0.9"
 tracing = "0.1.41"
 url = "2"
 uuid = { version = "1", features = ["serde", "v4"] }
+walkdir = "2.5.0"
 webpki-roots = "0.26.8"

 [dev-dependencies]
 anyhow = { workspace = true, features = ["backtrace"] } # Enable `backtrace` feature in tests.
-criterion = { version = "0.7.0", features = ["async_tokio"] }
+criterion = { version = "0.8.1", features = ["async_tokio"] }
 futures-lite = { workspace = true }
 log = { workspace = true }
 nu-ansi-term = { workspace = true }
@@ -157,6 +157,11 @@ name = "receive_emails"
 required-features = ["internals"]
 harness = false

+[[bench]]
+name = "decrypting"
+required-features = ["internals"]
+harness = false
+
 [[bench]]
 name = "get_chat_msgs"
 harness = false
@@ -177,7 +182,7 @@ harness = false
 anyhow = "1"
 async-channel = "2.5.0"
 base64 = "0.22"
-chrono = { version = "0.4.42", default-features = false }
+chrono = { version = "0.4.43", default-features = false }
 deltachat-contact-tools = { path = "deltachat-contact-tools" }
 deltachat-jsonrpc = { path = "deltachat-jsonrpc", default-features = false }
 deltachat = { path = ".", default-features = false }
@@ -188,16 +193,16 @@ log = "0.4"
 mailparse = "0.16.1"
 nu-ansi-term = "0.50"
 num-traits = "0.2"
-rand = "0.8"
+rand = "0.9"
 regex = "1.10"
-rusqlite = "0.36"
-sanitize-filename = "0.5"
+rusqlite = "0.37"
+sanitize-filename = "0.6"
 serde = "1.0"
 serde_json = "1"
-tempfile = "3.23.0"
+tempfile = "3.24.0"
 thiserror = "2"
 tokio = "1"
-tokio-util = "0.7.16"
+tokio-util = "0.7.18"
 tracing-subscriber = "0.3"
 yerpc = "0.6.4"

--- a/README.md
+++ b/README.md
@@ -197,12 +197,10 @@ and then run the script.
 Language bindings are available for:

 - **C** \[[📂 source](./deltachat-ffi) | [📚 docs](https://c.delta.chat)\]
+   - -> libdeltachat is going to be deprecated and only exists because Android, iOS and Ubuntu Touch are still using it. If you build a new project, then please use the jsonrpc api instead.
 - **JS**: \[[📂 source](./deltachat-rpc-client) | [📦 npm](https://www.npmjs.com/package/@deltachat/jsonrpc-client) | [📚 docs](https://js.jsonrpc.delta.chat/)\]
 - **Python** \[[📂 source](./python) | [📦 pypi](https://pypi.org/project/deltachat) | [📚 docs](https://py.delta.chat)\]
- **Go**
-  - over jsonrpc: \[[📂 source](https://github.com/deltachat/deltachat-rpc-client-go/)\]
-  - over cffi[^1]: \[[📂 source](https://github.com/deltachat/go-deltachat/)\]
- **Free Pascal**[^1] \[[📂 source](https://github.com/deltachat/deltachat-fp/)\]
+- **Go** \[[📂 source](https://github.com/deltachat/deltachat-rpc-client-go/)\]
 - **Java** and **Swift** (contained in the Android/iOS repos)

 The following "frontend" projects make use of the Rust-library
@@ -215,5 +213,3 @@ or its language bindings:
 - [Telepathy](https://code.ur.gs/lupine/telepathy-padfoot/)
 - [Ubuntu Touch](https://codeberg.org/lk108/deltatouch)
 - several **Bots**
-
-[^1]: Out of date / unmaintained, if you like those languages feel free to start maintaining them. If you have questions we'll help you, please ask in the issues.
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,4 +1,4 @@
-# Releasing a new version of DeltaChat core
+# Releasing a new version of chatmail core

 For example, to release version 1.116.0 of the core, do the following steps.

@@ -14,8 +14,17 @@ For example, to release version 1.116.0 of the core, do the following steps.
 5. Commit the changes as `chore(release): prepare for 1.116.0`.
   Optionally, use a separate branch like `prep-1.116.0` for this commit and open a PR for review.

-6. Tag the release: `git tag --annotate v1.116.0`.
+6. Push the commit to the `main` branch.

-7. Push the release tag: `git push origin v1.116.0`.
+7. Once the commit is on the `main` branch and passed CI, tag the release: `git tag --annotate v1.116.0`.

-8. Create a GitHub release: `gh release create v1.116.0 --notes ''`.
+8. Push the release tag: `git push origin v1.116.0`.
+
+9. Create a GitHub release: `gh release create v1.116.0 --notes ''`.
+
+## Dealing with failed releases
+
+Once you make a GitHub release,
+CI will try to build and publish [PyPI](https://pypi.org/) and [npm](https://www.npmjs.com/) packages.
+If this fails for some reason, do not modify the failed tag, do not delete it and do not force-push to the `main` branch.
+Fix the build process and tag a new release instead.
--- a/STYLE.md
+++ b/STYLE.md
@@ -16,11 +16,12 @@ id INTEGER PRIMARY KEY AUTOINCREMENT,
 text TEXT DEFAULT '' NOT NULL -- message text
 ) STRICT",
    )
-    .await?;
+    .await
+    .context("CREATE TABLE messages")?;
 ```

 Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
-or [`indoc!](https://docs.rs/indoc).
+or [`indoc!`](https://docs.rs/indoc).
 Do not escape newlines like this:
 ```
    sql.execute(
@@ -29,7 +30,8 @@ id INTEGER PRIMARY KEY AUTOINCREMENT, \
 text TEXT DEFAULT '' NOT NULL \
 ) STRICT",
    )
-    .await?;
+    .await
+    .context("CREATE TABLE messages")?;
 ```
 Escaping newlines
 is prone to errors like this if space before backslash is missing:
@@ -63,6 +65,9 @@ an older version. Also don't change the column type, consider adding a new colum
 instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
 keyword doesn't help here.

+Consider adding context to `anyhow` errors for SQL statements using `.context()` so that it's
+possible to understand from logs which statement failed. See [Errors](#errors) for more info.
+
 ## Errors

 Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
--- a/assets/self-reporting-bot.vcf
+++ b/assets/self-reporting-bot.vcf
--- a/benches/decrypting.rs
+++ b/benches/decrypting.rs
@@ -0,0 +1,201 @@
+//! Benchmarks for message decryption,
+//! comparing decryption of symmetrically-encrypted messages
+//! to decryption of asymmetrically-encrypted messages.
+//!
+//! Call with
+//!
+//! ```text
+//! cargo bench --bench decrypting --features="internals"
+//! ```
+//!
+//! or, if you want to only run e.g. the 'Decrypt a symmetrically encrypted message' benchmark:
+//!
+//! ```text
+//! cargo bench --bench decrypting --features="internals" -- 'Decrypt a symmetrically encrypted message'
+//! ```
+//!
+//! You can also pass a substring.
+//! So, you can run all 'Decrypt and parse' benchmarks with:
+//!
+//! ```text
+//! cargo bench --bench decrypting --features="internals" -- 'Decrypt and parse'
+//! ```
+//!
+//! Symmetric decryption has to try out all known secrets,
+//! You can benchmark this by adapting the `NUM_SECRETS` variable.
+
+use std::hint::black_box;
+
+use criterion::{Criterion, criterion_group, criterion_main};
+use deltachat::internals_for_benches::create_broadcast_secret;
+use deltachat::internals_for_benches::create_dummy_keypair;
+use deltachat::internals_for_benches::save_broadcast_secret;
+use deltachat::{
+    Events,
+    chat::ChatId,
+    config::Config,
+    context::Context,
+    internals_for_benches::key_from_asc,
+    internals_for_benches::parse_and_get_text,
+    internals_for_benches::store_self_keypair,
+    pgp::{KeyPair, SeipdVersion, decrypt, pk_encrypt, symm_encrypt_message},
+    stock_str::StockStrings,
+};
+use rand::{Rng, rng};
+use tempfile::tempdir;
+
+const NUM_SECRETS: usize = 500;
+
+async fn create_context() -> Context {
+    let dir = tempdir().unwrap();
+    let dbfile = dir.path().join("db.sqlite");
+    let context = Context::new(dbfile.as_path(), 100, Events::new(), StockStrings::new())
+        .await
+        .unwrap();
+
+    context
+        .set_config(Config::ConfiguredAddr, Some("bob@example.net"))
+        .await
+        .unwrap();
+    let secret = key_from_asc(include_str!("../test-data/key/bob-secret.asc")).unwrap();
+    let public = secret.to_public_key();
+    let key_pair = KeyPair { public, secret };
+    store_self_keypair(&context, &key_pair)
+        .await
+        .expect("Failed to save key");
+
+    context
+}
+
+fn criterion_benchmark(c: &mut Criterion) {
+    let mut group = c.benchmark_group("Decrypt");
+
+    // ===========================================================================================
+    // Benchmarks for decryption only, without any other parsing
+    // ===========================================================================================
+
+    group.sample_size(10);
+
+    group.bench_function("Decrypt a symmetrically encrypted message", |b| {
+        let plain = generate_plaintext();
+        let secrets = generate_secrets();
+        let encrypted = tokio::runtime::Runtime::new().unwrap().block_on(async {
+            let secret = secrets[NUM_SECRETS / 2].clone();
+            symm_encrypt_message(
+                plain.clone(),
+                create_dummy_keypair("alice@example.org").unwrap().secret,
+                black_box(&secret),
+                true,
+            )
+            .await
+            .unwrap()
+        });
+
+        b.iter(|| {
+            let mut msg =
+                decrypt(encrypted.clone().into_bytes(), &[], black_box(&secrets)).unwrap();
+            let decrypted = msg.as_data_vec().unwrap();
+
+            assert_eq!(black_box(decrypted), plain);
+        });
+    });
+
+    group.bench_function("Decrypt a public-key encrypted message", |b| {
+        let plain = generate_plaintext();
+        let key_pair = create_dummy_keypair("alice@example.org").unwrap();
+        let secrets = generate_secrets();
+        let encrypted = tokio::runtime::Runtime::new().unwrap().block_on(async {
+            pk_encrypt(
+                plain.clone(),
+                vec![black_box(key_pair.public.clone())],
+                key_pair.secret.clone(),
+                true,
+                true,
+                SeipdVersion::V2,
+            )
+            .await
+            .unwrap()
+        });
+
+        b.iter(|| {
+            let mut msg = decrypt(
+                encrypted.clone().into_bytes(),
+                std::slice::from_ref(&key_pair.secret),
+                black_box(&secrets),
+            )
+            .unwrap();
+            let decrypted = msg.as_data_vec().unwrap();
+
+            assert_eq!(black_box(decrypted), plain);
+        });
+    });
+
+    // ===========================================================================================
+    // Benchmarks for the whole parsing pipeline, incl. decryption (but excl. receive_imf())
+    // ===========================================================================================
+
+    let rt = tokio::runtime::Runtime::new().unwrap();
+    let mut secrets = generate_secrets();
+
+    // "secret" is the shared secret that was used to encrypt text_symmetrically_encrypted.eml.
+    // Put it into the middle of our secrets:
+    secrets[NUM_SECRETS / 2] = "secret".to_string();
+
+    let context = rt.block_on(async {
+        let context = create_context().await;
+        for (i, secret) in secrets.iter().enumerate() {
+            save_broadcast_secret(&context, ChatId::new(10 + i as u32), secret)
+                .await
+                .unwrap();
+        }
+        context
+    });
+
+    group.bench_function("Decrypt and parse a symmetrically encrypted message", |b| {
+        b.to_async(&rt).iter(|| {
+            let ctx = context.clone();
+            async move {
+                let text = parse_and_get_text(
+                    &ctx,
+                    include_bytes!("../test-data/message/text_symmetrically_encrypted.eml"),
+                )
+                .await
+                .unwrap();
+                assert_eq!(text, "Symmetrically encrypted message");
+            }
+        });
+    });
+
+    group.bench_function("Decrypt and parse a public-key encrypted message", |b| {
+        b.to_async(&rt).iter(|| {
+            let ctx = context.clone();
+            async move {
+                let text = parse_and_get_text(
+                    &ctx,
+                    include_bytes!("../test-data/message/text_from_alice_encrypted.eml"),
+                )
+                .await
+                .unwrap();
+                assert_eq!(text, "hi");
+            }
+        });
+    });
+
+    group.finish();
+}
+
+fn generate_secrets() -> Vec<String> {
+    let secrets: Vec<String> = (0..NUM_SECRETS)
+        .map(|_| create_broadcast_secret())
+        .collect();
+    secrets
+}
+
+fn generate_plaintext() -> Vec<u8> {
+    let mut plain: Vec<u8> = vec![0; 500];
+    rng().fill(&mut plain[..]);
+    plain
+}
+
+criterion_group!(benches, criterion_benchmark);
+criterion_main!(benches);
--- a/deltachat-ffi/Cargo.toml
+++ b/deltachat-ffi/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "2.20.0"
+version = "2.42.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"
--- a/deltachat-ffi/deltachat.h
+++ b/deltachat-ffi/deltachat.h
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -15,14 +15,13 @@ use std::collections::BTreeMap;
 use std::convert::TryFrom;
 use std::fmt::Write;
 use std::future::Future;
-use std::ops::Deref;
 use std::ptr;
 use std::str::FromStr;
-use std::sync::{Arc, LazyLock};
+use std::sync::{Arc, LazyLock, Mutex};
 use std::time::{Duration, SystemTime};

 use anyhow::Context as _;
-use deltachat::chat::{ChatId, ChatVisibility, MessageListOptions, MuteDuration, ProtectionStatus};
+use deltachat::chat::{ChatId, ChatVisibility, MessageListOptions, MuteDuration};
 use deltachat::constants::DC_MSG_ID_LAST_SPECIAL;
 use deltachat::contact::{Contact, ContactId, Origin};
 use deltachat::context::{Context, ContextBuilder};
@@ -39,7 +38,6 @@ use deltachat_jsonrpc::api::CommandApi;
 use deltachat_jsonrpc::yerpc::{OutReceiver, RpcClient, RpcSession};
 use message::Viewtype;
 use num_traits::{FromPrimitive, ToPrimitive};
-use rand::Rng;
 use tokio::runtime::Runtime;
 use tokio::sync::RwLock;
 use tokio::task::JoinHandle;
@@ -101,7 +99,7 @@ pub unsafe extern "C" fn dc_context_new(

    let ctx = if blobdir.is_null() || *blobdir == 0 {
        // generate random ID as this functionality is not yet available on the C-api.
-        let id = rand::thread_rng().gen();
+        let id = rand::random();
        block_on(
            ContextBuilder::new(as_path(dbfile).to_path_buf())
                .with_id(id)
@@ -129,7 +127,7 @@ pub unsafe extern "C" fn dc_context_new_closed(dbfile: *const libc::c_char) -> *
        return ptr::null_mut();
    }

-    let id = rand::thread_rng().gen();
+    let id = rand::random();
    match block_on(
        ContextBuilder::new(as_path(dbfile).to_path_buf())
            .with_id(id)
@@ -560,6 +558,7 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
        EventType::IncomingCallAccepted { .. } => 2560,
        EventType::OutgoingCallAccepted { .. } => 2570,
        EventType::CallEnded { .. } => 2580,
+        EventType::TransportsModified => 2600,
        #[allow(unreachable_patterns)]
        #[cfg(test)]
        _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
@@ -594,7 +593,8 @@ pub unsafe extern "C" fn dc_event_get_data1_int(event: *mut dc_event_t) -> libc:
        | EventType::AccountsBackgroundFetchDone
        | EventType::ChatlistChanged
        | EventType::AccountsChanged
-        | EventType::AccountsItemChanged => 0,
+        | EventType::AccountsItemChanged
+        | EventType::TransportsModified => 0,
        EventType::IncomingReaction { contact_id, .. }
        | EventType::IncomingWebxdcNotify { contact_id, .. } => contact_id.to_u32() as libc::c_int,
        EventType::MsgsChanged { chat_id, .. }
@@ -682,7 +682,8 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
        | EventType::IncomingCallAccepted { .. }
        | EventType::OutgoingCallAccepted { .. }
        | EventType::CallEnded { .. }
-        | EventType::EventChannelOverflow { .. } => 0,
+        | EventType::EventChannelOverflow { .. }
+        | EventType::TransportsModified => 0,
        EventType::MsgsChanged { msg_id, .. }
        | EventType::ReactionsChanged { msg_id, .. }
        | EventType::IncomingReaction { msg_id, .. }
@@ -781,7 +782,8 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
        | EventType::AccountsChanged
        | EventType::AccountsItemChanged
        | EventType::IncomingCallAccepted { .. }
-        | EventType::WebxdcRealtimeAdvertisementReceived { .. } => ptr::null_mut(),
+        | EventType::WebxdcRealtimeAdvertisementReceived { .. }
+        | EventType::TransportsModified => ptr::null_mut(),
        EventType::IncomingCall {
            place_call_info, ..
        } => {
@@ -1179,6 +1181,7 @@ pub unsafe extern "C" fn dc_place_outgoing_call(
    context: *mut dc_context_t,
    chat_id: u32,
    place_call_info: *const libc::c_char,
+    has_video: bool,
 ) -> u32 {
    if context.is_null() || chat_id == 0 {
        eprintln!("ignoring careless call to dc_place_outgoing_call()");
@@ -1188,7 +1191,7 @@ pub unsafe extern "C" fn dc_place_outgoing_call(
    let chat_id = ChatId::new(chat_id);
    let place_call_info = to_string_lossy(place_call_info);

-    block_on(ctx.place_outgoing_call(chat_id, place_call_info))
+    block_on(ctx.place_outgoing_call(chat_id, place_call_info, has_video))
        .context("Failed to place call")
        .log_err(ctx)
        .map(|msg_id| msg_id.to_u32())
@@ -1721,7 +1724,7 @@ pub unsafe extern "C" fn dc_get_chat(context: *mut dc_context_t, chat_id: u32) -
 #[no_mangle]
 pub unsafe extern "C" fn dc_create_group_chat(
    context: *mut dc_context_t,
-    protect: libc::c_int,
+    _protect: libc::c_int,
    name: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || name.is_null() {
@@ -1729,22 +1732,12 @@ pub unsafe extern "C" fn dc_create_group_chat(
        return 0;
    }
    let ctx = &*context;
-    let Some(protect) = ProtectionStatus::from_i32(protect)
-        .context("Bad protect-value for dc_create_group_chat()")
-        .log_err(ctx)
-        .ok()
-    else {
-        return 0;
-    };

-    block_on(async move {
-        chat::create_group_chat(ctx, protect, &to_string_lossy(name))
-            .await
-            .context("Failed to create group chat")
-            .log_err(ctx)
-            .map(|id| id.to_u32())
-            .unwrap_or(0)
-    })
+    block_on(chat::create_group(ctx, &to_string_lossy(name)))
+        .context("Failed to create group chat")
+        .log_err(ctx)
+        .map(|id| id.to_u32())
+        .unwrap_or(0)
 }

 #[no_mangle]
@@ -2268,22 +2261,6 @@ pub unsafe extern "C" fn dc_get_contacts(
    })
 }

-#[no_mangle]
-pub unsafe extern "C" fn dc_get_blocked_cnt(context: *mut dc_context_t) -> libc::c_int {
-    if context.is_null() {
-        eprintln!("ignoring careless call to dc_get_blocked_cnt()");
-        return 0;
-    }
-    let ctx = &*context;
-
-    block_on(async move {
-        Contact::get_all_blocked(ctx)
-            .await
-            .unwrap_or_log_default(ctx, "failed to get blocked count")
-            .len() as libc::c_int
-    })
-}
-
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_blocked_contacts(
    context: *mut dc_context_t,
@@ -3206,13 +3183,8 @@ pub unsafe extern "C" fn dc_chat_can_send(chat: *mut dc_chat_t) -> libc::c_int {
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_chat_is_protected(chat: *mut dc_chat_t) -> libc::c_int {
-    if chat.is_null() {
-        eprintln!("ignoring careless call to dc_chat_is_protected()");
-        return 0;
-    }
-    let ffi_chat = &*chat;
-    ffi_chat.chat.is_protected() as libc::c_int
+pub extern "C" fn dc_chat_is_protected(_chat: *mut dc_chat_t) -> libc::c_int {
+    0
 }

 #[no_mangle]
@@ -4256,7 +4228,17 @@ pub unsafe extern "C" fn dc_contact_get_color(contact: *mut dc_contact_t) -> u32
        return 0;
    }
    let ffi_contact = &*contact;
-    ffi_contact.contact.get_color()
+    let ctx = &*ffi_contact.context;
+    block_on(async move {
+        ffi_contact
+            .contact
+            // We don't want any UIs displaying gray self-color.
+            .get_or_gen_color(ctx)
+            .await
+            .context("Contact::get_color()")
+            .log_err(ctx)
+            .unwrap_or(0)
+    })
 }

 #[no_mangle]
@@ -4661,13 +4643,9 @@ pub unsafe extern "C" fn dc_provider_new_from_email(

    let ctx = &*context;

-    match block_on(provider::get_provider_info_by_addr(
-        ctx,
-        addr.as_str(),
-        true,
-    ))
-    .log_err(ctx)
-    .unwrap_or_default()
+    match provider::get_provider_info_by_addr(addr.as_str())
+        .log_err(ctx)
+        .unwrap_or_default()
    {
        Some(provider) => provider,
        None => ptr::null_mut(),
@@ -4686,25 +4664,13 @@ pub unsafe extern "C" fn dc_provider_new_from_email_with_dns(
    let addr = to_string_lossy(addr);

    let ctx = &*context;
-    let proxy_enabled = block_on(ctx.get_config_bool(config::Config::ProxyEnabled))
-        .context("Can't get config")
-        .log_err(ctx);

-    match proxy_enabled {
-        Ok(proxy_enabled) => {
-            match block_on(provider::get_provider_info_by_addr(
-                ctx,
-                addr.as_str(),
-                proxy_enabled,
-            ))
-            .log_err(ctx)
-            .unwrap_or_default()
-            {
-                Some(provider) => provider,
-                None => ptr::null_mut(),
-            }
-        }
-        Err(_) => ptr::null_mut(),
+    match provider::get_provider_info_by_addr(addr.as_str())
+        .log_err(ctx)
+        .unwrap_or_default()
+    {
+        Some(provider) => provider,
+        None => ptr::null_mut(),
    }
 }

@@ -4757,33 +4723,13 @@ pub unsafe extern "C" fn dc_provider_unref(provider: *mut dc_provider_t) {

 /// Reader-writer lock wrapper for accounts manager to guarantee thread safety when using
 /// `dc_accounts_t` in multiple threads at once.
-pub struct AccountsWrapper {
-    inner: Arc<RwLock<Accounts>>,
-}
-
-impl Deref for AccountsWrapper {
-    type Target = Arc<RwLock<Accounts>>;
-
-    fn deref(&self) -> &Self::Target {
-        &self.inner
-    }
-}
-
-impl AccountsWrapper {
-    fn new(accounts: Accounts) -> Self {
-        let inner = Arc::new(RwLock::new(accounts));
-        Self { inner }
-    }
-}
-
-/// Struct representing a list of deltachat accounts.
-pub type dc_accounts_t = AccountsWrapper;
+pub type dc_accounts_t = RwLock<Accounts>;

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_new(
    dir: *const libc::c_char,
    writable: libc::c_int,
-) -> *mut dc_accounts_t {
+) -> *const dc_accounts_t {
    setup_panic!();

    if dir.is_null() {
@@ -4794,7 +4740,99 @@ pub unsafe extern "C" fn dc_accounts_new(
    let accs = block_on(Accounts::new(as_path(dir).into(), writable != 0));

    match accs {
-        Ok(accs) => Box::into_raw(Box::new(AccountsWrapper::new(accs))),
+        Ok(accs) => Arc::into_raw(Arc::new(RwLock::new(accs))),
+        Err(err) => {
+            // We are using Anyhow's .context() and to show the inner error, too, we need the {:#}:
+            eprintln!("failed to create accounts: {err:#}");
+            ptr::null_mut()
+        }
+    }
+}
+
+pub type dc_event_channel_t = Mutex<Option<Events>>;
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_event_channel_new() -> *mut dc_event_channel_t {
+    Box::into_raw(Box::new(Mutex::new(Some(Events::new()))))
+}
+
+/// Release the events channel structure.
+///
+/// This function releases the memory of the `dc_event_channel_t` structure.
+///
+/// you can call it after calling dc_accounts_new_with_event_channel,
+/// which took the events channel out of it already, so this just frees the underlying option.
+#[no_mangle]
+pub unsafe extern "C" fn dc_event_channel_unref(event_channel: *mut dc_event_channel_t) {
+    if event_channel.is_null() {
+        eprintln!("ignoring careless call to dc_event_channel_unref()");
+        return;
+    }
+    drop(Box::from_raw(event_channel))
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_event_channel_get_event_emitter(
+    event_channel: *mut dc_event_channel_t,
+) -> *mut dc_event_emitter_t {
+    if event_channel.is_null() {
+        eprintln!("ignoring careless call to dc_event_channel_get_event_emitter()");
+        return ptr::null_mut();
+    }
+
+    let Some(event_channel) = &*(*event_channel)
+        .lock()
+        .expect("call to dc_event_channel_get_event_emitter() failed: mutex is poisoned")
+    else {
+        eprintln!(
+            "ignoring careless call to dc_event_channel_get_event_emitter() 
+            -> channel was already consumed, make sure you call this before dc_accounts_new_with_event_channel"
+        );
+        return ptr::null_mut();
+    };
+
+    let emitter = event_channel.get_emitter();
+
+    Box::into_raw(Box::new(emitter))
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_accounts_new_with_event_channel(
+    dir: *const libc::c_char,
+    writable: libc::c_int,
+    event_channel: *mut dc_event_channel_t,
+) -> *const dc_accounts_t {
+    setup_panic!();
+
+    if dir.is_null() || event_channel.is_null() {
+        eprintln!("ignoring careless call to dc_accounts_new_with_event_channel()");
+        return ptr::null_mut();
+    }
+
+    // consuming channel enforce that you need to get the event emitter
+    // before initializing the account manager,
+    // so that you don't miss events/errors during initialisation.
+    // It also prevents you from using the same channel on multiple account managers.
+    let Some(event_channel) = (*event_channel)
+        .lock()
+        .expect("call to dc_event_channel_get_event_emitter() failed: mutex is poisoned")
+        .take()
+    else {
+        eprintln!(
+            "ignoring careless call to dc_accounts_new_with_event_channel()
+            -> channel was already consumed"
+        );
+        return ptr::null_mut();
+    };
+
+    let accs = block_on(Accounts::new_with_events(
+        as_path(dir).into(),
+        writable != 0,
+        event_channel,
+    ));
+
+    match accs {
+        Ok(accs) => Arc::into_raw(Arc::new(RwLock::new(accs))),
        Err(err) => {
            // We are using Anyhow's .context() and to show the inner error, too, we need the {:#}:
            eprintln!("failed to create accounts: {err:#}");
@@ -4807,17 +4845,17 @@ pub unsafe extern "C" fn dc_accounts_new(
 ///
 /// This function releases the memory of the `dc_accounts_t` structure.
 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_unref(accounts: *mut dc_accounts_t) {
+pub unsafe extern "C" fn dc_accounts_unref(accounts: *const dc_accounts_t) {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_unref()");
        return;
    }
-    let _ = Box::from_raw(accounts);
+    drop(Arc::from_raw(accounts));
 }

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_get_account(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    id: u32,
 ) -> *mut dc_context_t {
    if accounts.is_null() {
@@ -4834,7 +4872,7 @@ pub unsafe extern "C" fn dc_accounts_get_account(

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_get_selected_account(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
 ) -> *mut dc_context_t {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_get_selected_account()");
@@ -4850,7 +4888,7 @@ pub unsafe extern "C" fn dc_accounts_get_selected_account(

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_select_account(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    id: u32,
 ) -> libc::c_int {
    if accounts.is_null() {
@@ -4874,13 +4912,13 @@ pub unsafe extern "C" fn dc_accounts_select_account(
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_add_account(accounts: *mut dc_accounts_t) -> u32 {
+pub unsafe extern "C" fn dc_accounts_add_account(accounts: *const dc_accounts_t) -> u32 {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_add_account()");
        return 0;
    }

-    let accounts = &mut *accounts;
+    let accounts = &*accounts;

    block_on(async move {
        let mut accounts = accounts.write().await;
@@ -4895,13 +4933,13 @@ pub unsafe extern "C" fn dc_accounts_add_account(accounts: *mut dc_accounts_t) -
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_add_closed_account(accounts: *mut dc_accounts_t) -> u32 {
+pub unsafe extern "C" fn dc_accounts_add_closed_account(accounts: *const dc_accounts_t) -> u32 {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_add_closed_account()");
        return 0;
    }

-    let accounts = &mut *accounts;
+    let accounts = &*accounts;

    block_on(async move {
        let mut accounts = accounts.write().await;
@@ -4917,7 +4955,7 @@ pub unsafe extern "C" fn dc_accounts_add_closed_account(accounts: *mut dc_accoun

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_remove_account(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    id: u32,
 ) -> libc::c_int {
    if accounts.is_null() {
@@ -4925,7 +4963,7 @@ pub unsafe extern "C" fn dc_accounts_remove_account(
        return 0;
    }

-    let accounts = &mut *accounts;
+    let accounts = &*accounts;

    block_on(async move {
        let mut accounts = accounts.write().await;
@@ -4943,7 +4981,7 @@ pub unsafe extern "C" fn dc_accounts_remove_account(

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_migrate_account(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    dbfile: *const libc::c_char,
 ) -> u32 {
    if accounts.is_null() || dbfile.is_null() {
@@ -4951,7 +4989,7 @@ pub unsafe extern "C" fn dc_accounts_migrate_account(
        return 0;
    }

-    let accounts = &mut *accounts;
+    let accounts = &*accounts;
    let dbfile = to_string_lossy(dbfile);

    block_on(async move {
@@ -4972,7 +5010,7 @@ pub unsafe extern "C" fn dc_accounts_migrate_account(
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_get_all(accounts: *mut dc_accounts_t) -> *mut dc_array_t {
+pub unsafe extern "C" fn dc_accounts_get_all(accounts: *const dc_accounts_t) -> *mut dc_array_t {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_get_all()");
        return ptr::null_mut();
@@ -4986,18 +5024,18 @@ pub unsafe extern "C" fn dc_accounts_get_all(accounts: *mut dc_accounts_t) -> *m
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_start_io(accounts: *mut dc_accounts_t) {
+pub unsafe extern "C" fn dc_accounts_start_io(accounts: *const dc_accounts_t) {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_start_io()");
        return;
    }

-    let accounts = &mut *accounts;
+    let accounts = &*accounts;
    block_on(async move { accounts.write().await.start_io().await });
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_stop_io(accounts: *mut dc_accounts_t) {
+pub unsafe extern "C" fn dc_accounts_stop_io(accounts: *const dc_accounts_t) {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_stop_io()");
        return;
@@ -5008,7 +5046,7 @@ pub unsafe extern "C" fn dc_accounts_stop_io(accounts: *mut dc_accounts_t) {
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_maybe_network(accounts: *mut dc_accounts_t) {
+pub unsafe extern "C" fn dc_accounts_maybe_network(accounts: *const dc_accounts_t) {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_maybe_network()");
        return;
@@ -5019,7 +5057,7 @@ pub unsafe extern "C" fn dc_accounts_maybe_network(accounts: *mut dc_accounts_t)
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_accounts_maybe_network_lost(accounts: *mut dc_accounts_t) {
+pub unsafe extern "C" fn dc_accounts_maybe_network_lost(accounts: *const dc_accounts_t) {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_maybe_network_lost()");
        return;
@@ -5031,7 +5069,7 @@ pub unsafe extern "C" fn dc_accounts_maybe_network_lost(accounts: *mut dc_accoun

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_background_fetch(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    timeout_in_seconds: u64,
 ) -> libc::c_int {
    if accounts.is_null() || timeout_in_seconds <= 2 {
@@ -5049,9 +5087,20 @@ pub unsafe extern "C" fn dc_accounts_background_fetch(
    1
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_accounts_stop_background_fetch(accounts: *const dc_accounts_t) {
+    if accounts.is_null() {
+        eprintln!("ignoring careless call to dc_accounts_stop_background_fetch()");
+        return;
+    }
+
+    let accounts = &*accounts;
+    block_on(accounts.read()).stop_background_fetch();
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_set_push_device_token(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
    token: *const libc::c_char,
 ) {
    if accounts.is_null() {
@@ -5074,7 +5123,7 @@ pub unsafe extern "C" fn dc_accounts_set_push_device_token(

 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_get_event_emitter(
-    accounts: *mut dc_accounts_t,
+    accounts: *const dc_accounts_t,
 ) -> *mut dc_event_emitter_t {
    if accounts.is_null() {
        eprintln!("ignoring careless call to dc_accounts_get_event_emitter()");
@@ -5094,16 +5143,16 @@ pub struct dc_jsonrpc_instance_t {

 #[no_mangle]
 pub unsafe extern "C" fn dc_jsonrpc_init(
-    account_manager: *mut dc_accounts_t,
+    account_manager: *const dc_accounts_t,
 ) -> *mut dc_jsonrpc_instance_t {
    if account_manager.is_null() {
        eprintln!("ignoring careless call to dc_jsonrpc_init()");
        return ptr::null_mut();
    }

-    let account_manager = &*account_manager;
+    let account_manager = Arc::from_raw(account_manager);
    let cmd_api = block_on(deltachat_jsonrpc::api::CommandApi::from_arc(
-        account_manager.inner.clone(),
+        account_manager.clone(),
    ));

    let (request_handle, receiver) = RpcClient::new();
--- a/deltachat-ffi/src/lot.rs
+++ b/deltachat-ffi/src/lot.rs
@@ -45,6 +45,7 @@ impl Lot {
            Self::Qr(qr) => match qr {
                Qr::AskVerifyContact { .. } => None,
                Qr::AskVerifyGroup { grpname, .. } => Some(Cow::Borrowed(grpname)),
+                Qr::AskJoinBroadcast { name, .. } => Some(Cow::Borrowed(name)),
                Qr::FprOk { .. } => None,
                Qr::FprMismatch { .. } => None,
                Qr::FprWithoutAddr { fingerprint, .. } => Some(Cow::Borrowed(fingerprint)),
@@ -57,8 +58,10 @@ impl Lot {
                Qr::Text { text } => Some(Cow::Borrowed(text)),
                Qr::WithdrawVerifyContact { .. } => None,
                Qr::WithdrawVerifyGroup { grpname, .. } => Some(Cow::Borrowed(grpname)),
+                Qr::WithdrawJoinBroadcast { name, .. } => Some(Cow::Borrowed(name)),
                Qr::ReviveVerifyContact { .. } => None,
                Qr::ReviveVerifyGroup { grpname, .. } => Some(Cow::Borrowed(grpname)),
+                Qr::ReviveJoinBroadcast { name, .. } => Some(Cow::Borrowed(name)),
                Qr::Login { address, .. } => Some(Cow::Borrowed(address)),
            },
            Self::Error(err) => Some(Cow::Borrowed(err)),
@@ -98,6 +101,7 @@ impl Lot {
            Self::Qr(qr) => match qr {
                Qr::AskVerifyContact { .. } => LotState::QrAskVerifyContact,
                Qr::AskVerifyGroup { .. } => LotState::QrAskVerifyGroup,
+                Qr::AskJoinBroadcast { .. } => LotState::QrAskJoinBroadcast,
                Qr::FprOk { .. } => LotState::QrFprOk,
                Qr::FprMismatch { .. } => LotState::QrFprMismatch,
                Qr::FprWithoutAddr { .. } => LotState::QrFprWithoutAddr,
@@ -110,8 +114,10 @@ impl Lot {
                Qr::Text { .. } => LotState::QrText,
                Qr::WithdrawVerifyContact { .. } => LotState::QrWithdrawVerifyContact,
                Qr::WithdrawVerifyGroup { .. } => LotState::QrWithdrawVerifyGroup,
+                Qr::WithdrawJoinBroadcast { .. } => LotState::QrWithdrawJoinBroadcast,
                Qr::ReviveVerifyContact { .. } => LotState::QrReviveVerifyContact,
                Qr::ReviveVerifyGroup { .. } => LotState::QrReviveVerifyGroup,
+                Qr::ReviveJoinBroadcast { .. } => LotState::QrReviveJoinBroadcast,
                Qr::Login { .. } => LotState::QrLogin,
            },
            Self::Error(_err) => LotState::QrError,
@@ -124,6 +130,7 @@ impl Lot {
            Self::Qr(qr) => match qr {
                Qr::AskVerifyContact { contact_id, .. } => contact_id.to_u32(),
                Qr::AskVerifyGroup { .. } => Default::default(),
+                Qr::AskJoinBroadcast { .. } => Default::default(),
                Qr::FprOk { contact_id } => contact_id.to_u32(),
                Qr::FprMismatch { contact_id } => contact_id.unwrap_or_default().to_u32(),
                Qr::FprWithoutAddr { .. } => Default::default(),
@@ -135,9 +142,11 @@ impl Lot {
                Qr::Url { .. } => Default::default(),
                Qr::Text { .. } => Default::default(),
                Qr::WithdrawVerifyContact { contact_id, .. } => contact_id.to_u32(),
-                Qr::WithdrawVerifyGroup { .. } => Default::default(),
+                Qr::WithdrawVerifyGroup { .. } | Qr::WithdrawJoinBroadcast { .. } => {
+                    Default::default()
+                }
                Qr::ReviveVerifyContact { contact_id, .. } => contact_id.to_u32(),
-                Qr::ReviveVerifyGroup { .. } => Default::default(),
+                Qr::ReviveVerifyGroup { .. } | Qr::ReviveJoinBroadcast { .. } => Default::default(),
                Qr::Login { .. } => Default::default(),
            },
            Self::Error(_) => Default::default(),
@@ -166,6 +175,9 @@ pub enum LotState {
    /// text1=groupname
    QrAskVerifyGroup = 202,

+    /// text1=broadcast_name
+    QrAskJoinBroadcast = 204,
+
    /// id=contact
    QrFprOk = 210,

@@ -201,11 +213,15 @@ pub enum LotState {

    /// text1=groupname
    QrWithdrawVerifyGroup = 502,
+    /// text1=broadcast channel name
+    QrWithdrawJoinBroadcast = 504,

    QrReviveVerifyContact = 510,

    /// text1=groupname
    QrReviveVerifyGroup = 512,
+    /// text1=groupname
+    QrReviveJoinBroadcast = 514,

    /// text1=email_address
    QrLogin = 520,
--- a/deltachat-jsonrpc/Cargo.toml
+++ b/deltachat-jsonrpc/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "2.20.0"
+version = "2.42.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 license = "MPL-2.0"
@@ -19,7 +19,6 @@ yerpc = { workspace = true, features = ["anyhow_expose", "openrpc"] }
 typescript-type-def = { version = "0.5.13", features = ["json_value"] }
 tokio = { workspace = true }
 sanitize-filename = { workspace = true }
-walkdir = "2.5.0"
 base64 = { workspace = true }

 [dev-dependencies]
--- a/deltachat-jsonrpc/src/api.rs
+++ b/deltachat-jsonrpc/src/api.rs
@@ -10,21 +10,21 @@ pub use deltachat::accounts::Accounts;
 use deltachat::blob::BlobObject;
 use deltachat::calls::ice_servers;
 use deltachat::chat::{
-    self, add_contact_to_chat, forward_msgs, get_chat_media, get_chat_msgs, get_chat_msgs_ex,
-    marknoticed_chat, remove_contact_from_chat, Chat, ChatId, ChatItem, MessageListOptions,
-    ProtectionStatus,
+    self, add_contact_to_chat, forward_msgs, forward_msgs_2ctx, get_chat_media, get_chat_msgs,
+    get_chat_msgs_ex, marknoticed_all_chats, marknoticed_chat, remove_contact_from_chat, Chat,
+    ChatId, ChatItem, MessageListOptions,
 };
 use deltachat::chatlist::Chatlist;
-use deltachat::config::Config;
+use deltachat::config::{get_all_ui_config_keys, Config};
 use deltachat::constants::DC_MSG_ID_DAYMARKER;
 use deltachat::contact::{may_be_valid_addr, Contact, ContactId, Origin};
 use deltachat::context::get_info;
 use deltachat::ephemeral::Timer;
 use deltachat::imex;
 use deltachat::location;
-use deltachat::message::get_msg_read_receipts;
 use deltachat::message::{
-    self, delete_msgs_ex, markseen_msgs, Message, MessageState, MsgId, Viewtype,
+    self, delete_msgs_ex, get_existing_msg_ids, get_msg_read_receipt_count, get_msg_read_receipts,
+    markseen_msgs, Message, MessageState, MsgId, Viewtype,
 };
 use deltachat::peer_channels::{
    leave_webxdc_realtime, send_webxdc_realtime_advertisement, send_webxdc_realtime_data,
@@ -35,13 +35,13 @@ use deltachat::qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg};
 use deltachat::reaction::{get_msg_reactions, send_reaction};
 use deltachat::securejoin;
 use deltachat::stock_str::StockMessage;
+use deltachat::storage_usage::{get_blobdir_storage_usage, get_storage_usage};
 use deltachat::webxdc::StatusUpdateSerial;
 use deltachat::EventEmitter;
 use sanitize_filename::is_sanitized;
 use tokio::fs;
 use tokio::sync::{watch, Mutex, RwLock};
 use types::login_param::EnteredLoginParam;
-use walkdir::WalkDir;
 use yerpc::rpc;

 pub mod types;
@@ -54,20 +54,21 @@ use types::contact::{ContactObject, VcardContact};
 use types::events::Event;
 use types::http::HttpResponse;
 use types::message::{MessageData, MessageObject, MessageReadReceipt};
+use types::notify_state::JsonrpcNotifyState;
 use types::provider_info::ProviderInfo;
-use types::reactions::JSONRPCReactions;
+use types::reactions::JsonrpcReactions;
 use types::webxdc::WebxdcMessageInfo;

 use self::types::message::{MessageInfo, MessageLoadResult};
 use self::types::{
-    chat::{BasicChat, JSONRPCChatVisibility, MuteDuration},
+    chat::{BasicChat, JsonrpcChatVisibility, MuteDuration},
    location::JsonrpcLocation,
    message::{
-        JSONRPCMessageListItem, MessageNotificationInfo, MessageSearchResult, MessageViewtype,
+        JsonrpcMessageListItem, MessageNotificationInfo, MessageSearchResult, MessageViewtype,
    },
 };
 use crate::api::types::chat_list::{get_chat_list_item_by_id, ChatListItemFetchResult};
-use crate::api::types::qr::QrObject;
+use crate::api::types::qr::{QrObject, SecurejoinSource, SecurejoinUiPath};

 #[derive(Debug)]
 struct AccountState {
@@ -120,14 +121,14 @@ impl CommandApi {
        }
    }

+    async fn get_context_opt(&self, id: u32) -> Option<deltachat::context::Context> {
+        self.accounts.read().await.get_account(id)
+    }
+
    async fn get_context(&self, id: u32) -> Result<deltachat::context::Context> {
-        let sc = self
-            .accounts
-            .read()
+        self.get_context_opt(id)
            .await
-            .get_account(id)
-            .ok_or_else(|| anyhow!("account with id {id} not found"))?;
-        Ok(sc)
+            .ok_or_else(|| anyhow!("account with id {id} not found"))
    }

    async fn with_state<F, T>(&self, id: u32, with_state: F) -> T
@@ -273,7 +274,7 @@ impl CommandApi {
    /// The `AccountsBackgroundFetchDone` event is emitted at the end even in case of timeout.
    /// Process all events until you get this one and you can safely return to the background
    /// without forgetting to create notifications caused by timing race conditions.
-    async fn accounts_background_fetch(&self, timeout_in_seconds: f64) -> Result<()> {
+    async fn background_fetch(&self, timeout_in_seconds: f64) -> Result<()> {
        let future = {
            let lock = self.accounts.read().await;
            lock.background_fetch(std::time::Duration::from_secs_f64(timeout_in_seconds))
@@ -283,6 +284,11 @@ impl CommandApi {
        Ok(())
    }

+    async fn stop_background_fetch(&self) -> Result<()> {
+        self.accounts.read().await.stop_background_fetch();
+        Ok(())
+    }
+
    // ---------------------------------------------
    // Methods that work on individual accounts
    // ---------------------------------------------
@@ -313,17 +319,17 @@ impl CommandApi {
        }
    }

+    /// Get the current push notification state.
+    async fn get_push_state(&self, account_id: u32) -> Result<JsonrpcNotifyState> {
+        let ctx = self.get_context(account_id).await?;
+        Ok(ctx.push_state().await.into())
+    }
+
    /// Get the combined filesize of an account in bytes
    async fn get_account_file_size(&self, account_id: u32) -> Result<u64> {
        let ctx = self.get_context(account_id).await?;
        let dbfile = ctx.get_dbfile().metadata()?.len();
-        let total_size = WalkDir::new(ctx.get_blobdir())
-            .max_depth(2)
-            .into_iter()
-            .filter_map(|entry| entry.ok())
-            .filter_map(|entry| entry.metadata().ok())
-            .filter(|metadata| metadata.is_file())
-            .fold(0, |acc, m| acc + m.len());
+        let total_size = get_blobdir_storage_usage(&ctx);

        Ok(dbfile + total_size)
    }
@@ -336,21 +342,10 @@ impl CommandApi {
    /// instead of the domain.
    async fn get_provider_info(
        &self,
-        account_id: u32,
+        _account_id: u32,
        email: String,
    ) -> Result<Option<ProviderInfo>> {
-        let ctx = self.get_context(account_id).await?;
-
-        let proxy_enabled = ctx
-            .get_config_bool(deltachat::config::Config::ProxyEnabled)
-            .await?;
-
-        let provider_info = get_provider_info(
-            &ctx,
-            email.split('@').next_back().unwrap_or(""),
-            proxy_enabled,
-        )
-        .await;
+        let provider_info = get_provider_info(email.split('@').next_back().unwrap_or(""));
        Ok(ProviderInfo::from_dc_type(provider_info))
    }

@@ -366,6 +361,13 @@ impl CommandApi {
        ctx.get_info().await
    }

+    /// Get storage usage report as formatted string
+    async fn get_storage_usage_report_string(&self, account_id: u32) -> Result<String> {
+        let ctx = self.get_context(account_id).await?;
+        let storage_usage = get_storage_usage(&ctx).await?;
+        Ok(storage_usage.to_string())
+    }
+
    /// Get the blob dir.
    async fn get_blob_dir(&self, account_id: u32) -> Result<Option<String>> {
        let ctx = self.get_context(account_id).await?;
@@ -393,11 +395,6 @@ impl CommandApi {
        Ok(BlobObject::create_and_deduplicate(&ctx, file, file)?.to_abs_path())
    }

-    async fn draft_self_report(&self, account_id: u32) -> Result<u32> {
-        let ctx = self.get_context(account_id).await?;
-        Ok(ctx.draft_self_report().await?.to_u32())
-    }
-
    /// Sets the given configuration key.
    async fn set_config(&self, account_id: u32, key: String, value: Option<String>) -> Result<()> {
        let ctx = self.get_context(account_id).await?;
@@ -419,11 +416,11 @@ impl CommandApi {
        Ok(())
    }

-    /// Set configuration values from a QR code. (technically from the URI that is stored in the qrcode)
-    /// Before this function is called, `checkQr()` should confirm the type of the
-    /// QR code is `account` or `webrtcInstance`.
+    /// Set configuration values from a QR code (technically from the URI stored in it).
+    /// Before this function is called, `check_qr()` should be used to get the QR code type.
    ///
-    /// Internally, the function will call dc_set_config() with the appropriate keys,
+    /// "DCACCOUNT:" and "DCLOGIN:" QR codes configure the account, but I/O mustn't be started for
+    /// such QR codes, consider using [`Self::add_transport_from_qr`] which also restarts I/O.
    async fn set_config_from_qr(&self, account_id: u32, qr_content: String) -> Result<()> {
        let ctx = self.get_context(account_id).await?;
        qr::set_config_from_qr(&ctx, &qr_content).await
@@ -455,6 +452,12 @@ impl CommandApi {
        Ok(result)
    }

+    /// Returns all `ui.*` config keys that were set by the UI.
+    async fn get_all_ui_config_keys(&self, account_id: u32) -> Result<Vec<String>> {
+        let ctx = self.get_context(account_id).await?;
+        get_all_ui_config_keys(&ctx).await
+    }
+
    async fn set_stock_strings(&self, strings: HashMap<u32, String>) -> Result<()> {
        let accounts = self.accounts.read().await;
        for (stock_id, stock_message) in strings {
@@ -798,11 +801,11 @@ impl CommandApi {
    /// Delete a chat.
    ///
    /// Messages are deleted from the device and the chat database entry is deleted.
-    /// After that, the event #DC_EVENT_MSGS_CHANGED is posted.
+    /// After that, a `MsgsChanged` event is emitted.
+    /// Messages are deleted from the server in background.
    ///
    /// Things that are _not done_ implicitly:
    ///
-    /// - Messages are **not deleted from the server**.
    /// - The chat or the contact is **not blocked**, so new messages from the user/the group may appear as a contact request
    ///   and the user may create the chat again.
    /// - **Groups are not left** - this would
@@ -896,6 +899,38 @@ impl CommandApi {
        Ok(chat_id.to_u32())
    }

+    /// Like `secure_join()`, but allows to pass a source and a UI-path.
+    /// You only need this if your UI has an option to send statistics
+    /// to Delta Chat's developers.
+    ///
+    /// **source**: The source where the QR code came from.
+    /// E.g. a link that was clicked inside or outside Delta Chat,
+    /// the "Paste from Clipboard" action,
+    /// the "Load QR code as image" action,
+    /// or a QR code scan.
+    ///
+    /// **uipath**: Which UI path did the user use to arrive at the QR code screen.
+    /// If the SecurejoinSource was ExternalLink or InternalLink,
+    /// pass `None` here, because the QR code screen wasn't even opened.
+    /// ```
+    async fn secure_join_with_ux_info(
+        &self,
+        account_id: u32,
+        qr: String,
+        source: Option<SecurejoinSource>,
+        uipath: Option<SecurejoinUiPath>,
+    ) -> Result<u32> {
+        let ctx = self.get_context(account_id).await?;
+        let chat_id = securejoin::join_securejoin_with_ux_info(
+            &ctx,
+            &qr,
+            source.map(Into::into),
+            uipath.map(Into::into),
+        )
+        .await?;
+        Ok(chat_id.to_u32())
+    }
+
    async fn leave_group(&self, account_id: u32, chat_id: u32) -> Result<()> {
        let ctx = self.get_context(account_id).await?;
        remove_contact_from_chat(&ctx, ChatId::new(chat_id), ContactId::SELF).await
@@ -979,17 +1014,16 @@ impl CommandApi {
    /// To check, if a chat is still unpromoted, you can look at the `is_unpromoted` property of `BasicChat` or `FullChat`.
    /// This may be useful if you want to show some help for just created groups.
    ///
-    /// @param protect If set to 1 the function creates group with protection initially enabled.
-    ///     Only verified members are allowed in these groups
-    async fn create_group_chat(&self, account_id: u32, name: String, protect: bool) -> Result<u32> {
+    /// `protect` argument is deprecated as of 2025-10-22 and is left for compatibility.
+    /// Pass `false` here.
+    async fn create_group_chat(
+        &self,
+        account_id: u32,
+        name: String,
+        _protect: bool,
+    ) -> Result<u32> {
        let ctx = self.get_context(account_id).await?;
-        let protect = match protect {
-            true => ProtectionStatus::Protected,
-            false => ProtectionStatus::Unprotected,
-        };
-        chat::create_group_ex(&ctx, Some(protect), &name)
-            .await
-            .map(|id| id.to_u32())
+        chat::create_group(&ctx, &name).await.map(|id| id.to_u32())
    }

    /// Create a new unencrypted group chat.
@@ -998,7 +1032,7 @@ impl CommandApi {
    /// address-contacts.
    async fn create_group_chat_unencrypted(&self, account_id: u32, name: String) -> Result<u32> {
        let ctx = self.get_context(account_id).await?;
-        chat::create_group_ex(&ctx, None, &name)
+        chat::create_group_unencrypted(&ctx, &name)
            .await
            .map(|id| id.to_u32())
    }
@@ -1009,7 +1043,7 @@ impl CommandApi {
            .await
    }

-    /// Create a new **broadcast channel**
+    /// Create a new, outgoing **broadcast channel**
    /// (called "Channel" in the UI).
    ///
    /// Broadcast channels are similar to groups on the sending device,
@@ -1070,7 +1104,7 @@ impl CommandApi {
        &self,
        account_id: u32,
        chat_id: u32,
-        visibility: JSONRPCChatVisibility,
+        visibility: JsonrpcChatVisibility,
    ) -> Result<()> {
        let ctx = self.get_context(account_id).await?;

@@ -1130,10 +1164,24 @@ impl CommandApi {
        Ok(None)
    }

+    /// Mark all messages in all chats as _noticed_.
+    /// Skips messages from blocked contacts, but does not skip messages in muted chats.
+    ///
+    /// _Noticed_ messages are no longer _fresh_ and do not count as being unseen
+    /// but are still waiting for being marked as "seen" using markseen_msgs()
+    /// (read receipts aren't sent for noticed messages).
+    ///
+    /// Calling this function usually results in the event #DC_EVENT_MSGS_NOTICED.
+    /// See also markseen_msgs().
+    pub async fn marknoticed_all_chats(&self, account_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
+        marknoticed_all_chats(&ctx).await
+    }
+
    ///  Mark all messages in a chat as _noticed_.
    ///  _Noticed_ messages are no longer _fresh_ and do not count as being unseen
    ///  but are still waiting for being marked as "seen" using markseen_msgs()
-    ///  (IMAP/MDNs is not done for noticed messages).
+    ///  (read receipts aren't sent for noticed messages).
    ///
    ///  Calling this function usually results in the event #DC_EVENT_MSGS_NOTICED.
    ///  See also markseen_msgs().
@@ -1269,13 +1317,31 @@ impl CommandApi {
            .collect())
    }

+    /// Checks if the messages with given IDs exist.
+    ///
+    /// Returns IDs of existing messages.
+    async fn get_existing_msg_ids(&self, account_id: u32, msg_ids: Vec<u32>) -> Result<Vec<u32>> {
+        if let Some(context) = self.get_context_opt(account_id).await {
+            let msg_ids: Vec<MsgId> = msg_ids.into_iter().map(MsgId::new).collect();
+            let existing_msg_ids = get_existing_msg_ids(&context, &msg_ids).await?;
+            Ok(existing_msg_ids
+                .into_iter()
+                .map(|msg_id| msg_id.to_u32())
+                .collect())
+        } else {
+            // Account does not exist, so messages do not exist either,
+            // but this is not an error.
+            Ok(Vec::new())
+        }
+    }
+
    async fn get_message_list_items(
        &self,
        account_id: u32,
        chat_id: u32,
        info_only: bool,
        add_daymarker: bool,
-    ) -> Result<Vec<JSONRPCMessageListItem>> {
+    ) -> Result<Vec<JsonrpcMessageListItem>> {
        let ctx = self.get_context(account_id).await?;
        let msg = get_chat_msgs_ex(
            &ctx,
@@ -1289,7 +1355,7 @@ impl CommandApi {
        Ok(msg
            .iter()
            .map(|chat_item| (*chat_item).into())
-            .collect::<Vec<JSONRPCMessageListItem>>())
+            .collect::<Vec<JsonrpcMessageListItem>>())
    }

    async fn get_message(&self, account_id: u32, msg_id: u32) -> Result<MessageObject> {
@@ -1382,6 +1448,18 @@ impl CommandApi {
        MessageInfo::from_msg_id(&ctx, MsgId::new(message_id)).await
    }

+    /// Returns count of read receipts on message.
+    ///
+    /// This view count is meant as a feedback measure for the channel owner only.
+    async fn get_message_read_receipt_count(
+        &self,
+        account_id: u32,
+        message_id: u32,
+    ) -> Result<usize> {
+        let ctx = self.get_context(account_id).await?;
+        get_msg_read_receipt_count(&ctx, MsgId::new(message_id)).await
+    }
+
    /// Returns contacts that sent read receipts and the time of reading.
    async fn get_message_read_receipts(
        &self,
@@ -2089,10 +2167,11 @@ impl CommandApi {
        account_id: u32,
        chat_id: u32,
        place_call_info: String,
+        has_video: bool,
    ) -> Result<u32> {
        let ctx = self.get_context(account_id).await?;
        let msg_id = ctx
-            .place_outgoing_call(ChatId::new(chat_id), place_call_info)
+            .place_outgoing_call(ChatId::new(chat_id), place_call_info, has_video)
            .await?;
        Ok(msg_id.to_u32())
    }
@@ -2156,6 +2235,27 @@ impl CommandApi {
        forward_msgs(&ctx, &message_ids, ChatId::new(chat_id)).await
    }

+    /// Forward messages to a chat in another account.
+    /// See [`Self::forward_messages`] for more info.
+    async fn forward_messages_to_account(
+        &self,
+        src_account_id: u32,
+        src_message_ids: Vec<u32>,
+        dst_account_id: u32,
+        dst_chat_id: u32,
+    ) -> Result<()> {
+        let src_ctx = self.get_context(src_account_id).await?;
+        let dst_ctx = self.get_context(dst_account_id).await?;
+        let src_message_ids: Vec<MsgId> = src_message_ids.into_iter().map(MsgId::new).collect();
+        forward_msgs_2ctx(
+            &src_ctx,
+            &src_message_ids,
+            &dst_ctx,
+            ChatId::new(dst_chat_id),
+        )
+        .await
+    }
+
    /// Resend messages and make information available for newly added chat members.
    /// Resending sends out the original message, however, recipients and webxdc-status may differ.
    /// Clients that already have the original message can still ignore the resent message as
@@ -2210,7 +2310,7 @@ impl CommandApi {
        &self,
        account_id: u32,
        message_id: u32,
-    ) -> Result<Option<JSONRPCReactions>> {
+    ) -> Result<Option<JsonrpcReactions>> {
        let ctx = self.get_context(account_id).await?;
        let reactions = get_msg_reactions(&ctx, MsgId::new(message_id)).await?;
        if reactions.is_empty() {
--- a/deltachat-jsonrpc/src/api/types/account.rs
+++ b/deltachat-jsonrpc/src/api/types/account.rs
@@ -15,7 +15,7 @@ pub enum Account {
        display_name: Option<String>,
        addr: Option<String>,
        // size: u32,
-        profile_image: Option<String>, // TODO: This needs to be converted to work with blob http server.
+        profile_image: Option<String>,
        color: String,
        /// Optional tag as "Work", "Family".
        /// Meant to help profile owner to differ between profiles with similar names.
@@ -32,7 +32,10 @@ impl Account {
            let addr = ctx.get_config(Config::Addr).await?;
            let profile_image = ctx.get_config(Config::Selfavatar).await?;
            let color = color_int_to_hex_string(
-                Contact::get_by_id(ctx, ContactId::SELF).await?.get_color(),
+                Contact::get_by_id(ctx, ContactId::SELF)
+                    .await?
+                    .get_or_gen_color(ctx)
+                    .await?,
            );
            let private_tag = ctx.get_config(Config::PrivateTag).await?;
            Ok(Account::Configured {
--- a/deltachat-jsonrpc/src/api/types/calls.rs
+++ b/deltachat-jsonrpc/src/api/types/calls.rs
@@ -1,6 +1,6 @@
 use anyhow::{Context as _, Result};

-use deltachat::calls::{call_state, sdp_has_video, CallState};
+use deltachat::calls::{call_state, CallState};
 use deltachat::context::Context;
 use deltachat::message::MsgId;
 use serde::Serialize;
@@ -15,7 +15,7 @@ pub struct JsonrpcCallInfo {
    /// even if incoming call event was missed.
    pub sdp_offer: String,

-    /// True if SDP offer has a video.
+    /// True if the call is started as a video call.
    pub has_video: bool,

    /// Call state.
@@ -30,7 +30,7 @@ impl JsonrpcCallInfo {
            format!("Attempting to get call state of non-call message {msg_id}")
        })?;
        let sdp_offer = call_info.place_call_info.clone();
-        let has_video = sdp_has_video(&sdp_offer).unwrap_or_default();
+        let has_video = call_info.has_video_initially();
        let state = JsonrpcCallState::from_msg_id(context, msg_id).await?;

        Ok(JsonrpcCallInfo {
--- a/deltachat-jsonrpc/src/api/types/chat.rs
+++ b/deltachat-jsonrpc/src/api/types/chat.rs
@@ -6,12 +6,10 @@ use deltachat::chat::{Chat, ChatId};
 use deltachat::constants::Chattype;
 use deltachat::contact::{Contact, ContactId};
 use deltachat::context::Context;
-use num_traits::cast::ToPrimitive;
 use serde::{Deserialize, Serialize};
 use typescript_type_def::TypeDef;

 use super::color_int_to_hex_string;
-use super::contact::ContactObject;

 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename_all = "camelCase")]
@@ -19,18 +17,6 @@ pub struct FullChat {
    id: u32,
    name: String,

-    /// True if the chat is protected.
-    ///
-    /// Only verified contacts
-    /// as determined by [`ContactObject::is_verified`] / `Contact.isVerified`
-    /// can be added to protected chats.
-    ///
-    /// Protected chats are created using [`create_group_chat`] / `createGroupChat()`
-    /// by setting the 'protect' parameter to true.
-    ///
-    /// [`create_group_chat`]: crate::api::CommandApi::create_group_chat
-    is_protected: bool,
-
    /// True if the chat is encrypted.
    /// This means that all messages in the chat are encrypted,
    /// and all contacts in the chat are "key-contacts",
@@ -58,10 +44,9 @@ pub struct FullChat {
    archived: bool,
    pinned: bool,
    // subtitle  - will be moved to frontend because it uses translation functions
-    chat_type: u32,
+    chat_type: JsonrpcChatType,
    is_unpromoted: bool,
    is_self_talk: bool,
-    contacts: Vec<ContactObject>,
    contact_ids: Vec<u32>,

    /// Contact IDs of the past chat members.
@@ -73,9 +58,16 @@ pub struct FullChat {
    is_contact_request: bool,

    is_device_chat: bool,
+    /// Note that this is different from
+    /// [`ChatListItem::is_self_in_group`](`crate::api::types::chat_list::ChatListItemFetchResult::ChatListItem::is_self_in_group`).
+    /// This property should only be accessed
+    /// when [`FullChat::chat_type`] is [`Chattype::Group`].
+    //
+    // We could utilize [`Chat::is_self_in_chat`],
+    // but that would be an extra DB query.
    self_in_group: bool,
    is_muted: bool,
-    ephemeral_timer: u32, //TODO look if there are more important properties in newer core versions
+    ephemeral_timer: u32,
    can_send: bool,
    was_seen_recently: bool,
    mailing_list_address: Option<String>,
@@ -89,20 +81,6 @@ impl FullChat {
        let contact_ids = get_chat_contacts(context, rust_chat_id).await?;
        let past_contact_ids = get_past_chat_contacts(context, rust_chat_id).await?;

-        let mut contacts = Vec::with_capacity(contact_ids.len());
-
-        for contact_id in &contact_ids {
-            contacts.push(
-                ContactObject::try_from_dc_contact(
-                    context,
-                    Contact::get_by_id(context, *contact_id)
-                        .await
-                        .context("failed to load contact")?,
-                )
-                .await?,
-            )
-        }
-
        let profile_image = match chat.get_profile_image(context).await? {
            Some(path_buf) => path_buf.to_str().map(|s| s.to_owned()),
            None => None,
@@ -131,15 +109,13 @@ impl FullChat {
        Ok(FullChat {
            id: chat_id,
            name: chat.name.clone(),
-            is_protected: chat.is_protected(),
            is_encrypted: chat.is_encrypted(context).await?,
            profile_image, //BLOBS ?
            archived: chat.get_visibility() == chat::ChatVisibility::Archived,
            pinned: chat.get_visibility() == chat::ChatVisibility::Pinned,
-            chat_type: chat.get_type().to_u32().context("unknown chat type id")?,
+            chat_type: chat.get_type().into(),
            is_unpromoted: chat.is_unpromoted(),
            is_self_talk: chat.is_self_talk(),
-            contacts,
            contact_ids: contact_ids.iter().map(|id| id.to_u32()).collect(),
            past_contact_ids: past_contact_ids.iter().map(|id| id.to_u32()).collect(),
            color,
@@ -157,7 +133,6 @@ impl FullChat {
 }

 /// cheaper version of fullchat, omits:
-/// - contacts
 /// - contact_ids
 /// - fresh_message_counter
 /// - ephemeral_timer
@@ -172,18 +147,6 @@ pub struct BasicChat {
    id: u32,
    name: String,

-    /// True if the chat is protected.
-    ///
-    /// UI should display a green checkmark
-    /// in the chat title,
-    /// in the chat profile title and
-    /// in the chatlist item
-    /// if chat protection is enabled.
-    /// UI should also display a green checkmark
-    /// in the contact profile
-    /// if 1:1 chat with this contact exists and is protected.
-    is_protected: bool,
-
    /// True if the chat is encrypted.
    /// This means that all messages in the chat are encrypted,
    /// and all contacts in the chat are "key-contacts",
@@ -210,7 +173,7 @@ pub struct BasicChat {
    profile_image: Option<String>, //BLOBS ?
    archived: bool,
    pinned: bool,
-    chat_type: u32,
+    chat_type: JsonrpcChatType,
    is_unpromoted: bool,
    is_self_talk: bool,
    color: String,
@@ -234,12 +197,11 @@ impl BasicChat {
        Ok(BasicChat {
            id: chat_id,
            name: chat.name.clone(),
-            is_protected: chat.is_protected(),
            is_encrypted: chat.is_encrypted(context).await?,
            profile_image, //BLOBS ?
            archived: chat.get_visibility() == chat::ChatVisibility::Archived,
            pinned: chat.get_visibility() == chat::ChatVisibility::Pinned,
-            chat_type: chat.get_type().to_u32().context("unknown chat type id")?,
+            chat_type: chat.get_type().into(),
            is_unpromoted: chat.is_unpromoted(),
            is_self_talk: chat.is_self_talk(),
            color,
@@ -278,18 +240,52 @@ impl MuteDuration {

 #[derive(Clone, Serialize, Deserialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename = "ChatVisibility")]
-pub enum JSONRPCChatVisibility {
+pub enum JsonrpcChatVisibility {
    Normal,
    Archived,
    Pinned,
 }

-impl JSONRPCChatVisibility {
+impl JsonrpcChatVisibility {
    pub fn into_core_type(self) -> ChatVisibility {
        match self {
-            JSONRPCChatVisibility::Normal => ChatVisibility::Normal,
-            JSONRPCChatVisibility::Archived => ChatVisibility::Archived,
-            JSONRPCChatVisibility::Pinned => ChatVisibility::Pinned,
+            JsonrpcChatVisibility::Normal => ChatVisibility::Normal,
+            JsonrpcChatVisibility::Archived => ChatVisibility::Archived,
+            JsonrpcChatVisibility::Pinned => ChatVisibility::Pinned,
+        }
+    }
+}
+
+#[derive(Clone, Serialize, Deserialize, PartialEq, TypeDef, schemars::JsonSchema)]
+#[serde(rename = "ChatType")]
+pub enum JsonrpcChatType {
+    Single,
+    Group,
+    Mailinglist,
+    OutBroadcast,
+    InBroadcast,
+}
+
+impl From<Chattype> for JsonrpcChatType {
+    fn from(chattype: Chattype) -> Self {
+        match chattype {
+            Chattype::Single => JsonrpcChatType::Single,
+            Chattype::Group => JsonrpcChatType::Group,
+            Chattype::Mailinglist => JsonrpcChatType::Mailinglist,
+            Chattype::OutBroadcast => JsonrpcChatType::OutBroadcast,
+            Chattype::InBroadcast => JsonrpcChatType::InBroadcast,
+        }
+    }
+}
+
+impl From<JsonrpcChatType> for Chattype {
+    fn from(chattype: JsonrpcChatType) -> Self {
+        match chattype {
+            JsonrpcChatType::Single => Chattype::Single,
+            JsonrpcChatType::Group => Chattype::Group,
+            JsonrpcChatType::Mailinglist => Chattype::Mailinglist,
+            JsonrpcChatType::OutBroadcast => Chattype::OutBroadcast,
+            JsonrpcChatType::InBroadcast => Chattype::InBroadcast,
        }
    }
 }
--- a/deltachat-jsonrpc/src/api/types/chat_list.rs
+++ b/deltachat-jsonrpc/src/api/types/chat_list.rs
@@ -2,7 +2,7 @@ use anyhow::{Context, Result};
 use deltachat::chat::{Chat, ChatId};
 use deltachat::chatlist::get_last_message_for_chat;
 use deltachat::constants::*;
-use deltachat::contact::{Contact, ContactId};
+use deltachat::contact::Contact;
 use deltachat::{
    chat::{get_chat_contacts, ChatVisibility},
    chatlist::Chatlist,
@@ -11,6 +11,7 @@ use num_traits::cast::ToPrimitive;
 use serde::Serialize;
 use typescript_type_def::TypeDef;

+use super::chat::JsonrpcChatType;
 use super::color_int_to_hex_string;
 use super::message::MessageViewtype;

@@ -23,14 +24,13 @@ pub enum ChatListItemFetchResult {
        name: String,
        avatar_path: Option<String>,
        color: String,
-        chat_type: u32,
+        chat_type: JsonrpcChatType,
        last_updated: Option<i64>,
        summary_text1: String,
        summary_text2: String,
        summary_status: u32,
        /// showing preview if last chat message is image
        summary_preview_image: Option<String>,
-        is_protected: bool,

        /// True if the chat is encrypted.
        /// This means that all messages in the chat are encrypted,
@@ -127,11 +127,8 @@ pub(crate) async fn get_chat_list_item_by_id(
        None => (None, None),
    };

-    let chat_contacts = get_chat_contacts(ctx, chat_id).await?;
-
-    let self_in_group = chat_contacts.contains(&ContactId::SELF);
-
    let (dm_chat_contact, was_seen_recently) = if chat.get_type() == Chattype::Single {
+        let chat_contacts = get_chat_contacts(ctx, chat_id).await?;
        let contact = chat_contacts.first();
        let was_seen_recently = match contact {
            Some(contact) => Contact::get_by_id(ctx, *contact)
@@ -155,19 +152,18 @@ pub(crate) async fn get_chat_list_item_by_id(
        name: chat.get_name().to_owned(),
        avatar_path,
        color,
-        chat_type: chat.get_type().to_u32().context("unknown chat type id")?,
+        chat_type: chat.get_type().into(),
        last_updated,
        summary_text1,
        summary_text2,
        summary_status: summary.state.to_u32().expect("impossible"), // idea and a function to transform the constant to strings? or return string enum
        summary_preview_image,
-        is_protected: chat.is_protected(),
        is_encrypted: chat.is_encrypted(ctx).await?,
        is_group: chat.get_type() == Chattype::Group,
        fresh_message_counter,
        is_self_talk: chat.is_self_talk(),
        is_device_talk: chat.is_device_talk(),
-        is_self_in_group: self_in_group,
+        is_self_in_group: chat.is_self_in_chat(ctx).await?,
        is_sending_location: chat.is_sending_locations(),
        is_archived: visibility == ChatVisibility::Archived,
        is_pinned: visibility == ChatVisibility::Pinned,
--- a/deltachat-jsonrpc/src/api/types/contact.rs
+++ b/deltachat-jsonrpc/src/api/types/contact.rs
@@ -1,6 +1,6 @@
 use anyhow::Result;
-use deltachat::color;
 use deltachat::context::Context;
+use deltachat::key::{DcKey, SignedPublicKey};
 use serde::Serialize;
 use typescript_type_def::TypeDef;

@@ -47,8 +47,7 @@ pub struct ContactObject {
    ///
    /// - If `verifierId` != 0,
    ///   display text "Introduced by ..."
-    ///   with the name and address of the contact
-    ///   formatted by `name_and_addr`/`nameAndAddr`.
+    ///   with the name of the contact.
    ///   Prefix the text by a green checkmark.
    ///
    /// - If `verifierId` == 0 and `isVerified` != 0,
@@ -130,7 +129,13 @@ pub struct VcardContact {
 impl From<deltachat_contact_tools::VcardContact> for VcardContact {
    fn from(vc: deltachat_contact_tools::VcardContact) -> Self {
        let display_name = vc.display_name().to_string();
-        let color = color::str_to_color(&vc.addr.to_lowercase());
+        let is_self = false;
+        let fpr = vc.key.as_deref().and_then(|k| {
+            SignedPublicKey::from_base64(k)
+                .ok()
+                .map(|k| k.dc_fingerprint())
+        });
+        let color = deltachat::contact::get_color(is_self, &vc.addr, &fpr);
        Self {
            addr: vc.addr,
            display_name,
--- a/deltachat-jsonrpc/src/api/types/events.rs
+++ b/deltachat-jsonrpc/src/api/types/events.rs
@@ -1,8 +1,9 @@
 use deltachat::{Event as CoreEvent, EventType as CoreEventType};
-use num_traits::ToPrimitive;
 use serde::Serialize;
 use typescript_type_def::TypeDef;

+use super::chat::JsonrpcChatType;
+
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename_all = "camelCase")]
 pub struct Event {
@@ -270,7 +271,7 @@ pub enum EventType {
        /// Progress.
        ///
        /// 0=error, 1-999=progress in permille, 1000=success and done
-        progress: usize,
+        progress: u16,

        /// Progress comment or error, something to display to the user.
        comment: Option<String>,
@@ -281,7 +282,7 @@ pub enum EventType {
    #[serde(rename_all = "camelCase")]
    ImexProgress {
        /// 0=error, 1-999=progress in permille, 1000=success and done
-        progress: usize,
+        progress: u16,
    },

    /// A file has been exported. A file has been written by imex().
@@ -307,12 +308,12 @@ pub enum EventType {
        /// The type of the joined chat.
        /// This can take the same values
        /// as `BasicChat.chatType` ([`crate::api::types::chat::BasicChat::chat_type`]).
-        chat_type: u32,
+        chat_type: JsonrpcChatType,
        /// ID of the chat in case of success.
        chat_id: u32,

        /// Progress, always 1000.
-        progress: usize,
+        progress: u16,
    },

    /// Progress information of a secure-join handshake from the view of the joiner
@@ -328,7 +329,7 @@ pub enum EventType {
        /// 400=vg-/vc-request-with-auth sent, typically shown as "alice@addr verified, introducing myself."
        /// (Bob has verified alice and waits until Alice does the same for him)
        /// 1000=vg-member-added/vc-contact-confirm received
-        progress: usize,
+        progress: u16,
    },

    /// The connectivity to the server changed.
@@ -459,6 +460,15 @@ pub enum EventType {
        /// ID of the chat which the message belongs to.
        chat_id: u32,
    },
+
+    /// One or more transports has changed.
+    ///
+    /// UI should update the list.
+    ///
+    /// This event is emitted when transport
+    /// synchronization messages arrives,
+    /// but not when the UI modifies the transport list by itself.
+    TransportsModified,
 }

 impl From<CoreEventType> for EventType {
@@ -570,7 +580,7 @@ impl From<CoreEventType> for EventType {
                progress,
            } => SecurejoinInviterProgress {
                contact_id: contact_id.to_u32(),
-                chat_type: chat_type.to_u32().unwrap_or(0),
+                chat_type: chat_type.into(),
                chat_id: chat_id.to_u32(),
                progress,
            },
@@ -641,6 +651,8 @@ impl From<CoreEventType> for EventType {
                msg_id: msg_id.to_u32(),
                chat_id: chat_id.to_u32(),
            },
+            CoreEventType::TransportsModified => TransportsModified,
+
            #[allow(unreachable_patterns)]
            #[cfg(test)]
            _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
--- a/deltachat-jsonrpc/src/api/types/message.rs
+++ b/deltachat-jsonrpc/src/api/types/message.rs
@@ -16,9 +16,10 @@ use num_traits::cast::ToPrimitive;
 use serde::{Deserialize, Serialize};
 use typescript_type_def::TypeDef;

+use super::chat::JsonrpcChatType;
 use super::color_int_to_hex_string;
 use super::contact::ContactObject;
-use super::reactions::JSONRPCReactions;
+use super::reactions::JsonrpcReactions;

 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename_all = "camelCase", tag = "kind")]
@@ -91,6 +92,9 @@ pub struct MessageObject {

    file: Option<String>,
    file_mime: Option<String>,
+
+    /// The size of the file in bytes, if applicable.
+    /// If message is a pre-message, then this is the size of the file to be downloaded.
    file_bytes: u64,
    file_name: Option<String>,

@@ -102,7 +106,7 @@ pub struct MessageObject {

    saved_message_id: Option<u32>,

-    reactions: Option<JSONRPCReactions>,
+    reactions: Option<JsonrpcReactions>,

    vcard_contact: Option<VcardContact>,
 }
@@ -531,8 +535,7 @@ pub struct MessageSearchResult {
    chat_profile_image: Option<String>,
    chat_color: String,
    chat_name: String,
-    chat_type: u32,
-    is_chat_protected: bool,
+    chat_type: JsonrpcChatType,
    is_chat_contact_request: bool,
    is_chat_archived: bool,
    message: String,
@@ -570,9 +573,8 @@ impl MessageSearchResult {
            chat_id: chat.id.to_u32(),
            chat_name: chat.get_name().to_owned(),
            chat_color,
-            chat_type: chat.get_type().to_u32().context("unknown chat type id")?,
+            chat_type: chat.get_type().into(),
            chat_profile_image,
-            is_chat_protected: chat.is_protected(),
            is_chat_contact_request: chat.is_contact_request(),
            is_chat_archived: chat.get_visibility() == ChatVisibility::Archived,
            message: message.get_text(),
@@ -583,7 +585,7 @@ impl MessageSearchResult {

 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename_all = "camelCase", rename = "MessageListItem", tag = "kind")]
-pub enum JSONRPCMessageListItem {
+pub enum JsonrpcMessageListItem {
    Message {
        msg_id: u32,
    },
@@ -596,13 +598,13 @@ pub enum JSONRPCMessageListItem {
    },
 }

-impl From<ChatItem> for JSONRPCMessageListItem {
+impl From<ChatItem> for JsonrpcMessageListItem {
    fn from(item: ChatItem) -> Self {
        match item {
-            ChatItem::Message { msg_id } => JSONRPCMessageListItem::Message {
+            ChatItem::Message { msg_id } => JsonrpcMessageListItem::Message {
                msg_id: msg_id.to_u32(),
            },
-            ChatItem::DayMarker { timestamp } => JSONRPCMessageListItem::DayMarker { timestamp },
+            ChatItem::DayMarker { timestamp } => JsonrpcMessageListItem::DayMarker { timestamp },
        }
    }
 }
--- a/deltachat-jsonrpc/src/api/types/mod.rs
+++ b/deltachat-jsonrpc/src/api/types/mod.rs
@@ -8,6 +8,7 @@ pub mod http;
 pub mod location;
 pub mod login_param;
 pub mod message;
+pub mod notify_state;
 pub mod provider_info;
 pub mod qr;
 pub mod reactions;
--- a/deltachat-jsonrpc/src/api/types/notify_state.rs
+++ b/deltachat-jsonrpc/src/api/types/notify_state.rs
@@ -0,0 +1,26 @@
+use deltachat::push::NotifyState;
+use serde::Serialize;
+use typescript_type_def::TypeDef;
+
+#[derive(Serialize, TypeDef, schemars::JsonSchema)]
+#[serde(rename = "NotifyState")]
+pub enum JsonrpcNotifyState {
+    /// Not subscribed to push notifications.
+    NotConnected,
+
+    /// Subscribed to heartbeat push notifications.
+    Heartbeat,
+
+    /// Subscribed to push notifications for new messages.
+    Connected,
+}
+
+impl From<NotifyState> for JsonrpcNotifyState {
+    fn from(state: NotifyState) -> Self {
+        match state {
+            NotifyState::NotConnected => Self::NotConnected,
+            NotifyState::Heartbeat => Self::Heartbeat,
+            NotifyState::Connected => Self::Connected,
+        }
+    }
+}
--- a/deltachat-jsonrpc/src/api/types/qr.rs
+++ b/deltachat-jsonrpc/src/api/types/qr.rs
@@ -1,4 +1,5 @@
 use deltachat::qr::Qr;
+use serde::Deserialize;
 use serde::Serialize;
 use typescript_type_def::TypeDef;

@@ -34,6 +35,26 @@ pub enum QrObject {
        /// Authentication code.
        authcode: String,
    },
+    /// Ask the user whether to join the broadcast channel.
+    AskJoinBroadcast {
+        /// The user-visible name of this broadcast channel
+        name: String,
+        /// A string of random characters,
+        /// uniquely identifying this broadcast channel across all databases/clients.
+        /// Called `grpid` for historic reasons:
+        /// The id of multi-user chats is always called `grpid` in the database
+        /// because groups were once the only multi-user chats.
+        grpid: String,
+        /// ID of the contact who owns the broadcast channel and created the QR code.
+        contact_id: u32,
+        /// Fingerprint of the broadcast channel owner's key as scanned from the QR code.
+        fingerprint: String,
+
+        /// Invite number.
+        invitenumber: String,
+        /// Authentication code.
+        authcode: String,
+    },
    /// Contact fingerprint is verified.
    ///
    /// Ask the user if they want to start chatting.
@@ -136,6 +157,21 @@ pub enum QrObject {
        /// Authentication code.
        authcode: String,
    },
+    /// Ask the user if they want to withdraw their own broadcast channel invite QR code.
+    WithdrawJoinBroadcast {
+        /// Broadcast name.
+        name: String,
+        /// ID, uniquely identifying this chat. Called grpid for historic reasons.
+        grpid: String,
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
+        fingerprint: String,
+        /// Invite number.
+        invitenumber: String,
+        /// Authentication code.
+        authcode: String,
+    },
    /// Ask the user if they want to revive their own QR code.
    ReviveVerifyContact {
        /// Contact ID.
@@ -162,6 +198,21 @@ pub enum QrObject {
        /// Authentication code.
        authcode: String,
    },
+    /// Ask the user if they want to revive their own broadcast channel invite QR code.
+    ReviveJoinBroadcast {
+        /// Broadcast name.
+        name: String,
+        /// Globally unique chat ID. Called grpid for historic reasons.
+        grpid: String,
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
+        fingerprint: String,
+        /// Invite number.
+        invitenumber: String,
+        /// Authentication code.
+        authcode: String,
+    },
    /// `dclogin:` scheme parameters.
    ///
    /// Ask the user if they want to login with the email address.
@@ -207,6 +258,25 @@ impl From<Qr> for QrObject {
                    authcode,
                }
            }
+            Qr::AskJoinBroadcast {
+                name,
+                grpid,
+                contact_id,
+                fingerprint,
+                authcode,
+                invitenumber,
+            } => {
+                let contact_id = contact_id.to_u32();
+                let fingerprint = fingerprint.to_string();
+                QrObject::AskJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    authcode,
+                    invitenumber,
+                }
+            }
            Qr::FprOk { contact_id } => {
                let contact_id = contact_id.to_u32();
                QrObject::FprOk { contact_id }
@@ -266,6 +336,25 @@ impl From<Qr> for QrObject {
                    authcode,
                }
            }
+            Qr::WithdrawJoinBroadcast {
+                name,
+                grpid,
+                contact_id,
+                fingerprint,
+                invitenumber,
+                authcode,
+            } => {
+                let contact_id = contact_id.to_u32();
+                let fingerprint = fingerprint.to_string();
+                QrObject::WithdrawJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    invitenumber,
+                    authcode,
+                }
+            }
            Qr::ReviveVerifyContact {
                contact_id,
                fingerprint,
@@ -300,7 +389,76 @@ impl From<Qr> for QrObject {
                    authcode,
                }
            }
+            Qr::ReviveJoinBroadcast {
+                name,
+                grpid,
+                contact_id,
+                fingerprint,
+                invitenumber,
+                authcode,
+            } => {
+                let contact_id = contact_id.to_u32();
+                let fingerprint = fingerprint.to_string();
+                QrObject::ReviveJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    invitenumber,
+                    authcode,
+                }
+            }
            Qr::Login { address, .. } => QrObject::Login { address },
        }
    }
 }
+
+#[derive(Deserialize, TypeDef, schemars::JsonSchema)]
+pub enum SecurejoinSource {
+    /// Because of some problem, it is unknown where the QR code came from.
+    Unknown,
+    /// The user opened a link somewhere outside Delta Chat
+    ExternalLink,
+    /// The user clicked on a link in a message inside Delta Chat
+    InternalLink,
+    /// The user clicked "Paste from Clipboard" in the QR scan activity
+    Clipboard,
+    /// The user clicked "Load QR code as image" in the QR scan activity
+    ImageLoaded,
+    /// The user scanned a QR code
+    Scan,
+}
+
+#[derive(Deserialize, TypeDef, schemars::JsonSchema)]
+pub enum SecurejoinUiPath {
+    /// The UI path is unknown, or the user didn't open the QR code screen at all.
+    Unknown,
+    /// The user directly clicked on the QR icon in the main screen
+    QrIcon,
+    /// The user first clicked on the `+` button in the main screen,
+    /// and then on "New Contact"
+    NewContact,
+}
+
+impl From<SecurejoinSource> for deltachat::SecurejoinSource {
+    fn from(value: SecurejoinSource) -> Self {
+        match value {
+            SecurejoinSource::Unknown => deltachat::SecurejoinSource::Unknown,
+            SecurejoinSource::ExternalLink => deltachat::SecurejoinSource::ExternalLink,
+            SecurejoinSource::InternalLink => deltachat::SecurejoinSource::InternalLink,
+            SecurejoinSource::Clipboard => deltachat::SecurejoinSource::Clipboard,
+            SecurejoinSource::ImageLoaded => deltachat::SecurejoinSource::ImageLoaded,
+            SecurejoinSource::Scan => deltachat::SecurejoinSource::Scan,
+        }
+    }
+}
+
+impl From<SecurejoinUiPath> for deltachat::SecurejoinUiPath {
+    fn from(value: SecurejoinUiPath) -> Self {
+        match value {
+            SecurejoinUiPath::Unknown => deltachat::SecurejoinUiPath::Unknown,
+            SecurejoinUiPath::QrIcon => deltachat::SecurejoinUiPath::QrIcon,
+            SecurejoinUiPath::NewContact => deltachat::SecurejoinUiPath::NewContact,
+        }
+    }
+}
--- a/deltachat-jsonrpc/src/api/types/reactions.rs
+++ b/deltachat-jsonrpc/src/api/types/reactions.rs
@@ -8,7 +8,7 @@ use typescript_type_def::TypeDef;
 /// A single reaction emoji.
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename = "Reaction", rename_all = "camelCase")]
-pub struct JSONRPCReaction {
+pub struct JsonrpcReaction {
    /// Emoji.
    emoji: String,

@@ -22,14 +22,14 @@ pub struct JSONRPCReaction {
 /// Structure representing all reactions to a particular message.
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename = "Reactions", rename_all = "camelCase")]
-pub struct JSONRPCReactions {
+pub struct JsonrpcReactions {
    /// Map from a contact to it's reaction to message.
    reactions_by_contact: BTreeMap<u32, Vec<String>>,
    /// Unique reactions and their count, sorted in descending order.
-    reactions: Vec<JSONRPCReaction>,
+    reactions: Vec<JsonrpcReaction>,
 }

-impl From<Reactions> for JSONRPCReactions {
+impl From<Reactions> for JsonrpcReactions {
    fn from(reactions: Reactions) -> Self {
        let mut reactions_by_contact: BTreeMap<u32, Vec<String>> = BTreeMap::new();

@@ -56,7 +56,7 @@ impl From<Reactions> for JSONRPCReactions {
                false
            };

-            let reaction = JSONRPCReaction {
+            let reaction = JsonrpcReaction {
                emoji,
                count,
                is_from_self,
@@ -64,7 +64,7 @@ impl From<Reactions> for JSONRPCReactions {
            reactions_v.push(reaction)
        }

-        JSONRPCReactions {
+        JsonrpcReactions {
            reactions_by_contact,
            reactions: reactions_v,
        }
--- a/deltachat-jsonrpc/typescript/package.json
+++ b/deltachat-jsonrpc/typescript/package.json
@@ -54,5 +54,5 @@
  },
  "type": "module",
  "types": "dist/deltachat.d.ts",
-  "version": "2.20.0"
+  "version": "2.42.0"
 }
--- a/deltachat-jsonrpc/typescript/scripts/generate-constants.js
+++ b/deltachat-jsonrpc/typescript/scripts/generate-constants.js
@@ -40,15 +40,35 @@ const constants = data
      key.startsWith("DC_DOWNLOAD") ||
      key.startsWith("DC_INFO_") ||
      (key.startsWith("DC_MSG") && !key.startsWith("DC_MSG_ID")) ||
-      key.startsWith("DC_QR_")
+      key.startsWith("DC_QR_") ||
+      key.startsWith("DC_CERTCK_") ||
+      key.startsWith("DC_SOCKET_") ||
+      key.startsWith("DC_LP_AUTH_") ||
+      key.startsWith("DC_PUSH_") ||
+      key.startsWith("DC_TEXT1_") ||
+      key.startsWith("DC_CHAT_TYPE")
    );
  })
  .map((row) => {
-    return `  ${row.key}: ${row.value}`;
+    return `  export const ${row.key} = ${row.value};`;
  })
-  .join(",\n");
+  .join("\n");

 writeFileSync(
  resolve(__dirname, "../generated/constants.ts"),
-  `// Generated!\n\nexport enum C {\n${constants.replace(/:/g, " =")},\n}\n`,
+  `// Generated!
+
+export namespace C {
+${constants}
+  /** @deprecated 10-8-2025 compare string directly with \`== "Group"\` */
+  export const DC_CHAT_TYPE_GROUP = "Group";
+  /** @deprecated 10-8-2025 compare string directly with \`== "InBroadcast"\`*/
+  export const DC_CHAT_TYPE_IN_BROADCAST = "InBroadcast";
+  /** @deprecated 10-8-2025 compare string directly with \`== "Mailinglist"\` */
+  export const DC_CHAT_TYPE_MAILINGLIST = "Mailinglist";
+  /** @deprecated 10-8-2025 compare string directly with \`== "OutBroadcast"\` */
+  export const DC_CHAT_TYPE_OUT_BROADCAST = "OutBroadcast";
+  /** @deprecated 10-8-2025 compare string directly with \`== "Single"\` */
+  export const DC_CHAT_TYPE_SINGLE = "Single";
+}\n`,
 );
--- a/deltachat-jsonrpc/typescript/test/online.ts
+++ b/deltachat-jsonrpc/typescript/test/online.ts
@@ -64,6 +64,7 @@ describe("online tests", function () {
    await dc.rpc.setConfig(accountId1, "addr", account1.email);
    await dc.rpc.setConfig(accountId1, "mail_pw", account1.password);
    await dc.rpc.configure(accountId1);
+    await waitForEvent(dc, "ImapInboxIdle", accountId1);

    accountId2 = await dc.rpc.addAccount();
    await dc.rpc.batchSetConfig(accountId2, {
@@ -71,6 +72,7 @@ describe("online tests", function () {
      mail_pw: account2.password,
    });
    await dc.rpc.configure(accountId2);
+    await waitForEvent(dc, "ImapInboxIdle", accountId2);
    accountsConfigured = true;
  });

--- a/deltachat-repl/Cargo.toml
+++ b/deltachat-repl/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "2.20.0"
+version = "2.42.0"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/chatmail/core"
--- a/deltachat-repl/src/cmdline.rs
+++ b/deltachat-repl/src/cmdline.rs
@@ -6,9 +6,7 @@ use std::str::FromStr;
 use std::time::Duration;

 use anyhow::{bail, ensure, Result};
-use deltachat::chat::{
-    self, Chat, ChatId, ChatItem, ChatVisibility, MuteDuration, ProtectionStatus,
-};
+use deltachat::chat::{self, Chat, ChatId, ChatItem, ChatVisibility, MuteDuration};
 use deltachat::chatlist::*;
 use deltachat::constants::*;
 use deltachat::contact::*;
@@ -72,11 +70,6 @@ async fn reset_tables(context: &Context, bits: i32) {
            .await
            .unwrap();
        context.sql().config_cache().write().await.clear();
-        context
-            .sql()
-            .execute("DELETE FROM leftgrps;", ())
-            .await
-            .unwrap();
        println!("(8) Rest but server config reset.");
    }

@@ -347,7 +340,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 createchat <contact-id>\n\
                 creategroup <name>\n\
                 createbroadcast <name>\n\
-                 createprotected <name>\n\
                 addmember <contact-id>\n\
                 removemember <contact-id>\n\
                 groupname <name>\n\
@@ -358,6 +350,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 dellocations\n\
                 getlocations [<contact-id>]\n\
                 send <text>\n\
+                 send-sync <text>\n\
                 sendempty\n\
                 sendimage <file> [<text>]\n\
                 sendsticker <file> [<text>]\n\
@@ -562,7 +555,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                for i in (0..cnt).rev() {
                    let chat = Chat::load_from_db(&context, chatlist.get_chat_id(i)?).await?;
                    println!(
-                        "{}#{}: {} [{} fresh] {}{}{}{}",
+                        "{}#{}: {} [{} fresh] {}{}{}",
                        chat_prefix(&chat),
                        chat.get_id(),
                        chat.get_name(),
@@ -573,7 +566,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                            ChatVisibility::Archived => "📦",
                            ChatVisibility::Pinned => "📌",
                        },
-                        if chat.is_protected() { "🛡️" } else { "" },
                        if chat.is_contact_request() {
                            "🆕"
                        } else {
@@ -688,7 +680,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                format!("{} member(s)", members.len())
            };
            println!(
-                "{}#{}: {} [{}]{}{}{} {}",
+                "{}#{}: {} [{}]{}{}{}",
                chat_prefix(sel_chat),
                sel_chat.get_id(),
                sel_chat.get_name(),
@@ -706,11 +698,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                    },
                    _ => "".to_string(),
                },
-                if sel_chat.is_protected() {
-                    "🛡️"
-                } else {
-                    ""
-                },
            );
            log_msglist(&context, &msglist).await?;
            if let Some(draft) = sel_chat.get_id().get_draft(&context).await? {
@@ -739,8 +726,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
        }
        "creategroup" => {
            ensure!(!arg1.is_empty(), "Argument <name> missing.");
-            let chat_id =
-                chat::create_group_chat(&context, ProtectionStatus::Unprotected, arg1).await?;
+            let chat_id = chat::create_group(&context, arg1).await?;

            println!("Group#{chat_id} created successfully.");
        }
@@ -750,13 +736,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu

            println!("Broadcast#{chat_id} created successfully.");
        }
-        "createprotected" => {
-            ensure!(!arg1.is_empty(), "Argument <name> missing.");
-            let chat_id =
-                chat::create_group_chat(&context, ProtectionStatus::Protected, arg1).await?;
-
-            println!("Group#{chat_id} created and protected successfully.");
-        }
        "addmember" => {
            ensure!(sel_chat.is_some(), "No chat selected");
            ensure!(!arg1.is_empty(), "Argument <contact-id> missing.");
@@ -908,6 +887,23 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu

            chat::send_text_msg(&context, sel_chat.as_ref().unwrap().get_id(), msg).await?;
        }
+        "send-sync" => {
+            ensure!(sel_chat.is_some(), "No chat selected.");
+            ensure!(!arg1.is_empty(), "No message text given.");
+
+            // Send message over a dedicated SMTP connection
+            // and measure time.
+            //
+            // This can be used to benchmark SMTP connection establishment.
+            let time_start = std::time::Instant::now();
+
+            let msg = format!("{arg1} {arg2}");
+            let mut msg = Message::new_text(msg);
+            chat::send_msg_sync(&context, sel_chat.as_ref().unwrap().get_id(), &mut msg).await?;
+
+            let time_needed = time_start.elapsed();
+            println!("Sent message in {time_needed:?}.");
+        }
        "sendempty" => {
            ensure!(sel_chat.is_some(), "No chat selected.");
            chat::send_text_msg(&context, sel_chat.as_ref().unwrap().get_id(), "".into()).await?;
@@ -1235,7 +1231,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
        "setqr" => {
            ensure!(!arg1.is_empty(), "Argument <qr-content> missing.");
            match set_config_from_qr(&context, arg1).await {
-                Ok(()) => println!("Config set from QR code, you can now call 'configure'"),
+                Ok(()) => eprintln!("Config set from the QR code."),
                Err(err) => eprintln!("Cannot set config from QR code: {err:?}"),
            }
        }
@@ -1248,10 +1244,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
        }
        "providerinfo" => {
            ensure!(!arg1.is_empty(), "Argument <addr> missing.");
-            let proxy_enabled = context
-                .get_config_bool(config::Config::ProxyEnabled)
-                .await?;
-            match provider::get_provider_info(&context, arg1, proxy_enabled).await {
+            match provider::get_provider_info(arg1) {
                Some(info) => {
                    println!("Information for provider belonging to {arg1}:");
                    println!("status: {}", info.status as u32);
--- a/deltachat-repl/src/main.rs
+++ b/deltachat-repl/src/main.rs
@@ -179,7 +179,7 @@ const DB_COMMANDS: [&str; 11] = [
    "housekeeping",
 ];

-const CHAT_COMMANDS: [&str; 38] = [
+const CHAT_COMMANDS: [&str; 39] = [
    "listchats",
    "listarchived",
    "start-realtime",
@@ -199,6 +199,7 @@ const CHAT_COMMANDS: [&str; 38] = [
    "dellocations",
    "getlocations",
    "send",
+    "send-sync",
    "sendempty",
    "sendimage",
    "sendsticker",
@@ -429,12 +430,12 @@ async fn handle_cmd(
        }
        "oauth2" => {
            if let Some(addr) = ctx.get_config(config::Config::Addr).await? {
-                let oauth2_url =
-                    get_oauth2_url(&ctx, &addr, "chat.delta:/com.b44t.messenger").await?;
-                if oauth2_url.is_none() {
-                    println!("OAuth2 not available for {}.", &addr);
+                if let Some(oauth2_url) =
+                    get_oauth2_url(&ctx, &addr, "chat.delta:/com.b44t.messenger").await?
+                {
+                    println!("Open the following url, set mail_pw to the generated token and server_flags to 2:\n{oauth2_url}");
                } else {
-                    println!("Open the following url, set mail_pw to the generated token and server_flags to 2:\n{}", oauth2_url.unwrap());
+                    println!("OAuth2 not available for {}.", &addr);
                }
            } else {
                println!("oauth2: set addr first.");
--- a/deltachat-rpc-client/README.md
+++ b/deltachat-rpc-client/README.md
@@ -30,6 +30,15 @@ $ pip install .

 Additional arguments to `tox` are passed to pytest, e.g. `tox -- -s` does not capture test output.

+
+## Activating current checkout of deltachat-rpc-client and -server for development 
+
+Go to root repository directory and run: 
+```
+$ scripts/make-rpc-testenv.sh 
+$ source venv/bin/activate 
+```
+
 ## Using in REPL

 Setup a development environment:
--- a/deltachat-rpc-client/pyproject.toml
+++ b/deltachat-rpc-client/pyproject.toml
@@ -1,20 +1,18 @@
 [build-system]
-requires = ["setuptools>=45"]
+requires = ["setuptools>=77"]
 build-backend = "setuptools.build_meta"

 [project]
 name = "deltachat-rpc-client"
-version = "2.20.0"
+version = "2.42.0"
+license = "MPL-2.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
    "Development Status :: 5 - Production/Stable",
    "Intended Audience :: Developers",
-    "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)",
    "Operating System :: POSIX :: Linux",
    "Operating System :: MacOS :: MacOS X",
    "Programming Language :: Python :: 3",
-    "Programming Language :: Python :: 3.8",
-    "Programming Language :: Python :: 3.9",
    "Programming Language :: Python :: 3.10",
    "Programming Language :: Python :: 3.11",
    "Programming Language :: Python :: 3.12",
@@ -24,7 +22,7 @@ classifiers = [
    "Topic :: Communications :: Email"
 ]
 readme = "README.md"
-requires-python = ">=3.8"
+requires-python = ">=3.10"

 [tool.setuptools.package-data]
 deltachat_rpc_client = [
--- a/deltachat-rpc-client/src/deltachat_rpc_client/_utils.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/_utils.py
@@ -44,8 +44,13 @@ class AttrDict(dict):
        super().__setattr__(attr, val)


+def _forever(_event: AttrDict) -> bool:
+    return False
+
+
 def run_client_cli(
    hooks: Optional[Iterable[Tuple[Callable, Union[type, "EventFilter"]]]] = None,
+    until: Callable[[AttrDict], bool] = _forever,
    argv: Optional[list] = None,
    **kwargs,
 ) -> None:
@@ -55,10 +60,11 @@ def run_client_cli(
    """
    from .client import Client

-    _run_cli(Client, hooks, argv, **kwargs)
+    _run_cli(Client, until, hooks, argv, **kwargs)


 def run_bot_cli(
+    until: Callable[[AttrDict], bool] = _forever,
    hooks: Optional[Iterable[Tuple[Callable, Union[type, "EventFilter"]]]] = None,
    argv: Optional[list] = None,
    **kwargs,
@@ -69,11 +75,12 @@ def run_bot_cli(
    """
    from .client import Bot

-    _run_cli(Bot, hooks, argv, **kwargs)
+    _run_cli(Bot, until, hooks, argv, **kwargs)


 def _run_cli(
    client_type: Type["Client"],
+    until: Callable[[AttrDict], bool] = _forever,
    hooks: Optional[Iterable[Tuple[Callable, Union[type, "EventFilter"]]]] = None,
    argv: Optional[list] = None,
    **kwargs,
@@ -111,7 +118,7 @@ def _run_cli(
                kwargs={"email": args.email, "password": args.password},
            )
            configure_thread.start()
-        client.run_forever()
+        client.run_until(until)


 def extract_addr(text: str) -> str:
--- a/deltachat-rpc-client/src/deltachat_rpc_client/account.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/account.py
@@ -125,6 +125,15 @@ class Account:
        """Add a new transport."""
        yield self._rpc.add_or_update_transport.future(self.id, params)

+    @futuremethod
+    def add_transport_from_qr(self, qr: str):
+        """Add a new transport using a QR code."""
+        yield self._rpc.add_transport_from_qr.future(self.id, qr)
+
+    def delete_transport(self, addr: str):
+        """Delete a transport."""
+        self._rpc.delete_transport(self.id, addr)
+
    @futuremethod
    def list_transports(self):
        """Return the list of all email accounts that are used as a transport in the current profile."""
@@ -300,7 +309,7 @@ class Account:
            chats.append(AttrDict(item))
        return chats

-    def create_group(self, name: str, protect: bool = False) -> Chat:
+    def create_group(self, name: str) -> Chat:
        """Create a new group chat.

        After creation,
@@ -317,15 +326,11 @@ class Account:
        To check, if a chat is still unpromoted, you can look at the `is_unpromoted` property of a chat
        (see `get_full_snapshot()` / `get_basic_snapshot()`).
        This may be useful if you want to show some help for just created groups.
-
-        :param protect: If set to 1 the function creates group with protection initially enabled.
-                        Only verified members are allowed in these groups
-                        and end-to-end-encryption is always enabled.
        """
-        return Chat(self, self._rpc.create_group_chat(self.id, name, protect))
+        return Chat(self, self._rpc.create_group_chat(self.id, name, False))

    def create_broadcast(self, name: str) -> Chat:
-        """Create a new **broadcast channel**
+        """Create a new, outgoing **broadcast channel**
        (called "Channel" in the UI).

        Broadcast channels are similar to groups on the sending device,
@@ -398,9 +403,10 @@ class Account:
        next_msg_ids = self._rpc.get_next_msgs(self.id)
        return [Message(self, msg_id) for msg_id in next_msg_ids]

+    @futuremethod
    def wait_next_messages(self) -> list[Message]:
        """Wait for new messages and return a list of them."""
-        next_msg_ids = self._rpc.wait_next_msgs(self.id)
+        next_msg_ids = yield self._rpc.wait_next_msgs.future(self.id)
        return [Message(self, msg_id) for msg_id in next_msg_ids]

    def wait_for_incoming_msg_event(self):
@@ -415,12 +421,21 @@ class Account:
        """Wait for messages noticed event and return it."""
        return self.wait_for_event(EventType.MSGS_NOTICED)

+    def wait_for_msg(self, event_type) -> Message:
+        """Wait for an event about the message.
+
+        Consumes all events before the matching event.
+        Returns a message corresponding to the msg_id field of the event.
+        """
+        event = self.wait_for_event(event_type)
+        return self.get_message_by_id(event.msg_id)
+
    def wait_for_incoming_msg(self):
        """Wait for incoming message and return it.

        Consumes all events before the next incoming message event.
        """
-        return self.get_message_by_id(self.wait_for_incoming_msg_event().msg_id)
+        return self.wait_for_msg(EventType.INCOMING_MSG)

    def wait_for_securejoin_inviter_success(self):
        """Wait until SecureJoin process finishes successfully on the inviter side."""
--- a/deltachat-rpc-client/src/deltachat_rpc_client/chat.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/chat.py
@@ -219,10 +219,12 @@ class Chat:
        """Mark all messages in this chat as noticed."""
        self._rpc.marknoticed_chat(self.account.id, self.id)

-    def add_contact(self, *contact: Union[int, str, Contact]) -> None:
+    def add_contact(self, *contact: Union[int, str, Contact, "Account"]) -> None:
        """Add contacts to this group."""
+        from .account import Account
+
        for cnt in contact:
-            if isinstance(cnt, str):
+            if isinstance(cnt, (str, Account)):
                contact_id = self.account.create_contact(cnt).id
            elif not isinstance(cnt, int):
                contact_id = cnt.id
@@ -230,10 +232,12 @@ class Chat:
                contact_id = cnt
            self._rpc.add_contact_to_chat(self.account.id, self.id, contact_id)

-    def remove_contact(self, *contact: Union[int, str, Contact]) -> None:
+    def remove_contact(self, *contact: Union[int, str, Contact, "Account"]) -> None:
        """Remove members from this group."""
+        from .account import Account
+
        for cnt in contact:
-            if isinstance(cnt, str):
+            if isinstance(cnt, (str, Account)):
                contact_id = self.account.create_contact(cnt).id
            elif not isinstance(cnt, int):
                contact_id = cnt.id
@@ -249,6 +253,10 @@ class Chat:
        contacts = self._rpc.get_chat_contacts(self.account.id, self.id)
        return [Contact(self.account, contact_id) for contact_id in contacts]

+    def num_contacts(self) -> int:
+        """Return number of contacts in this chat."""
+        return len(self.get_contacts())
+
    def get_past_contacts(self) -> list[Contact]:
        """Get past contacts for this chat."""
        past_contacts = self._rpc.get_past_chat_contacts(self.account.id, self.id)
@@ -295,7 +303,7 @@ class Chat:
            f.flush()
            self._rpc.send_msg(self.account.id, self.id, {"viewtype": ViewType.VCARD, "file": f.name})

-    def place_outgoing_call(self, place_call_info: str) -> Message:
+    def place_outgoing_call(self, place_call_info: str, has_video_initially: bool) -> Message:
        """Starts an outgoing call."""
-        msg_id = self._rpc.place_outgoing_call(self.account.id, self.id, place_call_info)
+        msg_id = self._rpc.place_outgoing_call(self.account.id, self.id, place_call_info, has_video_initially)
        return Message(self.account, msg_id)
--- a/deltachat-rpc-client/src/deltachat_rpc_client/client.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/client.py
@@ -14,6 +14,7 @@ from typing import (

 from ._utils import (
    AttrDict,
+    _forever,
    parse_system_add_remove,
    parse_system_image_changed,
    parse_system_title_changed,
@@ -83,28 +84,36 @@ class Client:

    def configure(self, email: str, password: str, **kwargs) -> None:
        """Configure the client."""
-        self.account.set_config("addr", email)
-        self.account.set_config("mail_pw", password)
        for key, value in kwargs.items():
            self.account.set_config(key, value)
-        self.account.configure()
+        params = {"addr": email, "password": password}
+        self.account.add_or_update_transport(params)
        self.logger.debug("Account configured")

    def run_forever(self) -> None:
        """Process events forever."""
-        self.run_until(lambda _: False)
+        self.run_until(_forever)

    def run_until(self, func: Callable[[AttrDict], bool]) -> AttrDict:
-        """Process events until the given callable evaluates to True.
-
-        The callable should accept an AttrDict object representing the
-        last processed event. The event is returned when the callable
-        evaluates to True.
-        """
+        """Start the event processing loop."""
        self.logger.debug("Listening to incoming events...")
        if self.is_configured():
            self.account.start_io()
        self._process_messages()  # Process old messages.
+        return self._process_events(until_func=func)  # Loop over incoming events
+
+    def _process_events(
+        self,
+        until_func: Callable[[AttrDict], bool] = _forever,
+        until_event: EventType = False,
+    ) -> AttrDict:
+        """Process events until the given callable evaluates to True,
+        or until a certain event happens.
+
+        The until_func callable should accept an AttrDict object representing
+        the last processed event. The event is returned when the callable
+        evaluates to True.
+        """
        while True:
            event = self.account.wait_for_event()
            event["kind"] = EventType(event.kind)
@@ -113,10 +122,13 @@ class Client:
            if event.kind == EventType.INCOMING_MSG:
                self._process_messages()

-            stop = func(event)
+            stop = until_func(event)
            if stop:
                return event

+            if event.kind == until_event:
+                return event
+
    def _on_event(self, event: AttrDict, filter_type: Type[EventFilter] = RawEvent) -> None:
        for hook, evfilter in self._hooks.get(filter_type, []):
            if evfilter.filter(event):
--- a/deltachat-rpc-client/src/deltachat_rpc_client/const.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/const.py
@@ -80,6 +80,7 @@ class EventType(str, Enum):
    CONFIG_SYNCED = "ConfigSynced"
    WEBXDC_REALTIME_DATA = "WebxdcRealtimeData"
    WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED = "WebxdcRealtimeAdvertisementReceived"
+    TRANSPORTS_MODIFIED = "TransportsModified"


 class ChatId(IntEnum):
@@ -91,19 +92,17 @@ class ChatId(IntEnum):
    LAST_SPECIAL = 9


-class ChatType(IntEnum):
+class ChatType(str, Enum):
    """Chat type."""

-    UNDEFINED = 0
-
-    SINGLE = 100
+    SINGLE = "Single"
    """1:1 chat, i.e. a direct chat with a single contact"""

-    GROUP = 120
+    GROUP = "Group"

-    MAILINGLIST = 140
+    MAILINGLIST = "Mailinglist"

-    OUT_BROADCAST = 160
+    OUT_BROADCAST = "OutBroadcast"
    """Outgoing broadcast channel, called "Channel" in the UI.

    The user can send into this channel,
@@ -115,7 +114,7 @@ class ChatType(IntEnum):
    which would make it hard to grep for it.
    """

-    IN_BROADCAST = 165
+    IN_BROADCAST = "InBroadcast"
    """Incoming broadcast channel, called "Channel" in the UI.

    This channel is read-only,
--- a/deltachat-rpc-client/src/deltachat_rpc_client/deltachat.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/deltachat.py
@@ -4,7 +4,7 @@ from __future__ import annotations

 from typing import TYPE_CHECKING

-from ._utils import AttrDict
+from ._utils import AttrDict, futuremethod
 from .account import Account

 if TYPE_CHECKING:
@@ -39,6 +39,15 @@ class DeltaChat:
        """Stop the I/O of all accounts."""
        self.rpc.stop_io_for_all_accounts()

+    @futuremethod
+    def background_fetch(self, timeout_in_seconds: int) -> None:
+        """Run background fetch for all accounts."""
+        yield self.rpc.background_fetch.future(timeout_in_seconds)
+
+    def stop_background_fetch(self) -> None:
+        """Stop ongoing background fetch."""
+        self.rpc.stop_background_fetch()
+
    def maybe_network(self) -> None:
        """Indicate that the network conditions might have changed."""
        self.rpc.maybe_network()
--- a/deltachat-rpc-client/src/deltachat_rpc_client/message.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/message.py
@@ -44,6 +44,14 @@ class Message:
        read_receipts = self._rpc.get_message_read_receipts(self.account.id, self.id)
        return [AttrDict(read_receipt) for read_receipt in read_receipts]

+    def get_read_receipt_count(self) -> int:
+        """
+        Returns count of read receipts on message.
+
+        This view count is meant as a feedback measure for the channel owner only.
+        """
+        return self._rpc.get_message_read_receipt_count(self.account.id, self.id)
+
    def get_reactions(self) -> Optional[AttrDict]:
        """Get message reactions."""
        reactions = self._rpc.get_message_reactions(self.account.id, self.id)
@@ -60,6 +68,10 @@ class Message:
        """Mark the message as seen."""
        self._rpc.markseen_msgs(self.account.id, [self.id])

+    def exists(self) -> bool:
+        """Return True if the message exists."""
+        return bool(self._rpc.get_existing_msg_ids(self.account.id, [self.id]))
+
    def continue_autocrypt_key_transfer(self, setup_code: str) -> None:
        """Continue the Autocrypt Setup Message key transfer.

@@ -93,6 +105,17 @@ class Message:
            if event.kind == EventType.MSG_DELIVERED and event.msg_id == self.id:
                break

+    def resend(self) -> None:
+        """Resend messages and make information available for newly added chat members.
+        Resending sends out the original message, however, recipients and webxdc-status may differ.
+        Clients that already have the original message can still ignore the resent message as
+        they have tracked the state by dedicated updates.
+
+        Some messages cannot be resent, eg. info-messages, drafts, already pending messages,
+        or messages that are not sent by SELF.
+        """
+        self._rpc.resend_messages(self.account.id, [self.id])
+
    @futuremethod
    def send_webxdc_realtime_advertisement(self):
        """Send an advertisement to join the realtime channel."""
--- a/deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py
@@ -2,10 +2,16 @@

 from __future__ import annotations

+import logging
 import os
+import pathlib
+import platform
 import random
+import subprocess
+import sys
 from typing import AsyncGenerator, Optional

+import execnet
 import py
 import pytest

@@ -16,10 +22,22 @@ from .rpc import Rpc
 E2EE_INFO_MSGS = 1
 """
 The number of info messages added to new e2ee chats.
-Currently this is "End-to-end encryption available".
+Currently this is "Messages are end-to-end encrypted."
 """


+def pytest_report_header():
+    for base in os.get_exec_path():
+        fn = pathlib.Path(base).joinpath(base, "deltachat-rpc-server")
+        if fn.exists():
+            proc = subprocess.Popen([str(fn), "--version"], stderr=subprocess.PIPE)
+            proc.wait()
+            version = proc.stderr.read().decode().strip()
+            return f"deltachat-rpc-server: {fn} [{version}]"
+
+    return None
+
+
 class ACFactory:
    """Test account factory."""

@@ -40,13 +58,17 @@ class ACFactory:
        username = "ci-" + "".join(random.choice("2345789acdefghjkmnpqrstuvwxyz") for i in range(6))
        return f"{username}@{domain}", f"{username}${username}"

+    def get_account_qr(self):
+        """Return "dcaccount:" QR code for testing chatmail relay."""
+        domain = os.getenv("CHATMAIL_DOMAIN")
+        return f"dcaccount:{domain}"
+
    @futuremethod
    def new_configured_account(self):
        """Create a new configured account."""
-        addr, password = self.get_credentials()
        account = self.get_unconfigured_account()
-        params = {"addr": addr, "password": password}
-        yield account.add_or_update_transport.future(params)
+        qr = self.get_account_qr()
+        yield account.add_transport_from_qr.future(qr)

        assert account.is_configured()
        return account
@@ -73,11 +95,12 @@ class ACFactory:
    def resetup_account(self, ac: Account) -> Account:
        """Resetup account from scratch, losing the encryption key."""
        ac.stop_io()
-        ac_clone = self.get_unconfigured_account()
-        for i in ["addr", "mail_pw"]:
-            ac_clone.set_config(i, ac.get_config(i))
+        transports = ac.list_transports()
        ac.remove()
-        ac_clone.configure()
+        ac_clone = self.get_unconfigured_account()
+        for transport in transports:
+            ac_clone.add_or_update_transport(transport)
+        ac_clone.bring_online()
        return ac_clone

    def get_accepted_chat(self, ac1: Account, ac2: Account) -> Chat:
@@ -136,9 +159,15 @@ def rpc(tmp_path) -> AsyncGenerator:


@pytest.fixture
-def acfactory(rpc) -> AsyncGenerator:
+def dc(rpc) -> DeltaChat:
+    """Return account manager."""
+    return DeltaChat(rpc)
+
+
+@pytest.fixture
+def acfactory(dc) -> AsyncGenerator:
    """Return account factory fixture."""
-    return ACFactory(DeltaChat(rpc))
+    return ACFactory(dc)


@pytest.fixture
@@ -176,13 +205,143 @@ def log():

    class Printer:
        def section(self, msg: str) -> None:
-            print()
-            print("=" * 10, msg, "=" * 10)
+            logging.info("\n%s %s %s", "=" * 10, msg, "=" * 10)

        def step(self, msg: str) -> None:
-            print("-" * 5, "step " + msg, "-" * 5)
+            logging.info("%s step %s %s", "-" * 5, msg, "-" * 5)

        def indent(self, msg: str) -> None:
-            print("  " + msg)
+            logging.info("  " + msg)

    return Printer()
+
+
+#
+# support for testing against different deltachat-rpc-server/clients
+# installed into a temporary virtualenv and connected via 'execnet' channels
+#
+
+
+def find_path(venv, name):
+    is_windows = platform.system() == "Windows"
+    bin = venv / ("bin" if not is_windows else "Scripts")
+
+    tryadd = [""]
+    if is_windows:
+        tryadd += os.environ["PATHEXT"].split(os.pathsep)
+    for ext in tryadd:
+        p = bin.joinpath(name + ext)
+        if p.exists():
+            return str(p)
+
+    return None
+
+
+@pytest.fixture(scope="session")
+def get_core_python_env(tmp_path_factory):
+    """Return a factory to create virtualenv environments with rpc server/client packages
+    installed.
+
+    The factory takes a version and returns a (python_path, rpc_server_path) tuple
+    of the respective binaries in the virtualenv.
+    """
+
+    envs = {}
+
+    def get_versioned_venv(core_version):
+        venv = envs.get(core_version)
+        if not venv:
+            venv = tmp_path_factory.mktemp(f"temp-{core_version}")
+            subprocess.check_call([sys.executable, "-m", "venv", venv])
+
+            python = find_path(venv, "python")
+            pkgs = [f"deltachat-rpc-server=={core_version}", f"deltachat-rpc-client=={core_version}", "pytest"]
+            subprocess.check_call([python, "-m", "pip", "install"] + pkgs)
+
+            envs[core_version] = venv
+        python = find_path(venv, "python")
+        rpc_server_path = find_path(venv, "deltachat-rpc-server")
+        logging.info(f"Paths:\npython={python}\nrpc_server={rpc_server_path}")
+        return python, rpc_server_path
+
+    return get_versioned_venv
+
+
+@pytest.fixture
+def alice_and_remote_bob(tmp_path, acfactory, get_core_python_env):
+    """return local Alice account, a contact to bob, and a remote 'eval' function for bob.
+
+    The 'eval' function allows to remote-execute arbitrary expressions
+    that can use the `bob` online account, and the `bob_contact_alice`.
+    """
+
+    def factory(core_version):
+        python, rpc_server_path = get_core_python_env(core_version)
+        gw = execnet.makegateway(f"popen//python={python}")
+
+        accounts_dir = str(tmp_path.joinpath("account1_venv1"))
+        channel = gw.remote_exec(remote_bob_loop)
+        cm = os.environ.get("CHATMAIL_DOMAIN")
+
+        # trigger getting an online account on bob's side
+        channel.send((accounts_dir, str(rpc_server_path), cm))
+
+        # meanwhile get a local alice account
+        alice = acfactory.get_online_account()
+        channel.send(alice.self_contact.make_vcard())
+
+        # wait for bob to have started
+        sysinfo = channel.receive()
+        assert sysinfo == f"v{core_version}"
+        bob_vcard = channel.receive()
+        [alice_contact_bob] = alice.import_vcard(bob_vcard)
+
+        def eval(eval_str):
+            channel.send(eval_str)
+            return channel.receive()
+
+        return alice, alice_contact_bob, eval
+
+    return factory
+
+
+def remote_bob_loop(channel):
+    # This function executes with versioned
+    # deltachat-rpc-client/server packages
+    # installed into the virtualenv.
+    #
+    # The "channel" argument is a send/receive pipe
+    # to the process that runs the corresponding remote_exec(remote_bob_loop)
+
+    import os
+
+    from deltachat_rpc_client import DeltaChat, Rpc
+    from deltachat_rpc_client.pytestplugin import ACFactory
+
+    accounts_dir, rpc_server_path, chatmail_domain = channel.receive()
+    os.environ["CHATMAIL_DOMAIN"] = chatmail_domain
+
+    # older core versions don't support specifying rpc_server_path
+    # so we can't just pass `rpc_server_path` argument to Rpc constructor
+    basepath = os.path.dirname(rpc_server_path)
+    os.environ["PATH"] = os.pathsep.join([basepath, os.environ["PATH"]])
+    rpc = Rpc(accounts_dir=accounts_dir)
+
+    with rpc:
+        dc = DeltaChat(rpc)
+        channel.send(dc.rpc.get_system_info()["deltachat_core_version"])
+        acfactory = ACFactory(dc)
+        bob = acfactory.get_online_account()
+        alice_vcard = channel.receive()
+        [alice_contact] = bob.import_vcard(alice_vcard)
+        ns = {"bob": bob, "bob_contact_alice": alice_contact}
+        channel.send(bob.self_contact.make_vcard())
+
+        while 1:
+            eval_str = channel.receive()
+            res = eval(eval_str, ns)
+            try:
+                channel.send(res)
+            except Exception:
+                # some unserializable result
+                channel.send(None)
--- a/deltachat-rpc-client/src/deltachat_rpc_client/rpc.py
+++ b/deltachat-rpc-client/src/deltachat_rpc_client/rpc.py
@@ -9,7 +9,7 @@ import os
 import subprocess
 import sys
 from queue import Empty, Queue
-from threading import Event, Thread
+from threading import Thread
 from typing import Any, Iterator, Optional


@@ -17,25 +17,6 @@ class JsonRpcError(Exception):
    """JSON-RPC error."""


-class RpcFuture:
-    """RPC future waiting for RPC call result."""
-
-    def __init__(self, rpc: "Rpc", request_id: int, event: Event):
-        self.rpc = rpc
-        self.request_id = request_id
-        self.event = event
-
-    def __call__(self):
-        """Wait for the future to return the result."""
-        self.event.wait()
-        response = self.rpc.request_results.pop(self.request_id)
-        if "error" in response:
-            raise JsonRpcError(response["error"])
-        if "result" in response:
-            return response["result"]
-        return None
-
-
 class RpcMethod:
    """RPC method."""

@@ -57,20 +38,26 @@ class RpcMethod:
            "params": args,
            "id": request_id,
        }
-        event = Event()
-        self.rpc.request_events[request_id] = event
+        self.rpc.request_results[request_id] = queue = Queue()
        self.rpc.request_queue.put(request)

-        return RpcFuture(self.rpc, request_id, event)
+        def rpc_future():
+            """Wait for the request to receive a result."""
+            response = queue.get()
+            if "error" in response:
+                raise JsonRpcError(response["error"])
+            return response.get("result", None)
+
+        return rpc_future


 class Rpc:
    """RPC client."""

-    def __init__(self, accounts_dir: Optional[str] = None, **kwargs):
+    def __init__(self, accounts_dir: Optional[str] = None, rpc_server_path="deltachat-rpc-server", **kwargs):
        """Initialize RPC client.

-        The given arguments will be passed to subprocess.Popen().
+        The 'kwargs' arguments will be passed to subprocess.Popen().
        """
        if accounts_dir:
            kwargs["env"] = {
@@ -79,13 +66,12 @@ class Rpc:
            }

        self._kwargs = kwargs
+        self.rpc_server_path = rpc_server_path
        self.process: subprocess.Popen
        self.id_iterator: Iterator[int]
        self.event_queues: dict[int, Queue]
-        # Map from request ID to `threading.Event`.
-        self.request_events: dict[int, Event]
-        # Map from request ID to the result.
-        self.request_results: dict[int, Any]
+        # Map from request ID to a Queue which provides a single result
+        self.request_results: dict[int, Queue]
        self.request_queue: Queue[Any]
        self.closing: bool
        self.reader_thread: Thread
@@ -94,27 +80,18 @@ class Rpc:

    def start(self) -> None:
        """Start RPC server subprocess."""
+        popen_kwargs = {"stdin": subprocess.PIPE, "stdout": subprocess.PIPE}
        if sys.version_info >= (3, 11):
-            self.process = subprocess.Popen(
-                "deltachat-rpc-server",
-                stdin=subprocess.PIPE,
-                stdout=subprocess.PIPE,
-                # Prevent subprocess from capturing SIGINT.
-                process_group=0,
-                **self._kwargs,
-            )
+            # Prevent subprocess from capturing SIGINT.
+            popen_kwargs["process_group"] = 0
        else:
-            self.process = subprocess.Popen(
-                "deltachat-rpc-server",
-                stdin=subprocess.PIPE,
-                stdout=subprocess.PIPE,
-                # `process_group` is not supported before Python 3.11.
-                preexec_fn=os.setpgrp,  # noqa: PLW1509
-                **self._kwargs,
-            )
+            # `process_group` is not supported before Python 3.11.
+            popen_kwargs["preexec_fn"] = os.setpgrp  # noqa: PLW1509
+
+        popen_kwargs.update(self._kwargs)
+        self.process = subprocess.Popen(self.rpc_server_path, **popen_kwargs)
        self.id_iterator = itertools.count(start=1)
        self.event_queues = {}
-        self.request_events = {}
        self.request_results = {}
        self.request_queue = Queue()
        self.closing = False
@@ -149,9 +126,7 @@ class Rpc:
                response = json.loads(line)
                if "id" in response:
                    response_id = response["id"]
-                    event = self.request_events.pop(response_id)
-                    self.request_results[response_id] = response
-                    event.set()
+                    self.request_results.pop(response_id).put(response)
                else:
                    logging.warning("Got a response without ID: %s", response)
        except Exception:
--- a/deltachat-rpc-client/tests/conftest.py
+++ b/deltachat-rpc-client/tests/conftest.py
@@ -2,6 +2,7 @@ from __future__ import annotations

 import imaplib
 import io
+import logging
 import pathlib
 import ssl
 from contextlib import contextmanager
@@ -45,13 +46,13 @@ class DirectImap:
        try:
            self.conn.logout()
        except (OSError, imaplib.IMAP4.abort):
-            print("Could not logout direct_imap conn")
+            logging.warning("Could not logout direct_imap conn")

    def create_folder(self, foldername):
        try:
            self.conn.folder.create(foldername)
        except errors.MailboxFolderCreateError as e:
-            print("Can't create", foldername, "probably it already exists:", str(e))
+            logging.warning(f"Cannot create '{foldername}', probably it already exists: {str(e)}")

    def select_folder(self, foldername: str) -> tuple:
        assert not self._idling
@@ -85,17 +86,17 @@ class DirectImap:

    def get_all_messages(self) -> list[MailMessage]:
        assert not self._idling
-        return list(self.conn.fetch())
+        return list(self.conn.fetch(mark_seen=False))

    def get_unread_messages(self) -> list[str]:
        assert not self._idling
-        return [msg.uid for msg in self.conn.fetch(AND(seen=False))]
+        return [msg.uid for msg in self.conn.fetch(AND(seen=False), mark_seen=False)]

    def mark_all_read(self):
        messages = self.get_unread_messages()
        if messages:
            res = self.conn.flag(messages, MailMessageFlags.SEEN, True)
-            print("marked seen:", messages, res)
+            logging.info(f"Marked seen: {messages} {res}")

    def get_unread_cnt(self) -> int:
        return len(self.get_unread_messages())
@@ -173,7 +174,6 @@ class DirectImap:
 class IdleManager:
    def __init__(self, direct_imap) -> None:
        self.direct_imap = direct_imap
-        self.log = direct_imap.account.log
        # fetch latest messages before starting idle so that it only
        # returns messages that arrive anew
        self.direct_imap.conn.fetch("1:*")
@@ -181,14 +181,11 @@ class IdleManager:

    def check(self, timeout=None) -> list[bytes]:
        """(blocking) wait for next idle message from server."""
-        self.log("imap-direct: calling idle_check")
-        res = self.direct_imap.conn.idle.poll(timeout=timeout)
-        self.log(f"imap-direct: idle_check returned {res!r}")
-        return res
+        return self.direct_imap.conn.idle.poll(timeout=timeout)

-    def wait_for_new_message(self, timeout=None) -> bytes:
+    def wait_for_new_message(self) -> bytes:
        while True:
-            for item in self.check(timeout=timeout):
+            for item in self.check():
                if b"EXISTS" in item or b"RECENT" in item:
                    return item

@@ -196,10 +193,8 @@ class IdleManager:
        """Return first message with SEEN flag from a running idle-stream."""
        while True:
            for item in self.check(timeout=timeout):
-                if FETCH in item:
-                    self.log(str(item))
-                    if FLAGS in item and rb"\Seen" in item:
-                        return int(item.split(b" ")[1])
+                if FETCH in item and FLAGS in item and rb"\Seen" in item:
+                    return int(item.split(b" ")[1])

    def done(self):
        """send idle-done to server if we are currently in idle mode."""
--- a/deltachat-rpc-client/tests/test_calls.py
+++ b/deltachat-rpc-client/tests/test_calls.py
@@ -9,15 +9,16 @@ def test_calls(acfactory) -> None:

    alice_contact_bob = alice.create_contact(bob, "Bob")
    alice_chat_bob = alice_contact_bob.create_chat()
-    outgoing_call_message = alice_chat_bob.place_outgoing_call(place_call_info)
+    bob.create_chat(alice)  # Accept the chat so incoming call causes a notification.
+    outgoing_call_message = alice_chat_bob.place_outgoing_call(place_call_info, has_video_initially=True)
    assert outgoing_call_message.get_call_info().state.kind == "Alerting"

    incoming_call_event = bob.wait_for_event(EventType.INCOMING_CALL)
    assert incoming_call_event.place_call_info == place_call_info
-    assert not incoming_call_event.has_video  # Cannot be parsed as SDP, so false by default
+    assert incoming_call_event.has_video
    incoming_call_message = Message(bob, incoming_call_event.msg_id)
    assert incoming_call_message.get_call_info().state.kind == "Alerting"
-    assert not incoming_call_message.get_call_info().has_video
+    assert incoming_call_message.get_call_info().has_video

    incoming_call_message.accept_incoming_call(accept_call_info)
    assert incoming_call_message.get_call_info().sdp_offer == place_call_info
@@ -40,47 +41,106 @@ def test_video_call(acfactory) -> None:
    #
    # `s=` cannot be empty according to RFC 3264,
    # so it is more clear as `s=-`.
-    place_call_info = """v=0\r
-o=alice 2890844526 2890844526 IN IP6 2001:db8::3\r
-s=-\r
-c=IN IP6 2001:db8::3\r
-t=0 0\r
-a=group:BUNDLE foo bar\r
-\r
-m=audio 10000 RTP/AVP 0 8 97\r
-b=AS:200\r
-a=mid:foo\r
-a=rtcp-mux\r
-a=rtpmap:0 PCMU/8000\r
-a=rtpmap:8 PCMA/8000\r
-a=rtpmap:97 iLBC/8000\r
-a=extmap:1 urn:ietf:params:rtp-hdrext:sdes:mid\r
-\r
-m=video 10002 RTP/AVP 31 32\r
-b=AS:1000\r
-a=mid:bar\r
-a=rtcp-mux\r
-a=rtpmap:31 H261/90000\r
-a=rtpmap:32 MPV/90000\r
-a=extmap:1 urn:ietf:params:rtp-hdrext:sdes:mid\r
-"""

    alice, bob = acfactory.get_online_accounts(2)

+    bob.create_chat(alice)  # Accept the chat so incoming call causes a notification.
    alice_contact_bob = alice.create_contact(bob, "Bob")
    alice_chat_bob = alice_contact_bob.create_chat()
-    alice_chat_bob.place_outgoing_call(place_call_info)
+    alice_chat_bob.place_outgoing_call("offer", has_video_initially=True)

    incoming_call_event = bob.wait_for_event(EventType.INCOMING_CALL)
-    assert incoming_call_event.place_call_info == place_call_info
+    assert incoming_call_event.place_call_info == "offer"
    assert incoming_call_event.has_video

    incoming_call_message = Message(bob, incoming_call_event.msg_id)
    assert incoming_call_message.get_call_info().has_video


+def test_audio_call(acfactory) -> None:
+    alice, bob = acfactory.get_online_accounts(2)
+
+    bob.create_chat(alice)  # Accept the chat so incoming call causes a notification.
+    alice_contact_bob = alice.create_contact(bob, "Bob")
+    alice_chat_bob = alice_contact_bob.create_chat()
+    alice_chat_bob.place_outgoing_call("offer", has_video_initially=False)
+
+    incoming_call_event = bob.wait_for_event(EventType.INCOMING_CALL)
+    assert incoming_call_event.place_call_info == "offer"
+    assert not incoming_call_event.has_video
+
+    incoming_call_message = Message(bob, incoming_call_event.msg_id)
+    assert not incoming_call_message.get_call_info().has_video
+
+
 def test_ice_servers(acfactory) -> None:
    alice = acfactory.get_online_account()

    ice_servers = alice.ice_servers()
    assert len(ice_servers) == 1
+
+
+def test_no_contact_request_call(acfactory) -> None:
+    alice, bob = acfactory.get_online_accounts(2)
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_chat_bob.place_outgoing_call("offer", has_video_initially=True)
+    alice_chat_bob.send_text("Hello!")
+
+    # Notification for "Hello!" message should arrive
+    # without the call ringing.
+    while True:
+        event = bob.wait_for_event()
+
+        # There should be no incoming call notification.
+        assert event.kind != EventType.INCOMING_CALL
+
+        if event.kind == EventType.MSGS_CHANGED:
+            msg = bob.get_message_by_id(event.msg_id)
+            if msg.get_snapshot().text == "Hello!":
+                break
+
+
+def test_who_can_call_me_nobody(acfactory) -> None:
+    alice, bob = acfactory.get_online_accounts(2)
+
+    # Bob sets "who can call me" to "nobody" (2)
+    bob.set_config("who_can_call_me", "2")
+
+    # Bob even accepts Alice in advance so the chat does not appear as contact request.
+    bob.create_chat(alice)
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_chat_bob.place_outgoing_call("offer", has_video_initially=True)
+    alice_chat_bob.send_text("Hello!")
+
+    # Notification for "Hello!" message should arrive
+    # without the call ringing.
+    while True:
+        event = bob.wait_for_event()
+
+        # There should be no incoming call notification.
+        assert event.kind != EventType.INCOMING_CALL
+
+        if event.kind == EventType.INCOMING_MSG:
+            msg = bob.get_message_by_id(event.msg_id)
+            if msg.get_snapshot().text == "Hello!":
+                break
+
+
+def test_who_can_call_me_everybody(acfactory) -> None:
+    """Test that if "who can call me" setting is set to "everybody", calls arrive even in contact request chats."""
+    alice, bob = acfactory.get_online_accounts(2)
+
+    # Bob sets "who can call me" to "nobody" (0)
+    bob.set_config("who_can_call_me", "0")
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_chat_bob.place_outgoing_call("offer", has_video_initially=True)
+    incoming_call_event = bob.wait_for_event(EventType.INCOMING_CALL)
+
+    incoming_call_message = Message(bob, incoming_call_event.msg_id)
+
+    # Even with the call arriving, the chat is still in the contact request mode.
+    incoming_chat = incoming_call_message.get_snapshot().chat
+    assert incoming_chat.get_basic_snapshot().is_contact_request
--- a/deltachat-rpc-client/tests/test_chatlist_events.py
+++ b/deltachat-rpc-client/tests/test_chatlist_events.py
@@ -1,7 +1,5 @@
 from __future__ import annotations

-import base64
-import os
 from typing import TYPE_CHECKING

 from deltachat_rpc_client import Account, EventType, const
@@ -129,7 +127,7 @@ def test_download_on_demand(acfactory: ACFactory) -> None:
    msg.get_snapshot().chat.accept()
    bob.get_chat_by_id(chat_id).send_message(
        "Hello World, this message is bigger than 5 bytes",
-        html=base64.b64encode(os.urandom(300000)).decode("utf-8"),
+        file="../test-data/image/screenshot.jpg",
    )

    message = alice.wait_for_incoming_msg()
@@ -169,6 +167,8 @@ def test_imap_sync_seen_msgs(acfactory: ACFactory) -> None:
    """
    alice, alice_second_device, bob, alice_chat_bob = get_multi_account_test_setup(acfactory)

+    bob.create_chat(alice)
+
    alice_chat_bob.send_text("hello")

    msg = bob.wait_for_incoming_msg()
--- a/deltachat-rpc-client/tests/test_cross_core.py
+++ b/deltachat-rpc-client/tests/test_cross_core.py
@@ -0,0 +1,57 @@
+import subprocess
+
+import pytest
+
+from deltachat_rpc_client import DeltaChat, Rpc
+
+
+def test_install_venv_and_use_other_core(tmp_path, get_core_python_env):
+    python, rpc_server_path = get_core_python_env("2.24.0")
+    subprocess.check_call([python, "-m", "pip", "install", "deltachat-rpc-server==2.24.0"])
+    rpc = Rpc(accounts_dir=tmp_path.joinpath("accounts"), rpc_server_path=rpc_server_path)
+
+    with rpc:
+        dc = DeltaChat(rpc)
+        assert dc.rpc.get_system_info()["deltachat_core_version"] == "v2.24.0"
+
+
+@pytest.mark.parametrize("version", ["2.24.0"])
+def test_qr_setup_contact(alice_and_remote_bob, version) -> None:
+    """Test other-core Bob profile can do securejoin with Alice on current core."""
+    alice, alice_contact_bob, remote_eval = alice_and_remote_bob(version)
+
+    qr_code = alice.get_qr_code()
+    remote_eval(f"bob.secure_join({qr_code!r})")
+    alice.wait_for_securejoin_inviter_success()
+
+    # Test that Alice verified Bob's profile.
+    alice_contact_bob_snapshot = alice_contact_bob.get_snapshot()
+    assert alice_contact_bob_snapshot.is_verified
+
+    remote_eval("bob.wait_for_securejoin_joiner_success()")
+
+    # Test that Bob verified Alice's profile.
+    assert remote_eval("bob_contact_alice.get_snapshot().is_verified")
+
+
+def test_send_and_receive_message(alice_and_remote_bob) -> None:
+    """Test other-core Bob profile can send a message to Alice on current core."""
+    alice, alice_contact_bob, remote_eval = alice_and_remote_bob("2.20.0")
+
+    remote_eval("bob_contact_alice.create_chat().send_text('hello')")
+
+    msg = alice.wait_for_incoming_msg()
+    assert msg.get_snapshot().text == "hello"
+
+
+def test_second_device(acfactory, alice_and_remote_bob) -> None:
+    """Test setting up current version as a second device for old version."""
+    _alice, alice_contact_bob, remote_eval = alice_and_remote_bob("2.20.0")
+
+    remote_eval("locals().setdefault('future', bob._rpc.provide_backup.future(bob.id))")
+    qr = remote_eval("bob._rpc.get_backup_qr(bob.id)")
+    new_account = acfactory.get_unconfigured_account()
+    new_account._rpc.get_backup(new_account.id, qr)
+    remote_eval("locals()['future']()")
+
+    assert new_account.get_config("addr") == remote_eval("bob.get_config('addr')")
--- a/deltachat-rpc-client/tests/test_folders.py
+++ b/deltachat-rpc-client/tests/test_folders.py
@@ -0,0 +1,212 @@
+import logging
+import re
+import time
+
+import pytest
+from imap_tools import AND, U
+
+from deltachat_rpc_client import Contact, EventType, Message
+
+
+def test_move_works(acfactory, direct_imap):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac2_direct_imap = direct_imap(ac2)
+    ac2_direct_imap.create_folder("DeltaChat")
+    ac2.set_config("mvbox_move", "1")
+    ac2.bring_online()
+
+    chat = ac1.create_chat(ac2)
+    chat.send_text("message1")
+
+    # Message is moved to the movebox
+    ac2.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
+
+    # Message is downloaded
+    msg = ac2.wait_for_incoming_msg().get_snapshot()
+    assert msg.text == "message1"
+
+
+def test_reactions_for_a_reordering_move(acfactory, direct_imap):
+    """When a batch of messages is moved from Inbox to DeltaChat folder with a single MOVE command,
+    their UIDs may be reordered (e.g. Gmail is known for that) which led to that messages were
+    processed by receive_imf in the wrong order, and, particularly, reactions were processed before
+    messages they refer to and thus dropped.
+    """
+    (ac1,) = acfactory.get_online_accounts(1)
+
+    addr, password = acfactory.get_credentials()
+    ac2 = acfactory.get_unconfigured_account()
+    ac2.add_or_update_transport({"addr": addr, "password": password})
+    ac2_direct_imap = direct_imap(ac2)
+    ac2_direct_imap.create_folder("DeltaChat")
+    ac2.set_config("mvbox_move", "1")
+    assert ac2.is_configured()
+
+    ac2.bring_online()
+    chat1 = acfactory.get_accepted_chat(ac1, ac2)
+    ac2.stop_io()
+
+    logging.info("sending message + reaction from ac1 to ac2")
+    msg1 = chat1.send_text("hi")
+    msg1.wait_until_delivered()
+    # It's is sad, but messages must differ in their INTERNALDATEs to be processed in the correct
+    # order by DC, and most (if not all) mail servers provide only seconds precision.
+    time.sleep(1.1)
+    react_str = "\N{THUMBS UP SIGN}"
+    msg1.send_reaction(react_str).wait_until_delivered()
+
+    logging.info("moving messages to ac2's DeltaChat folder in the reverse order")
+    ac2_direct_imap = direct_imap(ac2)
+    ac2_direct_imap.connect()
+    for uid in sorted([m.uid for m in ac2_direct_imap.get_all_messages()], reverse=True):
+        ac2_direct_imap.conn.move(uid, "DeltaChat")
+
+    logging.info("receiving messages by ac2")
+    ac2.start_io()
+    msg2 = Message(ac2, ac2.wait_for_reactions_changed().msg_id)
+    assert msg2.get_snapshot().text == msg1.get_snapshot().text
+    reactions = msg2.get_reactions()
+    contacts = [Contact(ac2, int(i)) for i in reactions.reactions_by_contact]
+    assert len(contacts) == 1
+    assert contacts[0].get_snapshot().address == ac1.get_config("addr")
+    assert list(reactions.reactions_by_contact.values())[0] == [react_str]
+
+
+def test_move_works_on_self_sent(acfactory, direct_imap):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+
+    # Create and enable movebox.
+    ac1_direct_imap = direct_imap(ac1)
+    ac1_direct_imap.create_folder("DeltaChat")
+    ac1.set_config("mvbox_move", "1")
+    ac1.set_config("bcc_self", "1")
+    ac1.bring_online()
+
+    chat = ac1.create_chat(ac2)
+    chat.send_text("message1")
+    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
+    chat.send_text("message2")
+    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
+    chat.send_text("message3")
+    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
+
+
+def test_moved_markseen(acfactory, direct_imap):
+    """Test that message already moved to DeltaChat folder is marked as seen."""
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac2_direct_imap = direct_imap(ac2)
+    ac2_direct_imap.create_folder("DeltaChat")
+    ac2.set_config("mvbox_move", "1")
+    ac2.set_config("delete_server_after", "0")
+    ac2.set_config("sync_msgs", "0")  # Do not send a sync message when accepting a contact request.
+    ac2.bring_online()
+
+    ac2.stop_io()
+    ac2_direct_imap = direct_imap(ac2)
+    with ac2_direct_imap.idle() as idle2:
+        ac1.create_chat(ac2).send_text("Hello!")
+        idle2.wait_for_new_message()
+
+    # Emulate moving of the message to DeltaChat folder by Sieve rule.
+    ac2_direct_imap.conn.move(["*"], "DeltaChat")
+    ac2_direct_imap.select_folder("DeltaChat")
+    assert len(list(ac2_direct_imap.conn.fetch("*", mark_seen=False))) == 1
+
+    with ac2_direct_imap.idle() as idle2:
+        ac2.start_io()
+
+        ev = ac2.wait_for_event(EventType.MSGS_CHANGED)
+        msg = ac2.get_message_by_id(ev.msg_id)
+        assert msg.get_snapshot().text == "Messages are end-to-end encrypted."
+
+        ev = ac2.wait_for_event(EventType.INCOMING_MSG)
+        msg = ac2.get_message_by_id(ev.msg_id)
+        chat = ac2.get_chat_by_id(ev.chat_id)
+
+        # Accept the contact request.
+        chat.accept()
+        msg.mark_seen()
+        idle2.wait_for_seen()
+
+    assert len(list(ac2_direct_imap.conn.fetch(AND(seen=True, uid=U(1, "*")), mark_seen=False))) == 1
+
+
+@pytest.mark.parametrize("mvbox_move", [True, False])
+def test_markseen_message_and_mdn(acfactory, direct_imap, mvbox_move):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+
+    for ac in ac1, ac2:
+        ac.set_config("delete_server_after", "0")
+        if mvbox_move:
+            ac_direct_imap = direct_imap(ac)
+            ac_direct_imap.create_folder("DeltaChat")
+            ac.set_config("mvbox_move", "1")
+            ac.bring_online()
+
+    # Do not send BCC to self, we only want to test MDN on ac1.
+    ac1.set_config("bcc_self", "0")
+
+    acfactory.get_accepted_chat(ac1, ac2).send_text("hi")
+    msg = ac2.wait_for_incoming_msg()
+    msg.mark_seen()
+
+    if mvbox_move:
+        rex = re.compile("Marked messages [0-9]+ in folder DeltaChat as seen.")
+    else:
+        rex = re.compile("Marked messages [0-9]+ in folder INBOX as seen.")
+
+    for ac in ac1, ac2:
+        while True:
+            event = ac.wait_for_event()
+            if event.kind == EventType.INFO and rex.search(event.msg):
+                break
+
+    folder = "mvbox" if mvbox_move else "inbox"
+    ac1_direct_imap = direct_imap(ac1)
+    ac2_direct_imap = direct_imap(ac2)
+
+    ac1_direct_imap.select_config_folder(folder)
+    ac2_direct_imap.select_config_folder(folder)
+
+    # Check that the mdn is marked as seen
+    assert len(list(ac1_direct_imap.conn.fetch(AND(seen=True), mark_seen=False))) == 1
+    # Check original message is marked as seen
+    assert len(list(ac2_direct_imap.conn.fetch(AND(seen=True), mark_seen=False))) == 1
+
+
+def test_trash_multiple_messages(acfactory, direct_imap, log):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac2.stop_io()
+
+    ac2.set_config("delete_server_after", "0")
+    ac2.set_config("sync_msgs", "0")
+
+    ac2.start_io()
+    chat12 = acfactory.get_accepted_chat(ac1, ac2)
+
+    log.section("ac1: sending 3 messages")
+    texts = ["first", "second", "third"]
+    for text in texts:
+        chat12.send_text(text)
+
+    log.section("ac2: waiting for all messages on the other side")
+    to_delete = []
+    for text in texts:
+        msg = ac2.wait_for_incoming_msg().get_snapshot()
+        assert msg.text in texts
+        if text != "second":
+            to_delete.append(msg)
+
+    log.section("ac2: deleting all messages except second")
+    assert len(to_delete) == len(texts) - 1
+    ac2.delete_messages(to_delete)
+
+    log.section("ac2: test that only one message is left")
+    ac2_direct_imap = direct_imap(ac2)
+    while 1:
+        ac2.wait_for_event(EventType.IMAP_MESSAGE_DELETED)
+        ac2_direct_imap.select_config_folder("inbox")
+        nr_msgs = len(ac2_direct_imap.get_all_messages())
+        assert nr_msgs > 0
+        if nr_msgs == 1:
+            break
--- a/deltachat-rpc-client/tests/test_iroh_webxdc.py
+++ b/deltachat-rpc-client/tests/test_iroh_webxdc.py
@@ -84,7 +84,7 @@ def test_realtime_sequentially(acfactory, path_to_webxdc):

    # share a webxdc app between ac1 and ac2
    ac1_webxdc_msg = acfactory.send_message(from_account=ac1, to_account=ac2, text="play", file=path_to_webxdc)
-    ac2_webxdc_msg = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id)
+    ac2_webxdc_msg = ac2.wait_for_incoming_msg()
    snapshot = ac2_webxdc_msg.get_snapshot()
    assert snapshot.text == "play"

@@ -94,7 +94,7 @@ def test_realtime_sequentially(acfactory, path_to_webxdc):
    acfactory.send_message(from_account=ac1, to_account=ac2, text="ping1")

    log("waiting for incoming message on ac2")
-    snapshot = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac2.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "ping1"

    log("sending ac2 -> ac1 realtime advertisement and additional message")
@@ -102,7 +102,7 @@ def test_realtime_sequentially(acfactory, path_to_webxdc):
    acfactory.send_message(from_account=ac2, to_account=ac1, text="ping2")

    log("waiting for incoming message on ac1")
-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac1.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "ping2"

    log("sending realtime data ac1 -> ac2")
@@ -214,7 +214,9 @@ def test_advertisement_after_chatting(acfactory, path_to_webxdc):
    ac1_ac2_chat = ac1.create_chat(ac2)
    ac1_webxdc_msg = ac1_ac2_chat.send_message(text="WebXDC", file=path_to_webxdc)
    ac2_webxdc_msg = ac2.wait_for_incoming_msg()
-    assert ac2_webxdc_msg.get_snapshot().text == "WebXDC"
+    ac2_webxdc_msg_snapshot = ac2_webxdc_msg.get_snapshot()
+    assert ac2_webxdc_msg_snapshot.text == "WebXDC"
+    ac2_webxdc_msg_snapshot.chat.accept()

    ac1_ac2_chat.send_text("Hello!")
    ac2_hello_msg = ac2.wait_for_incoming_msg()
--- a/deltachat-rpc-client/tests/test_key_transfer.py
+++ b/deltachat-rpc-client/tests/test_key_transfer.py
@@ -18,9 +18,7 @@ def test_autocrypt_setup_message_key_transfer(acfactory):
    alice1 = acfactory.get_online_account()

    alice2 = acfactory.get_unconfigured_account()
-    alice2.set_config("addr", alice1.get_config("addr"))
-    alice2.set_config("mail_pw", alice1.get_config("mail_pw"))
-    alice2.configure()
+    alice2.add_or_update_transport({"addr": alice1.get_config("addr"), "password": alice1.get_config("mail_pw")})
    alice2.bring_online()

    setup_code = alice1.initiate_autocrypt_key_transfer()
@@ -37,9 +35,7 @@ def test_ac_setup_message_twice(acfactory):
    alice1 = acfactory.get_online_account()

    alice2 = acfactory.get_unconfigured_account()
-    alice2.set_config("addr", alice1.get_config("addr"))
-    alice2.set_config("mail_pw", alice1.get_config("mail_pw"))
-    alice2.configure()
+    alice2.add_or_update_transport({"addr": alice1.get_config("addr"), "password": alice1.get_config("mail_pw")})
    alice2.bring_online()

    # Send the first Autocrypt Setup Message and ignore it.
--- a/deltachat-rpc-client/tests/test_multidevice.py
+++ b/deltachat-rpc-client/tests/test_multidevice.py
@@ -4,6 +4,41 @@ from deltachat_rpc_client import EventType
 from deltachat_rpc_client.const import MessageState


+def test_bcc_self_delete_server_after_defaults(acfactory):
+    """Test default values for bcc_self and delete_server_after."""
+    ac = acfactory.get_online_account()
+
+    # Initially after getting online
+    # the setting bcc_self is set to 0 because there is only one device
+    # and delete_server_after is "1", meaning immediate deletion.
+    assert ac.get_config("bcc_self") == "0"
+    assert ac.get_config("delete_server_after") == "1"
+
+    # Setup a second device.
+    ac_clone = ac.clone()
+    ac_clone.bring_online()
+
+    # Second device setup
+    # enables bcc_self and changes default delete_server_after.
+    assert ac.get_config("bcc_self") == "1"
+    assert ac.get_config("delete_server_after") == "0"
+
+    assert ac_clone.get_config("bcc_self") == "1"
+    assert ac_clone.get_config("delete_server_after") == "0"
+
+    # Manually disabling bcc_self
+    # also restores the default for delete_server_after.
+    ac.set_config("bcc_self", "0")
+    assert ac.get_config("bcc_self") == "0"
+    assert ac.get_config("delete_server_after") == "1"
+
+    # Cloning the account again enables bcc_self
+    # even though it was manually disabled.
+    ac_clone = ac.clone()
+    assert ac.get_config("bcc_self") == "1"
+    assert ac.get_config("delete_server_after") == "0"
+
+
 def test_one_account_send_bcc_setting(acfactory, log, direct_imap):
    ac1, ac2 = acfactory.get_online_accounts(2)
    ac1_clone = ac1.clone()
--- a/deltachat-rpc-client/tests/test_multitransport.py
+++ b/deltachat-rpc-client/tests/test_multitransport.py
@@ -0,0 +1,337 @@
+import pytest
+
+from deltachat_rpc_client import EventType
+from deltachat_rpc_client.const import DownloadState
+from deltachat_rpc_client.rpc import JsonRpcError
+
+
+def test_add_second_address(acfactory) -> None:
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    # When the first transport is created,
+    # mvbox_move and only_fetch_mvbox should be disabled.
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("only_fetch_mvbox") == "0"
+    assert account.get_config("show_emails") == "2"
+
+    qr = acfactory.get_account_qr()
+    account.add_transport_from_qr(qr)
+    assert len(account.list_transports()) == 2
+
+    account.add_transport_from_qr(qr)
+    assert len(account.list_transports()) == 3
+
+    first_addr = account.list_transports()[0]["addr"]
+    second_addr = account.list_transports()[1]["addr"]
+
+    # Cannot delete the first address.
+    with pytest.raises(JsonRpcError):
+        account.delete_transport(first_addr)
+
+    account.delete_transport(second_addr)
+    assert len(account.list_transports()) == 2
+
+    # Enabling mvbox_move or only_fetch_mvbox
+    # is not allowed when multi-transport is enabled.
+    for option in ["mvbox_move", "only_fetch_mvbox"]:
+        with pytest.raises(JsonRpcError):
+            account.set_config(option, "1")
+
+    # show_emails does not matter for multi-relay, can be set to anything
+    account.set_config("show_emails", "0")
+
+
+@pytest.mark.parametrize("key", ["mvbox_move", "only_fetch_mvbox"])
+def test_no_second_transport_with_mvbox(acfactory, key) -> None:
+    """Test that second transport cannot be configured if mvbox is used."""
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("only_fetch_mvbox") == "0"
+
+    qr = acfactory.get_account_qr()
+    account.set_config(key, "1")
+
+    with pytest.raises(JsonRpcError):
+        account.add_transport_from_qr(qr)
+
+
+def test_second_transport_without_classic_emails(acfactory) -> None:
+    """Test that second transport can be configured if classic emails are not fetched."""
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    assert account.get_config("show_emails") == "2"
+
+    qr = acfactory.get_account_qr()
+    account.set_config("show_emails", "0")
+
+    account.add_transport_from_qr(qr)
+
+
+def test_change_address(acfactory) -> None:
+    """Test Alice configuring a second transport and setting it as a primary one."""
+    alice, bob = acfactory.get_online_accounts(2)
+
+    bob_addr = bob.get_config("configured_addr")
+    bob.create_chat(alice)
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_chat_bob.send_text("Hello!")
+
+    msg1 = bob.wait_for_incoming_msg().get_snapshot()
+    sender_addr1 = msg1.sender.get_snapshot().address
+
+    alice.stop_io()
+    old_alice_addr = alice.get_config("configured_addr")
+    alice_vcard = alice.self_contact.make_vcard()
+    assert old_alice_addr in alice_vcard
+    qr = acfactory.get_account_qr()
+    alice.add_transport_from_qr(qr)
+    new_alice_addr = alice.list_transports()[1]["addr"]
+    with pytest.raises(JsonRpcError):
+        # Cannot use the address that is not
+        # configured for any transport.
+        alice.set_config("configured_addr", bob_addr)
+
+    # Load old address so it is cached.
+    assert alice.get_config("configured_addr") == old_alice_addr
+    alice.set_config("configured_addr", new_alice_addr)
+    # Make sure that setting `configured_addr` invalidated the cache.
+    assert alice.get_config("configured_addr") == new_alice_addr
+
+    alice_vcard = alice.self_contact.make_vcard()
+    assert old_alice_addr not in alice_vcard
+    assert new_alice_addr in alice_vcard
+    with pytest.raises(JsonRpcError):
+        alice.delete_transport(new_alice_addr)
+    alice.start_io()
+
+    alice_chat_bob.send_text("Hello again!")
+
+    msg2 = bob.wait_for_incoming_msg().get_snapshot()
+    sender_addr2 = msg2.sender.get_snapshot().address
+
+    assert msg1.sender == msg2.sender
+    assert sender_addr1 != sender_addr2
+    assert sender_addr1 == old_alice_addr
+    assert sender_addr2 == new_alice_addr
+
+
+def test_download_on_demand(acfactory) -> None:
+    alice, bob = acfactory.get_online_accounts(2)
+    alice.set_config("download_limit", "1")
+
+    alice.stop_io()
+    qr = acfactory.get_account_qr()
+    alice.add_transport_from_qr(qr)
+    alice.start_io()
+
+    alice.create_chat(bob)
+    chat_bob_alice = bob.create_chat(alice)
+    chat_bob_alice.send_message(file="../test-data/image/screenshot.jpg")
+    msg = alice.wait_for_incoming_msg()
+    snapshot = msg.get_snapshot()
+    assert snapshot.download_state == DownloadState.AVAILABLE
+    chat_id = snapshot.chat_id
+    # Actually the message isn't available yet. Wait somehow for the post-message to arrive.
+    chat_bob_alice.send_message("Now you can download my previous message")
+    alice.wait_for_incoming_msg()
+    alice._rpc.download_full_message(alice.id, msg.id)
+    for dstate in [DownloadState.IN_PROGRESS, DownloadState.DONE]:
+        event = alice.wait_for_event(EventType.MSGS_CHANGED)
+        assert event.chat_id == chat_id
+        assert event.msg_id == msg.id
+        assert msg.get_snapshot().download_state == dstate
+
+
+@pytest.mark.parametrize("is_chatmail", ["0", "1"])
+def test_mvbox_move_first_transport(acfactory, is_chatmail) -> None:
+    """Test that mvbox_move is disabled by default even for non-chatmail accounts.
+    Disabling mvbox_move is required to be able to setup a second transport.
+    """
+    account = acfactory.get_unconfigured_account()
+
+    account.set_config("fix_is_chatmail", "1")
+    account.set_config("is_chatmail", is_chatmail)
+
+    # The default value when the setting is unset is "1".
+    # This is not changed for compatibility with old databases
+    # imported from backups.
+    assert account.get_config("mvbox_move") == "1"
+
+    qr = acfactory.get_account_qr()
+    account.add_transport_from_qr(qr)
+
+    # Once the first transport is set up,
+    # mvbox_move is disabled.
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("is_chatmail") == is_chatmail
+
+
+def test_reconfigure_transport(acfactory) -> None:
+    """Test that reconfiguring the transport works
+    even if settings not supported for multi-transport
+    like mvbox_move are enabled."""
+    account = acfactory.get_online_account()
+    account.set_config("mvbox_move", "1")
+
+    [transport] = account.list_transports()
+    account.add_or_update_transport(transport)
+
+    # Reconfiguring the transport should not reset
+    # the settings as if when configuring the first transport.
+    assert account.get_config("mvbox_move") == "1"
+
+
+def test_transport_synchronization(acfactory, log) -> None:
+    """Test synchronization of transports between devices."""
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1_clone = ac1.clone()
+    ac1_clone.bring_online()
+
+    qr = acfactory.get_account_qr()
+
+    ac1.add_transport_from_qr(qr)
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert len(ac1.list_transports()) == 2
+    assert len(ac1_clone.list_transports()) == 2
+
+    ac1_clone.add_transport_from_qr(qr)
+    ac1.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert len(ac1.list_transports()) == 3
+    assert len(ac1_clone.list_transports()) == 3
+
+    log.section("ac1 clone removes second transport")
+    [transport1, transport2, transport3] = ac1_clone.list_transports()
+    addr3 = transport3["addr"]
+    ac1_clone.delete_transport(transport2["addr"])
+
+    ac1.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    [transport1, transport3] = ac1.list_transports()
+
+    log.section("ac1 changes the primary transport")
+    ac1.set_config("configured_addr", transport3["addr"])
+
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    [transport1, transport3] = ac1_clone.list_transports()
+    assert ac1_clone.get_config("configured_addr") == addr3
+
+    log.section("ac1 removes the first transport")
+    ac1.delete_transport(transport1["addr"])
+
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    [transport3] = ac1_clone.list_transports()
+    assert transport3["addr"] == addr3
+    assert ac1_clone.get_config("configured_addr") == addr3
+
+    ac2_chat = ac2.create_chat(ac1)
+    ac2_chat.send_text("Hello!")
+
+    assert ac1.wait_for_incoming_msg().get_snapshot().text == "Hello!"
+    assert ac1_clone.wait_for_incoming_msg().get_snapshot().text == "Hello!"
+
+
+def test_transport_sync_new_as_primary(acfactory, log) -> None:
+    """Test synchronization of new transport as primary between devices."""
+    ac1, bob = acfactory.get_online_accounts(2)
+    ac1_clone = ac1.clone()
+    ac1_clone.bring_online()
+
+    qr = acfactory.get_account_qr()
+
+    ac1.add_transport_from_qr(qr)
+    ac1_transports = ac1.list_transports()
+    assert len(ac1_transports) == 2
+    [transport1, transport2] = ac1_transports
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert len(ac1_clone.list_transports()) == 2
+    assert ac1_clone.get_config("configured_addr") == transport1["addr"]
+
+    log.section("ac1 changes the primary transport")
+    ac1.set_config("configured_addr", transport2["addr"])
+
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert ac1_clone.get_config("configured_addr") == transport2["addr"]
+
+    log.section("ac1_clone receives a message via the new primary transport")
+    ac1_chat = ac1.create_chat(bob)
+    ac1_chat.send_text("Hello!")
+    bob_chat_id = bob.wait_for_incoming_msg_event().chat_id
+    bob_chat = bob.get_chat_by_id(bob_chat_id)
+    bob_chat.accept()
+    bob_chat.send_text("hello back")
+    assert ac1_clone.wait_for_incoming_msg().get_snapshot().text == "hello back"
+
+
+def test_recognize_self_address(acfactory) -> None:
+    alice, bob = acfactory.get_online_accounts(2)
+
+    bob_chat = bob.create_chat(alice)
+
+    qr = acfactory.get_account_qr()
+    alice.add_transport_from_qr(qr)
+
+    new_alice_addr = alice.list_transports()[1]["addr"]
+    alice.set_config("configured_addr", new_alice_addr)
+
+    bob_chat.send_text("Hello!")
+    msg = alice.wait_for_incoming_msg().get_snapshot()
+    assert msg.chat == alice.create_chat(bob)
+
+
+def test_transport_limit(acfactory) -> None:
+    """Test transports limit."""
+    account = acfactory.get_online_account()
+    qr = acfactory.get_account_qr()
+
+    limit = 5
+
+    for _ in range(1, limit):
+        account.add_transport_from_qr(qr)
+
+    assert len(account.list_transports()) == limit
+
+    with pytest.raises(JsonRpcError):
+        account.add_transport_from_qr(qr)
+
+    second_addr = account.list_transports()[1]["addr"]
+    account.delete_transport(second_addr)
+
+    # test that adding a transport after deleting one works again
+    account.add_transport_from_qr(qr)
+
+
+def test_message_info_imap_urls(acfactory, log) -> None:
+    """Test that message info contains IMAP URLs of where the message was received."""
+    alice, bob = acfactory.get_online_accounts(2)
+
+    log.section("Alice adds ac1 clone removes second transport")
+    qr = acfactory.get_account_qr()
+    for i in range(3):
+        alice.add_transport_from_qr(qr)
+        # Wait for all transports to go IDLE after adding each one.
+        for _ in range(i + 1):
+            alice.bring_online()
+
+    new_alice_addr = alice.list_transports()[2]["addr"]
+    alice.set_config("configured_addr", new_alice_addr)
+
+    # Enable multi-device mode so messages are not deleted immediately.
+    alice.set_config("bcc_self", "1")
+
+    # Bob creates chat, learning about Alice's currently selected transport.
+    # This is where he will send the message.
+    bob_chat = bob.create_chat(alice)
+
+    # Alice changes the transport again.
+    alice.set_config("configured_addr", alice.list_transports()[3]["addr"])
+
+    bob_chat.send_text("Hello!")
+
+    msg = alice.wait_for_incoming_msg()
+    for alice_transport in alice.list_transports():
+        addr = alice_transport["addr"]
+        assert (addr == new_alice_addr) == (addr in msg.get_info())
--- a/deltachat-rpc-client/tests/test_securejoin.py
+++ b/deltachat-rpc-client/tests/test_securejoin.py
@@ -3,6 +3,7 @@ import logging
 import pytest

 from deltachat_rpc_client import Chat, EventType, SpecialContactId
+from deltachat_rpc_client.const import ChatType
 from deltachat_rpc_client.rpc import JsonRpcError


@@ -58,8 +59,7 @@ def test_qr_setup_contact_svg(acfactory) -> None:
    assert "Alice" in svg


-@pytest.mark.parametrize("protect", [True, False])
-def test_qr_securejoin(acfactory, protect):
+def test_qr_securejoin(acfactory):
    alice, bob, fiona = acfactory.get_online_accounts(3)

    # Setup second device for Alice
@@ -67,8 +67,7 @@ def test_qr_securejoin(acfactory, protect):
    alice2 = alice.clone()

    logging.info("Alice creates a group")
-    alice_chat = alice.create_group("Group", protect=protect)
-    assert alice_chat.get_basic_snapshot().is_protected == protect
+    alice_chat = alice.create_group("Group")

    logging.info("Bob joins the group")
    qr_code = alice_chat.get_qr_code()
@@ -87,9 +86,8 @@ def test_qr_securejoin(acfactory, protect):
    alice_contact_bob_snapshot = alice_contact_bob.get_snapshot()
    assert alice_contact_bob_snapshot.is_verified

-    snapshot = bob.get_message_by_id(bob.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = bob.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Member Me added by {}.".format(alice.get_config("addr"))
-    assert snapshot.chat.get_basic_snapshot().is_protected == protect

    # Test that Bob verified Alice's profile.
    bob_contact_alice = bob.create_contact(alice)
@@ -112,6 +110,143 @@ def test_qr_securejoin(acfactory, protect):
    fiona.wait_for_securejoin_joiner_success()


+@pytest.mark.parametrize("all_devices_online", [True, False])
+def test_qr_securejoin_broadcast(acfactory, all_devices_online):
+    alice, bob, fiona = acfactory.get_online_accounts(3)
+
+    alice2 = alice.clone()
+    bob2 = bob.clone()
+
+    if all_devices_online:
+        alice2.start_io()
+        bob2.start_io()
+
+    logging.info("===================== Alice creates a broadcast =====================")
+    alice_chat = alice.create_broadcast("Broadcast channel!")
+    snapshot = alice_chat.get_basic_snapshot()
+    assert not snapshot.is_unpromoted  # Broadcast channels are never unpromoted
+
+    logging.info("===================== Bob joins the broadcast =====================")
+
+    qr_code = alice_chat.get_qr_code()
+    bob.secure_join(qr_code)
+    alice.wait_for_securejoin_inviter_success()
+    bob.wait_for_securejoin_joiner_success()
+    alice_chat.send_text("Hello everyone!")
+
+    def get_broadcast(ac):
+        chat = ac.get_chatlist(query="Broadcast channel!")[0]
+        assert chat.get_basic_snapshot().name == "Broadcast channel!"
+        return chat
+
+    def wait_for_broadcast_messages(ac):
+        snapshot1 = ac.wait_for_incoming_msg().get_snapshot()
+        assert snapshot1.text == "You joined the channel."
+
+        snapshot2 = ac.wait_for_incoming_msg().get_snapshot()
+        assert snapshot2.text == "Hello everyone!"
+
+        chat = get_broadcast(ac)
+        assert snapshot1.chat_id == chat.id
+        assert snapshot2.chat_id == chat.id
+
+    def check_account(ac, contact, inviter_side, please_wait_info_msg=False):
+        # Check that the chat partner is verified.
+        contact_snapshot = contact.get_snapshot()
+        assert contact_snapshot.is_verified
+
+        chat = get_broadcast(ac)
+        chat_msgs = chat.get_messages()
+
+        encrypted_msg = chat_msgs.pop(0).get_snapshot()
+        assert encrypted_msg.text == "Messages are end-to-end encrypted."
+        assert encrypted_msg.is_info
+
+        if please_wait_info_msg:
+            first_msg = chat_msgs.pop(0).get_snapshot()
+            assert "invited you to join this channel" in first_msg.text
+            assert first_msg.is_info
+
+        member_added_msg = chat_msgs.pop(0).get_snapshot()
+        if inviter_side:
+            assert member_added_msg.text == f"Member {contact_snapshot.display_name} added."
+        else:
+            assert member_added_msg.text == "You joined the channel."
+        assert member_added_msg.is_info
+
+        hello_msg = chat_msgs.pop(0).get_snapshot()
+        assert hello_msg.text == "Hello everyone!"
+        assert not hello_msg.is_info
+        assert hello_msg.show_padlock
+        assert hello_msg.error is None
+
+        assert len(chat_msgs) == 0
+
+        chat_snapshot = chat.get_full_snapshot()
+        assert chat_snapshot.is_encrypted
+        assert chat_snapshot.name == "Broadcast channel!"
+        if inviter_side:
+            assert chat_snapshot.chat_type == ChatType.OUT_BROADCAST
+        else:
+            assert chat_snapshot.chat_type == ChatType.IN_BROADCAST
+        assert chat_snapshot.can_send == inviter_side
+
+        chat_contacts = chat_snapshot.contact_ids
+        assert contact.id in chat_contacts
+        if inviter_side:
+            assert len(chat_contacts) == 1
+        else:
+            assert len(chat_contacts) == 2
+            assert SpecialContactId.SELF in chat_contacts
+            assert chat_snapshot.self_in_group
+
+    wait_for_broadcast_messages(bob)
+
+    check_account(alice, alice.create_contact(bob), inviter_side=True)
+    check_account(bob, bob.create_contact(alice), inviter_side=False, please_wait_info_msg=True)
+
+    logging.info("===================== Test Alice's second device =====================")
+
+    # Start second Alice device, if it wasn't started already.
+    alice2.start_io()
+
+    while True:
+        msg_id = alice2.wait_for_msgs_changed_event().msg_id
+        if msg_id:
+            snapshot = alice2.get_message_by_id(msg_id).get_snapshot()
+            if snapshot.text == "Hello everyone!":
+                break
+
+    check_account(alice2, alice2.create_contact(bob), inviter_side=True)
+
+    logging.info("===================== Test Bob's second device =====================")
+
+    # Start second Bob device, if it wasn't started already.
+    bob2.start_io()
+    bob2.wait_for_securejoin_joiner_success()
+    wait_for_broadcast_messages(bob2)
+    check_account(bob2, bob2.create_contact(alice), inviter_side=False)
+
+    # The QR code token is synced, so alice2 must be able to handle join requests.
+    logging.info("===================== Fiona joins the group via alice2 =====================")
+    alice.stop_io()
+    fiona.secure_join(qr_code)
+    alice2.wait_for_securejoin_inviter_success()
+    fiona.wait_for_securejoin_joiner_success()
+
+    snapshot = fiona.wait_for_incoming_msg().get_snapshot()
+    assert snapshot.text == "You joined the channel."
+
+    get_broadcast(alice2).get_messages()[2].resend()
+    snapshot = fiona.wait_for_incoming_msg().get_snapshot()
+    assert snapshot.text == "Hello everyone!"
+
+    check_account(fiona, fiona.create_contact(alice), inviter_side=False, please_wait_info_msg=True)
+
+    # For Bob, the channel must not have changed:
+    check_account(bob, bob.create_contact(alice), inviter_side=False, please_wait_info_msg=True)
+
+
 def test_qr_securejoin_contact_request(acfactory) -> None:
    """Alice invites Bob to a group when Bob's chat with Alice is in a contact request mode."""
    alice, bob = acfactory.get_online_accounts(2)
@@ -120,13 +255,13 @@ def test_qr_securejoin_contact_request(acfactory) -> None:
    alice_chat_bob = alice_contact_bob.create_chat()
    alice_chat_bob.send_text("Hello!")

-    snapshot = bob.get_message_by_id(bob.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = bob.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Hello!"
    bob_chat_alice = snapshot.chat
    assert bob_chat_alice.get_basic_snapshot().is_contact_request

-    alice_chat = alice.create_group("Verified group", protect=True)
-    logging.info("Bob joins verified group")
+    alice_chat = alice.create_group("Group")
+    logging.info("Bob joins the group")
    qr_code = alice_chat.get_qr_code()
    bob.secure_join(qr_code)
    while True:
@@ -150,8 +285,8 @@ def test_qr_readreceipt(acfactory) -> None:
    for joiner in [bob, charlie]:
        joiner.wait_for_securejoin_joiner_success()

-    logging.info("Alice creates a verified group")
-    group = alice.create_group("Group", protect=True)
+    logging.info("Alice creates a group")
+    group = alice.create_group("Group")

    alice_contact_bob = alice.create_contact(bob, "Bob")
    alice_contact_charlie = alice.create_contact(charlie, "Charlie")
@@ -164,8 +299,7 @@ def test_qr_readreceipt(acfactory) -> None:

    logging.info("Bob and Charlie receive a group")

-    bob_msg_id = bob.wait_for_incoming_msg_event().msg_id
-    bob_message = bob.get_message_by_id(bob_msg_id)
+    bob_message = bob.wait_for_incoming_msg()
    bob_snapshot = bob_message.get_snapshot()
    assert bob_snapshot.text == "Hello"

@@ -176,8 +310,7 @@ def test_qr_readreceipt(acfactory) -> None:

    bob_out_message = bob_snapshot.chat.send_message(text="Hi from Bob!")

-    charlie_msg_id = charlie.wait_for_incoming_msg_event().msg_id
-    charlie_message = charlie.get_message_by_id(charlie_msg_id)
+    charlie_message = charlie.wait_for_incoming_msg()
    charlie_snapshot = charlie_message.get_snapshot()
    assert charlie_snapshot.text == "Hi from Bob!"

@@ -216,11 +349,10 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
    """Tests verified group recovery by reverifying then removing and adding a member back."""
    ac1, ac2, ac3 = acfactory.get_online_accounts(3)

-    logging.info("ac1 creates verified group")
-    chat = ac1.create_group("Verified group", protect=True)
-    assert chat.get_basic_snapshot().is_protected
+    logging.info("ac1 creates a group")
+    chat = ac1.create_group("Group")

-    logging.info("ac2 joins verified group")
+    logging.info("ac2 joins the group")
    qr_code = chat.get_qr_code()
    ac2.secure_join(qr_code)
    ac2.wait_for_securejoin_joiner_success()
@@ -253,7 +385,7 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
    ac3_contact_ac2 = ac3.create_contact(ac2)
    ac3_chat.remove_contact(ac3_contact_ac2_old)

-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac1.wait_for_incoming_msg().get_snapshot()
    assert "removed" in snapshot.text

    ac3_chat.add_contact(ac3_contact_ac2)
@@ -266,25 +398,26 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
    logging.info("ac2 got event message: %s", snapshot.text)
    assert "added" in snapshot.text

-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac1.wait_for_incoming_msg().get_snapshot()
    assert "added" in snapshot.text

    chat = Chat(ac2, chat_id)
    chat.send_text("Works again!")

-    msg_id = ac3.wait_for_incoming_msg_event().msg_id
-    message = ac3.get_message_by_id(msg_id)
+    message = ac3.wait_for_incoming_msg()
    snapshot = message.get_snapshot()
    assert snapshot.text == "Works again!"

-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac1.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Works again!"

    ac1_contact_ac2 = ac1.create_contact(ac2)
    ac1_contact_ac3 = ac1.create_contact(ac3)
    ac1_contact_ac2_snapshot = ac1_contact_ac2.get_snapshot()
-    assert ac1_contact_ac2_snapshot.is_verified
-    assert ac1_contact_ac2_snapshot.verifier_id == ac1_contact_ac3.id
+    # Until we reset verifications and then send the _verified header,
+    # verification is not gossiped here:
+    assert not ac1_contact_ac2_snapshot.is_verified
+    assert ac1_contact_ac2_snapshot.verifier_id != ac1_contact_ac3.id


 def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
@@ -302,8 +435,8 @@ def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
    # we first create a fully joined verified group, and then start
    # joining a second time but interrupt it, to create pending bob state

-    logging.info("ac1: create verified group that ac2 fully joins")
-    ch1 = ac1.create_group("Group", protect=True)
+    logging.info("ac1: create a group that ac2 fully joins")
+    ch1 = ac1.create_group("Group")
    qr_code = ch1.get_qr_code()
    ac2.secure_join(qr_code)
    ac1.wait_for_securejoin_inviter_success()
@@ -311,9 +444,8 @@ def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
    # ensure ac1 can write and ac2 receives messages in verified chat
    ch1.send_text("ac1 says hello")
    while 1:
-        snapshot = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+        snapshot = ac2.wait_for_incoming_msg().get_snapshot()
        if snapshot.text == "ac1 says hello":
-            assert snapshot.chat.get_basic_snapshot().is_protected
            break

    logging.info("ac1: let ac2 join again but shutoff ac1 in the middle of securejoin")
@@ -327,15 +459,14 @@ def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
    assert ac2.create_contact(ac3).get_snapshot().is_verified

    logging.info("ac3: create a verified group VG with ac2")
-    vg = ac3.create_group("ac3-created", protect=True)
+    vg = ac3.create_group("ac3-created")
    vg.add_contact(ac3.create_contact(ac2))

    # ensure ac2 receives message in VG
    vg.send_text("hello")
    while 1:
-        msg = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+        msg = ac2.wait_for_incoming_msg().get_snapshot()
        if msg.text == "hello":
-            assert msg.chat.get_basic_snapshot().is_protected
            break

    logging.info("ac3: create a join-code for group VG and let ac4 join, check that ac2 got it")
@@ -359,7 +490,7 @@ def test_qr_new_group_unblocked(acfactory):
    """

    ac1, ac2 = acfactory.get_online_accounts(2)
-    ac1_chat = ac1.create_group("Group for joining", protect=True)
+    ac1_chat = ac1.create_group("Group for joining")
    qr_code = ac1_chat.get_qr_code()
    ac2.secure_join(qr_code)

@@ -371,7 +502,7 @@ def test_qr_new_group_unblocked(acfactory):
    ac2.wait_for_incoming_msg_event()

    ac1_new_chat.send_text("Hello!")
-    ac2_msg = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    ac2_msg = ac2.wait_for_incoming_msg().get_snapshot()
    assert ac2_msg.text == "Hello!"
    assert ac2_msg.chat.get_basic_snapshot().is_contact_request

@@ -384,8 +515,7 @@ def test_aeap_flow_verified(acfactory):
    addr, password = acfactory.get_credentials()

    logging.info("ac1: create verified-group QR, ac2 scans and joins")
-    chat = ac1.create_group("hello", protect=True)
-    assert chat.get_basic_snapshot().is_protected
+    chat = ac1.create_group("hello")
    qr_code = chat.get_qr_code()
    logging.info("ac2: start QR-code based join-group protocol")
    ac2.secure_join(qr_code)
@@ -397,7 +527,7 @@ def test_aeap_flow_verified(acfactory):

    logging.info("receiving first message")
    ac2.wait_for_incoming_msg_event()  # member added message
-    msg_in_1 = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    msg_in_1 = ac2.wait_for_incoming_msg().get_snapshot()
    assert msg_in_1.text == msg_out.text

    logging.info("changing email account")
@@ -411,7 +541,7 @@ def test_aeap_flow_verified(acfactory):
    msg_out = chat.send_text("changed address").get_snapshot()

    logging.info("receiving second message")
-    msg_in_2 = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id)
+    msg_in_2 = ac2.wait_for_incoming_msg()
    msg_in_2_snapshot = msg_in_2.get_snapshot()
    assert msg_in_2_snapshot.text == msg_out.text
    assert msg_in_2_snapshot.chat.id == msg_in_1.chat.id
@@ -439,33 +569,35 @@ def test_gossip_verification(acfactory) -> None:

    logging.info("Bob creates an Autocrypt group")
    bob_group_chat = bob.create_group("Autocrypt Group")
-    assert not bob_group_chat.get_basic_snapshot().is_protected
    bob_group_chat.add_contact(bob_contact_alice)
    bob_group_chat.add_contact(bob_contact_carol)
    bob_group_chat.send_message(text="Hello Autocrypt group")

-    snapshot = carol.get_message_by_id(carol.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = carol.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Hello Autocrypt group"
    assert snapshot.show_padlock

-    # Autocrypt group does not propagate verification.
+    # Group propagates verification using Autocrypt-Gossip header.
    carol_contact_alice_snapshot = carol_contact_alice.get_snapshot()
+    # Until we reset verifications and then send the _verified header,
+    # verification is not gossiped here:
    assert not carol_contact_alice_snapshot.is_verified

    logging.info("Bob creates a Securejoin group")
-    bob_group_chat = bob.create_group("Securejoin Group", protect=True)
-    assert bob_group_chat.get_basic_snapshot().is_protected
+    bob_group_chat = bob.create_group("Securejoin Group")
    bob_group_chat.add_contact(bob_contact_alice)
    bob_group_chat.add_contact(bob_contact_carol)
    bob_group_chat.send_message(text="Hello Securejoin group")

-    snapshot = carol.get_message_by_id(carol.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = carol.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Hello Securejoin group"
    assert snapshot.show_padlock

    # Securejoin propagates verification.
    carol_contact_alice_snapshot = carol_contact_alice.get_snapshot()
-    assert carol_contact_alice_snapshot.is_verified
+    # Until we reset verifications and then send the _verified header,
+    # verification is not gossiped here:
+    assert not carol_contact_alice_snapshot.is_verified


 def test_securejoin_after_contact_resetup(acfactory) -> None:
@@ -477,7 +609,7 @@ def test_securejoin_after_contact_resetup(acfactory) -> None:
    ac1, ac2, ac3 = acfactory.get_online_accounts(3)

    # ac3 creates protected group with ac1.
-    ac3_chat = ac3.create_group("Verified group", protect=True)
+    ac3_chat = ac3.create_group("Group")

    # ac1 joins ac3 group.
    ac3_qr_code = ac3_chat.get_qr_code()
@@ -485,7 +617,7 @@ def test_securejoin_after_contact_resetup(acfactory) -> None:
    ac1.wait_for_securejoin_joiner_success()

    # ac1 waits for member added message and creates a QR code.
-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac1.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Member Me added by {}.".format(ac3.get_config("addr"))
    ac1_qr_code = snapshot.chat.get_qr_code()

@@ -522,10 +654,9 @@ def test_securejoin_after_contact_resetup(acfactory) -> None:

    # Wait for member added.
    logging.info("ac2 waits for member added message")
-    snapshot = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = ac2.wait_for_incoming_msg().get_snapshot()
    assert snapshot.is_info
    ac2_chat = snapshot.chat
-    assert ac2_chat.get_basic_snapshot().is_protected
    assert len(ac2_chat.get_contacts()) == 3

    # ac1 is still "not verified" for ac2 due to inconsistent state.
@@ -535,9 +666,8 @@ def test_securejoin_after_contact_resetup(acfactory) -> None:
 def test_withdraw_securejoin_qr(acfactory):
    alice, bob = acfactory.get_online_accounts(2)

-    logging.info("Alice creates a verified group")
-    alice_chat = alice.create_group("Verified group", protect=True)
-    assert alice_chat.get_basic_snapshot().is_protected
+    logging.info("Alice creates a group")
+    alice_chat = alice.create_group("Group")
    logging.info("Bob joins verified group")

    qr_code = alice_chat.get_qr_code()
@@ -546,9 +676,8 @@ def test_withdraw_securejoin_qr(acfactory):

    alice.clear_all_events()

-    snapshot = bob.get_message_by_id(bob.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    snapshot = bob.wait_for_incoming_msg().get_snapshot()
    assert snapshot.text == "Member Me added by {}.".format(alice.get_config("addr"))
-    assert snapshot.chat.get_basic_snapshot().is_protected
    bob_chat.leave()

    snapshot = alice.get_message_by_id(alice.wait_for_msgs_changed_event().msg_id).get_snapshot()
@@ -567,6 +696,6 @@ def test_withdraw_securejoin_qr(acfactory):
        event = alice.wait_for_event()
        if (
            event.kind == EventType.WARNING
-            and "Ignoring vg-request-with-auth message because of invalid auth code." in event.msg
+            and "Ignoring RequestWithAuth message because of invalid auth code." in event.msg
        ):
            break
--- a/deltachat-rpc-client/tests/test_something.py
+++ b/deltachat-rpc-client/tests/test_something.py
--- a/deltachat-rpc-client/tests/test_vcard.py
+++ b/deltachat-rpc-client/tests/test_vcard.py
@@ -1,8 +1,12 @@
 def test_vcard(acfactory) -> None:
-    alice, bob = acfactory.get_online_accounts(2)
+    alice, bob, fiona = acfactory.get_online_accounts(3)

+    bob.create_chat(alice)
    alice_contact_bob = alice.create_contact(bob, "Bob")
    alice_contact_charlie = alice.create_contact("charlie@example.org", "Charlie")
+    alice_contact_charlie_snapshot = alice_contact_charlie.get_snapshot()
+    alice_contact_fiona = alice.create_contact(fiona, "Fiona")
+    alice_contact_fiona_snapshot = alice_contact_fiona.get_snapshot()

    alice_chat_bob = alice_contact_bob.create_chat()
    alice_chat_bob.send_contact(alice_contact_charlie)
@@ -12,3 +16,12 @@ def test_vcard(acfactory) -> None:
    snapshot = message.get_snapshot()
    assert snapshot.vcard_contact
    assert snapshot.vcard_contact.addr == "charlie@example.org"
+    assert snapshot.vcard_contact.color == alice_contact_charlie_snapshot.color
+
+    alice_chat_bob.send_contact(alice_contact_fiona)
+    event = bob.wait_for_incoming_msg_event()
+    message = bob.get_message_by_id(event.msg_id)
+    snapshot = message.get_snapshot()
+    assert snapshot.vcard_contact
+    assert snapshot.vcard_contact.key
+    assert snapshot.vcard_contact.color == alice_contact_fiona_snapshot.color
--- a/deltachat-rpc-server/Cargo.toml
+++ b/deltachat-rpc-server/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "2.20.0"
+version = "2.42.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"
--- a/deltachat-rpc-server/npm-package/package.json
+++ b/deltachat-rpc-server/npm-package/package.json
@@ -15,5 +15,5 @@
  },
  "type": "module",
  "types": "index.d.ts",
-  "version": "2.20.0"
+  "version": "2.42.0"
 }
--- a/deltachat-rpc-server/src/main.rs
+++ b/deltachat-rpc-server/src/main.rs
@@ -24,6 +24,14 @@ use yerpc::{RpcClient, RpcSession};

 #[tokio::main(flavor = "multi_thread")]
 async fn main() {
+    // Logs from `log` crate and traces from `tracing` crate
+    // are configurable with `RUST_LOG` environment variable
+    // and go to stderr to avoid interfering with JSON-RPC using stdout.
+    tracing_subscriber::fmt()
+        .with_env_filter(EnvFilter::from_default_env())
+        .with_writer(std::io::stderr)
+        .init();
+
    let r = main_impl().await;
    // From tokio documentation:
    // "For technical reasons, stdin is implemented by using an ordinary blocking read on a separate
@@ -43,7 +51,7 @@ async fn main_impl() -> Result<()> {
            if let Some(arg) = args.next() {
                return Err(anyhow!("Unrecognized argument {arg:?}"));
            }
-            eprintln!("{}", &*DC_VERSION_STR);
+            eprintln!("{DC_VERSION_STR}");
            return Ok(());
        } else if first_arg.to_str() == Some("--openrpc") {
            if let Some(arg) = args.next() {
@@ -64,14 +72,6 @@ async fn main_impl() -> Result<()> {
    #[cfg(target_family = "unix")]
    let mut sigterm = signal_unix::signal(signal_unix::SignalKind::terminate())?;

-    // Logs from `log` crate and traces from `tracing` crate
-    // are configurable with `RUST_LOG` environment variable
-    // and go to stderr to avoid interfering with JSON-RPC using stdout.
-    tracing_subscriber::fmt()
-        .with_env_filter(EnvFilter::from_default_env())
-        .with_writer(std::io::stderr)
-        .init();
-
    let path = std::env::var("DC_ACCOUNTS_PATH").unwrap_or_else(|_| "accounts".to_string());
    log::info!("Starting with accounts directory `{path}`.");
    let writable = true;
--- a/deltachat-time/src/lib.rs
+++ b/deltachat-time/src/lib.rs
@@ -20,6 +20,11 @@ impl SystemTimeTools {
    pub fn shift(duration: Duration) {
        *SYSTEM_TIME_SHIFT.write().unwrap() += duration;
    }
+
+    /// Simulates the system clock being rewound by `duration`.
+    pub fn shift_back(duration: Duration) {
+        *SYSTEM_TIME_SHIFT.write().unwrap() -= duration;
+    }
 }

 #[cfg(test)]
--- a/deny.toml
+++ b/deny.toml
@@ -12,6 +12,11 @@ ignore = [

    # Unmaintained paste
    "RUSTSEC-2024-0436",
+
+    # Unmaintained rustls-pemfile
+    # It is a transitive dependency of iroh 0.35.0,
+    # this should be fixed by upgrading to iroh 1.0 once it is released.
+    "RUSTSEC-2025-0134",
 ]

 [bans]
@@ -26,20 +31,18 @@ skip = [
     { name = "derive_more", version = "1.0.0" },
     { name = "event-listener", version = "2.5.3" },
     { name = "getrandom", version = "0.2.12" },
-     { name = "hashbrown", version = "0.14.5" },
     { name = "heck", version = "0.4.1" },
     { name = "http", version = "0.2.12" },
     { name = "linux-raw-sys", version = "0.4.14" },
-     { name = "lru", version = "0.12.3" },
+     { name = "lru", version = "0.12.5" },
     { name = "netlink-packet-route", version = "0.17.1" },
     { name = "nom", version = "7.1.3" },
     { name = "rand_chacha", version = "0.3.1" },
     { name = "rand_core", version = "0.6.4" },
     { name = "rand", version = "0.8.5" },
-     { name = "redox_syscall", version = "0.3.5" },
-     { name = "redox_syscall", version = "0.4.1" },
     { name = "rustix", version = "0.38.44" },
     { name = "serdect", version = "0.2.0" },
+     { name = "socket2", version = "0.5.9" },
     { name = "spin", version = "0.9.8" },
     { name = "strum_macros", version = "0.26.2" },
     { name = "strum", version = "0.26.2" },
@@ -64,7 +67,6 @@ skip = [
     { name = "windows_x86_64_gnu" },
     { name = "windows_x86_64_gnullvm" },
     { name = "windows_x86_64_msvc" },
-     { name = "zerocopy", version = "0.7.32" },
 ]


--- a/flake.lock
+++ b/flake.lock
@@ -47,11 +47,11 @@
        "rust-analyzer-src": "rust-analyzer-src"
      },
      "locked": {
-        "lastModified": 1747291057,
-        "narHash": "sha256-9Wir6aLJAeJKqdoQUiwfKdBn7SyNXTJGRSscRyVOo2Y=",
+        "lastModified": 1763361733,
+        "narHash": "sha256-ka7dpwH3HIXCyD2wl5F7cPLeRbqZoY2ullALsvxdPt8=",
        "owner": "nix-community",
        "repo": "fenix",
-        "rev": "76ffc1b7b3ec8078fe01794628b6abff35cbda8f",
+        "rev": "6c8d48e3b0ae371b19ac1485744687b788e80193",
        "type": "github"
      },
      "original": {
@@ -147,11 +147,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1747179050,
-        "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
+        "lastModified": 1762977756,
+        "narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
+        "rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55",
        "type": "github"
      },
      "original": {
@@ -202,11 +202,11 @@
    "rust-analyzer-src": {
      "flake": false,
      "locked": {
-        "lastModified": 1746889290,
-        "narHash": "sha256-h3LQYZgyv2l3U7r+mcsrEOGRldaK0zJFwAAva4hV/6g=",
+        "lastModified": 1762860488,
+        "narHash": "sha256-rMfWMCOo/pPefM2We0iMBLi2kLBAnYoB9thi4qS7uk4=",
        "owner": "rust-lang",
        "repo": "rust-analyzer",
-        "rev": "2bafe9d96c6734aacfd49e115f6cf61e7adc68bc",
+        "rev": "2efc80078029894eec0699f62ec8d5c1a56af763",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -1,5 +1,5 @@
 {
-  description = "Delta Chat core";
+  description = "Chatmail core";
  inputs = {
    fenix.url = "github:nix-community/fenix";
    flake-utils.url = "github:numtide/flake-utils";
@@ -14,7 +14,15 @@
        pkgs = nixpkgs.legacyPackages.${system};
        inherit (pkgs.stdenv) isDarwin;
        fenixPkgs = fenix.packages.${system};
-        naersk' = pkgs.callPackage naersk { };
+        fenixToolchain = fenixPkgs.combine [
+          fenixPkgs.stable.rustc
+          fenixPkgs.stable.cargo
+          fenixPkgs.stable.rust-std
+        ];
+        naersk' = pkgs.callPackage naersk {
+          cargo = fenixToolchain;
+          rustc = fenixToolchain;
+        };
        manifest = (pkgs.lib.importTOML ./Cargo.toml).package;
        androidSdk = android.sdk.${system} (sdkPkgs:
          builtins.attrValues {
@@ -34,7 +42,6 @@
            ./Cargo.lock
            ./Cargo.toml
            ./CMakeLists.txt
-            ./CONTRIBUTING.md
            ./deltachat_derive
            ./deltachat-contact-tools
            ./deltachat-ffi
@@ -98,9 +105,6 @@
            nativeBuildInputs = [
              pkgs.perl # Needed to build vendored OpenSSL.
            ];
-            buildInputs = pkgs.lib.optionals isDarwin [
-              pkgs.darwin.apple_sdk.frameworks.SystemConfiguration
-            ];
            auditable = false; # Avoid cargo-auditable failures.
            doCheck = false; # Disable test as it requires network access.
          };
@@ -240,6 +244,9 @@
            auditable = false; # Avoid cargo-auditable failures.
            doCheck = false; # Disable test as it requires network access.

+            CARGO_TARGET_X86_64_APPLE_DARWIN_RUSTFLAGS = "-Clink-args=-L${pkgsCross.libiconv}/lib";
+            CARGO_TARGET_AARCH64_APPLE_DARWIN_RUSTFLAGS = "-Clink-args=-L${pkgsCross.libiconv}/lib";
+
            CARGO_BUILD_TARGET = rustTarget;
            TARGET_CC = "${pkgsCross.stdenv.cc}/bin/${pkgsCross.stdenv.cc.targetPrefix}cc";
            CARGO_BUILD_RUSTFLAGS = [
@@ -471,6 +478,12 @@
              };

            libdeltachat =
+              let
+                rustPlatform = (pkgs.makeRustPlatform {
+                  cargo = fenixToolchain;
+                  rustc = fenixToolchain;
+                });
+              in
              pkgs.stdenv.mkDerivation {
                pname = "libdeltachat";
                version = manifest.version;
@@ -480,14 +493,9 @@
                nativeBuildInputs = [
                  pkgs.perl # Needed to build vendored OpenSSL.
                  pkgs.cmake
-                  pkgs.rustPlatform.cargoSetupHook
-                  pkgs.cargo
-                ];
-                buildInputs = pkgs.lib.optionals isDarwin [
-                  pkgs.darwin.apple_sdk.frameworks.CoreFoundation
-                  pkgs.darwin.apple_sdk.frameworks.Security
-                  pkgs.darwin.apple_sdk.frameworks.SystemConfiguration
-                  pkgs.libiconv
+                  rustPlatform.cargoSetupHook
+                  fenixPkgs.stable.rustc
+                  fenixPkgs.stable.cargo
                ];

                postInstall = ''
--- a/python/examples/test_examples.py
+++ b/python/examples/test_examples.py
@@ -14,6 +14,7 @@ def datadir():
    return None


+@pytest.mark.skip("The test is flaky in CI and crashes the interpreter as of 2025-11-12")
 def test_echo_quit_plugin(acfactory, lp):
    lp.sec("creating one echo_and_quit bot")
    botproc = acfactory.run_bot_process(echo_and_quit)
--- a/python/pyproject.toml
+++ b/python/pyproject.toml
@@ -1,20 +1,20 @@
 [build-system]
-requires = ["setuptools>=45", "wheel", "cffi>=1.0.0", "pkgconfig"]
+requires = ["setuptools>=77", "wheel", "cffi>=1.0.0", "pkgconfig"]
 build-backend = "setuptools.build_meta"

 [project]
 name = "deltachat"
-version = "2.20.0"
+version = "2.42.0"
+license = "MPL-2.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
-requires-python = ">=3.8"
+requires-python = ">=3.10"
 authors = [
    { name = "holger krekel, Floris Bruynooghe, Bjoern Petersen and contributors" },
 ]
 classifiers = [
    "Development Status :: 5 - Production/Stable",
    "Intended Audience :: Developers",
-    "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)",
    "Programming Language :: Python :: 3",
    "Topic :: Communications :: Chat",
    "Topic :: Communications :: Email",
@@ -23,7 +23,6 @@ classifiers = [
 dependencies = [
    "cffi>=1.0.0",
    "imap-tools",
-    "importlib_metadata;python_version<'3.8'",
    "pluggy",
    "requests",
 ]
--- a/python/src/deltachat/account.py
+++ b/python/src/deltachat/account.py
@@ -404,18 +404,16 @@ class Account:
        self,
        name: str,
        contacts: Optional[List[Contact]] = None,
-        verified: bool = False,
    ) -> Chat:
        """create a new group chat object.

        Chats are unpromoted until the first message is sent.

        :param contacts: list of contacts to add
-        :param verified: if true only verified contacts can be added.
        :returns: a :class:`deltachat.chat.Chat` object.
        """
        bytes_name = name.encode("utf8")
-        chat_id = lib.dc_create_group_chat(self._dc_context, int(verified), bytes_name)
+        chat_id = lib.dc_create_group_chat(self._dc_context, 0, bytes_name)
        chat = Chat(self, chat_id)
        if contacts is not None:
            for contact in contacts:
--- a/python/src/deltachat/chat.py
+++ b/python/src/deltachat/chat.py
@@ -142,13 +142,6 @@ class Chat:
        """
        return bool(lib.dc_chat_can_send(self._dc_chat))

-    def is_protected(self) -> bool:
-        """return True if this chat is a protected chat.
-
-        :returns: True if chat is protected, False otherwise.
-        """
-        return bool(lib.dc_chat_is_protected(self._dc_chat))
-
    def get_name(self) -> Optional[str]:
        """return name of this chat.

--- a/python/src/deltachat/testplugin.py
+++ b/python/src/deltachat/testplugin.py
@@ -523,7 +523,6 @@ class ACFactory:
        assert "addr" in configdict and "mail_pw" in configdict, configdict
        configdict.setdefault("bcc_self", False)
        configdict.setdefault("mvbox_move", False)
-        configdict.setdefault("sentbox_watch", False)
        configdict.setdefault("sync_msgs", False)
        configdict.setdefault("delete_server_after", 0)
        ac.update_config(configdict)
@@ -604,20 +603,6 @@ class ACFactory:
        ac2.create_chat(ac1)
        return ac1.create_chat(ac2)

-    def get_protected_chat(self, ac1: Account, ac2: Account):
-        chat = ac1.create_group_chat("Protected Group", verified=True)
-        qr = chat.get_join_qr()
-        ac2.qr_join_chat(qr)
-        ac2._evtracker.wait_securejoin_joiner_progress(1000)
-        ev = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
-        msg = ac2.get_message_by_id(ev.data2)
-        assert msg is not None
-        assert msg.text == "Messages are end-to-end encrypted."
-        msg = ac2._evtracker.wait_next_incoming_message()
-        assert msg is not None
-        assert "Member Me " in msg.text and " added by " in msg.text
-        return chat
-
    def introduce_each_other(self, accounts, sending=True):
        to_wait = []
        for i, acc in enumerate(accounts):
--- a/python/tests/test_0_complex_or_slow.py
+++ b/python/tests/test_0_complex_or_slow.py
@@ -1,4 +1,3 @@
-import sys
 import time

 import deltachat as dc
@@ -63,63 +62,11 @@ class TestGroupStressTests:
        # Message should be encrypted because keys of other members are gossiped
        assert msg.is_encrypted()

-    def test_synchronize_member_list_on_group_rejoin(self, acfactory, lp):
-        """
-        Test that user recreates group member list when it joins the group again.
-        ac1 creates a group with two other accounts: ac2 and ac3
-        Then it removes ac2, removes ac3 and adds ac2 back.
-        ac2 did not see that ac3 is removed, so it should rebuild member list from scratch.
-        """
-        lp.sec("setting up accounts, accepted with each other")
-        accounts = acfactory.get_online_accounts(3)
-        acfactory.introduce_each_other(accounts)
-        ac1, ac2, ac3 = accounts
-
-        lp.sec("ac1: creating group chat with 2 other members")
-        chat = ac1.create_group_chat("title1", contacts=[ac2, ac3])
-        assert not chat.is_promoted()
-
-        lp.sec("ac1: send message to new group chat")
-        msg = chat.send_text("hello")
-        assert chat.is_promoted() and msg.is_encrypted()
-
-        assert chat.num_contacts() == 3
-
-        lp.sec("checking that the chat arrived correctly")
-        for ac in accounts[1:]:
-            msg = ac._evtracker.wait_next_incoming_message()
-            assert msg.text == "hello"
-            print("chat is", msg.chat)
-            assert msg.chat.num_contacts() == 3
-
-        lp.sec("ac1: removing ac2")
-        chat.remove_contact(ac2)
-
-        lp.sec("ac2: wait for a message about removal from the chat")
-        msg = ac2._evtracker.wait_next_incoming_message()
-
-        lp.sec("ac1: removing ac3")
-        chat.remove_contact(ac3)
-
-        lp.sec("ac1: adding ac2 back")
-        # Group is promoted, message is sent automatically
-        assert chat.is_promoted()
-        chat.add_contact(ac2)
-
-        lp.sec("ac2: check that ac3 is removed")
-        msg = ac2._evtracker.wait_next_incoming_message()
-
-        assert chat.num_contacts() == 2
-        assert msg.chat.num_contacts() == 2
-        acfactory.dump_imap_summary(sys.stdout)
-

 def test_qr_verified_group_and_chatting(acfactory, lp):
    ac1, ac2, ac3 = acfactory.get_online_accounts(3)
-    ac1_addr = ac1.get_self_contact().addr
    lp.sec("ac1: create verified-group QR, ac2 scans and joins")
-    chat1 = ac1.create_group_chat("hello", verified=True)
-    assert chat1.is_protected()
+    chat1 = ac1.create_group_chat("hello")
    qr = chat1.get_join_qr()
    lp.sec("ac2: start QR-code based join-group protocol")
    chat2 = ac2.qr_join_chat(qr)
@@ -142,7 +89,6 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
    lp.sec("ac2: read message and check that it's a verified chat")
    msg = ac2._evtracker.wait_next_incoming_message()
    assert msg.text == "hello"
-    assert msg.chat.is_protected()
    assert msg.is_encrypted()

    lp.sec("ac2: Check that ac2 verified ac1")
@@ -173,8 +119,12 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
    lp.sec("ac2: Check that ac1 verified ac3 for ac2")
    ac2_ac1_contact = ac2.get_contacts()[0]
    assert ac2.get_self_contact().get_verifier(ac2_ac1_contact).id == dc.const.DC_CONTACT_ID_SELF
-    ac2_ac3_contact = ac2.get_contacts()[1]
-    assert ac2.get_self_contact().get_verifier(ac2_ac3_contact).addr == ac1_addr
+    for ac2_contact in chat2.get_contacts():
+        if ac2_contact == ac2_ac1_contact or ac2_contact.id == dc.const.DC_CONTACT_ID_SELF:
+            continue
+        # Until we reset verifications and then send the _verified header,
+        # verification is not gossiped here:
+        assert ac2.get_self_contact().get_verifier(ac2_contact) is None

    lp.sec("ac2: send message and let ac3 read it")
    chat2.send_text("hi")
@@ -266,8 +216,7 @@ def test_see_new_verified_member_after_going_online(acfactory, tmp_path, lp):
    ac1_offl.stop_io()

    lp.sec("ac1: create verified-group QR, ac2 scans and joins")
-    chat = ac1.create_group_chat("hello", verified=True)
-    assert chat.is_protected()
+    chat = ac1.create_group_chat("hello")
    qr = chat.get_join_qr()
    lp.sec("ac2: start QR-code based join-group protocol")
    chat2 = ac2.qr_join_chat(qr)
@@ -321,8 +270,7 @@ def test_use_new_verified_group_after_going_online(acfactory, data, tmp_path, lp
    ac1.set_avatar(avatar_path)

    lp.sec("ac1: create verified-group QR, ac2 scans and joins")
-    chat = ac1.create_group_chat("hello", verified=True)
-    assert chat.is_protected()
+    chat = ac1.create_group_chat("hello")
    qr = chat.get_join_qr()
    lp.sec("ac2: start QR-code based join-group protocol")
    ac2.qr_join_chat(qr)
@@ -336,7 +284,6 @@ def test_use_new_verified_group_after_going_online(acfactory, data, tmp_path, lp
    assert msg_in.is_system_message()
    assert contact.addr == ac1.get_config("addr")
    chat2 = msg_in.chat
-    assert chat2.is_protected()
    assert chat2.get_messages()[0].text == "Messages are end-to-end encrypted."
    assert open(contact.get_profile_image(), "rb").read() == open(avatar_path, "rb").read()

@@ -376,8 +323,7 @@ def test_verified_group_vs_delete_server_after(acfactory, tmp_path, lp):
    ac2_offl.stop_io()

    lp.sec("ac1: create verified-group QR, ac2 scans and joins")
-    chat1 = ac1.create_group_chat("hello", verified=True)
-    assert chat1.is_protected()
+    chat1 = ac1.create_group_chat("hello")
    qr = chat1.get_join_qr()
    lp.sec("ac2: start QR-code based join-group protocol")
    chat2 = ac2.qr_join_chat(qr)
@@ -402,29 +348,20 @@ def test_verified_group_vs_delete_server_after(acfactory, tmp_path, lp):
    assert ac2_offl_ac1_contact.addr == ac1.get_config("addr")
    assert not ac2_offl_ac1_contact.is_verified()
    chat2_offl = msg_in.chat
-    assert not chat2_offl.is_protected()

    lp.sec("ac2: sending message re-gossiping Autocrypt keys")
    chat2.send_text("hi2")

    lp.sec("ac2_offl: receiving message")
-    ev = ac2_offl._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
-    msg_in = ac2_offl.get_message_by_id(ev.data2)
-    assert msg_in.is_system_message()
-    assert msg_in.text == "Messages are end-to-end encrypted."
-
-    # We need to consume one event that has data2=0
-    ev = ac2_offl._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
-    assert ev.data2 == 0
-
    ev = ac2_offl._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
    msg_in = ac2_offl.get_message_by_id(ev.data2)
    assert not msg_in.is_system_message()
    assert msg_in.text == "hi2"
    assert msg_in.chat == chat2_offl
    assert msg_in.get_sender_contact().addr == ac2.get_config("addr")
-    assert msg_in.chat.is_protected()
-    assert ac2_offl_ac1_contact.is_verified()
+    # Until we reset verifications and then send the _verified header,
+    # verification is not gossiped here:
+    assert not ac2_offl_ac1_contact.is_verified()


 def test_deleted_msgs_dont_reappear(acfactory):
--- a/python/tests/test_1_online.py
+++ b/python/tests/test_1_online.py
@@ -1,15 +1,13 @@
 import os
 import queue
 import sys
-import base64
 from datetime import datetime, timezone

 import pytest
-from imap_tools import AND, U
+from imap_tools import AND

 import deltachat as dc
 from deltachat import account_hookimpl, Message
-from deltachat.tracker import ImexTracker
 from deltachat.testplugin import E2EE_INFO_MSGS


@@ -222,159 +220,6 @@ def test_webxdc_huge_update(acfactory, data, lp):
    assert update["payload"] == payload


-def test_webxdc_download_on_demand(acfactory, data, lp):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-    acfactory.introduce_each_other([ac1, ac2])
-    chat = acfactory.get_accepted_chat(ac1, ac2)
-
-    msg1 = Message.new_empty(ac1, "webxdc")
-    msg1.set_text("message1")
-    msg1.set_file(data.get_path("webxdc/minimal.xdc"))
-    msg1 = chat.send_msg(msg1)
-    assert msg1.is_webxdc()
-    assert msg1.filename
-
-    msg2 = ac2._evtracker.wait_next_incoming_message()
-    assert msg2.is_webxdc()
-
-    lp.sec("ac2 sets download limit")
-    ac2.set_config("download_limit", "100")
-    assert msg1.send_status_update({"payload": base64.b64encode(os.urandom(300000))}, "some test data")
-    ac2_update = ac2._evtracker.wait_next_incoming_message()
-    assert ac2_update.download_state == dc.const.DC_DOWNLOAD_AVAILABLE
-    assert not msg2.get_status_updates()
-
-    ac2_update.download_full()
-    ac2._evtracker.get_matching("DC_EVENT_WEBXDC_STATUS_UPDATE")
-    assert msg2.get_status_updates()
-
-    # Get a event notifying that the message disappeared from the chat.
-    msgs_changed_event = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
-    assert msgs_changed_event.data1 == msg2.chat.id
-    assert msgs_changed_event.data2 == 0
-
-
-def test_enable_mvbox_move(acfactory, lp):
-    (ac1,) = acfactory.get_online_accounts(1)
-
-    lp.sec("ac2: start without mvbox thread")
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=False)
-    acfactory.bring_accounts_online()
-
-    lp.sec("ac2: configuring mvbox")
-    ac2.set_config("mvbox_move", "1")
-
-    lp.sec("ac1: send message and wait for ac2 to receive it")
-    acfactory.get_accepted_chat(ac1, ac2).send_text("message1")
-    assert ac2._evtracker.wait_next_incoming_message().text == "message1"
-
-
-def test_mvbox_sentbox_threads(acfactory, lp):
-    lp.sec("ac1: start with mvbox thread")
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=True, sentbox_watch=False)
-
-    lp.sec("ac2: start without mvbox/sentbox threads")
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=False, sentbox_watch=False)
-
-    lp.sec("ac2 and ac1: waiting for configuration")
-    acfactory.bring_accounts_online()
-
-    lp.sec("ac1: create and configure sentbox")
-    ac1.direct_imap.create_folder("Sent")
-    ac1.set_config("sentbox_watch", "1")
-
-    lp.sec("ac1: send message and wait for ac2 to receive it")
-    acfactory.get_accepted_chat(ac1, ac2).send_text("message1")
-    assert ac2._evtracker.wait_next_incoming_message().text == "message1"
-
-    assert ac1.get_config("configured_mvbox_folder") == "DeltaChat"
-    while ac1.get_config("configured_sentbox_folder") != "Sent":
-        ac1._evtracker.get_matching("DC_EVENT_CONNECTIVITY_CHANGED")
-
-
-def test_move_works(acfactory):
-    ac1 = acfactory.new_online_configuring_account()
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=True)
-    acfactory.bring_accounts_online()
-    chat = acfactory.get_accepted_chat(ac1, ac2)
-    chat.send_text("message1")
-
-    # Message is moved to the movebox
-    ac2._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-
-    # Message is downloaded
-    ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG")
-    assert ev.data2 > dc.const.DC_CHAT_ID_LAST_SPECIAL
-
-
-def test_move_avoids_loop(acfactory):
-    """Test that the message is only moved once.
-
-    This is to avoid busy loop if moved message reappears in the Inbox
-    or some scanned folder later.
-    For example, this happens on servers that alias `INBOX.DeltaChat` to `DeltaChat` folder,
-    so the message moved to `DeltaChat` appears as a new message in the `INBOX.DeltaChat` folder.
-    We do not want to move this message from `INBOX.DeltaChat` to `DeltaChat` again.
-    """
-    ac1 = acfactory.new_online_configuring_account()
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=True)
-    acfactory.bring_accounts_online()
-    ac1_chat = acfactory.get_accepted_chat(ac1, ac2)
-    ac1_chat.send_text("Message 1")
-
-    # Message is moved to the DeltaChat folder and downloaded.
-    ac2_msg1 = ac2._evtracker.wait_next_incoming_message()
-    assert ac2_msg1.text == "Message 1"
-
-    # Move the message to the INBOX again.
-    ac2.direct_imap.select_folder("DeltaChat")
-    ac2.direct_imap.conn.move(["*"], "INBOX")
-
-    ac1_chat.send_text("Message 2")
-    ac2_msg2 = ac2._evtracker.wait_next_incoming_message()
-    assert ac2_msg2.text == "Message 2"
-
-    # Check that Message 1 is still in the INBOX folder
-    # and Message 2 is in the DeltaChat folder.
-    ac2.direct_imap.select_folder("INBOX")
-    assert len(ac2.direct_imap.get_all_messages()) == 1
-    ac2.direct_imap.select_folder("DeltaChat")
-    assert len(ac2.direct_imap.get_all_messages()) == 1
-
-
-def test_move_works_on_self_sent(acfactory):
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=True)
-    ac2 = acfactory.new_online_configuring_account()
-    acfactory.bring_accounts_online()
-    ac1.set_config("bcc_self", "1")
-
-    chat = acfactory.get_accepted_chat(ac1, ac2)
-    chat.send_text("message1")
-    ac1._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-    chat.send_text("message2")
-    ac1._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-    chat.send_text("message3")
-    ac1._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-
-
-def test_move_sync_msgs(acfactory):
-    ac1 = acfactory.new_online_configuring_account(bcc_self=True, sync_msgs=True, fix_is_chatmail=True)
-    acfactory.bring_accounts_online()
-
-    ac1.direct_imap.select_folder("DeltaChat")
-    # Sync messages may also be sent during the configuration.
-    mvbox_msg_cnt = len(ac1.direct_imap.get_all_messages())
-
-    ac1.set_config("displayname", "Alice")
-    ac1._evtracker.get_matching("DC_EVENT_MSG_DELIVERED")
-    ac1.set_config("displayname", "Bob")
-    ac1._evtracker.get_matching("DC_EVENT_MSG_DELIVERED")
-    ac1.direct_imap.select_folder("Inbox")
-    assert len(ac1.direct_imap.get_all_messages()) == 0
-    ac1.direct_imap.select_folder("DeltaChat")
-    assert len(ac1.direct_imap.get_all_messages()) == mvbox_msg_cnt + 2
-
-
 def test_forward_messages(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
    chat = ac1.create_chat(ac2)
@@ -442,7 +287,7 @@ def test_forward_own_message(acfactory, lp):

 def test_resend_message(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
-    chat1 = ac1.create_chat(ac2)
+    chat1 = acfactory.get_accepted_chat(ac1, ac2)

    lp.sec("ac1: send message to ac2")
    chat1.send_text("message")
@@ -450,14 +295,19 @@ def test_resend_message(acfactory, lp):
    lp.sec("ac2: receive message")
    msg_in = ac2._evtracker.wait_next_incoming_message()
    assert msg_in.text == "message"
-    chat2 = msg_in.chat
-    chat2_msg_cnt = len(chat2.get_messages())

    lp.sec("ac1: resend message")
    ac1.resend_messages([msg_in])

-    lp.sec("ac2: check that message is deleted")
-    ac2._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_DELETED")
+    lp.sec("ac1: send another message")
+    chat1.send_text("another message")
+
+    lp.sec("ac2: receive another message")
+    msg_in = ac2._evtracker.wait_next_incoming_message()
+    assert msg_in.text == "another message"
+    chat2 = msg_in.chat
+    chat2_msg_cnt = len(chat2.get_messages())
+
    assert len(chat2.get_messages()) == chat2_msg_cnt


@@ -485,7 +335,7 @@ def test_long_group_name(acfactory, lp):


 def test_send_self_message(acfactory, lp):
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=True, bcc_self=True)
+    ac1 = acfactory.new_online_configuring_account(bcc_self=True)
    acfactory.bring_accounts_online()
    lp.sec("ac1: create self chat")
    chat = ac1.get_self_contact().create_chat()
@@ -584,39 +434,6 @@ def test_send_and_receive_message_markseen(acfactory, lp):
        pass  # mark_seen_messages() has generated events before it returns


-def test_moved_markseen(acfactory):
-    """Test that message already moved to DeltaChat folder is marked as seen."""
-    ac1 = acfactory.new_online_configuring_account()
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=True)
-    acfactory.bring_accounts_online()
-
-    ac2.stop_io()
-    with ac2.direct_imap.idle() as idle2:
-        ac1.create_chat(ac2).send_text("Hello!")
-        idle2.wait_for_new_message()
-
-    # Emulate moving of the message to DeltaChat folder by Sieve rule.
-    ac2.direct_imap.conn.move(["*"], "DeltaChat")
-    ac2.direct_imap.select_folder("DeltaChat")
-
-    with ac2.direct_imap.idle() as idle2:
-        ac2.start_io()
-
-        ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
-        msg = ac2.get_message_by_id(ev.data2)
-        assert msg.text == "Messages are end-to-end encrypted."
-
-        ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
-        msg = ac2.get_message_by_id(ev.data2)
-
-        # Accept the contact request.
-        msg.chat.accept()
-        ac2.mark_seen_messages([msg])
-        uid = idle2.wait_for_seen()
-
-    assert len(list(ac2.direct_imap.conn.fetch(AND(seen=True, uid=U(uid, "*"))))) == 1
-
-
 def test_message_override_sender_name(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
    ac1.set_config("displayname", "ac1-default-displayname")
@@ -651,36 +468,6 @@ def test_message_override_sender_name(acfactory, lp):
    assert not msg2.override_sender_name


-@pytest.mark.parametrize("mvbox_move", [True, False])
-def test_markseen_message_and_mdn(acfactory, mvbox_move):
-    # Please only change this test if you are very sure that it will still catch the issues it catches now.
-    # We had so many problems with markseen, if in doubt, rather create another test, it can't harm.
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=mvbox_move)
-    ac2 = acfactory.new_online_configuring_account(mvbox_move=mvbox_move)
-    acfactory.bring_accounts_online()
-    # Do not send BCC to self, we only want to test MDN on ac1.
-    ac1.set_config("bcc_self", "0")
-
-    acfactory.get_accepted_chat(ac1, ac2).send_text("hi")
-    msg = ac2._evtracker.wait_next_incoming_message()
-
-    ac2.mark_seen_messages([msg])
-
-    folder = "mvbox" if mvbox_move else "inbox"
-    for ac in [ac1, ac2]:
-        if mvbox_move:
-            ac._evtracker.get_info_contains("Marked messages [0-9]+ in folder DeltaChat as seen.")
-        else:
-            ac._evtracker.get_info_contains("Marked messages [0-9]+ in folder INBOX as seen.")
-    ac1.direct_imap.select_config_folder(folder)
-    ac2.direct_imap.select_config_folder(folder)
-
-    # Check that the mdn is marked as seen
-    assert len(list(ac1.direct_imap.conn.fetch(AND(seen=True)))) == 1
-    # Check original message is marked as seen
-    assert len(list(ac2.direct_imap.conn.fetch(AND(seen=True)))) == 1
-
-
 def test_reply_privately(acfactory):
    ac1, ac2 = acfactory.get_online_accounts(2)

@@ -707,7 +494,7 @@ def test_reply_privately(acfactory):


 def test_mdn_asymmetric(acfactory, lp):
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=True)
+    ac1 = acfactory.new_online_configuring_account()
    ac2 = acfactory.new_online_configuring_account()
    acfactory.bring_accounts_online()

@@ -736,20 +523,14 @@ def test_mdn_asymmetric(acfactory, lp):
    ac2.mark_seen_messages([msg])

    lp.sec("ac1: waiting for incoming activity")
-    # MDN should be moved even though MDNs are already disabled
-    ac1._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-
    assert len(chat.get_messages()) == 1 + E2EE_INFO_MSGS

    # Wait for the message to be marked as seen on IMAP.
-    ac1._evtracker.get_info_contains("Marked messages [0-9]+ in folder DeltaChat as seen.")
+    ac1._evtracker.get_info_contains("Marked messages [0-9]+ in folder INBOX as seen.")

    # MDN is received even though MDNs are already disabled
    assert msg_out.is_out_mdn_received()

-    ac1.direct_imap.select_config_folder("mvbox")
-    assert len(list(ac1.direct_imap.conn.fetch(AND(seen=True)))) == 1
-

 def test_send_receive_encrypt(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
@@ -830,156 +611,6 @@ def test_no_draft_if_cant_send(acfactory):
    assert device_chat.get_draft() is None


-def test_dont_show_emails(acfactory, lp):
-    """Most mailboxes have a "Drafts" folder where constantly new emails appear but we don't actually want to show them.
-    So: If it's outgoing AND there is no Received header AND it's not in the sentbox, then ignore the email.
-
-    If the draft email is sent out later (i.e. moved to "Sent"), it must be shown.
-
-    Also, test that unknown emails in the Spam folder are not shown."""
-    ac1 = acfactory.new_online_configuring_account()
-    ac1.set_config("show_emails", "2")
-    ac1.create_contact("alice@example.org").create_chat()
-
-    acfactory.wait_configured(ac1)
-    ac1.direct_imap.create_folder("Drafts")
-    ac1.direct_imap.create_folder("Sent")
-    ac1.direct_imap.create_folder("Spam")
-    ac1.direct_imap.create_folder("Junk")
-
-    acfactory.bring_accounts_online()
-    ac1.stop_io()
-
-    ac1.direct_imap.append(
-        "Drafts",
-        """
-        From: ac1 <{}>
-        Subject: subj
-        To: alice@example.org
-        Message-ID: <aepiors@example.org>
-        Content-Type: text/plain; charset=utf-8
-
-        message in Drafts that is moved to Sent later
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Sent",
-        """
-        From: ac1 <{}>
-        Subject: subj
-        To: alice@example.org
-        Message-ID: <hsabaeni@example.org>
-        Content-Type: text/plain; charset=utf-8
-
-        message in Sent
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Spam",
-        """
-        From: unknown.address@junk.org
-        Subject: subj
-        To: {}
-        Message-ID: <spam.message@junk.org>
-        Content-Type: text/plain; charset=utf-8
-
-        Unknown message in Spam
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Spam",
-        """
-        From: unknown.address@junk.org, unkwnown.add@junk.org
-        Subject: subj
-        To: {}
-        Message-ID: <spam.message2@junk.org>
-        Content-Type: text/plain; charset=utf-8
-
-        Unknown & malformed message in Spam
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Spam",
-        """
-        From: delta<address: inbox@nhroy.com>
-        Subject: subj
-        To: {}
-        Message-ID: <spam.message99@junk.org>
-        Content-Type: text/plain; charset=utf-8
-
-        Unknown & malformed message in Spam
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Spam",
-        """
-        From: alice@example.org
-        Subject: subj
-        To: {}
-        Message-ID: <spam.message3@junk.org>
-        Content-Type: text/plain; charset=utf-8
-
-        Actually interesting message in Spam
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-    ac1.direct_imap.append(
-        "Junk",
-        """
-        From: unknown.address@junk.org
-        Subject: subj
-        To: {}
-        Message-ID: <spam.message@junk.org>
-        Content-Type: text/plain; charset=utf-8
-
-        Unknown message in Junk
-    """.format(
-            ac1.get_config("configured_addr"),
-        ),
-    )
-
-    ac1.set_config("scan_all_folders_debounce_secs", "0")
-    lp.sec("All prepared, now let DC find the message")
-    ac1.start_io()
-
-    msg = ac1._evtracker.wait_next_messages_changed()
-
-    # Wait until each folder was scanned, this is necessary for this test to test what it should test:
-    ac1._evtracker.wait_idle_inbox_ready()
-
-    assert msg.text == "subj – message in Sent"
-    chat_msgs = msg.chat.get_messages()
-    assert len(chat_msgs) == 2
-    assert any(msg.text == "subj – Actually interesting message in Spam" for msg in chat_msgs)
-
-    assert not any("unknown.address" in c.get_name() for c in ac1.get_chats())
-    ac1.direct_imap.select_folder("Spam")
-    assert ac1.direct_imap.get_uid_by_message_id("spam.message@junk.org")
-
-    ac1.stop_io()
-    lp.sec("'Send out' the draft, i.e. move it to the Sent folder, and wait for DC to display it this time")
-    ac1.direct_imap.select_folder("Drafts")
-    uid = ac1.direct_imap.get_uid_by_message_id("aepiors@example.org")
-    ac1.direct_imap.conn.move(uid, "Sent")
-
-    ac1.start_io()
-    msg2 = ac1._evtracker.wait_next_messages_changed()
-
-    assert msg2.text == "subj – message in Drafts that is moved to Sent later"
-    assert len(msg.chat.get_messages()) == 3
-
-
 def test_bot(acfactory, lp):
    """Test that bot messages can be identified as such"""
    ac1, ac2 = acfactory.get_online_accounts(2)
@@ -1122,89 +753,9 @@ def test_send_and_receive_image(acfactory, lp, data):
    assert m == msg_in


-def test_import_export_online_all(acfactory, tmp_path, data, lp):
-    (ac1, some1) = acfactory.get_online_accounts(2)
-
-    lp.sec("create some chat content")
-    some1_addr = some1.get_config("addr")
-    chat1 = ac1.create_contact(some1).create_chat()
-    chat1.send_text("msg1")
-    assert len(ac1.get_contacts()) == 1
-
-    original_image_path = data.get_path("d.png")
-    chat1.send_image(original_image_path)
-
-    # Add another 100KB file that ensures that the progress is smooth enough
-    path = tmp_path / "attachment.txt"
-    with path.open("w") as file:
-        file.truncate(100000)
-    chat1.send_file(str(path))
-
-    def assert_account_is_proper(ac):
-        contacts = ac.get_contacts()
-        assert len(contacts) == 1
-        contact2 = contacts[0]
-        assert contact2.addr == some1_addr
-        chat2 = contact2.create_chat()
-        messages = chat2.get_messages()
-        assert len(messages) == 3 + E2EE_INFO_MSGS
-        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
-        assert messages[1 + E2EE_INFO_MSGS].filemime == "image/png"
-        assert os.stat(messages[1 + E2EE_INFO_MSGS].filename).st_size == os.stat(original_image_path).st_size
-        ac.set_config("displayname", "new displayname")
-        assert ac.get_config("displayname") == "new displayname"
-
-    assert_account_is_proper(ac1)
-
-    backupdir = tmp_path / "backup"
-    backupdir.mkdir()
-
-    lp.sec(f"export all to {backupdir}")
-    with ac1.temp_plugin(ImexTracker()) as imex_tracker:
-        ac1.stop_io()
-        ac1.imex(str(backupdir), dc.const.DC_IMEX_EXPORT_BACKUP)
-
-        # check progress events for export
-        assert imex_tracker.wait_progress(1, progress_upper_limit=249)
-        assert imex_tracker.wait_progress(250, progress_upper_limit=499)
-        assert imex_tracker.wait_progress(500, progress_upper_limit=749)
-        assert imex_tracker.wait_progress(750, progress_upper_limit=999)
-
-        paths = imex_tracker.wait_finish()
-        assert len(paths) == 1
-        path = paths[0]
-        assert os.path.exists(path)
-        ac1.start_io()
-
-    lp.sec("get fresh empty account")
-    ac2 = acfactory.get_unconfigured_account()
-
-    lp.sec("get latest backup file")
-    path2 = ac2.get_latest_backupfile(str(backupdir))
-    assert path2 == path
-
-    lp.sec("import backup and check it's proper")
-    with ac2.temp_plugin(ImexTracker()) as imex_tracker:
-        ac2.import_all(path)
-
-        # check progress events for import
-        assert imex_tracker.wait_progress(1, progress_upper_limit=249)
-        assert imex_tracker.wait_progress(1000)
-
-    assert_account_is_proper(ac1)
-    assert_account_is_proper(ac2)
-
-    lp.sec(f"Second-time export all to {backupdir}")
-    ac1.stop_io()
-    path2 = ac1.export_all(str(backupdir))
-    assert os.path.exists(path2)
-    assert path2 != path
-    assert ac2.get_latest_backupfile(str(backupdir)) == path2
-
-
 def test_qr_email_capitalization(acfactory, lp):
    """Regression test for a bug
-    that resulted in failure to propagate verification via gossip in a verified group
+    that resulted in failure to propagate verification
    when the database already contained the contact with a different email address capitalization.
    """

@@ -1215,24 +766,27 @@ def test_qr_email_capitalization(acfactory, lp):
    lp.sec(f"ac1 creates a contact for ac2 ({ac2_addr_uppercase})")
    ac1.create_contact(ac2_addr_uppercase)

-    lp.sec("ac3 creates a verified group with a QR code")
-    chat = ac3.create_group_chat("hello", verified=True)
+    lp.sec("ac3 creates a group with a QR code")
+    chat = ac3.create_group_chat("hello")
    qr = chat.get_join_qr()

-    lp.sec("ac1 joins a verified group via a QR code")
+    lp.sec("ac1 joins a group via a QR code")
    ac1_chat = ac1.qr_join_chat(qr)
    msg = ac1._evtracker.wait_next_incoming_message()
    assert msg.text == "Member Me added by {}.".format(ac3.get_config("addr"))
    assert len(ac1_chat.get_contacts()) == 2

-    lp.sec("ac2 joins a verified group via a QR code")
+    lp.sec("ac2 joins a group via a QR code")
    ac2.qr_join_chat(qr)
    ac1._evtracker.wait_next_incoming_message()

    # ac1 should see both ac3 and ac2 as verified.
    assert len(ac1_chat.get_contacts()) == 3
+    # Until we reset verifications and then send the _verified header,
+    # the verification of ac2 is not gossiped here:
    for contact in ac1_chat.get_contacts():
-        assert contact.is_verified()
+        is_ac2 = contact.addr == ac2.get_config("addr")
+        assert contact.is_verified() != is_ac2


 def test_set_get_contact_avatar(acfactory, data, lp):
@@ -1378,7 +932,6 @@ def test_set_get_group_image(acfactory, data, lp):

 def test_connectivity(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
-    ac1.set_config("scan_all_folders_debounce_secs", "0")

    ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_CONNECTED)

@@ -1499,9 +1052,15 @@ def test_send_receive_locations(acfactory, lp):
    assert locations[0].latitude == 2.0
    assert locations[0].longitude == 3.0
    assert locations[0].accuracy == 0.5
-    assert locations[0].timestamp > now
    assert locations[0].marker is None

+    # Make sure the timestamp is not in the past.
+    # Note that location timestamp has only 1 second precision,
+    # while `now` has a fractional part, so we have to truncate it
+    # first, otherwise `now` may appear to be in the future
+    # even though it is the same second.
+    assert int(locations[0].timestamp.timestamp()) >= int(now.timestamp())
+
    contact = ac2.create_contact(ac1)
    locations2 = chat2.get_locations(contact=contact)
    assert len(locations2) == 1
@@ -1512,38 +1071,6 @@ def test_send_receive_locations(acfactory, lp):
    assert not locations3


-def test_immediate_autodelete(acfactory, lp):
-    ac1 = acfactory.new_online_configuring_account()
-    ac2 = acfactory.new_online_configuring_account()
-    acfactory.bring_accounts_online()
-
-    # "1" means delete immediately, while "0" means do not delete
-    ac2.set_config("delete_server_after", "1")
-
-    lp.sec("ac1: create chat with ac2")
-    chat1 = ac1.create_chat(ac2)
-    ac2.create_chat(ac1)
-
-    lp.sec("ac1: send message to ac2")
-    sent_msg = chat1.send_text("hello")
-
-    msg = ac2._evtracker.wait_next_incoming_message()
-    assert msg.text == "hello"
-
-    lp.sec("ac2: wait for close/expunge on autodelete")
-    ac2._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_DELETED")
-    ac2._evtracker.get_info_contains("Close/expunge succeeded.")
-
-    lp.sec("ac2: check that message was autodeleted on server")
-    assert len(ac2.direct_imap.get_all_messages()) == 0
-
-    lp.sec("ac2: Mark deleted message as seen and check that read receipt arrives")
-    msg.mark_seen()
-    ev = ac1._evtracker.get_matching("DC_EVENT_MSG_READ")
-    assert ev.data1 == chat1.id
-    assert ev.data2 == sent_msg.id
-
-
 def test_delete_multiple_messages(acfactory, lp):
    ac1, ac2 = acfactory.get_online_accounts(2)
    chat12 = acfactory.get_accepted_chat(ac1, ac2)
@@ -1576,55 +1103,6 @@ def test_delete_multiple_messages(acfactory, lp):
            break


-def test_trash_multiple_messages(acfactory, lp):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-    ac2.stop_io()
-
-    # Create the Trash folder on IMAP server and configure deletion to it. There was a bug that if
-    # Trash wasn't configured initially, it can't be configured later, let's check this.
-    lp.sec("Creating trash folder")
-    ac2.direct_imap.create_folder("Trash")
-    ac2.set_config("delete_to_trash", "1")
-
-    lp.sec("Check that Trash can be configured initially as well")
-    ac3 = acfactory.new_online_configuring_account(cloned_from=ac2)
-    acfactory.bring_accounts_online()
-    assert ac3.get_config("configured_trash_folder")
-    ac3.stop_io()
-
-    ac2.start_io()
-    chat12 = acfactory.get_accepted_chat(ac1, ac2)
-
-    lp.sec("ac1: sending 3 messages")
-    texts = ["first", "second", "third"]
-    for text in texts:
-        chat12.send_text(text)
-
-    lp.sec("ac2: waiting for all messages on the other side")
-    to_delete = []
-    for text in texts:
-        msg = ac2._evtracker.wait_next_incoming_message()
-        assert msg.text in texts
-        if text != "second":
-            to_delete.append(msg)
-    # ac2 has received some messages, this is impossible w/o the trash folder configured, let's
-    # check the configuration.
-    assert ac2.get_config("configured_trash_folder") == "Trash"
-
-    lp.sec("ac2: deleting all messages except second")
-    assert len(to_delete) == len(texts) - 1
-    ac2.delete_messages(to_delete)
-
-    lp.sec("ac2: test that only one message is left")
-    while 1:
-        ac2._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
-        ac2.direct_imap.select_config_folder("inbox")
-        nr_msgs = len(ac2.direct_imap.get_all_messages())
-        assert nr_msgs > 0
-        if nr_msgs == 1:
-            break
-
-
 def test_configure_error_msgs_wrong_pw(acfactory):
    (ac1,) = acfactory.get_online_accounts(1)

@@ -1663,16 +1141,17 @@ def test_configure_error_msgs_invalid_server(acfactory):
        ev = ac2._evtracker.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
        if ev.data1 == 0:
            break
+    err_lower = ev.data2.lower()
    # Can't connect so it probably should say something about "internet"
    # again, should not repeat itself
    # If this fails then probably `e.msg.to_lowercase().contains("could not resolve")`
    # in configure.rs returned false because the error message was changed
    # (i.e. did not contain "could not resolve" anymore)
-    assert (ev.data2.count("internet") + ev.data2.count("network")) == 1
+    assert (err_lower.count("internet") + err_lower.count("network")) == 1
    # Should mention that it can't connect:
-    assert ev.data2.count("connect") == 1
+    assert err_lower.count("connect") == 1
    # The users do not know what "configuration" is
-    assert "configuration" not in ev.data2.lower()
+    assert "configuration" not in err_lower


 def test_status(acfactory):
@@ -1748,71 +1227,6 @@ def test_group_quote(acfactory, lp):
    assert received_reply.quote.id == out_msg.id


-@pytest.mark.parametrize(
-    ("folder", "move", "expected_destination"),
-    [
-        (
-            "xyz",
-            False,
-            "xyz",
-        ),  # Test that emails aren't found in a random folder
-        (
-            "Spam",
-            True,
-            "DeltaChat",
-        ),  # ...emails are moved from the spam folder to "DeltaChat"
-        (
-            "Spam",
-            False,
-            "INBOX",
-        ),  # ...emails are moved from the spam folder to the Inbox
-    ],
-)
-# Testrun.org does not support the CREATE-SPECIAL-USE capability, which means that we can't create a folder with
-# the "\Junk" flag (see https://tools.ietf.org/html/rfc6154). So, we can't test spam folder detection by flag.
-def test_scan_folders(acfactory, lp, folder, move, expected_destination):
-    """Delta Chat periodically scans all folders for new messages to make sure we don't miss any."""
-    variant = folder + "-" + str(move) + "-" + expected_destination
-    lp.sec("Testing variant " + variant)
-    ac1 = acfactory.new_online_configuring_account(mvbox_move=move)
-    ac2 = acfactory.new_online_configuring_account()
-
-    acfactory.wait_configured(ac1)
-    ac1.direct_imap.create_folder(folder)
-
-    # Wait until each folder was selected once and we are IDLEing:
-    acfactory.bring_accounts_online()
-    ac1.stop_io()
-    assert folder in ac1.direct_imap.list_folders()
-
-    lp.sec("Send a message to from ac2 to ac1 and manually move it to `folder`")
-    ac1.direct_imap.select_config_folder("inbox")
-    with ac1.direct_imap.idle() as idle1:
-        acfactory.get_accepted_chat(ac2, ac1).send_text("hello")
-        idle1.wait_for_new_message()
-    ac1.direct_imap.conn.move(["*"], folder)  # "*" means "biggest UID in mailbox"
-
-    lp.sec("start_io() and see if DeltaChat finds the message (" + variant + ")")
-    ac1.set_config("scan_all_folders_debounce_secs", "0")
-    ac1.start_io()
-    chat = ac1.create_chat(ac2)
-    n_msgs = 1  # "Messages are end-to-end encrypted."
-    if folder == "Spam":
-        msg = ac1._evtracker.wait_next_incoming_message()
-        assert msg.text == "hello"
-        n_msgs += 1
-    else:
-        ac1._evtracker.wait_idle_inbox_ready()
-    assert len(chat.get_messages()) == n_msgs
-
-    # The message has reached its destination.
-    ac1.direct_imap.select_folder(expected_destination)
-    assert len(ac1.direct_imap.get_all_messages()) == 1
-    if folder != expected_destination:
-        ac1.direct_imap.select_folder(folder)
-        assert len(ac1.direct_imap.get_all_messages()) == 0
-
-
 def test_archived_muted_chat(acfactory, lp):
    """If an archived and muted chat receives a new message, DC_EVENT_MSGS_CHANGED for
    DC_CHAT_ID_ARCHIVED_LINK must be generated if the chat had only seen messages previously.
--- a/python/tests/test_3_offline.py
+++ b/python/tests/test_3_offline.py
@@ -35,7 +35,7 @@ class TestOfflineAccountBasic:
        d = ac1.get_info()
        assert d["arch"]
        assert d["number_of_chats"] == "0"
-        assert d["bcc_self"] == "1"
+        assert d["bcc_self"] == "0"

    def test_is_not_configured(self, acfactory):
        ac1 = acfactory.get_unconfigured_account()
@@ -69,7 +69,7 @@ class TestOfflineAccountBasic:
    def test_has_bccself(self, acfactory):
        ac1 = acfactory.get_unconfigured_account()
        assert "bcc_self" in ac1.get_config("sys.config_keys").split()
-        assert ac1.get_config("bcc_self") == "1"
+        assert ac1.get_config("bcc_self") == "0"

    def test_selfcontact_if_unconfigured(self, acfactory):
        ac1 = acfactory.get_unconfigured_account()
@@ -258,9 +258,6 @@ class TestOfflineChat:
        with pytest.raises(ValueError):
            ac1.set_stock_translation(dc.const.DC_STR_FILE, "xyz %1$s")
        ac1._evtracker.get_matching("DC_EVENT_WARNING")
-        with pytest.raises(ValueError):
-            ac1.set_stock_translation(dc.const.DC_STR_CONTACT_NOT_VERIFIED, "xyz %2$s")
-        ac1._evtracker.get_matching("DC_EVENT_WARNING")
        with pytest.raises(ValueError):
            ac1.set_stock_translation(500, "xyz %1$s")
        ac1._evtracker.get_matching("DC_EVENT_WARNING")
@@ -271,10 +268,9 @@ class TestOfflineChat:
        chat.set_name("Homework")
        assert chat.get_messages()[-1].text == "abc homework xyz Homework"

-    @pytest.mark.parametrize("verified", [True, False])
-    def test_group_chat_qr(self, acfactory, ac1, verified):
+    def test_group_chat_qr(self, acfactory, ac1):
        ac2 = acfactory.get_pseudo_configured_account()
-        chat = ac1.create_group_chat(name="title1", verified=verified)
+        chat = ac1.create_group_chat(name="title1")
        assert chat.is_group()
        qr = chat.get_join_qr()
        assert ac2.check_qr(qr).is_ask_verifygroup
--- a/python/tox.ini
+++ b/python/tox.ini
@@ -23,7 +23,6 @@ deps =
    pytest
    pytest-timeout
    pytest-xdist
-    pdbpp
    requests
 # urllib3 2.0 does not work in manylinux2014 containers.
 # https://github.com/deltachat/deltachat-core-rust/issues/4788
@@ -47,7 +46,7 @@ deps =
 commands =
    ruff format --diff setup.py src/deltachat examples/ tests/
    ruff check src/deltachat tests/ examples/
-    rst-lint --encoding 'utf-8' README.rst
+    rst-lint README.rst

 [testenv:mypy]
 deps =
--- a/release-date.in
+++ b/release-date.in
@@ -1 +1 @@
-2025-10-13
+2026-02-10
--- a/scripts/README.md
+++ b/scripts/README.md
@@ -26,10 +26,10 @@ and an own build machine.
   i.e. `deltachat-rpc-client` and `deltachat-rpc-server`.

 - `remote_tests_python.sh` rsyncs to a build machine and runs
-  `run-python-test.sh` remotely on the build machine. 
+  JSON-RPC Python tests remotely on the build machine. 

 - `remote_tests_rust.sh` rsyncs to the build machine and runs
-  `run-rust-test.sh` remotely on the build machine. 
+  Rust tests remotely on the build machine. 

 - `run-doxygen.sh` generates C-docs which are then uploaded to https://c.delta.chat/

--- a/scripts/coredeps/install-rust.sh
+++ b/scripts/coredeps/install-rust.sh
@@ -7,7 +7,7 @@ set -euo pipefail
 #
 # Avoid using rustup here as it depends on reading /proc/self/exe and
 # has problems running under QEMU.
-RUST_VERSION=1.90.0
+RUST_VERSION=1.93.0

 ARCH="$(uname -m)"
 test -f "/lib/libc.musl-$ARCH.so.1" && LIBC=musl || LIBC=gnu
--- a/scripts/deny.sh
+++ b/scripts/deny.sh
@@ -3,4 +3,4 @@
 # Update package cache without changing the lockfile.
 cargo update --dry-run

-cargo deny --workspace --all-features check -D warnings
+cargo deny --workspace --all-features --locked check -D warnings
--- a/scripts/remote_tests_python.sh
+++ b/scripts/remote_tests_python.sh
@@ -1,45 +1,32 @@
-#!/bin/bash 
+#!/usr/bin/env bash
+set -euo pipefail

-BUILD_ID=${1:?specify build ID}
-
-SSHTARGET=${SSHTARGET-ci@b1.delta.chat}
-BUILDDIR=ci_builds/$BUILD_ID
+set -x
+if ! test -v SSHTARGET; then
+	echo >&2 SSHTARGET is not set
+	exit 1
+fi
+BUILDDIR=ci_builds/chatmailcore

 echo "--- Copying files to $SSHTARGET:$BUILDDIR"

-set -xe
-
-ssh -oBatchMode=yes -oStrictHostKeyChecking=no  $SSHTARGET mkdir -p "$BUILDDIR"
-git ls-files >.rsynclist 
-# we seem to need .git for setuptools_scm versioning 
-find .git >>.rsynclist
-rsync --delete --files-from=.rsynclist -az ./ "$SSHTARGET:$BUILDDIR"
-
-set +x
+rsync -az --delete --mkpath --files-from=<(git ls-files) ./ "$SSHTARGET:$BUILDDIR"

 echo "--- Running Python tests remotely"

-ssh $SSHTARGET <<_HERE
+ssh -oBatchMode=yes -- "$SSHTARGET" <<_HERE
    set +x -e

    # make sure all processes exit when ssh dies
    shopt -s huponexit

-    export RUSTC_WRAPPER=\`which sccache\`
+    export RUSTC_WRAPPER=\`command -v sccache\`
    cd $BUILDDIR
-    export TARGET=release
    export CHATMAIL_DOMAIN=$CHATMAIL_DOMAIN

-    #we rely on tox/virtualenv being available in the host
-    #rm -rf virtualenv venv
-    #virtualenv -q -p python3.7 venv 
-    #source venv/bin/activate
-    #pip install -q tox virtualenv
+    scripts/make-rpc-testenv.sh
+    . venv/bin/activate

-    set -x
-    which python
-    source \$HOME/venv/bin/activate
-    which python
-
-    bash scripts/run-python-test.sh 
+    cd deltachat-rpc-client
+    pytest -n6 $@
 _HERE
--- a/scripts/remote_tests_rust.sh
+++ b/scripts/remote_tests_rust.sh
@@ -1,29 +1,25 @@
-#!/bin/bash 
+#!/usr/bin/env bash
+set -euo pipefail

-BUILD_ID=${1:?specify build ID}
-
-SSHTARGET=${SSHTARGET-ci@b1.delta.chat}
-BUILDDIR=ci_builds/$BUILD_ID
-
-set -e
+if ! test -v SSHTARGET; then
+        echo >&2 SSHTARGET is not set
+        exit 1
+fi
+BUILDDIR=ci_builds/chatmailcore

 echo "--- Copying files to $SSHTARGET:$BUILDDIR"

-ssh -oBatchMode=yes -oStrictHostKeyChecking=no $SSHTARGET mkdir -p "$BUILDDIR"
-git ls-files >.rsynclist
-rsync --delete --files-from=.rsynclist -az ./ "$SSHTARGET:$BUILDDIR"
+rsync -az --delete --mkpath --files-from=<(git ls-files) ./ "$SSHTARGET:$BUILDDIR"

 echo "--- Running Rust tests remotely"

-ssh $SSHTARGET <<_HERE
+ssh -oBatchMode=yes -- "$SSHTARGET" <<_HERE
    set +x -e
    # make sure all processes exit when ssh dies
    shopt -s huponexit
-    export RUSTC_WRAPPER=\`which sccache\`
+    export RUSTC_WRAPPER=\`command -v sccache\`
    cd $BUILDDIR
-    export TARGET=x86_64-unknown-linux-gnu
-    export RUSTC_WRAPPER=sccache

-    bash scripts/run-rust-test.sh
+    cargo nextest run
 _HERE

--- a/scripts/run_all.sh
+++ b/scripts/run_all.sh
@@ -31,6 +31,6 @@ unset CHATMAIL_DOMAIN

 # Try to build wheels for a range of interpreters, but don't fail if they are not available.
 # E.g. musllinux_1_1 does not have PyPy interpreters as of 2022-07-10
-tox --workdir "$TOXWORKDIR" -e py38,py39,py310,py311,py312,py313,pypy38,pypy39,pypy310 --skip-missing-interpreters true
+tox --workdir "$TOXWORKDIR" -e py310,py311,py312,py313,pypy310 --skip-missing-interpreters true

 auditwheel repair "$TOXWORKDIR"/wheelhouse/deltachat* -w "$TOXWORKDIR/wheelhouse"
--- a/scripts/update-provider-database.sh
+++ b/scripts/update-provider-database.sh
@@ -6,11 +6,11 @@ set -euo pipefail
 export TZ=UTC

 # Provider database revision.
-REV=1cce91c1f1065b47e4f307d6fe2f4cca68c74d2e
+REV=996c4bc82be5a7404f70b185ff062da33bfa98d9

 CORE_ROOT="$PWD"
 TMP="$(mktemp -d)"
-git clone --filter=blob:none https://github.com/deltachat/provider-db.git "$TMP"
+git clone --filter=blob:none https://github.com/chatmail/provider-db.git "$TMP"
 cd "$TMP"
 git checkout "$REV"
 DATE=$(git show -s --format=%cs)
--- a/spec.md
+++ b/spec.md
@@ -1,6 +1,6 @@
 # Chatmail Specification

-Version: 0.36.0
+Version: 0.37.0
 Status:  In-progress 
 Format:  [Semantic Line Breaks](https://sembr.org/)

@@ -582,6 +582,24 @@ and e.g. simply search for the line starting with `EMAIL`
 in order to get the email address.


+# Verifications
+
+Keys obtained using [SecureJoin](https://securejoin.readthedocs.io) protocol
+and corresponding contacts
+are considered "verified".
+
+As an extension to `Autocrypt-Gossip` header,
+chatmail clients can add `_verified=1` attribute
+(underscore marks the attribute as non-critical)
+to indicate that they have the gossiped key
+and the corresponding contact marked as verified.
+
+When receiving such `Autocrypt-Gossip` header
+in a message signed by a verified key,
+chatmail clients mark the gossiped key
+as indirectly verified.
+
+
 # Transitioning to a new e-mail address (AEAP)

 When receiving a message:
--- a/src/accounts.rs
+++ b/src/accounts.rs
@@ -3,8 +3,12 @@
 use std::collections::{BTreeMap, BTreeSet};
 use std::future::Future;
 use std::path::{Path, PathBuf};
+use std::sync::Arc;

 use anyhow::{Context as _, Result, bail, ensure};
+use async_channel::{self, Receiver, Sender};
+use futures::FutureExt as _;
+use futures_lite::FutureExt as _;
 use serde::{Deserialize, Serialize};
 use tokio::fs;
 use tokio::io::AsyncWriteExt;
@@ -18,7 +22,7 @@ use tokio::time::{Duration, sleep};

 use crate::context::{Context, ContextBuilder};
 use crate::events::{Event, EventEmitter, EventType, Events};
-use crate::log::{info, warn};
+use crate::log::warn;
 use crate::push::PushSubscriber;
 use crate::stock_str::StockStrings;

@@ -41,6 +45,13 @@ pub struct Accounts {

    /// Push notification subscriber shared between accounts.
    push_subscriber: PushSubscriber,
+
+    /// Channel sender to cancel ongoing background_fetch().
+    ///
+    /// If background_fetch() is not running, this is `None`.
+    /// New background_fetch() should not be started if this
+    /// contains `Some`.
+    background_fetch_interrupt_sender: Arc<parking_lot::Mutex<Option<Sender<()>>>>,
 }

 impl Accounts {
@@ -49,8 +60,18 @@ impl Accounts {
        if writable && !dir.exists() {
            Accounts::create(&dir).await?;
        }
+        let events = Events::new();
+        Accounts::open(events, dir, writable).await
+    }

-        Accounts::open(dir, writable).await
+    /// Loads or creates an accounts folder at the given `dir`.
+    /// Uses an existing events channel.
+    pub async fn new_with_events(dir: PathBuf, writable: bool, events: Events) -> Result<Self> {
+        if writable && !dir.exists() {
+            Accounts::create(&dir).await?;
+        }
+
+        Accounts::open(events, dir, writable).await
    }

    /// Get the ID used to log events.
@@ -74,14 +95,14 @@ impl Accounts {

    /// Opens an existing accounts structure. Will error if the folder doesn't exist,
    /// no account exists and no config exists.
-    async fn open(dir: PathBuf, writable: bool) -> Result<Self> {
+    async fn open(events: Events, dir: PathBuf, writable: bool) -> Result<Self> {
        ensure!(dir.exists(), "directory does not exist");

        let config_file = dir.join(CONFIG_NAME);
        ensure!(config_file.exists(), "{config_file:?} does not exist");

        let config = Config::from_file(config_file, writable).await?;
-        let events = Events::new();
+
        let stockstrings = StockStrings::new();
        let push_subscriber = PushSubscriber::new();
        let accounts = config
@@ -96,6 +117,7 @@ impl Accounts {
            events,
            stockstrings,
            push_subscriber,
+            background_fetch_interrupt_sender: Default::default(),
        })
    }

@@ -352,6 +374,11 @@ impl Accounts {
    ///
    /// This is an auxiliary function and not part of public API.
    /// Use [Accounts::background_fetch] instead.
+    ///
+    /// This function is cancellation-safe.
+    /// It is intended to be cancellable,
+    /// either because of the timeout or because background
+    /// fetch was explicitly cancelled.
    async fn background_fetch_no_timeout(accounts: Vec<Context>, events: Events) {
        let n_accounts = accounts.len();
        events.emit(Event {
@@ -360,6 +387,11 @@ impl Accounts {
                "Starting background fetch for {n_accounts} accounts."
            )),
        });
+        ::tracing::event!(
+            ::tracing::Level::INFO,
+            account_id = 0,
+            "Starting background fetch for {n_accounts} accounts."
+        );
        let mut set = JoinSet::new();
        for account in accounts {
            set.spawn(async move {
@@ -375,17 +407,41 @@ impl Accounts {
                "Finished background fetch for {n_accounts} accounts."
            )),
        });
+        ::tracing::event!(
+            ::tracing::Level::INFO,
+            account_id = 0,
+            "Finished background fetch for {n_accounts} accounts."
+        );
    }

    /// Auxiliary function for [Accounts::background_fetch].
+    ///
+    /// Runs `background_fetch` until it finishes
+    /// or until the timeout.
+    ///
+    /// Produces `AccountsBackgroundFetchDone` event in every case
+    /// and clears [`Self::background_fetch_interrupt_sender`]
+    /// so a new background fetch can be started.
+    ///
+    /// This function is not cancellation-safe.
+    /// Cancelling it before it returns may result
+    /// in not being able to run any new background fetch
+    /// if interrupt sender was not cleared.
    async fn background_fetch_with_timeout(
        accounts: Vec<Context>,
        events: Events,
        timeout: std::time::Duration,
+        interrupt_sender: Arc<parking_lot::Mutex<Option<Sender<()>>>>,
+        interrupt_receiver: Option<Receiver<()>>,
    ) {
+        let Some(interrupt_receiver) = interrupt_receiver else {
+            // Nothing to do if we got no interrupt receiver.
+            return;
+        };
        if let Err(_err) = tokio::time::timeout(
            timeout,
-            Self::background_fetch_no_timeout(accounts, events.clone()),
+            Self::background_fetch_no_timeout(accounts, events.clone())
+                .race(interrupt_receiver.recv().map(|_| ())),
        )
        .await
        {
@@ -393,15 +449,26 @@ impl Accounts {
                id: 0,
                typ: EventType::Warning("Background fetch timed out.".to_string()),
            });
+            ::tracing::event!(
+                ::tracing::Level::WARN,
+                account_id = 0,
+                "Background fetch timed out."
+            );
        }
        events.emit(Event {
            id: 0,
            typ: EventType::AccountsBackgroundFetchDone,
        });
+        (*interrupt_sender.lock()) = None;
    }

    /// Performs a background fetch for all accounts in parallel with a timeout.
    ///
+    /// Ongoing background fetch can also be cancelled manually
+    /// by calling `stop_background_fetch()`, in which case it will
+    /// return immediately even before the timeout expiration
+    /// or finishing fetching.
+    ///
    /// The `AccountsBackgroundFetchDone` event is emitted at the end,
    /// process all events until you get this one and you can safely return to the background
    /// without forgetting to create notifications caused by timing race conditions.
@@ -414,7 +481,39 @@ impl Accounts {
    ) -> impl Future<Output = ()> + use<> {
        let accounts: Vec<Context> = self.accounts.values().cloned().collect();
        let events = self.events.clone();
-        Self::background_fetch_with_timeout(accounts, events, timeout)
+        let (sender, receiver) = async_channel::bounded(1);
+        let receiver = {
+            let mut lock = self.background_fetch_interrupt_sender.lock();
+            if (*lock).is_some() {
+                // Another background_fetch() is already running,
+                // return immeidately.
+                None
+            } else {
+                *lock = Some(sender);
+                Some(receiver)
+            }
+        };
+        Self::background_fetch_with_timeout(
+            accounts,
+            events,
+            timeout,
+            self.background_fetch_interrupt_sender.clone(),
+            receiver,
+        )
+    }
+
+    /// Interrupts ongoing background_fetch() call,
+    /// making it return early.
+    ///
+    /// This method allows to cancel background_fetch() early,
+    /// e.g. on Android, when `Service.onTimeout` is called.
+    ///
+    /// If there is no ongoing background_fetch(), does nothing.
+    pub fn stop_background_fetch(&self) {
+        let mut lock = self.background_fetch_interrupt_sender.lock();
+        if let Some(sender) = lock.take() {
+            sender.try_send(()).ok();
+        }
    }

    /// Emits a single event.
@@ -604,13 +703,12 @@ impl Config {
        // Convert them to relative paths.
        let mut modified = false;
        for account in &mut config.inner.accounts {
-            if account.dir.is_absolute() {
-                if let Some(old_path_parent) = account.dir.parent() {
-                    if let Ok(new_path) = account.dir.strip_prefix(old_path_parent) {
-                        account.dir = new_path.to_path_buf();
-                        modified = true;
-                    }
-                }
+            if account.dir.is_absolute()
+                && let Some(old_path_parent) = account.dir.parent()
+                && let Ok(new_path) = account.dir.strip_prefix(old_path_parent)
+            {
+                account.dir = new_path.to_path_buf();
+                modified = true;
            }
        }
        if modified && writable {
--- a/src/aheader.rs
+++ b/src/aheader.rs
@@ -61,9 +61,11 @@ impl fmt::Display for Aheader {
        if self.prefer_encrypt == EncryptPreference::Mutual {
            write!(fmt, " prefer-encrypt=mutual;")?;
        }
-        if self.verified {
-            write!(fmt, " _verified=1;")?;
-        }
+        // TODO After we reset all existing verifications,
+        // we want to start sending the _verified attribute
+        // if self.verified {
+        //     write!(fmt, " _verified=1;")?;
+        // }

        // adds a whitespace every 78 characters, this allows
        // email crate to wrap the lines according to RFC 5322
@@ -108,9 +110,9 @@ impl FromStr for Aheader {
                SignedPublicKey::from_base64(&raw).context("autocrypt key cannot be decoded")
            })
            .and_then(|key| {
-                key.verify()
+                key.verify_bindings()
                    .and(Ok(key))
-                    .context("autocrypt key cannot be verified")
+                    .context("Autocrypt key cannot be verified")
            })?;

        let prefer_encrypt = attributes
@@ -282,8 +284,9 @@ mod tests {
            .contains("test@example.com")
        );

+        // We don't send the _verified header yet:
        assert!(
-            format!(
+            !format!(
                "{}",
                Aheader {
                    addr: "test@example.com".to_string(),
--- a/src/authres.rs
+++ b/src/authres.rs
@@ -468,7 +468,7 @@ Authentication-Results: box.hispanilandia.net; spf=pass smtp.mailfrom=adbenitez@
            // The ordering in which the emails are received can matter;
            // the test _should_ pass for every ordering.
            dir.sort_by_key(|d| d.file_name());
-            //rand::seq::SliceRandom::shuffle(&mut dir[..], &mut rand::thread_rng());
+            //rand::seq::SliceRandom::shuffle(&mut dir[..], &mut rand::rng());

            for entry in &dir {
                let mut file = fs::File::open(entry.path()).await?;
--- a/src/blob.rs
+++ b/src/blob.rs
@@ -1,6 +1,6 @@
 //! # Blob directory management.

-use core::cmp::max;
+use std::cmp::max;
 use std::io::{Cursor, Seek};
 use std::iter::FusedIterator;
 use std::mem;
@@ -20,7 +20,7 @@ use crate::config::Config;
 use crate::constants::{self, MediaQuality};
 use crate::context::Context;
 use crate::events::EventType;
-use crate::log::{LogExt, error, info, warn};
+use crate::log::{LogExt, warn};
 use crate::message::Viewtype;
 use crate::tools::sanitize_filename;

@@ -234,8 +234,13 @@ impl<'a> BlobObject<'a> {
    /// If `data` represents an image of known format, this adds the corresponding extension.
    ///
    /// Even though this function is not async, it's OK to call it from an async context.
-    pub(crate) fn store_from_base64(context: &Context, data: &str) -> Result<String> {
-        let buf = base64::engine::general_purpose::STANDARD.decode(data)?;
+    ///
+    /// Returns an error if there is an I/O problem,
+    /// but in case of a failure to decode base64 returns `Ok(None)`.
+    pub(crate) fn store_from_base64(context: &Context, data: &str) -> Result<Option<String>> {
+        let Ok(buf) = base64::engine::general_purpose::STANDARD.decode(data) else {
+            return Ok(None);
+        };
        let name = if let Ok(format) = image::guess_format(&buf) {
            if let Some(ext) = format.extensions_str().first() {
                format!("file.{ext}")
@@ -246,12 +251,12 @@ impl<'a> BlobObject<'a> {
            String::new()
        };
        let blob = BlobObject::create_and_deduplicate_from_bytes(context, &buf, &name)?;
-        Ok(blob.as_name().to_string())
+        Ok(Some(blob.as_name().to_string()))
    }

    /// Recode image to avatar size.
    pub async fn recode_to_avatar_size(&mut self, context: &Context) -> Result<()> {
-        let (img_wh, max_bytes) =
+        let (max_wh, max_bytes) =
            match MediaQuality::from_i32(context.get_config_int(Config::MediaQuality).await?)
                .unwrap_or_default()
            {
@@ -268,7 +273,7 @@ impl<'a> BlobObject<'a> {
        let is_avatar = true;
        self.check_or_recode_to_size(
            context, None, // The name of an avatar doesn't matter
-            viewtype, img_wh, max_bytes, is_avatar,
+            viewtype, max_wh, max_bytes, is_avatar,
        )?;

        Ok(())
@@ -289,7 +294,7 @@ impl<'a> BlobObject<'a> {
        name: Option<String>,
        viewtype: &mut Viewtype,
    ) -> Result<String> {
-        let (img_wh, max_bytes) =
+        let (max_wh, max_bytes) =
            match MediaQuality::from_i32(context.get_config_int(Config::MediaQuality).await?)
                .unwrap_or_default()
            {
@@ -300,13 +305,15 @@ impl<'a> BlobObject<'a> {
                MediaQuality::Worse => (constants::WORSE_IMAGE_SIZE, constants::WORSE_IMAGE_BYTES),
            };
        let is_avatar = false;
-        self.check_or_recode_to_size(context, name, viewtype, img_wh, max_bytes, is_avatar)
+        self.check_or_recode_to_size(context, name, viewtype, max_wh, max_bytes, is_avatar)
    }

-    /// Checks or recodes the image so that it fits into limits on width/height and byte size.
+    /// Checks or recodes the image so that it fits into limits on width/height and/or byte size.
    ///
-    /// If `!is_avatar`, then if `max_bytes` is exceeded, reduces the image to `img_wh` and proceeds
-    /// with the result without rechecking.
+    /// If `!is_avatar`, then if `max_bytes` is exceeded, reduces the image to `max_wh` and proceeds
+    /// with the result (even if `max_bytes` is still exceeded).
+    ///
+    /// If `is_avatar`, the resolution will be reduced in a loop until the image fits `max_bytes`.
    ///
    /// This modifies the blob object in-place.
    ///
@@ -319,7 +326,7 @@ impl<'a> BlobObject<'a> {
        context: &Context,
        name: Option<String>,
        viewtype: &mut Viewtype,
-        mut img_wh: u32,
+        max_wh: u32,
        max_bytes: usize,
        is_avatar: bool,
    ) -> Result<String> {
@@ -381,7 +388,14 @@ impl<'a> BlobObject<'a> {
                _ => img,
            };

-            let exceeds_wh = img.width() > img_wh || img.height() > img_wh;
+            // max_wh is the maximum image width and height, i.e. the resolution-limit.
+            // target_wh target-resolution for resizing the image.
+            let exceeds_wh = img.width() > max_wh || img.height() > max_wh;
+            let mut target_wh = if exceeds_wh {
+                max_wh
+            } else {
+                max(img.width(), img.height())
+            };
            let exceeds_max_bytes = nr_bytes > max_bytes as u64;

            let jpeg_quality = 75;
@@ -420,15 +434,6 @@ impl<'a> BlobObject<'a> {
                        });

            if do_scale {
-                if !exceeds_wh {
-                    img_wh = max(img.width(), img.height());
-                    // PNGs and WebPs may be huge because of animation, which is lost by the `image`
-                    // crate when recoding, so don't scale them down.
-                    if matches!(fmt, ImageFormat::Jpeg) || !encoded.is_empty() {
-                        img_wh = img_wh * 2 / 3;
-                    }
-                }
-
                loop {
                    if mem::take(&mut add_white_bg) {
                        self::add_white_bg(&mut img);
@@ -443,9 +448,9 @@ impl<'a> BlobObject<'a> {
                    // usually has less pixels by cropping, UI that needs to wait anyways,
                    // and also benefits from slightly better (5%) encoding of Triangle-filtered images.
                    let new_img = if is_avatar {
-                        img.resize(img_wh, img_wh, image::imageops::FilterType::Triangle)
+                        img.resize(target_wh, target_wh, image::imageops::FilterType::Triangle)
                    } else {
-                        img.thumbnail(img_wh, img_wh)
+                        img.thumbnail(target_wh, target_wh)
                    };

                    if encoded_img_exceeds_bytes(
@@ -456,19 +461,19 @@ impl<'a> BlobObject<'a> {
                        &mut encoded,
                    )? && is_avatar
                    {
-                        if img_wh < 20 {
+                        if target_wh < 20 {
                            return Err(format_err!(
                                "Failed to scale image to below {max_bytes}B.",
                            ));
                        }

-                        img_wh = img_wh * 2 / 3;
+                        target_wh = target_wh * 2 / 3;
                    } else {
                        info!(
                            context,
                            "Final scaled-down image size: {}B ({}px).",
                            encoded.len(),
-                            img_wh
+                            target_wh
                        );
                        break;
                    }
@@ -537,7 +542,11 @@ fn file_hash(src: &Path) -> Result<blake3::Hash> {
 fn image_metadata(file: &std::fs::File) -> Result<(u64, Option<exif::Exif>)> {
    let len = file.metadata()?.len();
    let mut bufreader = std::io::BufReader::new(file);
-    let exif = exif::Reader::new().read_from_container(&mut bufreader).ok();
+    let exif = exif::Reader::new()
+        .continue_on_error(true)
+        .read_from_container(&mut bufreader)
+        .or_else(|e| e.distill_partial_result(|_errors| {}))
+        .ok();
    Ok((len, exif))
 }

--- a/src/blob/blob_tests.rs
+++ b/src/blob/blob_tests.rs
@@ -173,11 +173,8 @@ async fn test_selfavatar_outside_blobdir() {
        .unwrap();
    let avatar_blob = t.get_config(Config::Selfavatar).await.unwrap().unwrap();
    let avatar_path = Path::new(&avatar_blob);
-    assert!(
-        avatar_blob.ends_with("7dde69e06b5ae6c27520a436bbfd65b.jpg"),
-        "The avatar filename should be its hash, put instead it's {avatar_blob}"
-    );
    let scaled_avatar_size = file_size(avatar_path).await;
+    info!(&t, "Scaled avatar size: {scaled_avatar_size}.");
    assert!(scaled_avatar_size < avatar_bytes.len() as u64);

    check_image_size(avatar_src, 1000, 1000);
@@ -187,6 +184,11 @@ async fn test_selfavatar_outside_blobdir() {
        constants::BALANCED_AVATAR_SIZE,
    );

+    assert!(
+        avatar_blob.ends_with("2a048b6fcd86448032b854ea1ad7608.jpg"),
+        "The avatar filename should be its hash, but instead it's {avatar_blob}"
+    );
+
    let mut blob = BlobObject::create_and_deduplicate(&t, avatar_path, avatar_path).unwrap();
    let viewtype = &mut Viewtype::Image;
    let strict_limits = true;
@@ -334,6 +336,28 @@ async fn test_recode_image_2() {
    assert_correct_rotation(&img_rotated);
 }

+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_recode_image_bad_exif() {
+    // `exiftool` reports for this file "Bad offset for IFD0 XResolution", still Exif must be
+    // detected and removed.
+    let bytes = include_bytes!("../../test-data/image/1000x1000-bad-exif.jpg");
+    SendImageCheckMediaquality {
+        viewtype: Viewtype::Image,
+        media_quality_config: "0",
+        bytes,
+        extension: "jpg",
+        has_exif: true,
+        original_width: 1000,
+        original_height: 1000,
+        compressed_width: 1000,
+        compressed_height: 1000,
+        ..Default::default()
+    }
+    .test()
+    .await
+    .unwrap();
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_recode_image_balanced_png() {
    let bytes = include_bytes!("../../test-data/image/screenshot.png");
@@ -418,7 +442,7 @@ async fn test_recode_image_balanced_png() {

 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_sticker_with_exif() {
-    let bytes = include_bytes!("../../test-data/image/logo.png");
+    let bytes = include_bytes!("../../test-data/image/logo-exif.png");
    SendImageCheckMediaquality {
        viewtype: Viewtype::Sticker,
        bytes,
@@ -774,3 +798,56 @@ async fn test_create_and_deduplicate_from_bytes() -> Result<()> {

    Ok(())
 }
+
+/// Tests that an image that already fits into the width limit,
+/// but not the bytes limit,
+/// is compressed without changing the resolution.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_recode_without_downscaling() -> Result<()> {
+    let t = &TestContext::new().await;
+
+    let image = include_bytes!("../../test-data/image/screenshot120x120.jpg");
+    const { assert!(120 < constants::WORSE_AVATAR_SIZE) };
+
+    for is_avatar in [true, false] {
+        let mut blob =
+            BlobObject::create_and_deduplicate_from_bytes(t, image, "image.jpg").unwrap();
+        let image_path = blob.to_abs_path();
+        check_image_size(&image_path, 120, 120);
+
+        assert!(
+            fs::metadata(&image_path).await.unwrap().len() > constants::WORSE_AVATAR_BYTES as u64
+        );
+
+        // Repeat the check, because a second call to `check_or_recode_to_size()`
+        // is not supposed to change anything:
+        let mut imgs = vec![];
+        for _ in 0..2 {
+            let mut viewtype = Viewtype::Image;
+            let new_name = blob.check_or_recode_to_size(
+                t,
+                Some("image.jpg".to_string()),
+                &mut viewtype,
+                constants::WORSE_AVATAR_SIZE,
+                constants::WORSE_AVATAR_BYTES,
+                is_avatar,
+            )?;
+            let image_path = blob.to_abs_path();
+            assert_eq!(new_name, "image.jpg"); // The name shall not have changed
+            assert_eq!(viewtype, Viewtype::Image); // The viewtype shall not have changed
+            let img = check_image_size(&image_path, 120, 120); // The resolution shall not have changed
+            imgs.push(img);
+
+            let new_image_bytes = fs::metadata(&image_path).await.unwrap().len();
+            assert!(
+                new_image_bytes < constants::WORSE_AVATAR_BYTES as u64,
+                "The new image size, {new_image_bytes}, should be lower than {}, is_avatar={is_avatar}",
+                constants::WORSE_AVATAR_BYTES
+            );
+        }
+
+        assert_eq!(imgs[0], imgs[1]);
+    }
+
+    Ok(())
+}
--- a/src/calls.rs
+++ b/src/calls.rs
@@ -2,22 +2,25 @@
 //!
 //! Internally, calls are bound a user-visible message initializing the call.
 //! This means, the "Call ID" is a "Message ID" - similar to Webxdc IDs.
+use crate::chat::ChatIdBlocked;
 use crate::chat::{Chat, ChatId, send_msg};
-use crate::constants::Chattype;
+use crate::config::Config;
+use crate::constants::{Blocked, Chattype};
 use crate::contact::ContactId;
-use crate::context::Context;
+use crate::context::{Context, WeakContext};
 use crate::events::EventType;
 use crate::headerdef::HeaderDef;
-use crate::log::{info, warn};
-use crate::message::{self, Message, MsgId, Viewtype};
+use crate::log::warn;
+use crate::message::{Message, MsgId, Viewtype};
 use crate::mimeparser::{MimeMessage, SystemMessage};
 use crate::net::dns::lookup_host_with_cache;
 use crate::param::Param;
-use crate::tools::time;
+use crate::stock_str;
+use crate::tools::{normalize_text, time};
 use anyhow::{Context as _, Result, ensure};
-use sdp::SessionDescription;
+use deltachat_derive::{FromSql, ToSql};
+use num_traits::FromPrimitive;
 use serde::Serialize;
-use std::io::Cursor;
 use std::str::FromStr;
 use std::time::Duration;
 use tokio::task;
@@ -32,7 +35,7 @@ use tokio::time::sleep;
 ///
 /// For the caller, this means they should also not wait longer,
 /// as the callee won't start the call afterwards.
-const RINGING_SECONDS: i64 = 60;
+const RINGING_SECONDS: i64 = 120;

 // For persisting parameters in the call, we use Param::Arg*

@@ -85,7 +88,7 @@ impl CallInfo {
            .sql
            .execute(
                "UPDATE msgs SET txt=?, txt_normalized=? WHERE id=?",
-                (text, message::normalize_text(text), self.msg.id),
+                (text, normalize_text(text), self.msg.id),
            )
            .await?;
        Ok(())
@@ -100,10 +103,14 @@ impl CallInfo {
        };

        if self.is_incoming() {
-            self.update_text(context, &format!("Incoming call\n{duration}"))
+            let incoming_call_str =
+                stock_str::incoming_call(context, self.has_video_initially()).await;
+            self.update_text(context, &format!("{incoming_call_str}\n{duration}"))
                .await?;
        } else {
-            self.update_text(context, &format!("Outgoing call\n{duration}"))
+            let outgoing_call_str =
+                stock_str::outgoing_call(context, self.has_video_initially()).await;
+            self.update_text(context, &format!("{outgoing_call_str}\n{duration}"))
                .await?;
        }
        Ok(())
@@ -122,6 +129,14 @@ impl CallInfo {
        self.msg.param.exists(CALL_ACCEPTED_TIMESTAMP)
    }

+    /// Returns true if the call is started as a video call.
+    pub fn has_video_initially(&self) -> bool {
+        self.msg
+            .param
+            .get_bool(Param::WebrtcHasVideoInitially)
+            .unwrap_or(false)
+    }
+
    /// Returns true if the call is missed
    /// because the caller canceled it
    /// explicitly before ringing stopped.
@@ -181,6 +196,7 @@ impl Context {
        &self,
        chat_id: ChatId,
        place_call_info: String,
+        has_video_initially: bool,
    ) -> Result<MsgId> {
        let chat = Chat::load_from_db(self, chat_id).await?;
        ensure!(
@@ -189,17 +205,21 @@ impl Context {
        );
        ensure!(!chat.is_self_talk(), "Cannot call self");

+        let outgoing_call_str = stock_str::outgoing_call(self, has_video_initially).await;
        let mut call = Message {
            viewtype: Viewtype::Call,
-            text: "Outgoing call".into(),
+            text: outgoing_call_str,
            ..Default::default()
        };
        call.param.set(Param::WebrtcRoom, &place_call_info);
+        call.param
+            .set_int(Param::WebrtcHasVideoInitially, has_video_initially.into());
        call.id = send_msg(self, chat_id, &mut call).await?;

        let wait = RINGING_SECONDS;
+        let context = self.get_weak_context();
        task::spawn(Context::emit_end_call_if_unaccepted(
-            self.clone(),
+            context,
            wait.try_into()?,
            call.id,
        ));
@@ -261,10 +281,12 @@ impl Context {
        if !call.is_accepted() {
            if call.is_incoming() {
                call.mark_as_ended(self).await?;
-                call.update_text(self, "Declined call").await?;
+                let declined_call_str = stock_str::declined_call(self).await;
+                call.update_text(self, &declined_call_str).await?;
            } else {
                call.mark_as_canceled(self).await?;
-                call.update_text(self, "Canceled call").await?;
+                let canceled_call_str = stock_str::canceled_call(self).await;
+                call.update_text(self, &canceled_call_str).await?;
            }
        } else {
            call.mark_as_ended(self).await?;
@@ -290,11 +312,12 @@ impl Context {
    }

    async fn emit_end_call_if_unaccepted(
-        context: Context,
+        context: WeakContext,
        wait: u64,
        call_id: MsgId,
    ) -> Result<()> {
        sleep(Duration::from_secs(wait)).await;
+        let context = context.upgrade()?;
        let Some(mut call) = context.load_call_by_id(call_id).await? else {
            warn!(
                context,
@@ -305,10 +328,12 @@ impl Context {
        if !call.is_accepted() && !call.is_ended() {
            if call.is_incoming() {
                call.mark_as_canceled(&context).await?;
-                call.update_text(&context, "Missed call").await?;
+                let missed_call_str = stock_str::missed_call(&context).await;
+                call.update_text(&context, &missed_call_str).await?;
            } else {
                call.mark_as_ended(&context).await?;
-                call.update_text(&context, "Canceled call").await?;
+                let canceled_call_str = stock_str::canceled_call(&context).await;
+                call.update_text(&context, &canceled_call_str).await?;
            }
            context.emit_msgs_changed(call.msg.chat_id, call_id);
            context.emit_event(EventType::CallEnded {
@@ -333,33 +358,55 @@ impl Context {

            if call.is_incoming() {
                if call.is_stale() {
-                    call.update_text(self, "Missed call").await?;
+                    let missed_call_str = stock_str::missed_call(self).await;
+                    call.update_text(self, &missed_call_str).await?;
                    self.emit_incoming_msg(call.msg.chat_id, call_id); // notify missed call
                } else {
-                    call.update_text(self, "Incoming call").await?;
+                    let incoming_call_str =
+                        stock_str::incoming_call(self, call.has_video_initially()).await;
+                    call.update_text(self, &incoming_call_str).await?;
                    self.emit_msgs_changed(call.msg.chat_id, call_id); // ringing calls are not additionally notified
-                    let has_video = match sdp_has_video(&call.place_call_info) {
-                        Ok(has_video) => has_video,
-                        Err(err) => {
-                            warn!(self, "Failed to determine if SDP offer has video: {err:#}.");
-                            false
-                        }
+                    let can_call_me = match who_can_call_me(self).await? {
+                        WhoCanCallMe::Contacts => ChatIdBlocked::lookup_by_contact(self, from_id)
+                            .await?
+                            .is_some_and(|chat_id_blocked| {
+                                match chat_id_blocked.blocked {
+                                    Blocked::Not => true,
+                                    Blocked::Yes | Blocked::Request => {
+                                        // Do not notify about incoming calls
+                                        // from contact requests and blocked contacts.
+                                        //
+                                        // User can still access the call and accept it
+                                        // via the chat in case of contact requests.
+                                        false
+                                    }
+                                }
+                            }),
+                        WhoCanCallMe::Everybody => ChatIdBlocked::lookup_by_contact(self, from_id)
+                            .await?
+                            .is_none_or(|chat_id_blocked| chat_id_blocked.blocked != Blocked::Yes),
+                        WhoCanCallMe::Nobody => false,
                    };
-                    self.emit_event(EventType::IncomingCall {
-                        msg_id: call.msg.id,
-                        chat_id: call.msg.chat_id,
-                        place_call_info: call.place_call_info.to_string(),
-                        has_video,
-                    });
+                    if can_call_me {
+                        self.emit_event(EventType::IncomingCall {
+                            msg_id: call.msg.id,
+                            chat_id: call.msg.chat_id,
+                            place_call_info: call.place_call_info.to_string(),
+                            has_video: call.has_video_initially(),
+                        });
+                    }
                    let wait = call.remaining_ring_seconds();
+                    let context = self.get_weak_context();
                    task::spawn(Context::emit_end_call_if_unaccepted(
-                        self.clone(),
+                        context,
                        wait.try_into()?,
                        call.msg.id,
                    ));
                }
            } else {
-                call.update_text(self, "Outgoing call").await?;
+                let outgoing_call_str =
+                    stock_str::outgoing_call(self, call.has_video_initially()).await;
+                call.update_text(self, &outgoing_call_str).await?;
                self.emit_msgs_changed(call.msg.chat_id, call_id);
            }
        } else {
@@ -409,19 +456,23 @@ impl Context {
                        if call.is_incoming() {
                            if from_id == ContactId::SELF {
                                call.mark_as_ended(self).await?;
-                                call.update_text(self, "Declined call").await?;
+                                let declined_call_str = stock_str::declined_call(self).await;
+                                call.update_text(self, &declined_call_str).await?;
                            } else {
                                call.mark_as_canceled(self).await?;
-                                call.update_text(self, "Missed call").await?;
+                                let missed_call_str = stock_str::missed_call(self).await;
+                                call.update_text(self, &missed_call_str).await?;
                            }
                        } else {
                            // outgoing
                            if from_id == ContactId::SELF {
                                call.mark_as_canceled(self).await?;
-                                call.update_text(self, "Canceled call").await?;
+                                let canceled_call_str = stock_str::canceled_call(self).await;
+                                call.update_text(self, &canceled_call_str).await?;
                            } else {
                                call.mark_as_ended(self).await?;
-                                call.update_text(self, "Declined call").await?;
+                                let declined_call_str = stock_str::declined_call(self).await;
+                                call.update_text(self, &declined_call_str).await?;
                            }
                        }
                    } else {
@@ -477,19 +528,6 @@ impl Context {
    }
 }

-/// Returns true if SDP offer has a video.
-pub fn sdp_has_video(sdp: &str) -> Result<bool> {
-    let mut cursor = Cursor::new(sdp);
-    let session_description =
-        SessionDescription::unmarshal(&mut cursor).context("Failed to parse SDP")?;
-    for media_description in &session_description.media_descriptions {
-        if media_description.media_name.media == "video" {
-            return Ok(true);
-        }
-    }
-    Ok(false)
-}
-
 /// State of the call for display in the message bubble.
 #[derive(Debug, PartialEq, Eq)]
 pub enum CallState {
@@ -587,33 +625,7 @@ struct IceServer {
    pub credential: Option<String>,
 }

-/// Creates JSON with ICE servers.
-async fn create_ice_servers(
-    context: &Context,
-    hostname: &str,
-    port: u16,
-    username: &str,
-    password: &str,
-) -> Result<String> {
-    // Do not use cache because there is no TLS.
-    let load_cache = false;
-    let urls: Vec<String> = lookup_host_with_cache(context, hostname, port, "", load_cache)
-        .await?
-        .into_iter()
-        .map(|addr| format!("turn:{addr}"))
-        .collect();
-
-    let ice_server = IceServer {
-        urls,
-        username: Some(username.to_string()),
-        credential: Some(password.to_string()),
-    };
-
-    let json = serde_json::to_string(&[ice_server])?;
-    Ok(json)
-}
-
-/// Creates JSON with ICE servers from a line received over IMAP METADATA.
+/// Creates ICE servers from a line received over IMAP METADATA.
 ///
 /// IMAP METADATA returns a line such as
 /// `example.com:3478:1758650868:8Dqkyyu11MVESBqjbIylmB06rv8=`
@@ -623,20 +635,107 @@ async fn create_ice_servers(
 /// while `8Dqkyyu11MVESBqjbIylmB06rv8=`
 /// is the password.
 pub(crate) async fn create_ice_servers_from_metadata(
-    context: &Context,
    metadata: &str,
-) -> Result<(i64, String)> {
+) -> Result<(i64, Vec<UnresolvedIceServer>)> {
    let (hostname, rest) = metadata.split_once(':').context("Missing hostname")?;
    let (port, rest) = rest.split_once(':').context("Missing port")?;
    let port = u16::from_str(port).context("Failed to parse the port")?;
    let (ts, password) = rest.split_once(':').context("Missing timestamp")?;
    let expiration_timestamp = i64::from_str(ts).context("Failed to parse the timestamp")?;
-    let ice_servers = create_ice_servers(context, hostname, port, ts, password).await?;
+    let ice_servers = vec![UnresolvedIceServer::Turn {
+        hostname: hostname.to_string(),
+        port,
+        username: ts.to_string(),
+        credential: password.to_string(),
+    }];
    Ok((expiration_timestamp, ice_servers))
 }

+/// STUN or TURN server with unresolved DNS name.
+#[derive(Debug, Clone)]
+pub(crate) enum UnresolvedIceServer {
+    /// STUN server.
+    Stun { hostname: String, port: u16 },
+
+    /// TURN server with the username and password.
+    Turn {
+        hostname: String,
+        port: u16,
+        username: String,
+        credential: String,
+    },
+}
+
+/// Resolves domain names of ICE servers.
+///
+/// On failure to resolve, logs the error
+/// and skips the server, but does not fail.
+pub(crate) async fn resolve_ice_servers(
+    context: &Context,
+    unresolved_ice_servers: Vec<UnresolvedIceServer>,
+) -> Result<String> {
+    let mut result: Vec<IceServer> = Vec::new();
+
+    // Do not use cache because there is no TLS.
+    let load_cache = false;
+
+    for unresolved_ice_server in unresolved_ice_servers {
+        match unresolved_ice_server {
+            UnresolvedIceServer::Stun { hostname, port } => {
+                match lookup_host_with_cache(context, &hostname, port, "", load_cache).await {
+                    Ok(addrs) => {
+                        let urls: Vec<String> = addrs
+                            .into_iter()
+                            .map(|addr| format!("stun:{addr}"))
+                            .collect();
+                        let stun_server = IceServer {
+                            urls,
+                            username: None,
+                            credential: None,
+                        };
+                        result.push(stun_server);
+                    }
+                    Err(err) => {
+                        warn!(
+                            context,
+                            "Failed to resolve STUN {hostname}:{port}: {err:#}."
+                        );
+                    }
+                }
+            }
+            UnresolvedIceServer::Turn {
+                hostname,
+                port,
+                username,
+                credential,
+            } => match lookup_host_with_cache(context, &hostname, port, "", load_cache).await {
+                Ok(addrs) => {
+                    let urls: Vec<String> = addrs
+                        .into_iter()
+                        .map(|addr| format!("turn:{addr}"))
+                        .collect();
+                    let turn_server = IceServer {
+                        urls,
+                        username: Some(username),
+                        credential: Some(credential),
+                    };
+                    result.push(turn_server);
+                }
+                Err(err) => {
+                    warn!(
+                        context,
+                        "Failed to resolve TURN {hostname}:{port}: {err:#}."
+                    );
+                }
+            },
+        }
+    }
+    let json = serde_json::to_string(&result)?;
+    Ok(json)
+}
+
 /// Creates JSON with ICE servers when no TURN servers are known.
-pub(crate) async fn create_fallback_ice_servers(context: &Context) -> Result<String> {
+pub(crate) fn create_fallback_ice_servers() -> Vec<UnresolvedIceServer> {
    // Do not use public STUN server from https://stunprotocol.org/.
    // It changes the hostname every year
    // (e.g. stunserver2025.stunprotocol.org
@@ -644,25 +743,18 @@ pub(crate) async fn create_fallback_ice_servers(context: &Context) -> Result<Str
    // because of bandwidth costs:
    // <https://github.com/jselbie/stunserver/issues/50>

-    // We use nine.testrun.org for a default STUN server.
-    let hostname = "nine.testrun.org";
-
-    // Do not use cache because there is no TLS.
-    let load_cache = false;
-    let urls: Vec<String> = lookup_host_with_cache(context, hostname, STUN_PORT, "", load_cache)
-        .await?
-        .into_iter()
-        .map(|addr| format!("stun:{addr}"))
-        .collect();
-
-    let ice_server = IceServer {
-        urls,
-        username: None,
-        credential: None,
-    };
-
-    let json = serde_json::to_string(&[ice_server])?;
-    Ok(json)
+    vec![
+        UnresolvedIceServer::Stun {
+            hostname: "nine.testrun.org".to_string(),
+            port: STUN_PORT,
+        },
+        UnresolvedIceServer::Turn {
+            hostname: "turn.delta.chat".to_string(),
+            port: STUN_PORT,
+            username: "public".to_string(),
+            credential: "o4tR7yG4rG2slhXqRUf9zgmHz".to_string(),
+        },
+    ]
 }

 /// Returns JSON with ICE servers.
@@ -676,11 +768,39 @@ pub(crate) async fn create_fallback_ice_servers(context: &Context) -> Result<Str
 /// <https://github.com/deltachat/deltachat-desktop/issues/5447>.
 pub async fn ice_servers(context: &Context) -> Result<String> {
    if let Some(ref metadata) = *context.metadata.read().await {
-        Ok(metadata.ice_servers.clone())
+        let ice_servers = resolve_ice_servers(context, metadata.ice_servers.clone()).await?;
+        Ok(ice_servers)
    } else {
        Ok("[]".to_string())
    }
 }

+/// "Who can call me" config options.
+#[derive(
+    Debug, Default, Display, Clone, Copy, PartialEq, Eq, FromPrimitive, ToPrimitive, FromSql, ToSql,
+)]
+#[repr(u8)]
+pub enum WhoCanCallMe {
+    /// Everybody can call me if they are not blocked.
+    ///
+    /// This includes contact requests.
+    Everybody = 0,
+
+    /// Every contact who is not blocked and not a contact request, can call.
+    #[default]
+    Contacts = 1,
+
+    /// Nobody can call me.
+    Nobody = 2,
+}
+
+/// Returns currently configuration of the "who can call me" option.
+async fn who_can_call_me(context: &Context) -> Result<WhoCanCallMe> {
+    let who_can_call_me =
+        WhoCanCallMe::from_i32(context.get_config_int(Config::WhoCanCallMe).await?)
+            .unwrap_or_default();
+    Ok(who_can_call_me)
+}
+
 #[cfg(test)]
 mod calls_tests;
--- a/src/calls/calls_tests.rs
+++ b/src/calls/calls_tests.rs
@@ -2,7 +2,7 @@ use super::*;
 use crate::chat::forward_msgs;
 use crate::config::Config;
 use crate::constants::DC_CHAT_ID_TRASH;
-use crate::receive_imf::{receive_imf, receive_imf_from_inbox};
+use crate::receive_imf::receive_imf;
 use crate::test_utils::{TestContext, TestContextManager};

 struct CallSetup {
@@ -25,13 +25,6 @@ async fn assert_text(t: &TestContext, call_id: MsgId, text: &str) -> Result<()>
 const PLACE_INFO: &str = "v=0\r\no=alice 2890844526 2890844526 IN IP4 host.anywhere.com\r\ns=-\r\nc=IN IP4 host.anywhere.com\r\nt=0 0\r\nm=audio 62986 RTP/AVP 0 4 18\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:4 G723/8000\r\na=rtpmap:18 G729/8000\r\na=inactive\r\n";
 const ACCEPT_INFO: &str = "v=0\r\no=bob 2890844730 2890844731 IN IP4 host.example.com\r\ns=\r\nc=IN IP4 host.example.com\r\nt=0 0\r\nm=audio 54344 RTP/AVP 0 4\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:4 G723/8000\r\na=inactive\r\n";

-/// Example from <https://datatracker.ietf.org/doc/rfc9143/>
-/// with `s= ` replaced with `s=-`.
-///
-/// `s=` cannot be empty according to RFC 3264,
-/// so it is more clear as `s=-`.
-const PLACE_INFO_VIDEO: &str = "v=0\r\no=alice 2890844526 2890844526 IN IP6 2001:db8::3\r\ns=-\r\nc=IN IP6 2001:db8::3\r\nt=0 0\r\na=group:BUNDLE foo bar\r\n\r\nm=audio 10000 RTP/AVP 0 8 97\r\nb=AS:200\r\na=mid:foo\r\na=rtcp-mux\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:8 PCMA/8000\r\na=rtpmap:97 iLBC/8000\r\na=extmap:1 urn:ietf:params:rtp-hdrext:sdes:mid\r\n\r\nm=video 10002 RTP/AVP 31 32\r\nb=AS:1000\r\na=mid:bar\r\na=rtcp-mux\r\na=rtpmap:31 H261/90000\r\na=rtpmap:32 MPV/90000\r\na=extmap:1 urn:ietf:params:rtp-hdrext:sdes:mid\r\n";
-
 async fn setup_call() -> Result<CallSetup> {
    let mut tcm = TestContextManager::new();
    let alice = tcm.alice().await;
@@ -45,8 +38,14 @@ async fn setup_call() -> Result<CallSetup> {
    // Alice creates a chat with Bob and places an outgoing call there.
    // Alice's other device sees the same message as an outgoing call.
    let alice_chat = alice.create_chat(&bob).await;
+
+    // Create chat on Bob's side
+    // so incoming call causes a notification.
+    bob.create_chat(&alice).await;
+    bob2.create_chat(&alice).await;
+
    let test_msg_id = alice
-        .place_outgoing_call(alice_chat.id, PLACE_INFO.to_string())
+        .place_outgoing_call(alice_chat.id, PLACE_INFO.to_string(), true)
        .await?;
    let sent1 = alice.pop_sent_msg().await;
    assert_eq!(sent1.sender_msg_id, test_msg_id);
@@ -62,7 +61,8 @@ async fn setup_call() -> Result<CallSetup> {
        assert!(!info.is_incoming());
        assert!(!info.is_accepted());
        assert_eq!(info.place_call_info, PLACE_INFO);
-        assert_text(t, m.id, "Outgoing call").await?;
+        assert_eq!(info.has_video_initially(), true);
+        assert_text(t, m.id, "Outgoing video call").await?;
        assert_eq!(call_state(t, m.id).await?, CallState::Alerting);
    }

@@ -83,7 +83,8 @@ async fn setup_call() -> Result<CallSetup> {
        assert!(info.is_incoming());
        assert!(!info.is_accepted());
        assert_eq!(info.place_call_info, PLACE_INFO);
-        assert_text(t, m.id, "Incoming call").await?;
+        assert_eq!(info.has_video_initially(), true);
+        assert_text(t, m.id, "Incoming video call").await?;
        assert_eq!(call_state(t, m.id).await?, CallState::Alerting);
    }

@@ -114,7 +115,7 @@ async fn accept_call() -> Result<CallSetup> {
    // Bob accepts the incoming call
    bob.accept_incoming_call(bob_call.id, ACCEPT_INFO.to_string())
        .await?;
-    assert_text(&bob, bob_call.id, "Incoming call").await?;
+    assert_text(&bob, bob_call.id, "Incoming video call").await?;
    bob.evtracker
        .get_matching(|evt| matches!(evt, EventType::IncomingCallAccepted { .. }))
        .await;
@@ -128,7 +129,7 @@ async fn accept_call() -> Result<CallSetup> {
    assert_eq!(call_state(&bob, bob_call.id).await?, CallState::Active);

    bob2.recv_msg_trash(&sent2).await;
-    assert_text(&bob, bob_call.id, "Incoming call").await?;
+    assert_text(&bob, bob_call.id, "Incoming video call").await?;
    bob2.evtracker
        .get_matching(|evt| matches!(evt, EventType::IncomingCallAccepted { .. }))
        .await;
@@ -141,7 +142,7 @@ async fn accept_call() -> Result<CallSetup> {

    // Alice receives the acceptance message
    alice.recv_msg_trash(&sent2).await;
-    assert_text(&alice, alice_call.id, "Outgoing call").await?;
+    assert_text(&alice, alice_call.id, "Outgoing video call").await?;
    let ev = alice
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::OutgoingCallAccepted { .. }))
@@ -163,7 +164,7 @@ async fn accept_call() -> Result<CallSetup> {
    assert_eq!(call_state(&alice, alice_call.id).await?, CallState::Active);

    alice2.recv_msg_trash(&sent2).await;
-    assert_text(&alice2, alice2_call.id, "Outgoing call").await?;
+    assert_text(&alice2, alice2_call.id, "Outgoing video call").await?;
    alice2
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::OutgoingCallAccepted { .. }))
@@ -202,7 +203,7 @@ async fn test_accept_call_callee_ends() -> Result<()> {

    // Bob has accepted the call and also ends it
    bob.end_call(bob_call.id).await?;
-    assert_text(&bob, bob_call.id, "Incoming call\n<1 minute").await?;
+    assert_text(&bob, bob_call.id, "Incoming video call\n<1 minute").await?;
    bob.evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
        .await;
@@ -213,7 +214,7 @@ async fn test_accept_call_callee_ends() -> Result<()> {
    ));

    bob2.recv_msg_trash(&sent3).await;
-    assert_text(&bob2, bob2_call.id, "Incoming call\n<1 minute").await?;
+    assert_text(&bob2, bob2_call.id, "Incoming video call\n<1 minute").await?;
    bob2.evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
        .await;
@@ -224,7 +225,7 @@ async fn test_accept_call_callee_ends() -> Result<()> {

    // Alice receives the ending message
    alice.recv_msg_trash(&sent3).await;
-    assert_text(&alice, alice_call.id, "Outgoing call\n<1 minute").await?;
+    assert_text(&alice, alice_call.id, "Outgoing video call\n<1 minute").await?;
    alice
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
@@ -235,7 +236,7 @@ async fn test_accept_call_callee_ends() -> Result<()> {
    ));

    alice2.recv_msg_trash(&sent3).await;
-    assert_text(&alice2, alice2_call.id, "Outgoing call\n<1 minute").await?;
+    assert_text(&alice2, alice2_call.id, "Outgoing video call\n<1 minute").await?;
    alice2
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
@@ -265,7 +266,7 @@ async fn test_accept_call_caller_ends() -> Result<()> {

    // Bob has accepted the call but Alice ends it
    alice.end_call(alice_call.id).await?;
-    assert_text(&alice, alice_call.id, "Outgoing call\n<1 minute").await?;
+    assert_text(&alice, alice_call.id, "Outgoing video call\n<1 minute").await?;
    alice
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
@@ -277,7 +278,7 @@ async fn test_accept_call_caller_ends() -> Result<()> {
    ));

    alice2.recv_msg_trash(&sent3).await;
-    assert_text(&alice2, alice2_call.id, "Outgoing call\n<1 minute").await?;
+    assert_text(&alice2, alice2_call.id, "Outgoing video call\n<1 minute").await?;
    alice2
        .evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
@@ -289,7 +290,7 @@ async fn test_accept_call_caller_ends() -> Result<()> {

    // Bob receives the ending message
    bob.recv_msg_trash(&sent3).await;
-    assert_text(&bob, bob_call.id, "Incoming call\n<1 minute").await?;
+    assert_text(&bob, bob_call.id, "Incoming video call\n<1 minute").await?;
    bob.evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
        .await;
@@ -299,7 +300,7 @@ async fn test_accept_call_caller_ends() -> Result<()> {
    ));

    bob2.recv_msg_trash(&sent3).await;
-    assert_text(&bob2, bob2_call.id, "Incoming call\n<1 minute").await?;
+    assert_text(&bob2, bob2_call.id, "Incoming video call\n<1 minute").await?;
    bob2.evtracker
        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
        .await;
@@ -419,7 +420,7 @@ async fn test_caller_cancels_call() -> Result<()> {
    // Test that message summary says it is a missed call.
    let bob_call_msg = Message::load_from_db(&bob, bob_call.id).await?;
    let summary = bob_call_msg.get_summary(&bob, None).await?;
-    assert_eq!(summary.text, "📞 Missed call");
+    assert_eq!(summary.text, "🎥 Missed call");

    bob2.recv_msg_trash(&sent3).await;
    assert_text(&bob2, bob2_call.id, "Missed call").await?;
@@ -519,13 +520,6 @@ async fn test_update_call_text() -> Result<()> {
    Ok(())
 }

-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_sdp_has_video() {
-    assert!(sdp_has_video("foobar").is_err());
-    assert_eq!(sdp_has_video(PLACE_INFO).unwrap(), false);
-    assert_eq!(sdp_has_video(PLACE_INFO_VIDEO).unwrap(), true);
-}
-
 /// Tests that calls are forwarded as text messages.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_forward_call() -> Result<()> {
@@ -536,7 +530,7 @@ async fn test_forward_call() -> Result<()> {

    let alice_bob_chat = alice.create_chat(bob).await;
    let alice_msg_id = alice
-        .place_outgoing_call(alice_bob_chat.id, PLACE_INFO.to_string())
+        .place_outgoing_call(alice_bob_chat.id, PLACE_INFO.to_string(), true)
        .await
        .context("Failed to place a call")?;
    let alice_call = Message::load_from_db(alice, alice_msg_id).await?;
@@ -604,65 +598,3 @@ async fn test_end_text_call() -> Result<()> {

    Ok(())
 }
-
-/// Tests that partially downloaded "call ended"
-/// messages are not processed.
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_no_partial_calls() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-
-    let seen = false;
-
-    // The messages in the test
-    // have no `Date` on purpose,
-    // so they are treated as new.
-    let received_call = receive_imf(
-        alice,
-        b"From: bob@example.net\n\
-        To: alice@example.org\n\
-        Message-ID: <first@example.net>\n\
-        Chat-Version: 1.0\n\
-        Chat-Content: call\n\
-        Chat-Webrtc-Room: YWFhYWFhYWFhCg==\n\
-        \n\
-        Hello, this is a call\n",
-        seen,
-    )
-    .await?
-    .unwrap();
-    assert_eq!(received_call.msg_ids.len(), 1);
-    let call_msg = Message::load_from_db(alice, received_call.msg_ids[0])
-        .await
-        .unwrap();
-    assert_eq!(call_msg.viewtype, Viewtype::Call);
-    assert_eq!(call_state(alice, call_msg.id).await?, CallState::Alerting);
-
-    let imf_raw = b"From: bob@example.net\n\
-        To: alice@example.org\n\
-        Message-ID: <second@example.net>\n\
-        In-Reply-To: <first@example.net>\n\
-        Chat-Version: 1.0\n\
-        Chat-Content: call-ended\n\
-        \n\
-        Call ended\n";
-    receive_imf_from_inbox(
-        alice,
-        "second@example.net",
-        imf_raw,
-        seen,
-        Some(imf_raw.len().try_into().unwrap()),
-    )
-    .await?;
-
-    // The call is still not ended.
-    assert_eq!(call_state(alice, call_msg.id).await?, CallState::Alerting);
-
-    // Fully downloading the message ends the call.
-    receive_imf_from_inbox(alice, "second@example.net", imf_raw, seen, None)
-        .await
-        .context("Failed to fully download end call message")?;
-    assert_eq!(call_state(alice, call_msg.id).await?, CallState::Missed);
-
-    Ok(())
-}
--- a/src/chat.rs
+++ b/src/chat.rs
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 -10-13
 -02-10