feat: remove workaround for old filtermail

Filtermail fix <https://github.com/chatmail/relay/pull/497> was merged more than a year ago.
2026-05-13 20:06:30 +03:00 · 2026-05-12 23:31:00 +02:00
27 changed files with 95 additions and 264 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2608,25 +2608,6 @@ dependencies = [
 "libm",
 ]

-[[package]]
-name = "hybrid-array"
-version = "0.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f2d35805454dc9f8662a98d6d61886ffe26bd465f5960e0e55345c70d5c0d2a9"
-dependencies = [
- "typenum",
-]
-
-[[package]]
-name = "hybrid-array"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "891d15931895091dea5c47afa5b3c9a01ba634b311919fd4d41388fa0e3d76af"
-dependencies = [
- "typenum",
- "zeroize",
-]
-
 [[package]]
 name = "hyper"
 version = "1.9.0"
@@ -3276,16 +3257,6 @@ dependencies = [
 "cpufeatures 0.2.17",
 ]

-[[package]]
-name = "kem"
-version = "0.3.0-pre.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2b8645470337db67b01a7f966decf7d0bafedbae74147d33e641c67a91df239f"
-dependencies = [
- "rand_core 0.6.4",
- "zeroize",
-]
-
 [[package]]
 name = "lazy_static"
 version = "1.5.0"
@@ -3499,35 +3470,6 @@ dependencies = [
 "windows-sys 0.61.1",
 ]

-[[package]]
-name = "ml-dsa"
-version = "0.0.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ac4a46643af2001eafebcc37031fc459eb72d45057aac5d7a15b00046a2ad6db"
-dependencies = [
- "const-oid",
- "hybrid-array 0.3.1",
- "num-traits",
- "pkcs8",
- "rand_core 0.6.4",
- "sha3",
- "signature",
- "zeroize",
-]
-
-[[package]]
-name = "ml-kem"
-version = "0.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8de49b3df74c35498c0232031bb7e85f9389f913e2796169c8ab47a53993a18f"
-dependencies = [
- "hybrid-array 0.2.3",
- "kem",
- "rand_core 0.6.4",
- "sha3",
- "zeroize",
-]
-
 [[package]]
 name = "moka"
 version = "0.12.10"
@@ -4263,8 +4205,6 @@ dependencies = [
 "k256",
 "log",
 "md-5",
- "ml-dsa",
- "ml-kem",
 "nom 8.0.0",
 "num-bigint-dig",
 "num-traits",
@@ -4283,7 +4223,6 @@ dependencies = [
 "sha2",
 "sha3",
 "signature",
- "slh-dsa",
 "smallvec",
 "snafu",
 "twofish",
@@ -5748,25 +5687,6 @@ dependencies = [
 "autocfg",
 ]

-[[package]]
-name = "slh-dsa"
-version = "0.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bd2f20f4049197e03db1104a6452f4d9e96665d79f880198dce4a7026ba5f267"
-dependencies = [
- "const-oid",
- "digest",
- "hmac",
- "hybrid-array 0.3.1",
- "pkcs8",
- "rand_core 0.6.4",
- "sha2",
- "sha3",
- "signature",
- "typenum",
- "zerocopy",
-]
-
 [[package]]
 name = "smallvec"
 version = "1.15.1"
@@ -7505,9 +7425,9 @@ checksum = "2164e798d9e3d84ee2c91139ace54638059a3b23e361f5c11781c2c6459bde0f"

 [[package]]
 name = "zerocopy"
-version = "0.7.35"
+version = "0.7.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0"
+checksum = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be"
 dependencies = [
 "byteorder",
 "zerocopy-derive",
@@ -7515,9 +7435,9 @@ dependencies = [

 [[package]]
 name = "zerocopy-derive"
-version = "0.7.35"
+version = "0.7.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
+checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6"
 dependencies = [
 "proc-macro2",
 "quote",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -78,7 +78,7 @@ num-derive = "0.4"
 num-traits = { workspace = true }
 parking_lot = "0.12.4"
 percent-encoding = "2.3"
-pgp = { version = "0.19.0", features = ["draft-pqc"], default-features = false }
+pgp = { version = "0.19.0", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
 quick-xml = { version = "0.39", features = ["escape-html"] }
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -275,7 +275,7 @@ pub unsafe extern "C" fn dc_get_config(
                .strdup()
        } else {
            match config::Config::from_str(&key)
-                .with_context(|| format!("Invalid key {key:?}"))
+                .with_context(|| format!("Invalid key {:?}", &key))
                .log_err(ctx)
            {
                Ok(key) => ctx
--- a/deltachat-repl/src/cmdline.rs
+++ b/deltachat-repl/src/cmdline.rs
@@ -122,7 +122,7 @@ async fn poke_spec(context: &Context, spec: Option<&str>) -> bool {
                let name_f = entry.file_name();
                let name = name_f.to_string_lossy();
                if name.ends_with(".eml") {
-                    let path_plus_name = format!("{real_spec}/{name}");
+                    let path_plus_name = format!("{}/{}", &real_spec, name);
                    println!("Import: {path_plus_name}");
                    if poke_eml_file(context, Path::new(&path_plus_name))
                        .await
@@ -133,11 +133,11 @@ async fn poke_spec(context: &Context, spec: Option<&str>) -> bool {
                }
            }
        } else {
-            eprintln!("Import: Cannot open directory {real_spec:?}.");
+            eprintln!("Import: Cannot open directory \"{}\".", &real_spec);
            return false;
        }
    }
-    println!("Import: {read_cnt} items read from {real_spec:?}.");
+    println!("Import: {} items read from \"{}\".", read_cnt, &real_spec);
    if read_cnt > 0 {
        context.emit_msgs_changed_without_ids();
    }
@@ -179,7 +179,7 @@ async fn log_msg(context: &Context, prefix: impl AsRef<str>, msg: &Message) {
        msg.get_id(),
        if msg.get_showpadlock() { "🔒" } else { "" },
        if msg.has_location() { "📍" } else { "" },
-        contact_name,
+        &contact_name,
        contact_id,
        msgtext,
        if msg.has_html() { "[HAS-HTML]️" } else { "" },
@@ -221,7 +221,7 @@ async fn log_msg(context: &Context, prefix: impl AsRef<str>, msg: &Message) {
        },
        statestr,
        downloadstate,
-        temp2,
+        &temp2,
    );
 }

@@ -561,7 +561,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                            .map_or_else(String::new, |prefix| format!("{prefix}: ")),
                        summary.text,
                        statestr,
-                        timestr,
+                        &timestr,
                        if chat.is_sending_locations() {
                            "📍"
                        } else {
--- a/deltachat-repl/src/main.rs
+++ b/deltachat-repl/src/main.rs
@@ -432,7 +432,7 @@ async fn handle_cmd(
                {
                    println!("Open the following url, set mail_pw to the generated token and server_flags to 2:\n{oauth2_url}");
                } else {
-                    println!("OAuth2 not available for {addr}.");
+                    println!("OAuth2 not available for {}.", &addr);
                }
            } else {
                println!("oauth2: set addr first.");
--- a/deny.toml
+++ b/deny.toml
@@ -43,12 +43,7 @@ ignore = [
    # hickory-proto 0.25.2 quadratic complexity issue.
    # Dependency of iroh 0.35.0, cannot be updated as of 2026-05-02.
    # <https://rustsec.org/advisories/RUSTSEC-2026-0119>
-    "RUSTSEC-2026-0119",
-
-    # Timing side channel in ml-dsa dependency of rPGP.
-    # We enable PQC for encryption rather than signatures.
-    # <https://rustsec.org/advisories/RUSTSEC-2025-0144>
-    "RUSTSEC-2025-0144",
+    "RUSTSEC-2026-0119"
 ]

 [bans]
@@ -67,7 +62,6 @@ skip = [
     { name = "getrandom", version = "0.2.12" },
     { name = "heck", version = "0.4.1" },
     { name = "http", version = "0.2.12" },
-     { name = "hybrid-array", version = "0.2.3" },
     { name = "linux-raw-sys", version = "0.4.14" },
     { name = "lru", version = "0.12.5" },
     { name = "netlink-packet-route", version = "0.17.1" },
--- a/src/accounts.rs
+++ b/src/accounts.rs
@@ -794,7 +794,7 @@ impl Config {
                .with_push_subscriber(push_subscriber.clone())
                .build()
                .await
-                .with_context(|| format!("failed to create context from file {dbfile:?}"))?;
+                .with_context(|| format!("failed to create context from file {:?}", &dbfile))?;
            // Try to open without a passphrase,
            // but do not return an error if account is passphare-protected.
            ctx.open("".to_string()).await?;
--- a/src/chat.rs
+++ b/src/chat.rs
@@ -2529,7 +2529,7 @@ async fn prepare_msg_blob(context: &Context, msg: &mut Message) -> Result<()> {
        // running numbers, etc.
        let filename: String = match viewtype_orig {
            Viewtype::Voice => format!(
-                "voice-messsage_{}.{suffix}",
+                "voice-messsage_{}.{}",
                chrono::Utc
                    .timestamp_opt(msg.timestamp_sort, 0)
                    .single()
@@ -2537,9 +2537,10 @@ async fn prepare_msg_blob(context: &Context, msg: &mut Message) -> Result<()> {
                        || "YY-mm-dd_hh:mm:ss".to_string(),
                        |ts| ts.format("%Y-%m-%d_%H-%M-%S").to_string()
                    ),
+                &suffix
            ),
            Viewtype::Image | Viewtype::Gif => format!(
-                "image_{}.{suffix}",
+                "image_{}.{}",
                chrono::Utc
                    .timestamp_opt(msg.timestamp_sort, 0)
                    .single()
@@ -2547,9 +2548,10 @@ async fn prepare_msg_blob(context: &Context, msg: &mut Message) -> Result<()> {
                        || "YY-mm-dd_hh:mm:ss".to_string(),
                        |ts| ts.format("%Y-%m-%d_%H-%M-%S").to_string(),
                    ),
+                &suffix,
            ),
            Viewtype::Video => format!(
-                "video_{}.{suffix}",
+                "video_{}.{}",
                chrono::Utc
                    .timestamp_opt(msg.timestamp_sort, 0)
                    .single()
@@ -2557,6 +2559,7 @@ async fn prepare_msg_blob(context: &Context, msg: &mut Message) -> Result<()> {
                        || "YY-mm-dd_hh:mm:ss".to_string(),
                        |ts| ts.format("%Y-%m-%d_%H-%M-%S").to_string()
                    ),
+                &suffix
            ),
            _ => filename,
        };
--- a/src/configure.rs
+++ b/src/configure.rs
@@ -707,7 +707,8 @@ async fn get_autoconfig(
        ctx,
        // the doc does not mention `emailaddress=`, however, Thunderbird adds it, see <https://releases.mozilla.org/pub/thunderbird/>,  which makes some sense
        &format!(
-            "https://{param_domain}/.well-known/autoconfig/mail/config-v1.1.xml?emailaddress={param_addr_urlencoded}"
+            "https://{}/.well-known/autoconfig/mail/config-v1.1.xml?emailaddress={}",
+            &param_domain, &param_addr_urlencoded
        ),
        &param.addr,
    )
@@ -720,7 +721,7 @@ async fn get_autoconfig(
    // Outlook uses always SSL but different domains (this comment describes the next two steps)
    if let Ok(res) = outlk_autodiscover(
        ctx,
-        format!("https://{param_domain}/autodiscover/autodiscover.xml"),
+        format!("https://{}/autodiscover/autodiscover.xml", &param_domain),
    )
    .await
    {
@@ -730,7 +731,10 @@ async fn get_autoconfig(

    if let Ok(res) = outlk_autodiscover(
        ctx,
-        format!("https://autodiscover.{param_domain}/autodiscover/autodiscover.xml",),
+        format!(
+            "https://autodiscover.{}/autodiscover/autodiscover.xml",
+            &param_domain
+        ),
    )
    .await
    {
@@ -741,7 +745,7 @@ async fn get_autoconfig(
    // always SSL for Thunderbird's database
    if let Ok(res) = moz_autoconfigure(
        ctx,
-        &format!("https://autoconfig.thunderbird.net/v1.1/{param_domain}"),
+        &format!("https://autoconfig.thunderbird.net/v1.1/{}", &param_domain),
        &param.addr,
    )
    .await
--- a/src/imap.rs
+++ b/src/imap.rs
@@ -1045,12 +1045,15 @@ impl Session {
            if target.is_empty() {
                self.delete_message_batch(context, &uid_set, rowid_set)
                    .await
-                    .with_context(|| format!("cannot delete batch of messages {uid_set:?}"))?;
+                    .with_context(|| format!("cannot delete batch of messages {:?}", &uid_set))?;
            } else {
                self.move_message_batch(context, &uid_set, rowid_set, &target)
                    .await
                    .with_context(|| {
-                        format!("cannot move batch of messages {uid_set:?} to folder {target:?}",)
+                        format!(
+                            "cannot move batch of messages {:?} to folder {:?}",
+                            &uid_set, target
+                        )
                    })?;
            }
        }
@@ -1284,10 +1287,9 @@ impl Session {

        for (request_uids, set) in build_sequence_sets(&request_uids)? {
            info!(context, "Starting UID FETCH of message set \"{}\".", set);
-            let mut fetch_responses = self
-                .uid_fetch(&set, BODY_FULL)
-                .await
-                .with_context(|| format!("fetching messages {set} from folder {folder:?}"))?;
+            let mut fetch_responses = self.uid_fetch(&set, BODY_FULL).await.with_context(|| {
+                format!("fetching messages {} from folder \"{}\"", &set, folder)
+            })?;

            // Map from UIDs to unprocessed FETCH results. We put unprocessed FETCH results here
            // when we want to process other messages first.
--- a/src/key.rs
+++ b/src/key.rs
@@ -570,11 +570,9 @@ pub async fn preconfigure_keypair(context: &Context, secret_data: &str) -> Resul
 pub struct Fingerprint(Vec<u8>);

 impl Fingerprint {
-    /// Creates new fingerprint.
-    ///
-    /// It is 160-bit (20 bytes) for v4 keys and 32 bytes for v6 keys.
+    /// Creates new 160-bit (20 bytes) fingerprint.
    pub fn new(v: Vec<u8>) -> Fingerprint {
-        debug_assert!(v.len() == 20 || v.len() == 32);
+        debug_assert_eq!(v.len(), 20);
        Fingerprint(v)
    }

@@ -627,10 +625,7 @@ impl std::str::FromStr for Fingerprint {
            .filter(|&c| c.is_ascii_hexdigit())
            .collect();
        let v: Vec<u8> = hex::decode(&hex_repr)?;
-        ensure!(
-            v.len() == 20 || v.len() == 32,
-            "wrong fingerprint length: {hex_repr}"
-        );
+        ensure!(v.len() == 20, "wrong fingerprint length: {hex_repr}");
        let fp = Fingerprint::new(v);
        Ok(fp)
    }
--- a/src/message.rs
+++ b/src/message.rs
@@ -222,7 +222,7 @@ SELECT ?1, rfc724_mid, pre_rfc724_mid, timestamp, ?, ? FROM msgs WHERE id=?1
            } else {
                msg.timestamp_sort
            });
-            ret += &format!("Received: {s}");
+            ret += &format!("Received: {}", &s);
            ret += "\n";
        }

@@ -301,7 +301,7 @@ SELECT ?1, rfc724_mid, pre_rfc724_mid, timestamp, ?, ? FROM msgs WHERE id=?1
            ret += "Type: ";
            ret += &format!("{}", msg.viewtype);
            ret += "\n";
-            ret += &format!("Mimetype: {}\n", msg.get_filemime().unwrap_or_default());
+            ret += &format!("Mimetype: {}\n", &msg.get_filemime().unwrap_or_default());
        }
        let w = msg.param.get_int(Param::Width).unwrap_or_default();
        let h = msg.param.get_int(Param::Height).unwrap_or_default();
--- a/src/mimefactory.rs
+++ b/src/mimefactory.rs
@@ -1939,18 +1939,27 @@ pub(crate) fn render_outer_message(
 /// Takes the encrypted part, wraps it in a MimePart,
 /// and sets the appropriate Content-Type for the outer message
 pub(crate) fn wrap_encrypted_part(encrypted: String) -> MimePart<'static> {
-    // XXX: additional newline is needed
-    // to pass filtermail at
-    // <https://github.com/deltachat/chatmail/blob/4d915f9800435bf13057d41af8d708abd34dbfa8/chatmaild/src/chatmaild/filtermail.py#L84-L86>:
-    let encrypted = encrypted + "\n";
-
    MimePart::new(
        "multipart/encrypted; protocol=\"application/pgp-encrypted\"",
        vec![
            // Autocrypt part 1
-            MimePart::new("application/pgp-encrypted", "Version: 1\r\n"),
+            MimePart::new("application/pgp-encrypted", "Version: 1\r\n").header(
+                "Content-Description",
+                mail_builder::headers::raw::Raw::new("PGP/MIME version identification"),
+            ),
            // Autocrypt part 2
-            MimePart::new("application/octet-stream", encrypted),
+            MimePart::new(
+                "application/octet-stream; name=\"encrypted.asc\"",
+                encrypted,
+            )
+            .header(
+                "Content-Description",
+                mail_builder::headers::raw::Raw::new("OpenPGP encrypted message"),
+            )
+            .header(
+                "Content-Disposition",
+                mail_builder::headers::raw::Raw::new("inline; filename=\"encrypted.asc\";"),
+            ),
        ],
    )
 }
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
@@ -356,7 +356,7 @@ impl MimeMessage {
        let decrypted_msg; // Decrypted signed OpenPGP message.
        let expected_sender_fingerprint: Option<String>;

-        let (mail, is_encrypted) = match Box::pin(decrypt::decrypt(context, &mail)).await {
+        let (mail, is_encrypted) = match decrypt::decrypt(context, &mail).await {
            Ok(Some((mut msg, expected_sender_fp))) => {
                mail_raw = msg.as_data_vec().unwrap_or_default();

--- a/src/net.rs
+++ b/src/net.rs
@@ -109,8 +109,8 @@ pub(crate) async fn connect_tcp_inner(
 ) -> Result<Pin<Box<TimeoutStream<TcpStream>>>> {
    let tcp_stream = timeout(TIMEOUT, TcpStream::connect(addr))
        .await
-        .with_context(|| format!("Connection to {addr} timed out"))?
-        .with_context(|| format!("Connection to {addr} failed"))?;
+        .context("Connection timeout")?
+        .context("Connection failure")?;

    // Disable Nagle's algorithm.
    tcp_stream.set_nodelay(true)?;
@@ -180,7 +180,7 @@ where
        delay_set.spawn(tokio::time::sleep(delay));
    }

-    let mut all_errors = Vec::new();
+    let mut first_error = None;

    let res = loop {
        if let Some(fut) = futures.next() {
@@ -200,7 +200,7 @@ where
                            }
                            Ok(Err(err)) => {
                                // Some connection attempt failed.
-                                all_errors.push(err);
+                                first_error.get_or_insert(err);
                            }
                            Err(err) => {
                                break Err(err);
@@ -211,11 +211,9 @@ where
                        // Out of connection attempts.
                        //
                        // Break out of the loop and return error.
-                        break if all_errors.is_empty() {
-                            Err(format_err!("No connection attempts were made"))
-                        } else {
-                            Err(format_err!("All connection attempts failed: {}", all_errors.into_iter().map(|err| format!("{err:#}")).collect::<Vec<String>>().join("; ")))
-                        };
+                        break Err(
+                            first_error.unwrap_or_else(|| format_err!("No connection attempts were made"))
+                        );
                    }
                }
            },
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -847,41 +847,4 @@ mod tests {
        assert!(merge_openpgp_certificates(alice.clone(), bob.clone()).is_err());
        assert!(merge_openpgp_certificates(bob.clone(), alice.clone()).is_err());
    }
-
-    /// Test PQC support.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_pqc() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        let pqc = &tcm.pqc().await;
-
-        let pqc_received_message = tcm.send_recv_accept(alice, pqc, "Hi!").await;
-        let pqc_chat_id = pqc_received_message.chat_id;
-        let pqc_sent = pqc.send_text(pqc_chat_id, "Hello back!").await;
-
-        let alice_rcvd = alice.recv_msg(&pqc_sent).await;
-        assert_eq!(alice_rcvd.text, "Hello back!");
-
-        Ok(())
-    }
-
-    /// Tests securejoin with inviter using PQC key.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_securejoin_pqc_inviter() {
-        let mut tcm = TestContextManager::new();
-        let alice = &tcm.alice().await;
-        let pqc = &tcm.pqc().await;
-
-        tcm.execute_securejoin(pqc, alice).await;
-    }
-
-    /// Tests securejoin with joiner using PQC key.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_securejoin_pqc_joiner() {
-        let mut tcm = TestContextManager::new();
-        let pqc = &tcm.pqc().await;
-        let bob = &tcm.bob().await;
-
-        tcm.execute_securejoin(bob, pqc).await;
-    }
 }
--- a/src/qr_code_generator.rs
+++ b/src/qr_code_generator.rs
@@ -332,7 +332,7 @@ fn inner_generate_secure_join_qr_code(
                d.attr("cx", logo_position_x + HALF_LOGO_SIZE)?;
                d.attr("cy", logo_position_y + HALF_LOGO_SIZE)?;
                d.attr("r", HALF_LOGO_SIZE)?;
-                d.attr("style", format!("fill:{color}"))
+                d.attr("style", format!("fill:{}", &color))
            })?;

            let avatar_font_size = LOGO_SIZE * 0.65;
--- a/src/receive_imf.rs
+++ b/src/receive_imf.rs
@@ -3560,7 +3560,12 @@ async fn create_or_lookup_mailinglist_or_broadcast(
            mime_parser.timestamp_sent,
        )
        .await
-        .with_context(|| format!("failed to create mailinglist '{name}' for grpid={listid}",))?;
+        .with_context(|| {
+            format!(
+                "failed to create mailinglist '{}' for grpid={}",
+                &name, &listid
+            )
+        })?;

        if chattype == Chattype::InBroadcast {
            chat::add_to_chat_contacts_table(
--- a/src/scheduler/connectivity.rs
+++ b/src/scheduler/connectivity.rs
@@ -218,7 +218,7 @@ pub(crate) fn maybe_network_lost(context: &Context, stores: Vec<ConnectivityStor
 impl fmt::Debug for ConnectivityStore {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        if let Some(guard) = self.0.try_lock() {
-            write!(f, "ConnectivityStore {:?}", *guard)
+            write!(f, "ConnectivityStore {:?}", &*guard)
        } else {
            write!(f, "ConnectivityStore [LOCKED]")
        }
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -73,7 +73,8 @@ fn shorten_name(name: &str, length: usize) -> String {
        // We use _ rather than ... to avoid dots at the end of the URL, which would confuse linkifiers
        format!(
            "{}_",
-            name.chars()
+            &name
+                .chars()
                .take(length.saturating_sub(1))
                .collect::<String>()
        )
--- a/src/securejoin/securejoin_tests.rs
+++ b/src/securejoin/securejoin_tests.rs
@@ -992,7 +992,7 @@ async fn test_wrong_auth_token() -> Result<()> {
    tcm.send_recv(alice, bob, "hi").await;

    let alice_qr = get_securejoin_qr(alice, None).await?;
-    println!("{alice_qr}");
+    println!("{}", &alice_qr);
    let invalid_alice_qr = alice_qr.replace("&s=", "&s=INVALIDAUTHTOKEN&someotherkey=");

    join_securejoin(bob, &invalid_alice_qr).await?;
--- a/src/test_utils.rs
+++ b/src/test_utils.rs
@@ -137,17 +137,6 @@ impl TestContextManager {
            .await
    }

-    /// Returns a new "device" with a preconfigured v6 PQC key.
-    pub async fn pqc(&mut self) -> TestContext {
-        TestContext::builder()
-            .with_key_pair(pqc_keypair())
-            .with_address("pqc@example.org".to_string())
-            .with_id_offset(7000)
-            .with_log_sink(self.log_sink.clone())
-            .build(Some(&mut self.used_names))
-            .await
-    }
-
    /// Creates a new unconfigured test account.
    pub async fn unconfigured(&mut self) -> TestContext {
        TestContext::builder()
@@ -315,9 +304,6 @@ impl TestContextManager {
 pub struct TestContextBuilder {
    key_pair: Option<SignedSecretKey>,

-    /// Email address.
-    address: Option<String>,
-
    /// Log sink if set.
    ///
    /// If log sink is not set,
@@ -342,7 +328,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(alice_keypair())`.
    pub fn configure_alice(self) -> Self {
        self.with_key_pair(alice_keypair())
-            .with_address("alice@example.org".to_string())
    }

    /// Configures as bob@example.net with fixed secret key.
@@ -350,7 +335,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(bob_keypair())`.
    pub fn configure_bob(self) -> Self {
        self.with_key_pair(bob_keypair())
-            .with_address("bob@example.net".to_string())
    }

    /// Configures as charlie@example.net with fixed secret key.
@@ -358,7 +342,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(charlie_keypair())`.
    pub fn configure_charlie(self) -> Self {
        self.with_key_pair(charlie_keypair())
-            .with_address("charlie@example.net".to_string())
    }

    /// Configures as dom@example.net with fixed secret key.
@@ -366,7 +349,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(dom_keypair())`.
    pub fn configure_dom(self) -> Self {
        self.with_key_pair(dom_keypair())
-            .with_address("dom@example.net".to_string())
    }

    /// Configures as elena@example.net with fixed secret key.
@@ -374,7 +356,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(elena_keypair())`.
    pub fn configure_elena(self) -> Self {
        self.with_key_pair(elena_keypair())
-            .with_address("elena@example.net".to_string())
    }

    /// Configures as fiona@example.net with fixed secret key.
@@ -382,7 +363,6 @@ impl TestContextBuilder {
    /// This is a shortcut for `.with_key_pair(fiona_keypair())`.
    pub fn configure_fiona(self) -> Self {
        self.with_key_pair(fiona_keypair())
-            .with_address("fiona@example.net".to_string())
    }

    /// Configures the new [`TestContext`] with the provided [`SignedSecretKey`].
@@ -394,12 +374,6 @@ impl TestContextBuilder {
        self
    }

-    /// Sets email address.
-    pub fn with_address(mut self, address: String) -> Self {
-        self.address = Some(address);
-        self
-    }
-
    /// Attaches a [`LogSink`] to this [`TestContext`].
    ///
    /// This is useful when using multiple [`TestContext`] instances in one test: it allows
@@ -422,7 +396,16 @@ impl TestContextBuilder {
    /// Builds the [`TestContext`].
    pub async fn build(self, used_names: Option<&mut BTreeSet<String>>) -> TestContext {
        if let Some(key_pair) = self.key_pair {
-            let addr = self.address.expect("Address is not set").clone();
+            let userid = {
+                let public_key = key_pair.to_public_key();
+                let id_bstr = public_key.details.users.first().unwrap().id.id();
+                String::from_utf8(id_bstr.to_vec()).unwrap()
+            };
+            let addr = mailparse::addrparse(&userid)
+                .unwrap()
+                .extract_single_info()
+                .unwrap()
+                .addr;
            let name = EmailAddress::new(&addr).unwrap().local;

            let mut unused_name = name.clone();
@@ -1437,13 +1420,6 @@ pub fn fiona_keypair() -> SignedSecretKey {
    key::SignedSecretKey::from_asc(include_str!("../test-data/key/fiona-secret.asc")).unwrap()
 }

-/// Loads a pre-generated v6 PQC keypair from disk.
-///
-/// Like [alice_keypair] but a different key and identity.
-pub fn pqc_keypair() -> SignedSecretKey {
-    key::SignedSecretKey::from_asc(include_str!("../test-data/key/pqc-secret.asc")).unwrap()
-}
-
 /// Utility to help wait for and retrieve events.
 ///
 /// This buffers the events in order they are emitted.  This allows consuming events in
@@ -1707,7 +1683,7 @@ async fn write_msg(context: &Context, prefix: &str, msg: &Message, buf: &mut Str
        msg.get_id(),
        if msg.get_showpadlock() { "🔒" } else { "" },
        if msg.has_location() { "📍" } else { "" },
-        contact_name,
+        &contact_name,
        contact_id,
        msgtext,
        if msg.get_from_id() == ContactId::SELF {
--- a/src/tests/aeap.rs
+++ b/src/tests/aeap.rs
@@ -161,7 +161,7 @@ async fn check_that_transition_worked(
            2,
            "Group {} has members {:?}, but should have members {:?} and {:?}",
            group,
-            members,
+            &members,
            alice_contact_id,
            ContactId::SELF
        );
--- a/src/tools.rs
+++ b/src/tools.rs
@@ -62,13 +62,13 @@ pub(crate) fn truncate(buf: &str, approx_chars: usize) -> Cow<'_, str> {
    if let Some(index) = buf.get(..end_pos).and_then(|s| s.rfind([' ', '\n'])) {
        Cow::Owned(format!(
            "{}{}",
-            buf.get(..=index).unwrap_or_default(),
+            &buf.get(..=index).unwrap_or_default(),
            DC_ELLIPSIS
        ))
    } else {
        Cow::Owned(format!(
            "{}{}",
-            buf.get(..end_pos).unwrap_or_default(),
+            &buf.get(..end_pos).unwrap_or_default(),
            DC_ELLIPSIS
        ))
    }
--- a/src/tools/tools_tests.rs
+++ b/src/tools/tools_tests.rs
@@ -247,12 +247,12 @@ proptest! {
        assert!(
            l <= approx_chars + el_len,
            "buf: '{}' - res: '{}' - len {}, approx {}",
-            buf, res, res.len(), approx_chars
+            &buf, &res, res.len(), approx_chars
        );

        if buf.chars().count() > approx_chars + el_len {
            let l = res.len();
-            assert_eq!(&res[l-5..l], "[...]", "missing ellipsis in {res}");
+            assert_eq!(&res[l-5..l], "[...]", "missing ellipsis in {}", &res);
        }
    }
 }
--- a/src/transport.rs
+++ b/src/transport.rs
@@ -116,7 +116,7 @@ pub(crate) struct ConnectionCandidate {

 impl fmt::Display for ConnectionCandidate {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "{}:{}:{}", self.host, self.port, self.security)?;
+        write!(f, "{}:{}:{}", &self.host, self.port, self.security)?;
        Ok(())
    }
 }
@@ -131,7 +131,7 @@ pub(crate) struct ConfiguredServerLoginParam {

 impl fmt::Display for ConfiguredServerLoginParam {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        write!(f, "{}:{}", self.connection, self.user)?;
+        write!(f, "{}:{}", self.connection, &self.user)?;
        Ok(())
    }
 }
--- a/test-data/key/pqc-secret.asc
+++ b/test-data/key/pqc-secret.asc
@@ -1,39 +0,0 @@
-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xUsGaf8NSRsAAAAgYy+GaofURMeV0+bcZZGY2ZdAamU+LG69ONjd3haVU3cAhm6G
-IT/UEgFgVdPEhiXER9cfPLiCgkiw/L5mrAZfuLfCqgYfGwgAAABLBQJp/w1JIiEG
-hys0q6D+DFWPnwQoWtuX0mL6ovH2kCjWmDufAFmB0+QCGwMCHgkECwkIBwYVCg4J
-CAwBFg0nCQIIAgcCCQEIAQcBAAAAAEGQEO9Py9Q7njj1WXhtn1wMJSLBdHBE+qQu
-RaCaiWkY5l4EWLlVRPAjX2bBSGq6n3+M+H6oFpOHETAX8IcFSxc260UD+PM0jQpV
-H6ReNy7PBCQKx8RrBmn/DUkjAAAEwPmkVcPy1ye0/7D9nDQCkENUGry97iLkpcw/
-tLJfzL5gJAdzrPkDkyukHxrO7kiUx+mzpiGZRZeyRgBd5YQ+mTgGrptxXLFHcKFR
-79Fjg1UjgHEFjxCkCHUfnNcGZVM3p5skESnNgzsgFGiODfKhM4ew3AFgkUc5LNZj
-Zgpgt4ETIhylbLUY89ccfNpKnQeJl3cv8lvA/yqhoUutJXwZQ/qYKFnEIGEBTFto
-hLZn0KauF9KYOYvOV4yjeZQBlxSPNAWj9SqSNcalpTUFzwoQVSsqWwiys1PEzGAu
-twQVKsZ3e/hlZAyR4eGMiYEmCEy7qjuaOJsqHQuW7hdOHWdVRUpRHOtfj3QAzdc0
-CehVbyCRJVwnTSKiT3AYsdACH8U7mhI5/VxeSHNRIDN1Y6g6N5sx6Wur/HuKGFwx
-L4urdPdpJJgyLXR8GUkL/yeqUhogu4mbVAmULbq2BCIKFNpMyGdhnDugN6Sp5MWc
-GOxCW7CASuBYPHW/rto0C4M/3gCtN2sPtRAhOsXNBBhMqLlzzCgawulCiGtNjHUK
-HsVhghgYwKRBT7vLSKDNsCVizzoZxNQq8yUEXpFIRsTGt3wYoigZn4wOSpmQbxGe
-P3Uc2GWuuukCBNEP5oW4+TCFaNw5mvZgZwl5n4K34poxVgpqBIM2m2fEu8oyLPJZ
-bBxnbty3MUAdLpxv+0otGSHJF4xa3lsEyUdr6+JZZXohNXKoyjeJMGo6qPkvCADI
-upMnDSYZeLU5bVstHWS6otuRMEcjdLBkYfqfzBhkzbptscaUXzsaK4cd/iQzAA1r
-A0ygvcA78Vo363cElNAJh3lntrZZGpBYnzcU/zLACKAVJCYPy3Cj8Al8x+gHP0Yr
-ZSOYdZA1q9s2Kuqk7upCpcYDZ+uXGZs3ubA0TYCcO3FKhAwLhzJad5WApBFETYt2
-3KJEwgEjQaCs7sNNiwaKxhLC2VJhUckgluGs5iUu9ck5jdU+N9MqTmloF/u2Gok8
-QEqF9+DBhPg/fJoI9sN8sIyLrksEUQsm59mvJbVWOpxtbwpWZ+J4cat4azHE0khy
-rolL6lZqDJYW4xVeoAVl5iccicjE6mJLemoxf6iJdohi5cN5JXyZtgtdsbIesJib
-BLPJVahmv5W1Q4RmrwEp5Ua4xra5Mcac4PeINTOkGMErIhdvnuxEH/Cxd8VKhNlU
-vdty4MOyUOkRRPhOMNKUyTkwS9yjprK3QbhEJgrJygHCGpQ0jwp9PrtKqNnOONSX
-t4ZORuiAYHDFz3DPlJhLLzNoAJse0RAyolkPThoMl2JlY5ci8pVHb+Ed/kaeFxnE
-UJJIOZvDFfNCFCM5CCXG/2pi/icA7nHPDFVBeYPMz1B5vrgmdDNMMFVQNMBtrroT
-4pi1N5U4+EAv1vah40akQ/iFcfZjt4sE/jG0M0NCWqHBDPO7e0ae+2IqnIJmsHjL
-N1ak3egY00CnRHdrPCkOkhooFIHA1hYxIwyP07qfkhUBNwSqZ4AfF8UW/nuLjeaj
-ajEWz3zGLvQpfHSobEGPQKk+eIA1fOVeAuJAUAmJz5YO1Dk4OfczeQqQiOhtv+qe
-PYaZQfBFJVamGocDHomPQkP/IvAJhuO9xWPapqbdRwGfVRJZgGsAy89mT1w0PU1C
-u6VpIoyZB2J9LZkw9qb9sRRJAr2gpWGBD4CCmPZ8d17ZGDcIr8o+eI+bo5eKf+1j
-6NhsjM7AmIccStNxZYWE4ZucvYYbPvT3ns/TNa7BH2DBqfGK84PawosGGBsIAAAA
-LAUCaf8NSQIbDCIhBocrNKug/gxVj58EKFrbl9Ji+qLx9pAo1pg7nwBZgdPkAAAA
-ADrcEIqnwTwJoiZAxzK+w7uQFHzsYMWIj8x+DKsn7D1silKINHDnFSrlSKRtbAW6
-x9+HrN/nvR7bOnXZvZhz7lQ3Lp3YUdzEcqRMj8BWW8IXdm0C
-----END PGP PRIVATE KEY BLOCK-----