test_encrypt_decrypt_fuzz_alice: load secret key directly from file

test_encrypt_decrypt_fuzz_alice: load alice public key directly
Add test_encrypt_decrypt_fuzz_alice
2026-04-02 13:32:11 +03:00 · 2020-02-29 17:46:55 +03:00 · 2020-02-29 17:19:51 +03:00 · 2020-02-28 21:28:24 +03:00 · 2020-02-28 05:17:48 +03:00 · 2020-02-27 19:56:50 +01:00
112 changed files with 8491 additions and 5109 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -120,32 +120,19 @@ jobs:
          paths:
            - c-docs

-  # build_test_docs_wheel:
-  #   docker:
-  #     - image: deltachat/coredeps
-  #       environment:
-  #           TESTS: 1
-  #           DOCS: 1
-  #   working_directory: /mnt/crate
-  #   steps:
-  #     - *restore-workspace
-  #     - *restore-cache
-  #     - run:
-  #         name: build docs, run tests and build wheels
-  #         command: ci_scripts/run-python.sh
-  #     - run:
-  #          name: copying docs and wheels to workspace
-  #          command: |
-  #            mkdir -p workspace/python
-  #            # cp -av docs workspace/c-docs
-  #            cp -av python/.docker-tox/wheelhouse workspace/
-  #            cp -av python/doc/_build/ workspace/py-docs
-  #     - persist_to_workspace:
-  #         root: workspace
-  #         paths:
-  #           # - c-docs
-  #           - py-docs
-  #           - wheelhouse
+  remote_python_packaging:
+    machine: true
+    steps:
+      - checkout
+      # the following commands on success produces
+      # workspace/{wheelhouse,py-docs} as artefact directories
+      - run: bash ci_scripts/remote_python_packaging.sh 
+      - persist_to_workspace:
+          root: workspace
+          paths:
+            # - c-docs
+            - py-docs
+            - wheelhouse

  remote_tests_rust:
    machine: true
@@ -157,10 +144,7 @@ jobs:
    machine: true
    steps:
      - checkout
-      #- attach_workspace:
-      #    at: workspace
      - run: ci_scripts/remote_tests_python.sh
-    # workspace/py-docs workspace/wheelhouse workspace/c-docs

  upload_docs_wheels:
    machine: true
@@ -168,6 +152,7 @@ jobs:
      - checkout
      - attach_workspace:
          at: workspace
+      - run: pyenv versions
      - run: pyenv global 3.5.2
      - run: ls -laR workspace
      - run: ci_scripts/ci_upload.sh workspace/py-docs workspace/wheelhouse workspace/c-docs
@@ -189,14 +174,31 @@ workflows:
    jobs:
      # - cargo_fetch

-      - remote_tests_rust
+      - remote_tests_rust:
+          filters:
+            tags:
+              only: /.*/

-      - remote_tests_python
+      - remote_tests_python:
+          filters:
+            tags:
+              only: /.*/

-      # - upload_docs_wheels:
-      #     requires:
-      #       - build_test_docs_wheel
-      #       - build_doxygen
+      - remote_python_packaging:
+          requires: 
+             - remote_tests_python
+             - remote_tests_rust 
+          filters:
+            tags:
+              only: /.*/
+
+      - upload_docs_wheels:
+          requires:
+             - remote_python_packaging
+             - build_doxygen
+          filters:
+            tags:
+              only: /.*/
      # - rustfmt:
      #     requires:
      #       - cargo_fetch
@@ -204,7 +206,10 @@ workflows:
      #     requires:
      #      - cargo_fetch

-      - build_doxygen
+      - build_doxygen:
+          filters:
+            tags:
+              only: /.*/

      # Linux Desktop 64bit
      # - test_x86_64-unknown-linux-gnu:
--- a/.github/workflows/code-quality.yml
+++ b/.github/workflows/code-quality.yml
@@ -15,6 +15,7 @@ jobs:
      - uses: actions-rs/cargo@v1
        with:
          command: check
+          args: --workspace --examples --tests --all-features

  fmt:
    name: Rustfmt
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,99 @@
 # Changelog 

+## 1.25.0
+
+- save traffic by downloading only messages that are really displayed #1236
+
+- change generated key type to Ed25519, these keys are much shorter
+  than RSA keys, which results in saving traffic and speed improvements #1287
+
+- improve key handling #1237 #1240 #1242 #1247
+
+- mute handling, apis are dc_set_chat_mute_duration()
+  dc_chat_is_muted() and dc_chat_get_remaining_mute_duration() #1143
+
+- pinning chats, new apis are dc_set_chat_visibility() and
+  dc_chat_get_visibility() #1248
+
+- add dc_provider_new_from_email() api that queries the new, integrated
+  provider-database #1207
+
+- account creation by scanning a qr code
+  in the DCACCOUNT scheme (https://mailadm.readthedocs.io),
+  new api is dc_set_config_from_qr() #1249
+
+- if possible, dc_join_securejoin(), returns the new chat-id immediately
+  and does the handshake in background #1225
+
+- update imap and smtp dependencies #1115
+
+- check for MOVE capability before using MOVE command #1263
+
+- allow inline attachments from RFC 2183 #1280
+
+- fix updating names from incoming mails #1298
+
+- fix error messages shown on import #1234
+
+- directly attempt to re-connect if the smtp connection is maybe stale #1296
+
+- improve adding group members #1291
+
+- improve rust-api #1261
+
+- cleanup #1302 #1283 #1282 #1276 #1270-#1274 #1267 #1258-#1260
+  #1257 #1239 #1231 #1224
+
+- update spec #1286 #1291
+
+
+## 1.0.0-beta.24
+
+- fix oauth2/gmail bug introduced in beta23 (not used in releases) #1219
+
+- fix panic when receiving eg. cyrillic filenames #1216
+
+- delete all consumed secure-join handshake messagess #1209 #1212
+
+- rust-level cleanups #1218 #1217 #1210 #1205
+
+- python-level cleanups #1204 #1202 #1201
+
+
+## 1.0.0-beta.23
+
+- #1197 fix imap-deletion of messages 
+
+- #1171 Combine multiple MDNs into a single mail, reducing traffic 
+
+- #1155 fix to not send out gossip always, reducing traffic
+
+- #1160 fix reply-to-encrypted determination 
+
+- #1182 Add "Auto-Submitted: auto-replied" header to MDNs
+
+- #1194 produce python wheels again, fix c/py.delta.chat
+  master-deployment 
+
+- rust-level housekeeping and improvements #1161 #1186 #1185 #1190 #1194 #1199 #1191 #1190 #1184 and more
+
+- #1063 clarify licensing 
+
+- #1147 use mailparse 0.10.2 
+
+
+## 1.0.0-beta.22
+
+- #1095 normalize email lineends to CRLF
+
+- #1095 enable link-time-optimization, saves eg. on android 11 mb
+
+- #1099 fix import regarding devicechats
+
+- #1092 improve logging
+
+- #1096 #1097 #1094 #1090 #1091 internal cleanups
+
 ## 1.0.0-beta.21

 - #1078 #1082 ensure RFC compliance by producing 78 column lines for
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,9 +1,12 @@
 [package]
 name = "deltachat"
-version = "1.0.0-beta.21"
+version = "1.25.0"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
-license = "MPL"
+license = "MPL-2.0"
+
+[profile.release]
+lto = true

 [dependencies]
 deltachat_derive = { path = "./deltachat_derive" }
@@ -14,18 +17,15 @@ hex = "0.4.0"
 sha2 = "0.8.0"
 rand = "0.7.0"
 smallvec = "1.0.0"
-reqwest = { version = "0.9.15" }
+reqwest = { version = "0.10.0", features = ["blocking", "json"] }
 num-derive = "0.3.0"
 num-traits = "0.2.6"
-async-smtp = { git = "https://github.com/async-email/async-smtp" }
+async-smtp = "0.2"
 email = { git = "https://github.com/deltachat/rust-email", branch = "master" }
-lettre_email = { git = "https://github.com/deltachat/lettre", branch = "native_tls" }
-
-# XXX newer commits of async-imap lead to import-export tests hanging
-async-imap = { git = "https://github.com/async-email/async-imap", branch = "dcc-stable" }
-
-async-native-tls = "0.1.1"
-async-std = { version = "1.0", features = ["unstable"] }
+lettre_email = { git = "https://github.com/deltachat/lettre", branch = "master" }
+async-imap = "0.2"
+async-native-tls = "0.3.1"
+async-std = { version = "1.4", features = ["unstable"] }
 base64 = "0.11"
 charset = "0.1"
 percent-encoding = "2.0"
@@ -35,12 +35,10 @@ chrono = "0.4.6"
 failure = "0.1.5"
 failure_derive = "0.1.5"
 indexmap = "1.3.0"
-# TODO: make optional
-rustyline = "4.1.0"
 lazy_static = "1.4.0"
 regex = "1.1.6"
-rusqlite = { version = "0.20", features = ["bundled"] }
-r2d2_sqlite = "0.12.0"
+rusqlite = { version = "0.21", features = ["bundled"] }
+r2d2_sqlite = "0.13.0"
 r2d2 = "0.8.5"
 strum = "0.16.0"
 strum_macros = "0.16.0"
@@ -55,10 +53,13 @@ bitflags = "1.1.0"
 debug_stub_derive = "0.3.0"
 sanitize-filename = "0.2.1"
 stop-token = { version = "0.1.1", features = ["unstable"] }
-mailparse = "0.10.1"
+mailparse = "0.10.2"
 encoded-words = { git = "https://github.com/async-email/encoded-words", branch="master" }
 native-tls = "0.2.3"
-image = "0.22.3"
+image = { version = "0.22.4", default-features=false, features = ["gif_codec", "jpeg", "ico", "png_codec", "pnm", "webp", "bmp"] }
+pretty_env_logger = "0.3.1"
+
+rustyline = { version = "4.1.0", optional = true }

 [dev-dependencies]
 tempfile = "3.0"
@@ -79,10 +80,11 @@ path = "examples/simple.rs"
 [[example]]
 name = "repl"
 path = "examples/repl/main.rs"
+required-features = ["rustyline"]


 [features]
 default = ["nightly", "ringbuf"]
-vendored = ["native-tls/vendored", "reqwest/default-tls-vendored"]
+vendored = ["async-native-tls/vendored", "reqwest/native-tls-vendored", "async-smtp/native-tls-vendored"]
 nightly = ["pgp/nightly"]
 ringbuf = ["pgp/ringbuf"]
--- a/3
+++ b/3
@@ -2,9 +2,6 @@ The files in this directory and under its subdirectories
 are (c) 2019 by Bjoern Petersen and contributors and released under the
 Mozilla Public License Version 2.0, see below for a copy.

-NOTE that the files in the "libs" directory are copyrighted by third parties
-and come with their own respective licenses.
-
 Mozilla Public License Version 2.0
 ==================================

--- a/README.md
+++ b/README.md
@@ -114,3 +114,22 @@ $ cargo test -- --ignored
 [circle]: https://circleci.com/gh/deltachat/deltachat-core-rust/
 [appveyor-shield]: https://ci.appveyor.com/api/projects/status/lqpegel3ld4ipxj8/branch/master?style=flat-square
 [appveyor]: https://ci.appveyor.com/project/dignifiedquire/deltachat-core-rust/branch/master
+
+## Language bindings and frontend projects
+
+Language bindings are available for:
+
+- [C](https://c.delta.chat)
+- [Node.js](https://www.npmjs.com/package/deltachat-node)
+- [Python](https://py.delta.chat)
+- [Go](https://github.com/hugot/go-deltachat/)
+- **Java** and **Swift** (contained in the Android/iOS repos)
+
+The following "frontend" projects make use of the Rust-library
+or its language bindings:
+
+- [Android](https://github.com/deltachat/deltachat-android)
+- [iOS](https://github.com/deltachat/deltachat-ios)
+- [Desktop](https://github.com/deltachat/deltachat-desktop)
+- [Pidgin](https://code.ur.gs/lupine/purple-plugin-delta/)
+- several **Bots**
--- a/ci_scripts/ci_upload.sh
+++ b/ci_scripts/ci_upload.sh
@@ -14,24 +14,22 @@ DOXYDOCDIR=${3:?directory where doxygen docs to be found}
 export BRANCH=${CIRCLE_BRANCH:?specify branch for uploading purposes}


-# DISABLED: python docs to py.delta.chat
-#ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null delta@py.delta.chat mkdir -p build/${BRANCH}
-#rsync -avz \
-#  -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" \
-#  "$PYDOCDIR/html/" \
-#  delta@py.delta.chat:build/${BRANCH}
+# python docs to py.delta.chat
+ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null delta@py.delta.chat mkdir -p build/${BRANCH}
+rsync -avz \
+  --delete \
+  -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" \
+  "$PYDOCDIR/html/" \
+  delta@py.delta.chat:build/${BRANCH}

 # C docs to c.delta.chat
 ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null delta@c.delta.chat mkdir -p build-c/${BRANCH}
 rsync -avz \
+  --delete \
  -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" \
  "$DOXYDOCDIR/html/" \
  delta@c.delta.chat:build-c/${BRANCH}

-exit 0
-
-# OUTDATED -- for re-use from python release-scripts 
-
 echo -----------------------
 echo upload wheels 
 echo -----------------------
@@ -39,6 +37,7 @@ echo -----------------------
 # Bundle external shared libraries into the wheels
 pushd $WHEELHOUSEDIR

+pip3 install -U pip
 pip3 install devpi-client
 devpi use https://m.devpi.net
 devpi login dc --password $DEVPI_LOGIN
@@ -50,6 +49,9 @@ devpi use dc/$N_BRANCH || {
    devpi use dc/$N_BRANCH
 }
 devpi index $N_BRANCH bases=/root/pypi
-devpi upload deltachat*.whl
+devpi upload deltachat*

 popd
+
+# remove devpi non-master dc indices if thy are too old
+python ci_scripts/cleanup_devpi_indices.py
--- a/ci_scripts/cleanup_devpi_indices.py
+++ b/ci_scripts/cleanup_devpi_indices.py
@@ -0,0 +1,69 @@
+"""
+Remove old "dc" indices except for master which always stays.
+
+"""
+from requests import Session
+import datetime
+import sys
+import subprocess
+
+MAXDAYS=7
+
+session = Session()
+session.headers["Accept"] = "application/json"
+
+
+def get_indexes(baseurl, username):
+    response = session.get(baseurl + username)
+    assert response.status_code == 200
+    result = response.json()["result"]
+    return result["indexes"]
+
+
+def get_projectnames(baseurl, username, indexname):
+    response = session.get(baseurl + username + "/" + indexname)
+    assert response.status_code == 200
+    result = response.json()["result"]
+    return result["projects"]
+
+
+def get_release_dates(baseurl, username, indexname, projectname):
+    response = session.get(baseurl + username + "/" + indexname + "/" + projectname)
+    assert response.status_code == 200
+    result = response.json()["result"]
+    dates = set()
+    for value in result.values():
+        if "+links" not in value:
+            continue
+        for link in value["+links"]:
+            for log in link["log"]:
+                dates.add(tuple(log["when"]))
+    return dates
+
+
+def run():
+    baseurl = "https://m.devpi.net/"
+    username = "dc"
+    for indexname in get_indexes(baseurl, username):
+        projectnames = get_projectnames(baseurl, username, indexname)
+        if indexname == "master" or not indexname:
+            continue
+        assert projectnames == ["deltachat"]
+        for projectname in projectnames:
+            dates = get_release_dates(baseurl, username, indexname, projectname)
+            if not dates:
+                print(
+                    "%s has no releases" % (baseurl + username + "/" + indexname),
+                    file=sys.stderr)
+                date = datetime.datetime.now()
+            else:
+                date = datetime.datetime(*max(dates))
+            if (datetime.datetime.now() - date) > datetime.timedelta(days=MAXDAYS):
+                assert username and indexname
+                url = baseurl + username + "/" + indexname
+                subprocess.check_call(["devpi", "index", "-y", "--delete", url])
+
+
+
+if __name__ == '__main__':
+    run()
--- a/ci_scripts/docker-coredeps/Dockerfile
+++ b/ci_scripts/docker-coredeps/Dockerfile
@@ -5,14 +5,11 @@ RUN echo /usr/local/lib64 > /etc/ld.so.conf.d/local.conf && \
    echo /usr/local/lib >> /etc/ld.so.conf.d/local.conf
 ENV PKG_CONFIG_PATH /usr/local/lib64/pkgconfig:/usr/local/lib/pkgconfig

-# Install a recent Perl, needed to install OpenSSL
+# Install a recent Perl, needed to install the openssl crate 
 ADD deps/build_perl.sh /builder/build_perl.sh
+RUN rm /usr/bin/perl
 RUN mkdir tmp1 && cd tmp1 && bash /builder/build_perl.sh && cd .. && rm -r tmp1

-# Install OpenSSL
-ADD deps/build_openssl.sh /builder/build_openssl.sh
-RUN mkdir tmp1 && cd tmp1 && bash /builder/build_openssl.sh && cd .. && rm -r tmp1
-
 ENV PIP_DISABLE_PIP_VERSION_CHECK 1

 # Install python tools (auditwheels,tox, ...)
--- a/ci_scripts/docker-coredeps/deps/build_rust.sh
+++ b/ci_scripts/docker-coredeps/deps/build_rust.sh
@@ -3,6 +3,9 @@
 set -e -x

 # Install Rust
-curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain nightly-2019-09-12 -y
+curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain nightly-2019-11-06 -y
 export PATH=/root/.cargo/bin:$PATH
 rustc --version
+
+# remove some 300-400 MB that we don't need for automated builds
+rm -rf /root/.rustup/toolchains/nightly-2019-11-06-x86_64-unknown-linux-gnu/share/
--- a/ci_scripts/docker-coredeps/deps/run_all.sh
+++ b/ci_scripts/docker-coredeps/deps/run_all.sh
@@ -1,49 +0,0 @@
-#!/bin/bash
-#
-# Build the Delta Chat C/Rust library
-#
-set -e -x
-
-# perform clean build of core and install 
-export TOXWORKDIR=.docker-tox
-
-# build core library
-
-cargo build --release -p deltachat_ffi
-
-# configure access to a base python and 
-# to several python interpreters needed by tox below
-export PATH=$PATH:/opt/python/cp35-cp35m/bin
-export PYTHONDONTWRITEBYTECODE=1
-pushd /bin
-ln -s /opt/python/cp27-cp27m/bin/python2.7
-ln -s /opt/python/cp36-cp36m/bin/python3.6
-ln -s /opt/python/cp37-cp37m/bin/python3.7
-popd
-
-#
-# run python tests
-#
-
-if [ -n "$TESTS" ]; then 
-
-    echo ----------------
-    echo run python tests
-    echo ----------------
-
-    pushd python 
-    # first run all tests ...
-    rm -rf tests/__pycache__
-    rm -rf src/deltachat/__pycache__
-    export PYTHONDONTWRITEBYTECODE=1
-    tox --workdir "$TOXWORKDIR" -e py27,py35,py36,py37
-    popd
-fi
-
-
-if [ -n "$DOCS" ]; then 
-    echo -----------------------
-    echo generating python docs
-    echo -----------------------
-    (cd python && tox --workdir "$TOXWORKDIR" -e doc) 
-fi
--- a/ci_scripts/remote_python_packaging.sh
+++ b/ci_scripts/remote_python_packaging.sh
@@ -0,0 +1,51 @@
+#!/bin/bash 
+
+export BRANCH=${CIRCLE_BRANCH:?branch to build}
+export REPONAME=${CIRCLE_PROJECT_REPONAME:?repository name}
+export SSHTARGET=${SSHTARGET-ci@b1.delta.chat}
+
+# we construct the BUILDDIR such that we can easily share the
+# CARGO_TARGET_DIR between runs ("..")
+export BUILDDIR=ci_builds/$REPONAME/$BRANCH/${CIRCLE_JOB:?jobname}/${CIRCLE_BUILD_NUM:?circle-build-number}
+
+echo "--- Copying files to $SSHTARGET:$BUILDDIR"
+
+set -xe
+
+ssh -oBatchMode=yes -oStrictHostKeyChecking=no  $SSHTARGET mkdir -p "$BUILDDIR"
+git ls-files >.rsynclist 
+# we seem to need .git for setuptools_scm versioning 
+find .git >>.rsynclist
+rsync --delete --files-from=.rsynclist -az ./ "$SSHTARGET:$BUILDDIR"
+
+set +x
+
+# we have to create a remote file for the remote-docker run 
+# so we can do a simple ssh command with a TTY
+# so that when our job dies, all container-runs are aborted.
+# sidenote: the circle-ci machinery will kill ongoing jobs
+# if there are new commits and we want to ensure that 
+# everything is terminated/cleaned up and we have no orphaned
+# useless still-running docker-containers consuming resources. 
+
+ssh $SSHTARGET bash -c "cat >$BUILDDIR/exec_docker_run" <<_HERE
+    set +x -e
+    cd $BUILDDIR
+    export DCC_PY_LIVECONFIG=$DCC_PY_LIVECONFIG
+
+    set -x
+
+    # run everything else inside docker 
+    docker run -e DCC_PY_LIVECONFIG \
+       --rm -it -v \$(pwd):/mnt -w /mnt \
+       deltachat/coredeps ci_scripts/run_all.sh
+
+_HERE
+
+echo "--- Running $CIRCLE_JOB remotely"
+
+ssh -t $SSHTARGET bash "$BUILDDIR/exec_docker_run"
+mkdir -p workspace 
+rsync -avz "$SSHTARGET:$BUILDDIR/python/.docker-tox/wheelhouse/*manylinux1*" workspace/wheelhouse/
+rsync -avz "$SSHTARGET:$BUILDDIR/python/.docker-tox/dist/*" workspace/wheelhouse/
+rsync -avz "$SSHTARGET:$BUILDDIR/python/doc/_build/" workspace/py-docs
--- a/ci_scripts/run-doxygen.sh
+++ b/ci_scripts/run-doxygen.sh
@@ -3,5 +3,4 @@
 set -ex

 cd deltachat-ffi 
-doxygen 
-
+PROJECT_NUMBER=$(git log -1 --format "%h (%cd)") doxygen 
--- a/ci_scripts/run-python-test.sh
+++ b/ci_scripts/run-python-test.sh
@@ -6,7 +6,7 @@
 set -e -x

 # for core-building and python install step
-export DCC_RS_TARGET=release
+export DCC_RS_TARGET=debug
 export DCC_RS_DEV=`pwd`

 cd python
--- a/ci_scripts/run_all.sh
+++ b/ci_scripts/run_all.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+#
+# Build the Delta Chat Core Rust library, Python wheels and docs 
+
+set -e -x
+
+# Perform clean build of core and install.
+export TOXWORKDIR=.docker-tox
+
+# compile core lib
+
+export PATH=/root/.cargo/bin:$PATH
+cargo build --release -p deltachat_ffi
+# cargo test --all --all-features
+
+# Statically link against libdeltachat.a.
+export DCC_RS_DEV=$(pwd)
+
+# Configure access to a base python and to several python interpreters
+# needed by tox below.
+export PATH=$PATH:/opt/python/cp35-cp35m/bin
+export PYTHONDONTWRITEBYTECODE=1
+pushd /bin
+ln -s /opt/python/cp27-cp27m/bin/python2.7
+ln -s /opt/python/cp36-cp36m/bin/python3.6
+ln -s /opt/python/cp37-cp37m/bin/python3.7
+ln -s /opt/python/cp38-cp38/bin/python3.8
+popd
+
+pushd python
+# prepare a clean tox run
+rm -rf tests/__pycache__
+rm -rf src/deltachat/__pycache__
+mkdir -p $TOXWORKDIR
+
+# disable live-account testing to speed up test runs and wheel building
+# XXX we may switch on some live-tests on for better ensurances 
+# Note that the independent remote_tests_python step does all kinds of
+# live-testing already. 
+unset DCC_PY_LIVECONFIG 
+tox --workdir "$TOXWORKDIR" -e py35,py36,py37,py38,auditwheels
+popd
+
+
+echo -----------------------
+echo generating python docs
+echo -----------------------
+(cd python && tox --workdir "$TOXWORKDIR" -e doc)
--- a/deltachat-ffi/Cargo.toml
+++ b/deltachat-ffi/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "deltachat_ffi"
-version = "1.0.0-beta.21"
+version = "1.25.0"
 description = "Deltachat FFI"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
 readme = "README.md"
-license = "MIT OR Apache-2.0"
+license = "MPL-2.0"

 keywords = ["deltachat", "chat", "openpgp", "email", "encryption"]
 categories = ["cryptography", "std", "email"]
@@ -16,7 +16,6 @@ crate-type = ["cdylib", "staticlib"]

 [dependencies]
 deltachat = { path = "../", default-features = false }
-deltachat-provider-database = "0.2.1"
 libc = "0.2"
 human-panic = "1.0.1"
 num-traits = "0.2.6"
--- a/deltachat-ffi/deltachat.h
+++ b/deltachat-ffi/deltachat.h
@@ -364,6 +364,12 @@ char*           dc_get_blobdir               (const dc_context_t* context);
 *                    also show all mails of confirmed contacts,
 *                    DC_SHOW_EMAILS_ALL (2)=
 *                    also show mails of unconfirmed contacts in the deaddrop.
+ * - `key_gen_type` = DC_KEY_GEN_DEFAULT (0)=
+ *                    generate recommended key type (default),
+ *                    DC_KEY_GEN_RSA2048 (1)=
+ *                    generate RSA 2048 keypair
+ *                    DC_KEY_GEN_ED25519 (2)=
+ *                    generate Ed25519 keypair
 * - `save_mime_headers` = 1=save mime headers
 *                    and make dc_get_mime_headers() work for subsequent calls,
 *                    0=do not save mime headers (default)
@@ -403,20 +409,37 @@ int             dc_set_config                (dc_context_t* context, const char*
 */
 char*           dc_get_config                (dc_context_t* context, const char* key);

+
 /**
- * Set stock string translation. 
+ * Set stock string translation.
 *
- * The function will emit warnings if it returns an error state. 
+ * The function will emit warnings if it returns an error state.
 *
 * @memberof dc_context_t
 * @param context The context object
 * @param stock_id   the integer id of the stock message (DC_STR_*)
- * @param stock_msg  the message to be used 
+ * @param stock_msg  the message to be used
 * @return int (==0 on error, 1 on success)
 */
 int             dc_set_stock_translation(dc_context_t* context, uint32_t stock_id, const char* stock_msg);


+/**
+ * Set configuration values from a QR code containing an account.
+ * Before this function is called, dc_check_qr() should confirm the type of the
+ * QR code is DC_QR_ACCOUNT.
+ *
+ * Internally, the function will call dc_set_config()
+ * at least with the keys `addr` and `mail_pw`.
+ *
+ * @memberof dc_context_t
+ * @param context The context object
+ * @param qr scanned QR code
+ * @return int (==0 on error, 1 on success)
+ */
+int             dc_set_config_from_qr   (dc_context_t* context, const char* qr);
+
+
 /**
 * Get information about the context.
 *
@@ -852,6 +875,27 @@ void            dc_interrupt_smtp_idle       (dc_context_t* context);
 void            dc_maybe_network             (dc_context_t* context);


+/**
+ * Save a keypair as the default keys for the user.
+ *
+ * This API is only for testing purposes and should not be used as part of a
+ * normal application, use the import-export APIs instead.
+ *
+ * This saves a public/private keypair as the default keypair in the context.
+ * It allows avoiding having to generate a secret key for unittests which need
+ * one.
+ *
+ * @memberof dc_context_t
+ * @param context The context as created by dc_context_new().
+ * @param addr The email address of the user.  This must match the
+ *    configured_addr setting of the context as well as the UID of the key.
+ * @param public_data The public key as base64.
+ * @param secret_data The secret key as base64.
+ * @return 1 on success, 0 on failure.
+ */
+int             dc_preconfigure_keypair        (dc_context_t* context, const char *addr, const char *public_data, const char *secret_data);
+
+
 // handle chatlists

 #define         DC_GCL_ARCHIVED_ONLY         0x01
@@ -880,7 +924,7 @@ void            dc_maybe_network             (dc_context_t* context);
 *   or "Not now".
 *   The UI can also offer a "Close" button that calls dc_marknoticed_contact() then.
 * - DC_CHAT_ID_ARCHIVED_LINK (6) - this special chat is present if the user has
- *   archived _any_ chat using dc_archive_chat(). The UI should show a link as
+ *   archived _any_ chat using dc_set_chat_visibility(). The UI should show a link as
 *   "Show archived chats", if the user clicks this item, the UI should show a
 *   list of all archived chats that can be created by this function hen using
 *   the DC_GCL_ARCHIVED_ONLY flag.
@@ -1334,25 +1378,18 @@ uint32_t        dc_get_next_media            (dc_context_t* context, uint32_t ms


 /**
- * Archive or unarchive a chat.
+ * Set chat visibility to pinned, archived or normal.
 *
- * Archived chats are not included in the default chatlist returned
- * by dc_get_chatlist().  Instead, if there are _any_ archived chats,
- * the pseudo-chat with the chat_id DC_CHAT_ID_ARCHIVED_LINK will be added the the
- * end of the chatlist.
- *
- * - To get a list of archived chats, use dc_get_chatlist() with the flag DC_GCL_ARCHIVED_ONLY.
- * - To find out the archived state of a given chat, use dc_chat_get_archived()
- * - Messages in archived chats are marked as being noticed, so they do not count as "fresh"
- * - Calling this function usually results in the event #DC_EVENT_MSGS_CHANGED
+ * Calling this function usually results in the event #DC_EVENT_MSGS_CHANGED
+ * See @ref DC_CHAT_VISIBILITY for detailed information about the visibilities.
 *
 * @memberof dc_context_t
 * @param context The context object as returned from dc_context_new().
- * @param chat_id The ID of the chat to archive or unarchive.
- * @param archive 1=archive chat, 0=unarchive chat, all other values are reserved for future use
+ * @param chat_id The ID of the chat to change the visibility for.
+ * @param visibility one of @ref DC_CHAT_VISIBILITY
 * @return None.
 */
-void            dc_archive_chat              (dc_context_t* context, uint32_t chat_id, int archive);
+void            dc_set_chat_visibility       (dc_context_t* context, uint32_t chat_id, int visibility);


 /**
@@ -1556,6 +1593,22 @@ int             dc_set_chat_name             (dc_context_t* context, uint32_t ch
 int             dc_set_chat_profile_image    (dc_context_t* context, uint32_t chat_id, const char* image);


+
+/**
+ * Set mute duration of a chat.
+ *
+ * This value can be checked by the ui upon receiving a new message to decide whether it should trigger an notification.
+ *
+ * Sends out #DC_EVENT_CHAT_MODIFIED.
+ *
+ * @memberof dc_context_t
+ * @param chat_id The chat ID to set the mute duration.
+ * @param duration The duration (0 for no mute, -1 for forever mute, everything else is is the relative mute duration from now in seconds)
+ * @param context The context as created by dc_context_new().
+ * @return 1=success, 0=error
+ */
+int             dc_set_chat_mute_duration             (dc_context_t* context, uint32_t chat_id, int64_t duration);
+
 // handle messages

 /**
@@ -1603,7 +1656,7 @@ char*           dc_get_mime_headers          (dc_context_t* context, uint32_t ms
 void            dc_delete_msgs               (dc_context_t* context, const uint32_t* msg_ids, int msg_cnt);

 /**
- * Empty IMAP server folder: delete all messages. 
+ * Empty IMAP server folder: delete all messages.
 *
 * @memberof dc_context_t
 * @param context The context object as created by dc_context_new()
@@ -1756,7 +1809,7 @@ uint32_t        dc_create_contact            (dc_context_t* context, const char*
 * Trying to add email-addresses that are already in the contact list,
 * results in updating the name unless the name was changed manually by the user.
 * If any email-address or any name is really updated,
- * the event DC_EVENT_CONTACTS_CHANGED is sent.
+ * the event #DC_EVENT_CONTACTS_CHANGED is sent.
 *
 * To add a single contact entered by the user, you should prefer dc_create_contact(),
 * however, for adding a bunch of addresses, this function is _much_ faster.
@@ -2074,6 +2127,7 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
 #define         DC_QR_FPR_OK                 210 // id=contact
 #define         DC_QR_FPR_MISMATCH           220 // id=contact
 #define         DC_QR_FPR_WITHOUT_ADDR       230 // test1=formatted fingerprint
+#define         DC_QR_ACCOUNT                250 // text1=domain
 #define         DC_QR_ADDR                   320 // id=contact
 #define         DC_QR_TEXT                   330 // text1=text
 #define         DC_QR_URL                    332 // text1=URL
@@ -2091,12 +2145,12 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
 * - DC_QR_FPR_OK with dc_lot_t::id=Contact ID
 * - DC_QR_FPR_MISMATCH with dc_lot_t::id=Contact ID
 * - DC_QR_FPR_WITHOUT_ADDR with dc_lot_t::test1=Formatted fingerprint
+ * - DC_QR_ACCOUNT allows creation of an account, dc_lot_t::text1=domain
 * - DC_QR_ADDR with dc_lot_t::id=Contact ID
 * - DC_QR_TEXT with dc_lot_t::text1=Text
 * - DC_QR_URL with dc_lot_t::text1=URL
 * - DC_QR_ERROR with dc_lot_t::text1=Error string
 *
- *
 * @memberof dc_context_t
 * @param context The context object.
 * @param qr The text of the scanned QR code.
@@ -2107,20 +2161,22 @@ dc_lot_t*       dc_check_qr                  (dc_context_t* context, const char*


 /**
- * Get QR code text that will offer an secure-join verification.
+ * Get QR code text that will offer an Setup-Contact or Verified-Group invitation.
 * The QR code is compatible to the OPENPGP4FPR format
 * so that a basic fingerprint comparison also works eg. with OpenKeychain.
 *
 * The scanning device will pass the scanned content to dc_check_qr() then;
- * if this function returns DC_QR_ASK_VERIFYCONTACT or DC_QR_ASK_VERIFYGROUP
+ * if dc_check_qr() returns DC_QR_ASK_VERIFYCONTACT or DC_QR_ASK_VERIFYGROUP
 * an out-of-band-verification can be joined using dc_join_securejoin()
 *
 * @memberof dc_context_t
 * @param context The context object.
 * @param chat_id If set to a group-chat-id,
- *     the group-join-protocol is offered in the QR code;
+ *     the Verified-Group-Invite protocol is offered in the QR code;
 *     works for verified groups as well as for normal groups.
- *     If set to 0, the setup-Verified-contact-protocol is offered in the QR code.
+ *     If set to 0, the Setup-Contact protocol is offered in the QR code.
+ *     See https://countermitm.readthedocs.io/en/latest/new.html
+ *     for details about both protocols.
 * @return Text that should go to the QR code,
 *     On errors, an empty QR code is returned, NULL is never returned.
 *     The returned string must be released using dc_str_unref() after usage.
@@ -2129,13 +2185,29 @@ char*           dc_get_securejoin_qr         (dc_context_t* context, uint32_t ch


 /**
- * Join an out-of-band-verification initiated on another device with dc_get_securejoin_qr().
+ * Continue a Setup-Contact or Verified-Group-Invite protocol
+ * started on another device with dc_get_securejoin_qr().
 * This function is typically called when dc_check_qr() returns
 * lot.state=DC_QR_ASK_VERIFYCONTACT or lot.state=DC_QR_ASK_VERIFYGROUP.
 *
- * This function takes some time and sends and receives several messages.
- * You should call it in a separate thread; if you want to abort it, you should
- * call dc_stop_ongoing_process().
+ * Depending on the given QR code,
+ * this function may takes some time and sends and receives several messages.
+ * Therefore, you should call it always in a separate thread;
+ * if you want to abort it, you should call dc_stop_ongoing_process().
+ *
+ * - If the given QR code starts the Setup-Contact protocol,
+ *   the function typically returns immediately
+ *   and the handshake runs in background.
+ *   Subsequent calls of dc_join_securejoin() will abort unfinished tasks.
+ *   The returned chat is the one-to-one opportunistic chat.
+ *   When the protocol has finished, an info-message is added to that chat.
+ * - If the given QR code starts the Verified-Group-Invite protocol,
+ *   the function waits until the protocol has finished.
+ *   This is because the verified group is not opportunistic
+ *   and can be created only when the contacts have verified each other.
+ *
+ * See https://countermitm.readthedocs.io/en/latest/new.html
+ * for details about both protocols.
 *
 * @memberof dc_context_t
 * @param context The context object
@@ -2143,6 +2215,9 @@ char*           dc_get_securejoin_qr         (dc_context_t* context, uint32_t ch
 *     to dc_check_qr().
 * @return Chat-id of the joined chat, the UI may redirect to the this chat.
 *     If the out-of-band verification failed or was aborted, 0 is returned.
+ *     A returned chat-id does not guarantee that the chat or the belonging contact is verified.
+ *     If needed, this be checked with dc_chat_is_verified() and dc_contact_is_verified(),
+ *     however, in practise, the UI will just listen to #DC_EVENT_CONTACTS_CHANGED unconditionally.
 */
 uint32_t        dc_join_securejoin           (dc_context_t* context, const char* qr);

@@ -2618,18 +2693,18 @@ dc_context_t*    dc_chatlist_get_context     (dc_chatlist_t* chatlist);


 /**
- * Get info summary for a chat, in json format. 
+ * Get info summary for a chat, in json format.
 *
- * The returned json string has the following key/values: 
+ * The returned json string has the following key/values:
 *
- * id: chat id 
- * name: chat/group name 
- * color: color of this chat 
- * last-message-from: who sent the last message 
- * last-message-text: message (truncated) 
+ * id: chat id
+ * name: chat/group name
+ * color: color of this chat
+ * last-message-from: who sent the last message
+ * last-message-text: message (truncated)
 * last-message-state: DC_STATE* constant
- * last-message-date: 
- * avatar-path: path-to-blobfile 
+ * last-message-date:
+ * avatar-path: path-to-blobfile
 * is_verified: yes/no

 * @return a utf8-encoded json string containing all requested info. Must be freed using dc_str_unref().  NULL is never returned.
@@ -2770,21 +2845,14 @@ uint32_t        dc_chat_get_color            (const dc_chat_t* chat);


 /**
- * Get archived state.
- *
- * - 0 = normal chat, not archived, not sticky.
- * - 1 = chat archived
- * - 2 = chat sticky (reserved for future use, if you do not support this value, just treat the chat as a normal one)
- *
- * To archive or unarchive chats, use dc_archive_chat().
- * If chats are archived, this should be shown in the UI by a little icon or text,
- * eg. the search will also return archived chats.
+ * Get visibility of chat.
+ * See @ref DC_CHAT_VISIBILITY for detailed information about the visibilities.
 *
 * @memberof dc_chat_t
 * @param chat The chat object.
- * @return Archived state.
+ * @return One of @ref DC_CHAT_VISIBILITY
 */
-int             dc_chat_get_archived         (const dc_chat_t* chat);
+int             dc_chat_get_visibility       (const dc_chat_t* chat);


 /**
@@ -2877,6 +2945,26 @@ int             dc_chat_is_verified          (const dc_chat_t* chat);
 int             dc_chat_is_sending_locations (const dc_chat_t* chat);


+/**
+ * Check whether the chat is currently muted
+ *
+ * @memberof dc_chat_t
+ * @param chat The chat object.
+ * @return 1=muted, 0=not muted
+ */
+int             dc_chat_is_muted (const dc_chat_t* chat);
+
+
+/**
+ * Get the exact state of the mute of a chat
+ *
+ * @memberof dc_chat_t
+ * @param chat The chat object.
+ * @return 0=not muted, -1=forever muted, (x>0)=remaining seconds until the mute is lifted
+ */
+int64_t          dc_chat_get_remaining_mute_duration (const dc_chat_t* chat);
+
+
 /**
 * @class dc_msg_t
 *
@@ -2989,15 +3077,15 @@ int             dc_msg_get_viewtype           (const dc_msg_t* msg);
 * Get the state of a message.
 *
 * Incoming message states:
- * - DC_STATE_IN_FRESH (10) - Incoming _fresh_ message. Fresh messages are not noticed nor seen and are typically shown in notifications. Use dc_get_fresh_msgs() to get all fresh messages.
- * - DC_STATE_IN_NOTICED (13) - Incoming _noticed_ message. Eg. chat opened but message not yet read - noticed messages are not counted as unread but did not marked as read nor resulted in MDNs. Use dc_marknoticed_chat() or dc_marknoticed_contact() to mark messages as being noticed.
- * - DC_STATE_IN_SEEN (16) - Incoming message, really _seen_ by the user. Marked as read on IMAP and MDN may be send. Use dc_markseen_msgs() to mark messages as being seen.
+ * - DC_STATE_IN_FRESH (10) - Incoming _fresh_ message. Fresh messages are neither noticed nor seen and are typically shown in notifications. Use dc_get_fresh_msgs() to get all fresh messages.
+ * - DC_STATE_IN_NOTICED (13) - Incoming _noticed_ message. E.g. chat opened but message not yet read - noticed messages are not counted as unread but did not marked as read nor resulted in MDNs. Use dc_marknoticed_chat() or dc_marknoticed_contact() to mark messages as being noticed.
+ * - DC_STATE_IN_SEEN (16) - Incoming message, really _seen_ by the user. Marked as read on IMAP and MDN may be sent. Use dc_markseen_msgs() to mark messages as being seen.
 *
 * Outgoing message states:
 * - DC_STATE_OUT_PREPARING (18) - For files which need time to be prepared before they can be sent,
 *   the message enters this state before DC_STATE_OUT_PENDING.
 * - DC_STATE_OUT_DRAFT (19) - Message saved as draft using dc_set_draft()
- * - DC_STATE_OUT_PENDING (20) - The user has send the "send" button but the
+ * - DC_STATE_OUT_PENDING (20) - The user has pressed the "send" button but the
 *   message is not yet sent and is pending in some way. Maybe we're offline (no checkmark).
 * - DC_STATE_OUT_FAILED (24) - _Unrecoverable_ error (_recoverable_ errors result in pending messages), you'll receive the event #DC_EVENT_MSG_FAILED.
 * - DC_STATE_OUT_DELIVERED (26) - Outgoing message successfully delivered to server (one checkmark). Note, that already delivered messages may get into the state DC_STATE_OUT_FAILED if we get such a hint from the server.
@@ -3665,30 +3753,19 @@ int             dc_contact_is_verified       (dc_contact_t* contact);
 */


-/**
- * Create a provider struct for the given domain.
- *
- * @memberof dc_provider_t
- * @param domain The domain to get provider info for.
- * @return a dc_provider_t struct which can be used with the dc_provider_get_*
- *     accessor functions.  If no provider info is found, NULL will be
- *     returned.
- */
-dc_provider_t*  dc_provider_new_from_domain           (const char* domain);
-
-
 /**
 * Create a provider struct for the given email address.
 *
 * The provider is extracted from the email address and it's information is returned.
 *
 * @memberof dc_provider_t
+ * @param context The context object as created by dc_context_new().
 * @param email The user's email address to extract the provider info form.
 * @return a dc_provider_t struct which can be used with the dc_provider_get_*
 *     accessor functions.  If no provider info is found, NULL will be
 *     returned.
 */
-dc_provider_t*  dc_provider_new_from_email            (const char* email);
+dc_provider_t*  dc_provider_new_from_email            (const dc_context_t* context, const char* email);


 /**
@@ -3698,53 +3775,35 @@ dc_provider_t*  dc_provider_new_from_email            (const char* email);
 *
 * @memberof dc_provider_t
 * @param provider The dc_provider_t struct.
- * @return A string which must be released using dc_str_unref().
+ * @return String with a fully-qualified URL,
+ *     if there is no such URL, an empty string is returned, NULL is never returned.
+ *     The returned value must be released using dc_str_unref().
 */
 char*           dc_provider_get_overview_page         (const dc_provider_t* provider);


 /**
- * The provider's name.
+ * Get hints to be shown to the user on the login screen.
+ * Depending on the @ref DC_PROVIDER_STATUS returned by dc_provider_get_status(),
+ * the ui may want to highlight the hint.
 *
- * The name of the provider, e.g. "POSTEO".
+ * Moreover, the ui should display a "More information" link
+ * that forwards to the url returned by dc_provider_get_overview_page().
 *
 * @memberof dc_provider_t
 * @param provider The dc_provider_t struct.
- * @return A string which must be released using dc_str_unref().
+ * @return A string with the hint to show to the user, may contain multiple lines,
+ *     if there is no such hint, an empty string is returned, NULL is never returned.
+ *     The returned value must be released using dc_str_unref().
 */
-char*           dc_provider_get_name                  (const dc_provider_t* provider);
-
-
-/**
- * The markdown content of the providers page.
- *
- * This contains the preparation steps or additional information if the status
- * is @ref DC_PROVIDER_STATUS_BROKEN.
- *
- * @memberof dc_provider_t
- * @param provider The dc_provider_t struct.
- * @return A string which must be released using dc_str_unref().
- */
-char*           dc_provider_get_markdown              (const dc_provider_t* provider);
-
-
-/**
- * Date of when the state was last checked/updated.
- *
- * This is returned as a string.
- *
- * @memberof dc_provider_t
- * @param provider The dc_provider_t struct.
- * @return A string which must be released using dc_str_unref().
- */
-char*           dc_provider_get_status_date           (const dc_provider_t* provider);
+char*           dc_provider_get_before_login_hint     (const dc_provider_t* provider);


 /**
 * Whether DC works with this provider.
 *
- * Can be one of @ref DC_PROVIDER_STATUS_OK, @ref
- * DC_PROVIDER_STATUS_PREPARATION and @ref DC_PROVIDER_STATUS_BROKEN.
+ * Can be one of #DC_PROVIDER_STATUS_OK,
+ * #DC_PROVIDER_STATUS_PREPARATION or #DC_PROVIDER_STATUS_BROKEN.
 *
 * @memberof dc_provider_t
 * @param provider The dc_provider_t struct.
@@ -3759,7 +3818,7 @@ int             dc_provider_get_status                (const dc_provider_t* prov
 * @memberof dc_provider_t
 * @param provider The dc_provider_t struct.
 */
-void            dc_provider_unref                     (const dc_provider_t* provider);
+void            dc_provider_unref                     (dc_provider_t* provider);


 /**
@@ -4167,30 +4226,30 @@ int64_t          dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define DC_EVENT_IMAP_MESSAGE_MOVED   105

 /**
- * Emitted when an IMAP folder was emptied. 
+ * Emitted when an IMAP folder was emptied.
 *
 * @param data1 0
- * @param data2 (const char*) folder name. 
+ * @param data2 (const char*) folder name.
 *     Must not be unref'd or modified and is valid only until the callback returns.
 * @return 0
 */
 #define DC_EVENT_IMAP_FOLDER_EMPTIED  106

 /**
- * Emitted when a new blob file was successfully written 
+ * Emitted when a new blob file was successfully written
 *
 * @param data1 0
- * @param data2 (const char*) path name 
+ * @param data2 (const char*) path name
 *     Must not be unref'd or modified and is valid only until the callback returns.
 * @return 0
 */
 #define DC_EVENT_NEW_BLOB_FILE 150

 /**
- * Emitted when a blob file was successfully deleted 
+ * Emitted when a blob file was successfully deleted
 *
 * @param data1 0
- * @param data2 (const char*) path name 
+ * @param data2 (const char*) path name
 *     Must not be unref'd or modified and is valid only until the callback returns.
 * @return 0
 */
@@ -4347,7 +4406,7 @@ int64_t          dc_lot_get_timestamp     (const dc_lot_t* lot);


 /**
- * Contact(s) created, renamed, blocked or deleted.
+ * Contact(s) created, renamed, verified, blocked or deleted.
 *
 * @param data1 (int) If not 0, this is the contact_id of an added contact that should be selected.
 * @param data2 0
@@ -4465,6 +4524,8 @@ int64_t          dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define DC_EVENT_RETURNS_STRING(e)   ((e)==DC_EVENT_GET_STRING) // not used anymore
 char*           dc_get_version_str           (void); // deprecated
 void            dc_array_add_id              (dc_array_t*, uint32_t); // deprecated
+#define dc_archive_chat(a,b,c)  dc_set_chat_visibility((a), (b), (c)? 1 : 0) // not used anymore
+#define dc_chat_get_archived(a) (dc_chat_get_visibility((a))==1? 1 : 0)      // not used anymore


 /*
@@ -4474,6 +4535,13 @@ void            dc_array_add_id              (dc_array_t*, uint32_t); // depreca
 #define DC_SHOW_EMAILS_ACCEPTED_CONTACTS 1
 #define DC_SHOW_EMAILS_ALL               2

+/*
+ * Values for dc_get|set_config("key_gen_type")
+ */
+#define DC_KEY_GEN_DEFAULT 0
+#define DC_KEY_GEN_RSA2048 1
+#define DC_KEY_GEN_ED25519 2
+

 /**
 * @defgroup DC_PROVIDER_STATUS DC_PROVIDER_STATUS
@@ -4485,23 +4553,43 @@ void            dc_array_add_id              (dc_array_t*, uint32_t); // depreca
 */

 /**
- * Provider status returned by dc_provider_get_status().
+ * Prover works out-of-the-box.
+ * This provider status is returned for provider where the login
+ * works by just entering the name or the email-address.
 *
- * Works right out of the box without any preperation steps needed
+ * - There is no need for the user to do any special things
+ *   (enable IMAP or so) in the provider's webinterface or at other places.
+ * - There is no need for the user to enter advanced settings;
+ *   server, port etc. are known by the core.
+ *
+ * The status is returned by dc_provider_get_status().
 */
 #define         DC_PROVIDER_STATUS_OK           1

 /**
- * Provider status returned by dc_provider_get_status().
+ * Provider works, but there are preparations needed.
 *
- * Works, but preparation steps are needed
+ * - The user has to do some special things as "Enable IMAP in the Webinterface",
+ *   what exactly, is described in the string returnd by dc_provider_get_before_login_hints()
+ *   and, typically more detailed, in the page linked by dc_provider_get_overview_page().
+ * - There is no need for the user to enter advanced settings;
+ *   server, port etc. should be known by the core.
+ *
+ * The status is returned by dc_provider_get_status().
 */
 #define         DC_PROVIDER_STATUS_PREPARATION  2

 /**
- * Provider status returned by dc_provider_get_status().
+ * Provider is not working.
+ * This provider status is returned for providers
+ * that are known to not work with Delta Chat.
+ * The ui should block logging in with this provider.
 *
- * Doesn't work (too unstable to use falls also in this category)
+ * More information about that is typically provided
+ * in the string returned by dc_provider_get_before_login_hints()
+ * and in the page linked by dc_provider_get_overview_page().
+ *
+ * The status is returned by dc_provider_get_status().
 */
 #define         DC_PROVIDER_STATUS_BROKEN       3

@@ -4510,6 +4598,48 @@ void            dc_array_add_id              (dc_array_t*, uint32_t); // depreca
 */


+/**
+ * @defgroup DC_CHAT_VISIBILITY DC_CHAT_VISIBILITY
+ *
+ * These constants describe the visibility of a chat.
+ * The chat visibiliry can be get using dc_chat_get_visibility()
+ * and set using dc_set_chat_visibility().
+ *
+ * @addtogroup DC_CHAT_VISIBILITY
+ * @{
+ */
+
+/**
+ * Chats with normal visibility are not archived and are shown below all pinned chats.
+ * Archived chats, that receive new messages automatically become normal chats.
+ */
+#define         DC_CHAT_VISIBILITY_NORMAL      0
+
+/**
+ * Archived chats are not included in the default chatlist returned by dc_get_chatlist().
+ * Instead, if there are _any_ archived chats, the pseudo-chat
+ * with the chat_id DC_CHAT_ID_ARCHIVED_LINK will be added the the end of the chatlist.
+ *
+ * The UI typically shows a little icon or chats beside archived chats in the chatlist,
+ * this is needed as eg. the search will also return archived chats.
+ *
+ * If archived chats receive new messages, they become normal chats again.
+ *
+ * To get a list of archived chats, use dc_get_chatlist() with the flag DC_GCL_ARCHIVED_ONLY.
+ */
+#define         DC_CHAT_VISIBILITY_ARCHIVED    1
+
+/**
+ * Pinned chats are included in the default chatlist. moreover,
+ * they are always the first items, whether they have fresh messages or not.
+ */
+#define         DC_CHAT_VISIBILITY_PINNED      2
+
+/**
+ * @}
+ */
+
+
 /*
 * TODO: Strings need some doumentation about used placeholders.
 *
--- a/deltachat-ffi/src/dc_array.rs
+++ b/deltachat-ffi/src/dc_array.rs
@@ -2,7 +2,6 @@ use crate::location::Location;

 /* * the structure behind dc_array_t */
 #[derive(Debug, Clone)]
-#[allow(non_camel_case_types)]
 pub enum dc_array_t {
    Locations(Vec<Location>),
    Uint(Vec<u32>),
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -4,7 +4,8 @@
    non_upper_case_globals,
    non_upper_case_globals,
    non_camel_case_types,
-    non_snake_case
+    clippy::missing_safety_doc,
+    clippy::expect_fun_call
 )]

 #[macro_use]
@@ -19,13 +20,16 @@ use std::fmt::Write;
 use std::ptr;
 use std::str::FromStr;
 use std::sync::RwLock;
+use std::time::{Duration, SystemTime};

 use libc::uintptr_t;
 use num_traits::{FromPrimitive, ToPrimitive};

+use deltachat::chat::{ChatId, ChatVisibility, MuteDuration};
 use deltachat::constants::DC_MSG_ID_LAST_SPECIAL;
 use deltachat::contact::Contact;
 use deltachat::context::Context;
+use deltachat::key::DcKey;
 use deltachat::message::MsgId;
 use deltachat::stock::StockMessage;
 use deltachat::*;
@@ -81,15 +85,12 @@ pub type dc_callback_t =
 pub type dc_context_t = ContextWrapper;

 impl ContextWrapper {
-    /// Log an error on the FFI context.
+    /// Log a warning on the FFI context.
    ///
-    /// As soon as a [ContextWrapper] exist it can be used to log an
-    /// error using the callback, even before [dc_context_open] is
-    /// called and an actual [Context] exists.
-    ///
-    /// This function makes it easy to log an error.
-    unsafe fn error(&self, msg: &str) {
-        self.translate_cb(Event::Error(msg.to_string()));
+    /// Like [error] but logs as a warning which only goes to the
+    /// logfile rather than being shown directly to the user.
+    unsafe fn warning(&self, msg: &str) {
+        self.translate_cb(Event::Warning(msg.to_string()));
    }

    /// Unlock the context and execute a closure with it.
@@ -107,89 +108,106 @@ impl ContextWrapper {
    /// the appropriate return value for an error return since this
    /// differs for various functions on the FFI API: sometimes 0,
    /// NULL, an empty string etc.
-    fn with_inner<T, F>(&self, ctxfn: F) -> Result<T, ()>
+    unsafe fn with_inner<T, F>(&self, ctxfn: F) -> Result<T, ()>
    where
        F: FnOnce(&Context) -> T,
+    {
+        self.try_inner(|ctx| Ok(ctxfn(ctx))).map_err(|err| {
+            self.warning(&err.to_string());
+        })
+    }
+
+    /// Unlock the context and execute a closure with it.
+    ///
+    /// This is like [ContextWrapper::with_inner] but uses
+    /// [failure::Error] as error type.  This allows you to write a
+    /// closure which could produce many errors, use the `?` operator
+    /// to return them and handle them all as the return of this call.
+    fn try_inner<T, F>(&self, ctxfn: F) -> Result<T, failure::Error>
+    where
+        F: FnOnce(&Context) -> Result<T, failure::Error>,
    {
        let guard = self.inner.read().unwrap();
        match guard.as_ref() {
-            Some(ref ctx) => Ok(ctxfn(ctx)),
-            None => {
-                unsafe { self.error("context not open") };
-                Err(())
-            }
+            Some(ref ctx) => ctxfn(ctx),
+            None => Err(failure::err_msg("context not open")),
        }
    }

    /// Translates the callback from the rust style to the C-style version.
-    unsafe fn translate_cb(&self, event: Event) -> uintptr_t {
-        match self.cb {
-            Some(ffi_cb) => {
-                let event_id = event.as_id();
-                match event {
-                    Event::Info(msg)
-                    | Event::SmtpConnected(msg)
-                    | Event::ImapConnected(msg)
-                    | Event::SmtpMessageSent(msg)
-                    | Event::ImapMessageDeleted(msg)
-                    | Event::ImapMessageMoved(msg)
-                    | Event::ImapFolderEmptied(msg)
-                    | Event::NewBlobFile(msg)
-                    | Event::DeletedBlobFile(msg)
-                    | Event::Warning(msg)
-                    | Event::Error(msg)
-                    | Event::ErrorNetwork(msg)
-                    | Event::ErrorSelfNotInGroup(msg) => {
-                        let data2 = CString::new(msg).unwrap_or_default();
-                        ffi_cb(self, event_id, 0, data2.as_ptr() as uintptr_t)
-                    }
-                    Event::MsgsChanged { chat_id, msg_id }
-                    | Event::IncomingMsg { chat_id, msg_id }
-                    | Event::MsgDelivered { chat_id, msg_id }
-                    | Event::MsgFailed { chat_id, msg_id }
-                    | Event::MsgRead { chat_id, msg_id } => ffi_cb(
+    unsafe fn translate_cb(&self, event: Event) {
+        if let Some(ffi_cb) = self.cb {
+            let event_id = event.as_id();
+            match event {
+                Event::Info(msg)
+                | Event::SmtpConnected(msg)
+                | Event::ImapConnected(msg)
+                | Event::SmtpMessageSent(msg)
+                | Event::ImapMessageDeleted(msg)
+                | Event::ImapMessageMoved(msg)
+                | Event::ImapFolderEmptied(msg)
+                | Event::NewBlobFile(msg)
+                | Event::DeletedBlobFile(msg)
+                | Event::Warning(msg)
+                | Event::Error(msg)
+                | Event::ErrorNetwork(msg)
+                | Event::ErrorSelfNotInGroup(msg) => {
+                    let data2 = CString::new(msg).unwrap_or_default();
+                    ffi_cb(self, event_id, 0, data2.as_ptr() as uintptr_t);
+                }
+                Event::MsgsChanged { chat_id, msg_id }
+                | Event::IncomingMsg { chat_id, msg_id }
+                | Event::MsgDelivered { chat_id, msg_id }
+                | Event::MsgFailed { chat_id, msg_id }
+                | Event::MsgRead { chat_id, msg_id } => {
+                    ffi_cb(
                        self,
                        event_id,
-                        chat_id as uintptr_t,
+                        chat_id.to_u32() as uintptr_t,
                        msg_id.to_u32() as uintptr_t,
-                    ),
-                    Event::ChatModified(chat_id) => ffi_cb(self, event_id, chat_id as uintptr_t, 0),
-                    Event::ContactsChanged(id) | Event::LocationChanged(id) => {
-                        let id = id.unwrap_or_default();
-                        ffi_cb(self, event_id, id as uintptr_t, 0)
-                    }
-                    Event::ConfigureProgress(progress) | Event::ImexProgress(progress) => {
-                        ffi_cb(self, event_id, progress as uintptr_t, 0)
-                    }
-                    Event::ImexFileWritten(file) => {
-                        let data1 = file.to_c_string().unwrap_or_default();
-                        ffi_cb(self, event_id, data1.as_ptr() as uintptr_t, 0)
-                    }
-                    Event::SecurejoinInviterProgress {
-                        contact_id,
-                        progress,
-                    }
-                    | Event::SecurejoinJoinerProgress {
-                        contact_id,
-                        progress,
-                    } => ffi_cb(
+                    );
+                }
+                Event::ChatModified(chat_id) => {
+                    ffi_cb(self, event_id, chat_id.to_u32() as uintptr_t, 0);
+                }
+                Event::ContactsChanged(id) | Event::LocationChanged(id) => {
+                    let id = id.unwrap_or_default();
+                    ffi_cb(self, event_id, id as uintptr_t, 0);
+                }
+                Event::ConfigureProgress(progress) | Event::ImexProgress(progress) => {
+                    ffi_cb(self, event_id, progress as uintptr_t, 0);
+                }
+                Event::ImexFileWritten(file) => {
+                    let data1 = file.to_c_string().unwrap_or_default();
+                    ffi_cb(self, event_id, data1.as_ptr() as uintptr_t, 0);
+                }
+                Event::SecurejoinInviterProgress {
+                    contact_id,
+                    progress,
+                }
+                | Event::SecurejoinJoinerProgress {
+                    contact_id,
+                    progress,
+                } => {
+                    ffi_cb(
                        self,
                        event_id,
                        contact_id as uintptr_t,
                        progress as uintptr_t,
-                    ),
-                    Event::SecurejoinMemberAdded {
-                        chat_id,
-                        contact_id,
-                    } => ffi_cb(
+                    );
+                }
+                Event::SecurejoinMemberAdded {
+                    chat_id,
+                    contact_id,
+                } => {
+                    ffi_cb(
                        self,
                        event_id,
-                        chat_id as uintptr_t,
+                        chat_id.to_u32() as uintptr_t,
                        contact_id as uintptr_t,
-                    ),
+                    );
                }
            }
-            None => 0,
        }
    }
 }
@@ -333,7 +351,7 @@ pub unsafe extern "C" fn dc_set_config(
            })
            .unwrap_or(0),
        Err(_) => {
-            ffi_context.error("dc_set_config(): invalid key");
+            ffi_context.warning("dc_set_config(): invalid key");
            0
        }
    }
@@ -354,7 +372,7 @@ pub unsafe extern "C" fn dc_get_config(
            .with_inner(|ctx| ctx.get_config(key).unwrap_or_default().strdup())
            .unwrap_or_else(|_| "".strdup()),
        Err(_) => {
-            ffi_context.error("dc_get_config(): invalid key");
+            ffi_context.warning("dc_get_config(): invalid key");
            "".strdup()
        }
    }
@@ -389,6 +407,28 @@ pub unsafe extern "C" fn dc_set_stock_translation(
        .unwrap_or(0)
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_set_config_from_qr(
+    context: *mut dc_context_t,
+    qr: *mut libc::c_char,
+) -> libc::c_int {
+    if context.is_null() || qr.is_null() {
+        eprintln!("ignoring careless call to dc_set_config_from_qr");
+        return 0;
+    }
+    let qr = to_string_lossy(qr);
+    let ffi_context = &*context;
+    ffi_context
+        .with_inner(|ctx| match qr::set_config_from_qr(ctx, &qr) {
+            Ok(()) => 1,
+            Err(err) => {
+                error!(ctx, "Failed to create account from QR code: {}", err);
+                0
+            }
+        })
+        .unwrap_or(0)
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_info(context: *mut dc_context_t) -> *mut libc::c_char {
    if context.is_null() {
@@ -409,7 +449,7 @@ fn render_info(
 ) -> std::result::Result<String, std::fmt::Error> {
    let mut res = String::new();
    for (key, value) in &info {
-        write!(&mut res, "{}={}\n", key, value)?;
+        writeln!(&mut res, "{}={}", key, value)?;
    }

    Ok(res)
@@ -448,9 +488,7 @@ pub unsafe extern "C" fn dc_configure(context: *mut dc_context_t) {
        return;
    }
    let ffi_context = &*context;
-    ffi_context
-        .with_inner(|ctx| configure::configure(ctx))
-        .unwrap_or(())
+    ffi_context.with_inner(|ctx| ctx.configure()).unwrap_or(())
 }

 #[no_mangle]
@@ -461,7 +499,7 @@ pub unsafe extern "C" fn dc_is_configured(context: *mut dc_context_t) -> libc::c
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| configure::dc_is_configured(ctx) as libc::c_int)
+        .with_inner(|ctx| ctx.is_configured() as libc::c_int)
        .unwrap_or(0)
 }

@@ -658,6 +696,35 @@ pub unsafe extern "C" fn dc_maybe_network(context: *mut dc_context_t) {
        .unwrap_or(())
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_preconfigure_keypair(
+    context: *mut dc_context_t,
+    addr: *const libc::c_char,
+    public_data: *const libc::c_char,
+    secret_data: *const libc::c_char,
+) -> i32 {
+    if context.is_null() {
+        eprintln!("ignoring careless call to dc_preconfigure_keypair()");
+        return 0;
+    }
+    let ffi_context = &*context;
+    ffi_context
+        .try_inner(|ctx| {
+            let addr = dc_tools::EmailAddress::new(&to_string_lossy(addr))?;
+            let public = key::SignedPublicKey::from_base64(&to_string_lossy(public_data))?;
+            let secret = key::SignedSecretKey::from_base64(&to_string_lossy(secret_data))?;
+            let keypair = key::KeyPair {
+                addr,
+                public,
+                secret,
+            };
+            key::store_self_keypair(ctx, &keypair, key::KeyPairUse::Default)?;
+            Ok(1)
+        })
+        .log_err(ffi_context, "Failed to save keypair")
+        .unwrap_or(0)
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_chatlist(
    context: *mut dc_context_t,
@@ -701,7 +768,9 @@ pub unsafe extern "C" fn dc_create_chat_by_msg_id(context: *mut dc_context_t, ms
    ffi_context
        .with_inner(|ctx| {
            chat::create_by_msg_id(ctx, MsgId::new(msg_id))
-                .unwrap_or_log_default(ctx, "Failed to create chat")
+                .log_err(ffi_context, "Failed to create chat from msg_id")
+                .map(|id| id.to_u32())
+                .unwrap_or(0)
        })
        .unwrap_or(0)
 }
@@ -719,7 +788,9 @@ pub unsafe extern "C" fn dc_create_chat_by_contact_id(
    ffi_context
        .with_inner(|ctx| {
            chat::create_by_contact_id(ctx, contact_id)
-                .unwrap_or_log_default(ctx, "Failed to create chat")
+                .log_err(ffi_context, "Failed to create chat from contact_id")
+                .map(|id| id.to_u32())
+                .unwrap_or(0)
        })
        .unwrap_or(0)
 }
@@ -735,7 +806,12 @@ pub unsafe extern "C" fn dc_get_chat_id_by_contact_id(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::get_by_contact_id(ctx, contact_id).unwrap_or(0))
+        .with_inner(|ctx| {
+            chat::get_by_contact_id(ctx, contact_id)
+                .log_err(ffi_context, "Failed to get chat for contact_id")
+                .map(|id| id.to_u32())
+                .unwrap_or(0)
+        })
        .unwrap_or(0)
 }

@@ -753,7 +829,7 @@ pub unsafe extern "C" fn dc_prepare_msg(
    let ffi_msg: &mut MessageWrapper = &mut *msg;
    ffi_context
        .with_inner(|ctx| {
-            chat::prepare_msg(ctx, chat_id, &mut ffi_msg.message)
+            chat::prepare_msg(ctx, ChatId::new(chat_id), &mut ffi_msg.message)
                .unwrap_or_log_default(ctx, "Failed to prepare message")
        })
        .map(|msg_id| msg_id.to_u32())
@@ -774,7 +850,7 @@ pub unsafe extern "C" fn dc_send_msg(
    let ffi_msg = &mut *msg;
    ffi_context
        .with_inner(|ctx| {
-            chat::send_msg(ctx, chat_id, &mut ffi_msg.message)
+            chat::send_msg(ctx, ChatId::new(chat_id), &mut ffi_msg.message)
                .unwrap_or_log_default(ctx, "Failed to send message")
        })
        .map(|msg_id| msg_id.to_u32())
@@ -795,7 +871,7 @@ pub unsafe extern "C" fn dc_send_text_msg(
    let text_to_send = to_string_lossy(text_to_send);
    ffi_context
        .with_inner(|ctx| {
-            chat::send_text_msg(ctx, chat_id, text_to_send)
+            chat::send_text_msg(ctx, ChatId::new(chat_id), text_to_send)
                .map(|msg_id| msg_id.to_u32())
                .unwrap_or_log_default(ctx, "Failed to send text message")
        })
@@ -820,7 +896,7 @@ pub unsafe extern "C" fn dc_set_draft(
        Some(&mut ffi_msg.message)
    };
    ffi_context
-        .with_inner(|ctx| chat::set_draft(ctx, chat_id, msg))
+        .with_inner(|ctx| ChatId::new(chat_id).set_draft(ctx, msg))
        .unwrap_or(())
 }

@@ -895,7 +971,7 @@ pub unsafe extern "C" fn dc_get_draft(context: *mut dc_context_t, chat_id: u32)
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| match chat::get_draft(ctx, chat_id) {
+        .with_inner(|ctx| match ChatId::new(chat_id).get_draft(ctx) {
            Ok(Some(draft)) => {
                let ffi_msg = MessageWrapper {
                    context,
@@ -932,7 +1008,7 @@ pub unsafe extern "C" fn dc_get_chat_msgs(
    ffi_context
        .with_inner(|ctx| {
            let arr = dc_array_t::from(
-                chat::get_chat_msgs(ctx, chat_id, flags, marker_flag)
+                chat::get_chat_msgs(ctx, ChatId::new(chat_id), flags, marker_flag)
                    .iter()
                    .map(|msg_id| msg_id.to_u32())
                    .collect::<Vec<u32>>(),
@@ -950,7 +1026,7 @@ pub unsafe extern "C" fn dc_get_msg_cnt(context: *mut dc_context_t, chat_id: u32
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::get_msg_cnt(ctx, chat_id) as libc::c_int)
+        .with_inner(|ctx| ChatId::new(chat_id).get_msg_cnt(ctx) as libc::c_int)
        .unwrap_or(0)
 }

@@ -965,7 +1041,7 @@ pub unsafe extern "C" fn dc_get_fresh_msg_cnt(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::get_fresh_msg_cnt(ctx, chat_id) as libc::c_int)
+        .with_inner(|ctx| ChatId::new(chat_id).get_fresh_msg_cnt(ctx) as libc::c_int)
        .unwrap_or(0)
 }

@@ -1000,7 +1076,9 @@ pub unsafe extern "C" fn dc_marknoticed_chat(context: *mut dc_context_t, chat_id
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::marknoticed_chat(ctx, chat_id).log_err(ctx, "Failed marknoticed chat")
+            chat::marknoticed_chat(ctx, ChatId::new(chat_id))
+                .log_err(ffi_context, "Failed marknoticed chat")
+                .unwrap_or(())
        })
        .unwrap_or(())
 }
@@ -1014,7 +1092,9 @@ pub unsafe extern "C" fn dc_marknoticed_all_chats(context: *mut dc_context_t) {
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::marknoticed_all_chats(ctx).log_err(ctx, "Failed marknoticed all chats")
+            chat::marknoticed_all_chats(ctx)
+                .log_err(ffi_context, "Failed marknoticed all chats")
+                .unwrap_or(())
        })
        .unwrap_or(())
 }
@@ -1048,10 +1128,16 @@ pub unsafe extern "C" fn dc_get_chat_media(
    ffi_context
        .with_inner(|ctx| {
            let arr = dc_array_t::from(
-                chat::get_chat_media(ctx, chat_id, msg_type, or_msg_type2, or_msg_type3)
-                    .iter()
-                    .map(|msg_id| msg_id.to_u32())
-                    .collect::<Vec<u32>>(),
+                chat::get_chat_media(
+                    ctx,
+                    ChatId::new(chat_id),
+                    msg_type,
+                    or_msg_type2,
+                    or_msg_type3,
+                )
+                .iter()
+                .map(|msg_id| msg_id.to_u32())
+                .collect::<Vec<u32>>(),
            );
            Box::into_raw(Box::new(arr))
        })
@@ -1100,25 +1186,34 @@ pub unsafe extern "C" fn dc_get_next_media(
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_archive_chat(
+pub unsafe extern "C" fn dc_set_chat_visibility(
    context: *mut dc_context_t,
    chat_id: u32,
    archive: libc::c_int,
 ) {
    if context.is_null() {
-        eprintln!("ignoring careless call to dc_archive_chat()");
+        eprintln!("ignoring careless call to dc_set_chat_visibility()");
        return;
    }
    let ffi_context = &*context;
-    let archive = if archive == 0 {
-        false
-    } else if archive == 1 {
-        true
-    } else {
-        return;
+    let visibility = match archive {
+        0 => ChatVisibility::Normal,
+        1 => ChatVisibility::Archived,
+        2 => ChatVisibility::Pinned,
+        _ => {
+            ffi_context.warning(
+                "ignoring careless call to dc_set_chat_visibility(): unknown archived state",
+            );
+            return;
+        }
    };
    ffi_context
-        .with_inner(|ctx| chat::archive(ctx, chat_id, archive).log_err(ctx, "Failed archive chat"))
+        .with_inner(|ctx| {
+            ChatId::new(chat_id)
+                .set_visibility(ctx, visibility)
+                .log_err(ffi_context, "Failed setting chat visibility")
+                .unwrap_or(())
+        })
        .unwrap_or(())
 }

@@ -1130,7 +1225,12 @@ pub unsafe extern "C" fn dc_delete_chat(context: *mut dc_context_t, chat_id: u32
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::delete(ctx, chat_id).log_err(ctx, "Failed chat delete"))
+        .with_inner(|ctx| {
+            ChatId::new(chat_id)
+                .delete(ctx)
+                .log_err(ffi_context, "Failed chat delete")
+                .unwrap_or(())
+        })
        .unwrap_or(())
 }

@@ -1146,7 +1246,7 @@ pub unsafe extern "C" fn dc_get_chat_contacts(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            let arr = dc_array_t::from(chat::get_chat_contacts(ctx, chat_id));
+            let arr = dc_array_t::from(chat::get_chat_contacts(ctx, ChatId::new(chat_id)));
            Box::into_raw(Box::new(arr))
        })
        .unwrap_or_else(|_| ptr::null_mut())
@@ -1166,7 +1266,7 @@ pub unsafe extern "C" fn dc_search_msgs(
    ffi_context
        .with_inner(|ctx| {
            let arr = dc_array_t::from(
-                ctx.search_msgs(chat_id, to_string_lossy(query))
+                ctx.search_msgs(ChatId::new(chat_id), to_string_lossy(query))
                    .iter()
                    .map(|msg_id| msg_id.to_u32())
                    .collect::<Vec<u32>>(),
@@ -1184,13 +1284,15 @@ pub unsafe extern "C" fn dc_get_chat(context: *mut dc_context_t, chat_id: u32) -
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| match chat::Chat::load_from_db(ctx, chat_id) {
-            Ok(chat) => {
-                let ffi_chat = ChatWrapper { context, chat };
-                Box::into_raw(Box::new(ffi_chat))
-            }
-            Err(_) => ptr::null_mut(),
-        })
+        .with_inner(
+            |ctx| match chat::Chat::load_from_db(ctx, ChatId::new(chat_id)) {
+                Ok(chat) => {
+                    let ffi_chat = ChatWrapper { context, chat };
+                    Box::into_raw(Box::new(ffi_chat))
+                }
+                Err(_) => ptr::null_mut(),
+            },
+        )
        .unwrap_or_else(|_| ptr::null_mut())
 }

@@ -1213,7 +1315,9 @@ pub unsafe extern "C" fn dc_create_group_chat(
    ffi_context
        .with_inner(|ctx| {
            chat::create_group_chat(ctx, verified, to_string_lossy(name))
-                .unwrap_or_log_default(ctx, "Failed to create group chat")
+                .log_err(ffi_context, "Failed to create group chat")
+                .map(|id| id.to_u32())
+                .unwrap_or(0)
        })
        .unwrap_or(0)
 }
@@ -1230,7 +1334,7 @@ pub unsafe extern "C" fn dc_is_contact_in_chat(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::is_contact_in_chat(ctx, chat_id, contact_id))
+        .with_inner(|ctx| chat::is_contact_in_chat(ctx, ChatId::new(chat_id), contact_id))
        .unwrap_or_default()
        .into()
 }
@@ -1247,7 +1351,9 @@ pub unsafe extern "C" fn dc_add_contact_to_chat(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| chat::add_contact_to_chat(ctx, chat_id, contact_id) as libc::c_int)
+        .with_inner(|ctx| {
+            chat::add_contact_to_chat(ctx, ChatId::new(chat_id), contact_id) as libc::c_int
+        })
        .unwrap_or(0)
 }

@@ -1264,7 +1370,7 @@ pub unsafe extern "C" fn dc_remove_contact_from_chat(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::remove_contact_from_chat(ctx, chat_id, contact_id)
+            chat::remove_contact_from_chat(ctx, ChatId::new(chat_id), contact_id)
                .map(|_| 1)
                .unwrap_or_log_default(ctx, "Failed to remove contact")
        })
@@ -1284,7 +1390,7 @@ pub unsafe extern "C" fn dc_set_chat_name(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::set_chat_name(ctx, chat_id, to_string_lossy(name))
+            chat::set_chat_name(ctx, ChatId::new(chat_id), to_string_lossy(name))
                .map(|_| 1)
                .unwrap_or_log_default(ctx, "Failed to set chat name")
        })
@@ -1304,13 +1410,44 @@ pub unsafe extern "C" fn dc_set_chat_profile_image(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::set_chat_profile_image(ctx, chat_id, to_string_lossy(image))
+            chat::set_chat_profile_image(ctx, ChatId::new(chat_id), to_string_lossy(image))
                .map(|_| 1)
                .unwrap_or_log_default(ctx, "Failed to set profile image")
        })
        .unwrap_or(0)
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_set_chat_mute_duration(
+    context: *mut dc_context_t,
+    chat_id: u32,
+    duration: i64,
+) -> libc::c_int {
+    if context.is_null() {
+        eprintln!("ignoring careless call to dc_set_chat_mute_duration()");
+        return 0;
+    }
+    let ffi_context = &*context;
+    let muteDuration = match duration {
+        0 => MuteDuration::NotMuted,
+        -1 => MuteDuration::Forever,
+        n if n > 0 => MuteDuration::Until(SystemTime::now() + Duration::from_secs(duration as u64)),
+        _ => {
+            ffi_context.warning(
+                "dc_chat_set_mute_duration(): Can not use negative duration other than -1",
+            );
+            return 0;
+        }
+    };
+    ffi_context
+        .with_inner(|ctx| {
+            chat::set_muted(ctx, ChatId::new(chat_id), muteDuration)
+                .map(|_| 1)
+                .unwrap_or_log_default(ctx, "Failed to set mute duration")
+        })
+        .unwrap_or(0)
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_msg_info(
    context: *mut dc_context_t,
@@ -1340,7 +1477,7 @@ pub unsafe extern "C" fn dc_get_mime_headers(
        .with_inner(|ctx| {
            message::get_mime_headers(ctx, MsgId::new(msg_id))
                .map(|s| s.strdup())
-                .unwrap_or_else(|| ptr::null_mut())
+                .unwrap_or_else(ptr::null_mut)
        })
        .unwrap_or_else(|_| ptr::null_mut())
 }
@@ -1393,7 +1530,7 @@ pub unsafe extern "C" fn dc_forward_msgs(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            chat::forward_msgs(ctx, &msg_ids[..], chat_id)
+            chat::forward_msgs(ctx, &msg_ids[..], ChatId::new(chat_id))
                .unwrap_or_log_default(ctx, "Failed to forward message")
        })
        .unwrap_or_default()
@@ -1713,7 +1850,9 @@ pub unsafe extern "C" fn dc_imex_has_backup(
        .with_inner(|ctx| match imex::has_backup(ctx, to_string_lossy(dir)) {
            Ok(res) => res.strdup(),
            Err(err) => {
-                error!(ctx, "dc_imex_has_backup: {}", err);
+                // do not bubble up error to the user,
+                // the ui will expect that the file does not exist or cannot be accessed
+                warn!(ctx, "dc_imex_has_backup: {}", err);
                ptr::null_mut()
            }
        })
@@ -1806,8 +1945,8 @@ pub unsafe extern "C" fn dc_get_securejoin_qr(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            securejoin::dc_get_securejoin_qr(ctx, chat_id)
-                .unwrap_or("".to_string())
+            securejoin::dc_get_securejoin_qr(ctx, ChatId::new(chat_id))
+                .unwrap_or_else(|| "".to_string())
                .strdup()
        })
        .unwrap_or_else(|_| "".strdup())
@@ -1824,7 +1963,7 @@ pub unsafe extern "C" fn dc_join_securejoin(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| securejoin::dc_join_securejoin(ctx, &to_string_lossy(qr)))
+        .with_inner(|ctx| securejoin::dc_join_securejoin(ctx, &to_string_lossy(qr)).to_u32())
        .unwrap_or(0)
 }

@@ -1840,7 +1979,9 @@ pub unsafe extern "C" fn dc_send_locations_to_chat(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| location::send_locations_to_chat(ctx, chat_id, seconds as i64))
+        .with_inner(|ctx| {
+            location::send_locations_to_chat(ctx, ChatId::new(chat_id), seconds as i64)
+        })
        .ok();
 }

@@ -1855,7 +1996,9 @@ pub unsafe extern "C" fn dc_is_sending_locations_to_chat(
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| location::is_sending_locations_to_chat(ctx, chat_id) as libc::c_int)
+        .with_inner(|ctx| {
+            location::is_sending_locations_to_chat(ctx, ChatId::new(chat_id)) as libc::c_int
+        })
        .unwrap_or(0)
 }

@@ -1893,7 +2036,7 @@ pub unsafe extern "C" fn dc_get_locations(
        .with_inner(|ctx| {
            let res = location::get_range(
                ctx,
-                chat_id,
+                ChatId::new(chat_id),
                contact_id,
                timestamp_begin as i64,
                timestamp_end as i64,
@@ -1911,7 +2054,9 @@ pub unsafe extern "C" fn dc_delete_all_locations(context: *mut dc_context_t) {
    }
    let ffi_context = &*context;
    ffi_context
-        .with_inner(|ctx| location::delete_all(ctx).log_err(ctx, "Failed to delete locations"))
+        .with_inner(|ctx| {
+            location::delete_all(ctx).log_err(ffi_context, "Failed to delete locations")
+        })
        .ok();
 }

@@ -2015,8 +2160,7 @@ pub unsafe extern "C" fn dc_array_get_chat_id(
        eprintln!("ignoring careless call to dc_array_get_chat_id()");
        return 0;
    }
-
-    (*array).get_location(index).chat_id
+    (*array).get_location(index).chat_id.to_u32()
 }
 #[no_mangle]
 pub unsafe extern "C" fn dc_array_get_contact_id(
@@ -2153,7 +2297,7 @@ pub unsafe extern "C" fn dc_chatlist_get_chat_id(
        return 0;
    }
    let ffi_list = &*chatlist;
-    ffi_list.list.get_chat_id(index as usize)
+    ffi_list.list.get_chat_id(index as usize).to_u32()
 }

 #[no_mangle]
@@ -2245,7 +2389,7 @@ pub unsafe extern "C" fn dc_chat_get_id(chat: *mut dc_chat_t) -> u32 {
        return 0;
    }
    let ffi_chat = &*chat;
-    ffi_chat.chat.get_id()
+    ffi_chat.chat.get_id().to_u32()
 }

 #[no_mangle]
@@ -2311,13 +2455,17 @@ pub unsafe extern "C" fn dc_chat_get_color(chat: *mut dc_chat_t) -> u32 {
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_chat_get_archived(chat: *mut dc_chat_t) -> libc::c_int {
+pub unsafe extern "C" fn dc_chat_get_visibility(chat: *mut dc_chat_t) -> libc::c_int {
    if chat.is_null() {
-        eprintln!("ignoring careless call to dc_chat_get_archived()");
+        eprintln!("ignoring careless call to dc_chat_get_visibility()");
        return 0;
    }
    let ffi_chat = &*chat;
-    ffi_chat.chat.is_archived() as libc::c_int
+    match ffi_chat.chat.visibility {
+        ChatVisibility::Normal => 0,
+        ChatVisibility::Archived => 1,
+        ChatVisibility::Pinned => 2,
+    }
 }

 #[no_mangle]
@@ -2380,6 +2528,37 @@ pub unsafe extern "C" fn dc_chat_is_sending_locations(chat: *mut dc_chat_t) -> l
    ffi_chat.chat.is_sending_locations() as libc::c_int
 }

+#[no_mangle]
+pub unsafe extern "C" fn dc_chat_is_muted(chat: *mut dc_chat_t) -> libc::c_int {
+    if chat.is_null() {
+        eprintln!("ignoring careless call to dc_chat_is_muted()");
+        return 0;
+    }
+    let ffi_chat = &*chat;
+    ffi_chat.chat.is_muted() as libc::c_int
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_chat_get_remaining_mute_duration(chat: *mut dc_chat_t) -> i64 {
+    if chat.is_null() {
+        eprintln!("ignoring careless call to dc_chat_get_remaining_mute_duration()");
+        return 0;
+    }
+    let ffi_chat = &*chat;
+    if !ffi_chat.chat.is_muted() {
+        return 0;
+    }
+    // If the chat was muted to before the epoch, it is not muted.
+    match ffi_chat.chat.mute_duration {
+        MuteDuration::NotMuted => 0,
+        MuteDuration::Forever => -1,
+        MuteDuration::Until(when) => when
+            .duration_since(SystemTime::UNIX_EPOCH)
+            .map(|d| d.as_secs() as i64)
+            .unwrap_or(0),
+    }
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_chat_get_info_json(
    context: *mut dc_context_t,
@@ -2392,7 +2571,7 @@ pub unsafe extern "C" fn dc_chat_get_info_json(
    let ffi_context = &*context;
    ffi_context
        .with_inner(|ctx| {
-            let chat = match chat::Chat::load_from_db(ctx, chat_id) {
+            let chat = match chat::Chat::load_from_db(ctx, ChatId::new(chat_id)) {
                Ok(chat) => chat,
                Err(err) => {
                    error!(ctx, "dc_get_chat_info_json() failed to load chat: {}", err);
@@ -2488,7 +2667,7 @@ pub unsafe extern "C" fn dc_msg_get_chat_id(msg: *mut dc_msg_t) -> u32 {
        return 0;
    }
    let ffi_msg = &*msg;
-    ffi_msg.message.get_chat_id()
+    ffi_msg.message.get_chat_id().to_u32()
 }

 #[no_mangle]
@@ -2595,7 +2774,7 @@ pub unsafe extern "C" fn dc_msg_get_filemime(msg: *mut dc_msg_t) -> *mut libc::c
    if let Some(x) = ffi_msg.message.get_filemime() {
        x.strdup()
    } else {
-        return dc_strdup(ptr::null());
+        dc_strdup(ptr::null())
    }
 }

@@ -2987,7 +3166,7 @@ pub unsafe extern "C" fn dc_contact_get_profile_image(
                .contact
                .get_profile_image(ctx)
                .map(|p| p.to_string_lossy().strdup())
-                .unwrap_or_else(|| std::ptr::null_mut())
+                .unwrap_or_else(std::ptr::null_mut)
        })
        .unwrap_or_else(|_| ptr::null_mut())
 }
@@ -3048,7 +3227,7 @@ pub unsafe extern "C" fn dc_lot_get_text1(lot: *mut dc_lot_t) -> *mut libc::c_ch
    }

    let lot = &*lot;
-    strdup_opt(lot.get_text1())
+    lot.get_text1().strdup()
 }

 #[no_mangle]
@@ -3059,7 +3238,7 @@ pub unsafe extern "C" fn dc_lot_get_text2(lot: *mut dc_lot_t) -> *mut libc::c_ch
    }

    let lot = &*lot;
-    strdup_opt(lot.get_text2())
+    lot.get_text2().strdup()
 }

 #[no_mangle]
@@ -3111,14 +3290,19 @@ pub unsafe extern "C" fn dc_str_unref(s: *mut libc::c_char) {
    libc::free(s as *mut _)
 }

-pub mod providers;
-
-pub trait ResultExt<T> {
+trait ResultExt<T, E> {
    fn unwrap_or_log_default(self, context: &context::Context, message: &str) -> T;
-    fn log_err(&self, context: &context::Context, message: &str);
+
+    /// Log a warning to a [ContextWrapper] for an [Err] result.
+    ///
+    /// Does nothing for an [Ok].
+    ///
+    /// You can do this as soon as the wrapper exists, it does not
+    /// have to be open (which is required for the `warn!()` macro).
+    fn log_err(self, wrapper: &ContextWrapper, message: &str) -> Result<T, E>;
 }

-impl<T: Default, E: std::fmt::Display> ResultExt<T> for Result<T, E> {
+impl<T: Default, E: std::fmt::Display> ResultExt<T, E> for Result<T, E> {
    fn unwrap_or_log_default(self, context: &context::Context, message: &str) -> T {
        match self {
            Ok(t) => t,
@@ -3129,21 +3313,17 @@ impl<T: Default, E: std::fmt::Display> ResultExt<T> for Result<T, E> {
        }
    }

-    fn log_err(&self, context: &context::Context, message: &str) {
-        if let Err(err) = self {
-            error!(context, "{}: {}", message, err);
-        }
+    fn log_err(self, wrapper: &ContextWrapper, message: &str) -> Result<T, E> {
+        self.map_err(|err| {
+            unsafe {
+                wrapper.warning(&format!("{}: {}", message, err));
+            }
+            err
+        })
    }
 }

-unsafe fn strdup_opt(s: Option<impl AsRef<str>>) -> *mut libc::c_char {
-    match s {
-        Some(s) => s.as_ref().strdup(),
-        None => ptr::null_mut(),
-    }
-}
-
-pub trait ResultNullableExt<T> {
+trait ResultNullableExt<T> {
    fn into_raw(self) -> *mut T;
 }

@@ -3166,3 +3346,68 @@ fn convert_and_prune_message_ids(msg_ids: *const u32, msg_cnt: libc::c_int) -> V

    msg_ids
 }
+
+// dc_provider_t
+
+#[no_mangle]
+pub type dc_provider_t = provider::Provider;
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_provider_new_from_email(
+    context: *const dc_context_t,
+    addr: *const libc::c_char,
+) -> *const dc_provider_t {
+    if context.is_null() || addr.is_null() {
+        eprintln!("ignoring careless call to dc_provider_new_from_email()");
+        return ptr::null();
+    }
+    let addr = to_string_lossy(addr);
+    match provider::get_provider_info(addr.as_str()) {
+        Some(provider) => provider,
+        None => ptr::null_mut(),
+    }
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_provider_get_overview_page(
+    provider: *const dc_provider_t,
+) -> *mut libc::c_char {
+    if provider.is_null() {
+        eprintln!("ignoring careless call to dc_provider_get_overview_page()");
+        return "".strdup();
+    }
+    let provider = &*provider;
+    provider.overview_page.strdup()
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_provider_get_before_login_hint(
+    provider: *const dc_provider_t,
+) -> *mut libc::c_char {
+    if provider.is_null() {
+        eprintln!("ignoring careless call to dc_provider_get_before_login_hint()");
+        return "".strdup();
+    }
+    let provider = &*provider;
+    provider.before_login_hint.strdup()
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_provider_get_status(provider: *const dc_provider_t) -> libc::c_int {
+    if provider.is_null() {
+        eprintln!("ignoring careless call to dc_provider_get_status()");
+        return 0;
+    }
+    let provider = &*provider;
+    provider.status as libc::c_int
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_provider_unref(provider: *mut dc_provider_t) {
+    if provider.is_null() {
+        eprintln!("ignoring careless call to dc_provider_unref()");
+        return;
+    }
+    // currently, there is nothing to free, the provider info is a static object.
+    // this may change once we start localizing string.
+}
--- a/deltachat-ffi/src/providers.rs
+++ b/deltachat-ffi/src/providers.rs
@@ -1,93 +0,0 @@
-extern crate deltachat_provider_database;
-
-use std::ptr;
-
-use crate::string::{to_string_lossy, StrExt};
-use deltachat_provider_database::StatusState;
-
-#[no_mangle]
-pub type dc_provider_t = deltachat_provider_database::Provider;
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_new_from_domain(
-    domain: *const libc::c_char,
-) -> *const dc_provider_t {
-    match deltachat_provider_database::get_provider_info(&to_string_lossy(domain)) {
-        Some(provider) => provider,
-        None => ptr::null(),
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_new_from_email(
-    email: *const libc::c_char,
-) -> *const dc_provider_t {
-    let email = to_string_lossy(email);
-    let domain = deltachat_provider_database::get_domain_from_email(&email);
-    match deltachat_provider_database::get_provider_info(domain) {
-        Some(provider) => provider,
-        None => ptr::null(),
-    }
-}
-
-macro_rules! null_guard {
-    ($context:tt) => {
-        if $context.is_null() {
-            return ptr::null_mut() as *mut libc::c_char;
-        }
-    };
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_get_overview_page(
-    provider: *const dc_provider_t,
-) -> *mut libc::c_char {
-    null_guard!(provider);
-    format!(
-        "{}/{}",
-        deltachat_provider_database::PROVIDER_OVERVIEW_URL,
-        (*provider).overview_page
-    )
-    .strdup()
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_get_name(provider: *const dc_provider_t) -> *mut libc::c_char {
-    null_guard!(provider);
-    (*provider).name.strdup()
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_get_markdown(
-    provider: *const dc_provider_t,
-) -> *mut libc::c_char {
-    null_guard!(provider);
-    (*provider).markdown.strdup()
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_get_status_date(
-    provider: *const dc_provider_t,
-) -> *mut libc::c_char {
-    null_guard!(provider);
-    (*provider).status.date.strdup()
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_get_status(provider: *const dc_provider_t) -> u32 {
-    if provider.is_null() {
-        return 0;
-    }
-    match (*provider).status.state {
-        StatusState::OK => 1,
-        StatusState::PREPARATION => 2,
-        StatusState::BROKEN => 3,
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_provider_unref(_provider: *const dc_provider_t) {
-    ()
-}
-
-// TODO expose general provider overview url?
--- a/deltachat-ffi/src/string.rs
+++ b/deltachat-ffi/src/string.rs
@@ -1,5 +1,6 @@
 use failure::Fail;
 use std::ffi::{CStr, CString};
+use std::ptr;

 /// Duplicates a string
 ///
@@ -144,7 +145,7 @@ pub trait CStringExt {

 impl CStringExt for CString {}

-/// Convenience methods to make transitioning from raw C strings easier.
+/// Convenience methods to turn strings into C strings.
 ///
 /// To interact with (legacy) C APIs we often need to convert from
 /// Rust strings to raw C strings.  This can be clumsy to do correctly
@@ -174,6 +175,35 @@ impl<T: AsRef<str>> StrExt for T {
    }
 }

+/// Convenience methods to turn optional strings into C strings.
+///
+/// This is the same as the [StrExt] trait but a different trait name
+/// to work around the type system not allowing to implement [StrExt]
+/// for `Option<impl StrExt>` When we already have an [StrExt] impl
+/// for `AsRef<&str>`.
+///
+/// When the [Option] is [Option::Some] this behaves just like
+/// [StrExt::strdup], when it is [Option::None] a null pointer is
+/// returned.
+pub trait OptStrExt {
+    /// Allocate a new raw C `*char` version of this string, or NULL.
+    ///
+    /// See [StrExt::strdup] for details.
+    unsafe fn strdup(&self) -> *mut libc::c_char;
+}
+
+impl<T: AsRef<str>> OptStrExt for Option<T> {
+    unsafe fn strdup(&self) -> *mut libc::c_char {
+        match self {
+            Some(s) => {
+                let tmp = CString::yolo(s.as_ref());
+                dc_strdup(tmp.as_ptr())
+            }
+            None => ptr::null_mut(),
+        }
+    }
+}
+
 pub fn to_string_lossy(s: *const libc::c_char) -> String {
    if s.is_null() {
        return "".into();
@@ -347,4 +377,19 @@ mod tests {
            assert_eq!(cmp, 0);
        }
    }
+
+    #[test]
+    fn test_strdup_opt_string() {
+        unsafe {
+            let s = Some("hello");
+            let c = s.strdup();
+            let cmp = strcmp(c, b"hello\x00" as *const u8 as *const libc::c_char);
+            free(c as *mut libc::c_void);
+            assert_eq!(cmp, 0);
+
+            let s: Option<&str> = None;
+            let c = s.strdup();
+            assert_eq!(c, ptr::null_mut());
+        }
+    }
 }
--- a/deltachat_derive/Cargo.toml
+++ b/deltachat_derive/Cargo.toml
@@ -1,12 +1,13 @@
 [package]
 name = "deltachat_derive"
-version = "0.1.0"
-authors = ["Dmitry Bogatov <KAction@debian.org>"]
+version = "2.0.0"
+authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
+license = "MPL-2.0"

 [lib]
 proc-macro = true

 [dependencies]
-syn = "0.14.4"
-quote = "0.6.3"
+syn = "1.0.13"
+quote = "1.0.2"
--- a/examples/repl/cmdline.rs
+++ b/examples/repl/cmdline.rs
@@ -1,9 +1,8 @@
 use std::path::Path;
 use std::str::FromStr;

-use deltachat::chat::{self, Chat};
+use deltachat::chat::{self, Chat, ChatId, ChatVisibility};
 use deltachat::chatlist::*;
-use deltachat::config;
 use deltachat::constants::*;
 use deltachat::contact::*;
 use deltachat::context::*;
@@ -19,15 +18,16 @@ use deltachat::peerstate::*;
 use deltachat::qr::*;
 use deltachat::sql;
 use deltachat::Event;
+use deltachat::{config, provider};

-/// Reset database tables. This function is called from Core cmdline.
+/// Reset database tables.
 /// Argument is a bitmask, executing single or multiple actions in one call.
 /// e.g. bitmask 7 triggers actions definded with bits 1, 2 and 4.
-pub fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
-    info!(context, "Resetting tables ({})...", bits);
+fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
+    println!("Resetting tables ({})...", bits);
    if 0 != bits & 1 {
        sql::execute(context, &context.sql, "DELETE FROM jobs;", params![]).unwrap();
-        info!(context, "(1) Jobs reset.");
+        println!("(1) Jobs reset.");
    }
    if 0 != bits & 2 {
        sql::execute(
@@ -37,11 +37,11 @@ pub fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
            params![],
        )
        .unwrap();
-        info!(context, "(2) Peerstates reset.");
+        println!("(2) Peerstates reset.");
    }
    if 0 != bits & 4 {
        sql::execute(context, &context.sql, "DELETE FROM keypairs;", params![]).unwrap();
-        info!(context, "(4) Private keypairs reset.");
+        println!("(4) Private keypairs reset.");
    }
    if 0 != bits & 8 {
        sql::execute(
@@ -80,11 +80,11 @@ pub fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
        )
        .unwrap();
        sql::execute(context, &context.sql, "DELETE FROM leftgrps;", params![]).unwrap();
-        info!(context, "(8) Rest but server config reset.");
+        println!("(8) Rest but server config reset.");
    }

    context.call_cb(Event::MsgsChanged {
-        chat_id: 0,
+        chat_id: ChatId::new(0),
        msg_id: MsgId::new(0),
    });

@@ -94,7 +94,7 @@ pub fn dc_reset_tables(context: &Context, bits: i32) -> i32 {
 fn dc_poke_eml_file(context: &Context, filename: impl AsRef<Path>) -> Result<(), Error> {
    let data = dc_read_file(context, filename)?;

-    if let Err(err) = dc_receive_imf(context, &data, "import", 0, 0) {
+    if let Err(err) = dc_receive_imf(context, &data, "import", 0, false) {
        println!("dc_receive_imf errored: {:?}", err);
    }
    Ok(())
@@ -155,7 +155,7 @@ fn poke_spec(context: &Context, spec: Option<&str>) -> libc::c_int {
                let name = name_f.to_string_lossy();
                if name.ends_with(".eml") {
                    let path_plus_name = format!("{}/{}", &real_spec, name);
-                    info!(context, "Import: {}", path_plus_name);
+                    println!("Import: {}", path_plus_name);
                    if dc_poke_eml_file(context, path_plus_name).is_ok() {
                        read_cnt += 1
                    }
@@ -163,13 +163,10 @@ fn poke_spec(context: &Context, spec: Option<&str>) -> libc::c_int {
            }
        }
    }
-    info!(
-        context,
-        "Import: {} items read from \"{}\".", read_cnt, &real_spec
-    );
+    println!("Import: {} items read from \"{}\".", read_cnt, &real_spec);
    if read_cnt > 0 {
        context.call_cb(Event::MsgsChanged {
-            chat_id: 0,
+            chat_id: ChatId::new(0),
            msg_id: MsgId::new(0),
        });
    }
@@ -190,8 +187,7 @@ fn log_msg(context: &Context, prefix: impl AsRef<str>, msg: &Message) {
    };
    let temp2 = dc_timestamp_to_str(msg.get_timestamp());
    let msgtext = msg.get_text();
-    info!(
-        context,
+    println!(
        "{}{}{}{}: {} (Contact#{}): {} {}{}{}{}{} [{}]",
        prefix.as_ref(),
        msg.get_id(),
@@ -225,16 +221,14 @@ fn log_msglist(context: &Context, msglist: &Vec<MsgId>) -> Result<(), Error> {
    let mut lines_out = 0;
    for &msg_id in msglist {
        if msg_id.is_daymarker() {
-            info!(
-                context,
+            println!(
                "--------------------------------------------------------------------------------"
            );

            lines_out += 1
        } else if !msg_id.is_special() {
            if lines_out == 0 {
-                info!(
-                    context,
+                println!(
                    "--------------------------------------------------------------------------------",
                );
                lines_out += 1
@@ -244,8 +238,7 @@ fn log_msglist(context: &Context, msglist: &Vec<MsgId>) -> Result<(), Error> {
        }
    }
    if lines_out > 0 {
-        info!(
-            context,
+        println!(
            "--------------------------------------------------------------------------------"
        );
    }
@@ -295,7 +288,7 @@ fn log_contactlist(context: &Context, contacts: &Vec<u32>) {
                );
            }

-            info!(context, "Contact#{}: {}{}", contact_id, line, line2);
+            println!("Contact#{}: {}{}", contact_id, line, line2);
        }
    }
 }
@@ -306,7 +299,7 @@ fn chat_prefix(chat: &Chat) -> &'static str {

 pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
    let chat_id = *context.cmdline_sel_chat_id.read().unwrap();
-    let mut sel_chat = if chat_id > 0 {
+    let mut sel_chat = if !chat_id.is_unset() {
        Chat::load_from_db(context, chat_id).ok()
    } else {
        None
@@ -378,6 +371,8 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                 listmedia\n\
                 archive <chat-id>\n\
                 unarchive <chat-id>\n\
+                 pin <chat-id>\n\
+                 unpin <chat-id>\n\
                 delchat <chat-id>\n\
                 ===========================Message commands==\n\
                 listmsgs <query>\n\
@@ -399,6 +394,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                 getqr [<chat-id>]\n\
                 getbadqr\n\
                 checkqr <qr-content>\n\
+                 providerinfo <addr>\n\
                 event <event-id to test>\n\
                 fileinfo <file>\n\
                 emptyserver <flags> (1=MVBOX 2=INBOX)\n\
@@ -510,23 +506,26 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {

            let cnt = chatlist.len();
            if cnt > 0 {
-                info!(
-                    context,
+                println!(
                    "================================================================================"
                );

                for i in (0..cnt).rev() {
                    let chat = Chat::load_from_db(context, chatlist.get_chat_id(i))?;
-                    info!(
-                        context,
-                        "{}#{}: {} [{} fresh]",
+                    println!(
+                        "{}#{}: {} [{} fresh] {}",
                        chat_prefix(&chat),
                        chat.get_id(),
                        chat.get_name(),
-                        chat::get_fresh_msg_cnt(context, chat.get_id()),
+                        chat.get_id().get_fresh_msg_cnt(context),
+                        match chat.visibility {
+                            ChatVisibility::Normal => "",
+                            ChatVisibility::Archived => "📦",
+                            ChatVisibility::Pinned => "📌",
+                        },
                    );
                    let lot = chatlist.get_summary(context, i, Some(&chat));
-                    let statestr = if chat.is_archived() {
+                    let statestr = if chat.visibility == ChatVisibility::Archived {
                        " [Archived]"
                    } else {
                        match lot.get_state() {
@@ -540,8 +539,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                    let timestr = dc_timestamp_to_str(lot.get_timestamp());
                    let text1 = lot.get_text1();
                    let text2 = lot.get_text2();
-                    info!(
-                        context,
+                    println!(
                        "{}{}{}{} [{}]{}",
                        text1.unwrap_or(""),
                        if text1.is_some() { ": " } else { "" },
@@ -554,14 +552,13 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                            ""
                        },
                    );
-                    info!(
-                        context,
+                    println!(
                        "================================================================================"
                    );
                }
            }
-            if location::is_sending_locations_to_chat(context, 0) {
-                info!(context, "Location streaming enabled.");
+            if location::is_sending_locations_to_chat(context, ChatId::new(0)) {
+                println!("Location streaming enabled.");
            }
            println!("{} chats", cnt);
        }
@@ -570,8 +567,8 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                bail!("Argument [chat-id] is missing.");
            }
            if !arg1.is_empty() {
-                let chat_id = arg1.parse()?;
-                println!("Selecting chat #{}", chat_id);
+                let chat_id = ChatId::new(arg1.parse()?);
+                println!("Selecting chat {}", chat_id);
                sel_chat = Some(Chat::load_from_db(context, chat_id)?);
                *context.cmdline_sel_chat_id.write().unwrap() = chat_id;
            }
@@ -589,8 +586,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            } else {
                format!("{} member(s)", members.len())
            };
-            info!(
-                context,
+            println!(
                "{}#{}: {} [{}]{}{}",
                chat_prefix(sel_chat),
                sel_chat.get_id(),
@@ -610,14 +606,11 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                },
            );
            log_msglist(context, &msglist)?;
-            if let Some(draft) = chat::get_draft(context, sel_chat.get_id())? {
+            if let Some(draft) = sel_chat.get_id().get_draft(context)? {
                log_msg(context, "Draft", &draft);
            }

-            println!(
-                "{} messages.",
-                chat::get_msg_cnt(context, sel_chat.get_id())
-            );
+            println!("{} messages.", sel_chat.get_id().get_msg_cnt(context));
            chat::marknoticed_chat(context, sel_chat.get_id())?;
        }
        "createchat" => {
@@ -693,7 +686,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            ensure!(sel_chat.is_some(), "No chat selected.");

            let contacts = chat::get_chat_contacts(context, sel_chat.as_ref().unwrap().get_id());
-            info!(context, "Memberlist:");
+            println!("Memberlist:");

            log_contactlist(context, &contacts);
            println!(
@@ -719,8 +712,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            let default_marker = "-".to_string();
            for location in &locations {
                let marker = location.marker.as_ref().unwrap_or(&default_marker);
-                info!(
-                    context,
+                println!(
                    "Loc#{}: {}: lat={} lng={} acc={} Chat#{} Contact#{} {} {}",
                    location.location_id,
                    dc_timestamp_to_str(location.timestamp),
@@ -734,7 +726,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                );
            }
            if locations.is_empty() {
-                info!(context, "No locations.");
+                println!("No locations.");
            }
        }
        "sendlocations" => {
@@ -800,7 +792,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            let chat = if let Some(ref sel_chat) = sel_chat {
                sel_chat.get_id()
            } else {
-                0 as libc::c_uint
+                ChatId::new(0)
            };

            let msglist = context.search_msgs(chat, arg1);
@@ -814,14 +806,14 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            if !arg1.is_empty() {
                let mut draft = Message::new(Viewtype::Text);
                draft.set_text(Some(arg1.to_string()));
-                chat::set_draft(
-                    context,
-                    sel_chat.as_ref().unwrap().get_id(),
-                    Some(&mut draft),
-                );
+                sel_chat
+                    .as_ref()
+                    .unwrap()
+                    .get_id()
+                    .set_draft(context, Some(&mut draft));
                println!("Draft saved.");
            } else {
-                chat::set_draft(context, sel_chat.as_ref().unwrap().get_id(), None);
+                sel_chat.as_ref().unwrap().get_id().set_draft(context, None);
                println!("Draft deleted.");
            }
        }
@@ -857,15 +849,23 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            }
            print!("\n");
        }
-        "archive" | "unarchive" => {
+        "archive" | "unarchive" | "pin" | "unpin" => {
            ensure!(!arg1.is_empty(), "Argument <chat-id> missing.");
-            let chat_id = arg1.parse()?;
-            chat::archive(context, chat_id, arg0 == "archive")?;
+            let chat_id = ChatId::new(arg1.parse()?);
+            chat_id.set_visibility(
+                context,
+                match arg0 {
+                    "archive" => ChatVisibility::Archived,
+                    "unarchive" | "unpin" => ChatVisibility::Normal,
+                    "pin" => ChatVisibility::Pinned,
+                    _ => panic!("Unexpected command (This should never happen)"),
+                },
+            )?;
        }
        "delchat" => {
            ensure!(!arg1.is_empty(), "Argument <chat-id> missing.");
-            let chat_id = arg1.parse()?;
-            chat::delete(context, chat_id)?;
+            let chat_id = ChatId::new(arg1.parse()?);
+            chat_id.delete(context)?;
        }
        "msginfo" => {
            ensure!(!arg1.is_empty(), "Argument <msg-id> missing.");
@@ -886,7 +886,7 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
            );

            let mut msg_ids = [MsgId::new(0); 1];
-            let chat_id = arg2.parse()?;
+            let chat_id = ChatId::new(arg2.parse()?);
            msg_ids[0] = MsgId::new(arg1.parse()?);
            chat::forward_msgs(context, &msg_ids, chat_id)?;
        }
@@ -982,6 +982,31 @@ pub fn dc_cmdline(context: &Context, line: &str) -> Result<(), failure::Error> {
                res.get_text2()
            );
        }
+        "setqr" => {
+            ensure!(!arg1.is_empty(), "Argument <qr-content> missing.");
+            match set_config_from_qr(context, arg1) {
+                Ok(()) => println!("Config set from QR code, you can now call 'configure'"),
+                Err(err) => println!("Cannot set config from QR code: {:?}", err),
+            }
+        }
+        "providerinfo" => {
+            ensure!(!arg1.is_empty(), "Argument <addr> missing.");
+            match provider::get_provider_info(arg1) {
+                Some(info) => {
+                    println!("Information for provider belonging to {}:", arg1);
+                    println!("status: {}", info.status as u32);
+                    println!("before_login_hint: {}", info.before_login_hint);
+                    println!("after_login_hint: {}", info.after_login_hint);
+                    println!("overview_page: {}", info.overview_page);
+                    for server in info.server.iter() {
+                        println!("server: {}:{}", server.hostname, server.port,);
+                    }
+                }
+                None => {
+                    println!("No information for provider belonging to {} found.", arg1);
+                }
+            }
+        }
        // TODO: implement this again, unclear how to match this through though, without writing a parser.
        // "event" => {
        //     ensure!(!arg1.is_empty(), "Argument <id> missing.");
--- a/examples/repl/main.rs
+++ b/examples/repl/main.rs
@@ -20,8 +20,8 @@ use std::process::Command;
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::{Arc, Mutex, RwLock};

+use deltachat::chat::ChatId;
 use deltachat::config;
-use deltachat::configure::*;
 use deltachat::context::*;
 use deltachat::job::*;
 use deltachat::oauth2::*;
@@ -41,7 +41,7 @@ use self::cmdline::*;

 // Event Handler

-fn receive_event(_context: &Context, event: Event) -> libc::uintptr_t {
+fn receive_event(_context: &Context, event: Event) {
    match event {
        Event::Info(msg) => {
            /* do not show the event as this would fill the screen */
@@ -111,8 +111,6 @@ fn receive_event(_context: &Context, event: Event) -> libc::uintptr_t {
            print!("\x1b[33m{{Received {:?}}}\n\x1b[0m", event);
        }
    }
-
-    0
 }

 // Threads for waiting for messages and for jobs
@@ -264,7 +262,7 @@ const DB_COMMANDS: [&str; 11] = [
    "housekeeping",
 ];

-const CHAT_COMMANDS: [&str; 24] = [
+const CHAT_COMMANDS: [&str; 26] = [
    "listchats",
    "listarchived",
    "chat",
@@ -288,6 +286,8 @@ const CHAT_COMMANDS: [&str; 24] = [
    "listmedia",
    "archive",
    "unarchive",
+    "pin",
+    "unpin",
    "delchat",
 ];
 const MESSAGE_COMMANDS: [&str; 8] = [
@@ -462,7 +462,7 @@ fn handle_cmd(line: &str, ctx: Arc<RwLock<Context>>) -> Result<ExitResult, failu
        }
        "configure" => {
            start_threads(ctx.clone());
-            configure(&ctx.read().unwrap());
+            ctx.read().unwrap().configure();
        }
        "oauth2" => {
            if let Some(addr) = ctx.read().unwrap().get_config(config::Config::Addr) {
@@ -486,9 +486,10 @@ fn handle_cmd(line: &str, ctx: Arc<RwLock<Context>>) -> Result<ExitResult, failu
        }
        "getqr" | "getbadqr" => {
            start_threads(ctx.clone());
-            if let Some(mut qr) =
-                dc_get_securejoin_qr(&ctx.read().unwrap(), arg1.parse().unwrap_or_default())
-            {
+            if let Some(mut qr) = dc_get_securejoin_qr(
+                &ctx.read().unwrap(),
+                ChatId::new(arg1.parse().unwrap_or_default()),
+            ) {
                if !qr.is_empty() {
                    if arg0 == "getbadqr" && qr.len() > 40 {
                        qr.replace_range(12..22, "0000000000")
--- a/examples/simple.rs
+++ b/examples/simple.rs
@@ -7,7 +7,6 @@ use tempfile::tempdir;
 use deltachat::chat;
 use deltachat::chatlist::*;
 use deltachat::config;
-use deltachat::configure::*;
 use deltachat::contact::*;
 use deltachat::context::*;
 use deltachat::job::{
@@ -16,21 +15,18 @@ use deltachat::job::{
 };
 use deltachat::Event;

-fn cb(_ctx: &Context, event: Event) -> usize {
+fn cb(_ctx: &Context, event: Event) {
    print!("[{:?}]", event);

    match event {
        Event::ConfigureProgress(progress) => {
-            print!("  progress: {}\n", progress);
-            0
+            println!("  progress: {}", progress);
        }
        Event::Info(msg) | Event::Warning(msg) | Event::Error(msg) | Event::ErrorNetwork(msg) => {
-            print!("  {}\n", msg);
-            0
+            println!("  {}", msg);
        }
        _ => {
-            print!("\n");
-            0
+            println!();
        }
    }
 }
@@ -80,7 +76,7 @@ fn main() {
    ctx.set_config(config::Config::Addr, Some("d@testrun.org"))
        .unwrap();
    ctx.set_config(config::Config::MailPw, Some(&pw)).unwrap();
-    configure(&ctx);
+    ctx.configure();

    thread::sleep(duration);

--- a/python/CHANGELOG
+++ b/python/CHANGELOG
@@ -1,6 +1,17 @@
-0.600.1
+0.800.0
+-------
+
+- use latest core 1.25.0 
+
+- refine tests and some internal changes to core bindings
+
+0.700.0
 ---------

+- lots of new Python APIs
+
+- use rust core-beta23 
+
 - introduce automatic versioning via setuptools_scm, 
  based on py-X.Y.Z tags 

--- a/python/README.rst
+++ b/python/README.rst
@@ -3,41 +3,98 @@ deltachat python bindings
 =========================

 This package provides bindings to the deltachat-core_ Rust -library
-which provides imap/smtp/crypto handling as well as chat/group/messages
-handling to Android, Desktop and IO user interfaces.
+which implements IMAP/SMTP/MIME/PGP e-mail standards and offers
+a low-level Chat/Contact/Message API to user interfaces and bots.

-Installing pre-built packages (linux-only)
-==========================================

-If you have a linux system you may install the ``deltachat`` binary "wheel" package
+Installing bindings from source (Updated: 20-Jan-2020)
+=========================================================
+
+Install Rust and Cargo first.  Deltachat needs a specific nightly
+version, the easiest is probably to first install Rust stable from
+rustup and then use this to install the correct nightly version.
+
+Bootstrap Rust and Cargo by using rustup::
+
+   curl https://sh.rustup.rs -sSf | sh
+
+Then GIT clone the deltachat-core-rust repo and get the actual
+rust- and cargo-toolchain needed by deltachat::
+
+   git clone https://github.com/deltachat/deltachat-core-rust
+   cd deltachat-core-rust
+   rustup show
+
+To install the Delta Chat Python bindings make sure you have Python3 installed.
+E.g. on Debian-based systems `apt install python3 python3-pip
+python3-venv` should give you a usable python installation.
+
+Ensure you are in the deltachat-core-rust/python directory, create the
+virtual environment and activate it in your shell::
+
+   cd python
+   python3 -m venv venv  # or: virtualenv venv
+   source venv/bin/activate
+
+You should now be able to build the python bindings using the supplied script::
+
+   ./install_python_bindings.py
+
+The installation might take a while, depending on your machine.
+The bindings will be installed in release mode but with debug symbols.
+The release mode is currently necessary because some tests generate RSA keys
+which is prohibitively slow in non-release mode.
+
+After successful binding installation you can install a few more
+Python packages before running the tests::
+
+    python -m pip install pytest pytest-timeout pytest-rerunfailures requests
+    pytest -v tests
+
+
+running "live" tests with temporary accounts
+---------------------------------------------
+
+If you want to run "liveconfig" functional tests you can set
+``DCC_NEW_TMP_EMAIL`` to:
+
+- a particular https-url that you can ask for from the delta
+  chat devs. This is implemented on the server side via
+  the [mailadm](https://github.com/deltachat/mailadm) command line tool.
+
+- or the path of a file that contains two lines, each describing
+  via "addr=... mail_pw=..." a test account login that will
+  be used for the live tests.
+
+With ``DCC_NEW_TMP_EMAIL`` set pytest invocations will use real
+e-mail accounts and run through all functional "liveconfig" tests.
+
+
+Installing pre-built packages (Linux-only)
+========================================================
+
+If you have a Linux system you may try to install the ``deltachat`` binary "wheel" packages
 without any "build-from-source" steps.

-1. `Install virtualenv <https://virtualenv.pypa.io/en/stable/installation/>`_,
-   then create a fresh python environment and activate it in your shell::
+We suggest to `Install virtualenv <https://virtualenv.pypa.io/en/stable/installation/>`_,
+then create a fresh Python virtual environment and activate it in your shell::

        virtualenv venv  # or: python -m venv
        source venv/bin/activate

-   Afterwards, invoking ``python`` or ``pip install`` will only
-   modify files in your ``venv`` directory and leave your system installation
-   alone.
-
-2. Install the wheel for linux::
-
-        pip install deltachat
-
-    Verify it worked by typing::
-
-        python -c "import deltachat"
-
-
-Installing a wheel from a PR/branch
---------------------------------------
+Afterwards, invoking ``python`` or ``pip install`` only
+modifies files in your ``venv`` directory and leaves
+your system installation alone.

 For Linux, we automatically build wheels for all github PR branches
-and push them to a python package index. To install the latest github ``master`` branch::
+and push them to a python package index. To install the latest
+github ``master`` branch::

-    pip install -i https://m.devpi.net/dc/master deltachat
+    pip install --pre -i https://m.devpi.net/dc/master deltachat
+
+To verify it worked::
+
+    python -c "import deltachat"

 .. note::

@@ -46,65 +103,6 @@ and push them to a python package index. To install the latest github ``master``
    `in contact with us <https://delta.chat/en/contribute>`_.


-Installing bindings from source
-===============================
-
-If you can't use "binary" method above then you need to compile
-to core deltachat library::
-
-    git clone https://github.com/deltachat/deltachat-core-rust
-    cd deltachat-core-rust
-    cd python
-
-If you don't have one active, create and activate a python "virtualenv":
-
-    python virtualenv venv  # or python -m venv
-    source venv/bin/activate
-
-Afterwards ``which python`` tells you that it comes out of the "venv"
-directory that contains all python install artifacts. Let's first
-install test tools::
-
-    pip install pytest pytest-timeout pytest-rerunfailures requests
-
-then cargo-build and install the deltachat bindings::
-
-    python install_python_bindings.py
-
-The bindings will be installed in release mode but with debug symbols.
-The release mode is necessary because some tests generate RSA keys
-which is prohibitively slow in debug mode.
-
-After successful binding installation you can finally run the tests::
-
-    pytest -v tests
-
-.. note::
-
-    Some tests are sometimes failing/hanging because of
-    https://github.com/deltachat/deltachat-core-rust/issues/331
-    and
-    https://github.com/deltachat/deltachat-core-rust/issues/326
-
-
-running "live" tests (experimental)
-----------------------------------
-
-If you want to run "liveconfig" functional tests you can set
-``DCC_PY_LIVECONFIG`` to:
-
- a particular https-url that you can ask for from the delta
-  chat devs.
-
- or the path of a file that contains two lines, each describing
-  via "addr=... mail_pw=..." a test account login that will
-  be used for the live tests.
-
-With ``DCC_PY_LIVECONFIG`` set pytest invocations will use real
-e-mail accounts and run through all functional "liveconfig" tests.
-
-
-
 Code examples
 =============

@@ -115,15 +113,11 @@ You may look at `examples <https://py.delta.chat/examples.html>`_.
 .. _`deltachat-core`: https://github.com/deltachat/deltachat-core-rust


-Building manylinux1 wheels
-==========================
-
-.. note::
-
-   This section may not fully work.
+Building manylinux1 based wheels
+================================

 Building portable manylinux1 wheels which come with libdeltachat.so
-and all it's dependencies is easy using the provided docker tooling.
+can be done with docker-tooling.

 using docker pull / premade images
 ------------------------------------
@@ -136,9 +130,9 @@ organization::

 This docker image can be used to run tests and build Python wheels for all interpreters::

-    $ bash ci_scripts/ci_run.sh
-
-This command runs tests and build-wheel scripts in a docker container.
+    $ docker run -e DCC_NEW_TMP_EMAIL \
+       --rm -it -v \$(pwd):/mnt -w /mnt \
+       deltachat/coredeps ci_scripts/run_all.sh


 Optionally build your own docker image
--- a/python/doc/_static/custom.css
+++ b/python/doc/_static/custom.css
@@ -15,3 +15,7 @@ div.globaltoc {
 img.logo {
    height: 120px;
 }
+
+div.footer {
+    display: none;
+}
--- a/python/doc/conf.py
+++ b/python/doc/conf.py
@@ -55,7 +55,7 @@ master_doc = 'index'

 # General information about the project.
 project = u'deltachat'
-copyright = u'2018, holger krekel and contributors'
+copyright = u'2020, holger krekel and contributors'


 # The language for content autogenerated by Sphinx. Refer to documentation
--- a/python/doc/index.rst
+++ b/python/doc/index.rst
@@ -1,15 +1,14 @@
 deltachat python bindings
 =========================

-The ``deltachat`` Python package provides two bindings for the core Rust-library
-of the https://delta.chat messaging ecosystem:
+The ``deltachat`` Python package provides two layers of bindings for the
+core Rust-library of the https://delta.chat messaging ecosystem:

 - :doc:`api` is a high level interface to deltachat-core which aims
  to be memory safe and thoroughly tested through continous tox/pytest runs.

- :doc:`capi` is a lowlevel CFFI-binding to the previous
-  `deltachat-core C-API <https://c.delta.chat>`_ (so far the Rust library
-  replicates exactly the same C-level API).
+- :doc:`lapi` is a lowlevel CFFI-binding to the `Rust Core
+  <https://github.com/deltachat/deltachat-core-rust>`_.



@@ -28,7 +27,6 @@ getting started
   links
   changelog
   api
-   capi
   lapi

 ..
--- a/python/install_python_bindings.py
+++ b/python/install_python_bindings.py
@@ -11,18 +11,15 @@ import sys
 if __name__ == "__main__":
    target = os.environ.get("DCC_RS_TARGET")
    if target is None:
-        os.environ["DCC_RS_TARGET"] = target = "release"
+        os.environ["DCC_RS_TARGET"] = target = "debug"
    if "DCC_RS_DEV" not in os.environ:
        dn = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
        os.environ["DCC_RS_DEV"] = dn

-    # build the core library  in release + debug mode because
-    # as of Nov 2019 rPGP generates RSA keys which take
-    # prohibitively long for non-release installs
-    os.environ["RUSTFLAGS"] = "-g"
-    subprocess.check_call([
-        "cargo", "build", "-p", "deltachat_ffi", "--" + target
-    ])
+    cmd = ["cargo", "build", "-p", "deltachat_ffi"]
+    if target == 'release':
+        cmd.append("--release")
+    subprocess.check_call(cmd)
    subprocess.check_call("rm -rf build/ src/deltachat/*.so" , shell=True)

    if len(sys.argv) <= 1 or sys.argv[1] != "onlybuild":
--- a/python/setup.py
+++ b/python/setup.py
@@ -13,11 +13,12 @@ def main():
            "root": "..",
            "relative_to": __file__,
            'tag_regex': r'^(?P<prefix>py-)?(?P<version>[^\+]+)(?P<suffix>.*)?$',
+            'git_describe_command': "git describe --dirty --tags --long --match py-*.*",
        },
        description='Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat',
        long_description=long_description,
        author='holger krekel, Floris Bruynooghe, Bjoern Petersen and contributors',
-        install_requires=['cffi>=1.0.0', 'six'],
+        install_requires=['cffi>=1.0.0', 'pluggy'],
        packages=setuptools.find_packages('src'),
        package_dir={'': 'src'},
        cffi_modules=['src/deltachat/_build.py:ffibuilder'],
--- a/python/src/deltachat/account.py
+++ b/python/src/deltachat/account.py
@@ -4,13 +4,9 @@ from __future__ import print_function
 import atexit
 import threading
 import os
-import re
 import time
 from array import array
-try:
-    from queue import Queue, Empty
-except ImportError:
-    from Queue import Queue, Empty
+from queue import Queue

 import deltachat
 from . import const
@@ -19,6 +15,8 @@ from .cutil import as_dc_charpointer, from_dc_charpointer, iter_array, DCLot
 from .chat import Chat
 from .message import Message
 from .contact import Contact
+from .eventlogger import EventLogger
+from .hookspec import get_plugin_manager, hookimpl


 class Account(object):
@@ -26,14 +24,13 @@ class Account(object):
    by the underlying deltachat core library.  All public Account methods are
    meant to be memory-safe and return memory-safe objects.
    """
-    def __init__(self, db_path, logid=None, eventlogging=True, os_name=None, debug=True):
+    def __init__(self, db_path, logid=None, os_name=None, debug=True):
        """ initialize account object.

        :param db_path: a path to the account database. The database
                        will be created if it doesn't exist.
        :param logid: an optional logging prefix that should be used with
                      the default internal logging.
-        :param eventlogging: if False no eventlogging and no context callback will be configured
        :param os_name: this will be put to the X-Mailer header in outgoing messages
        :param debug: turn on debug logging for events.
        """
@@ -41,19 +38,26 @@ class Account(object):
            lib.dc_context_new(lib.py_dc_callback, ffi.NULL, as_dc_charpointer(os_name)),
            _destroy_dc_context,
        )
-        if eventlogging:
-            self._evlogger = EventLogger(self._dc_context, logid, debug)
-            deltachat.set_context_callback(self._dc_context, self._process_event)
-            self._threads = IOThreads(self._dc_context, self._evlogger._log_event)
-        else:
-            self._threads = IOThreads(self._dc_context)
+        self._evlogger = EventLogger(self, logid, debug)
+        self._threads = IOThreads(self._dc_context, self._evlogger._log_event)

+        # register event call back and initialize plugin system
+        def _ll_event(ctx, evt_name, data1, data2):
+            assert ctx == self._dc_context
+            self.pluggy.hook.process_low_level_event(
+                account=self, event_name=evt_name, data1=data1, data2=data2
+            )
+
+        self.pluggy = get_plugin_manager()
+        self.pluggy.register(self._evlogger)
+        deltachat.set_context_callback(self._dc_context, _ll_event)
+
+        # open database
        if hasattr(db_path, "encode"):
            db_path = db_path.encode("utf8")
        if not lib.dc_open(self._dc_context, db_path, ffi.NULL):
            raise ValueError("Could not dc_open: {}".format(db_path))
        self._configkeys = self.get_config("sys.config_keys").split()
-        self._imex_events = Queue()
        atexit.register(self.shutdown)

    # def __del__(self):
@@ -118,6 +122,18 @@ class Account(object):
        assert res != ffi.NULL, "config value not found for: {!r}".format(name)
        return from_dc_charpointer(res)

+    def _preconfigure_keypair(self, addr, public, secret):
+        """See dc_preconfigure_keypair() in deltachat.h.
+
+        In other words, you don't need this.
+        """
+        res = lib.dc_preconfigure_keypair(self._dc_context,
+                                          as_dc_charpointer(addr),
+                                          as_dc_charpointer(public),
+                                          as_dc_charpointer(secret))
+        if res == 0:
+            raise Exception("Failed to set key")
+
    def configure(self, **kwargs):
        """ set config values and configure this account.

@@ -165,11 +181,6 @@ class Account(object):
            raise ValueError("no flags set")
        lib.dc_empty_server(self._dc_context, flags)

-    def get_infostring(self):
-        """ return info of the configured account. """
-        self.check_is_configured()
-        return from_dc_charpointer(lib.dc_get_info(self._dc_context))
-
    def get_latest_backupfile(self, backupdir):
        """ return the latest backup file in a given directory.
        """
@@ -370,27 +381,12 @@ class Account(object):
            raise RuntimeError("found more than one new file")
        return export_files[0]

-    def _imex_events_clear(self):
-        try:
-            while True:
-                self._imex_events.get_nowait()
-        except Empty:
-            pass
-
    def _export(self, path, imex_cmd):
-        self._imex_events_clear()
-        lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
-        if not self._threads.is_started():
-            lib.dc_perform_imap_jobs(self._dc_context)
-        files_written = []
-        while True:
-            ev = self._imex_events.get()
-            if isinstance(ev, str):
-                files_written.append(ev)
-            elif isinstance(ev, bool):
-                if not ev:
-                    raise ValueError("export failed, exp-files: {}".format(files_written))
-                return files_written
+        with ImexTracker(self) as imex_tracker:
+            lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
+            if not self._threads.is_started():
+                lib.dc_perform_imap_jobs(self._dc_context)
+            return imex_tracker.wait_finish()

    def import_self_keys(self, path):
        """ Import private keys found in the `path` directory.
@@ -408,12 +404,11 @@ class Account(object):
        self._import(path, imex_cmd=12)

    def _import(self, path, imex_cmd):
-        self._imex_events_clear()
-        lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
-        if not self._threads.is_started():
-            lib.dc_perform_imap_jobs(self._dc_context)
-        if not self._imex_events.get():
-            raise ValueError("import from path '{}' failed".format(path))
+        with ImexTracker(self) as imex_tracker:
+            lib.dc_imex(self._dc_context, imex_cmd, as_dc_charpointer(path), ffi.NULL)
+            if not self._threads.is_started():
+                lib.dc_perform_imap_jobs(self._dc_context)
+            imex_tracker.wait_finish()

    def initiate_key_transfer(self):
        """return setup code after a Autocrypt setup message
@@ -516,24 +511,7 @@ class Account(object):
            deltachat.clear_context_callback(self._dc_context)
            del self._dc_context
            atexit.unregister(self.shutdown)
-
-    def _process_event(self, ctx, evt_name, data1, data2):
-        assert ctx == self._dc_context
-        if hasattr(self, "_evlogger"):
-            self._evlogger(evt_name, data1, data2)
-            method = getattr(self, "on_" + evt_name.lower(), None)
-            if method is not None:
-                method(data1, data2)
-        return 0
-
-    def on_dc_event_imex_progress(self, data1, data2):
-        if data1 == 1000:
-            self._imex_events.put(True)
-        elif data1 == 0:
-            self._imex_events.put(False)
-
-    def on_dc_event_imex_file_written(self, data1, data2):
-        self._imex_events.put(data1)
+        self.pluggy.unregister(self._evlogger)

    def set_location(self, latitude=0.0, longitude=0.0, accuracy=0.0):
        """set a new location. It effects all chats where we currently
@@ -550,6 +528,41 @@ class Account(object):
            raise ValueError("no chat is streaming locations")


+class ImexTracker:
+    def __init__(self, account):
+        self._imex_events = Queue()
+        self.account = account
+
+    def __enter__(self):
+        self.account.pluggy.register(self)
+        return self
+
+    def __exit__(self, *args):
+        self.account.pluggy.unregister(self)
+
+    @hookimpl
+    def process_low_level_event(self, account, event_name, data1, data2):
+        # there could be multiple accounts instantiated
+        if self.account is not account:
+            return
+        if event_name == "DC_EVENT_IMEX_PROGRESS":
+            self._imex_events.put(data1)
+        elif event_name == "DC_EVENT_IMEX_FILE_WRITTEN":
+            self._imex_events.put(data1)
+
+    def wait_finish(self, progress_timeout=60):
+        """ Return list of written files, raise ValueError if ExportFailed. """
+        files_written = []
+        while True:
+            ev = self._imex_events.get(timeout=progress_timeout)
+            if isinstance(ev, str):
+                files_written.append(ev)
+            elif ev == 0:
+                raise ValueError("export failed, exp-files: {}".format(files_written))
+            elif ev == 1000:
+                return files_written
+
+
 class IOThreads:
    def __init__(self, dc_context, log_event=lambda *args: None):
        self._dc_context = dc_context
@@ -578,6 +591,11 @@ class IOThreads:

    def stop(self, wait=False):
        self._thread_quitflag = True
+
+        # Workaround for a race condition. Make sure that thread is
+        # not in between checking for quitflag and entering idle.
+        time.sleep(0.5)
+
        lib.dc_interrupt_imap_idle(self._dc_context)
        lib.dc_interrupt_smtp_idle(self._dc_context)
        lib.dc_interrupt_mvbox_idle(self._dc_context)
@@ -600,100 +618,31 @@ class IOThreads:
        self._log_event("py-bindings-info", 0, "MVBOX THREAD START")
        while not self._thread_quitflag:
            lib.dc_perform_mvbox_jobs(self._dc_context)
-            lib.dc_perform_mvbox_fetch(self._dc_context)
-            lib.dc_perform_mvbox_idle(self._dc_context)
+            if not self._thread_quitflag:
+                lib.dc_perform_mvbox_fetch(self._dc_context)
+            if not self._thread_quitflag:
+                lib.dc_perform_mvbox_idle(self._dc_context)
        self._log_event("py-bindings-info", 0, "MVBOX THREAD FINISHED")

    def sentbox_thread_run(self):
        self._log_event("py-bindings-info", 0, "SENTBOX THREAD START")
        while not self._thread_quitflag:
            lib.dc_perform_sentbox_jobs(self._dc_context)
-            lib.dc_perform_sentbox_fetch(self._dc_context)
-            lib.dc_perform_sentbox_idle(self._dc_context)
+            if not self._thread_quitflag:
+                lib.dc_perform_sentbox_fetch(self._dc_context)
+            if not self._thread_quitflag:
+                lib.dc_perform_sentbox_idle(self._dc_context)
        self._log_event("py-bindings-info", 0, "SENTBOX THREAD FINISHED")

    def smtp_thread_run(self):
        self._log_event("py-bindings-info", 0, "SMTP THREAD START")
        while not self._thread_quitflag:
            lib.dc_perform_smtp_jobs(self._dc_context)
-            lib.dc_perform_smtp_idle(self._dc_context)
+            if not self._thread_quitflag:
+                lib.dc_perform_smtp_idle(self._dc_context)
        self._log_event("py-bindings-info", 0, "SMTP THREAD FINISHED")


-class EventLogger:
-    _loglock = threading.RLock()
-
-    def __init__(self, dc_context, logid=None, debug=True):
-        self._dc_context = dc_context
-        self._event_queue = Queue()
-        self._debug = debug
-        if logid is None:
-            logid = str(self._dc_context).strip(">").split()[-1]
-        self.logid = logid
-        self._timeout = None
-        self.init_time = time.time()
-
-    def __call__(self, evt_name, data1, data2):
-        self._log_event(evt_name, data1, data2)
-        self._event_queue.put((evt_name, data1, data2))
-
-    def set_timeout(self, timeout):
-        self._timeout = timeout
-
-    def consume_events(self, check_error=True):
-        while not self._event_queue.empty():
-            self.get()
-
-    def get(self, timeout=None, check_error=True):
-        timeout = timeout or self._timeout
-        ev = self._event_queue.get(timeout=timeout)
-        if check_error and ev[0] == "DC_EVENT_ERROR":
-            raise ValueError("{}({!r},{!r})".format(*ev))
-        return ev
-
-    def ensure_event_not_queued(self, event_name_regex):
-        __tracebackhide__ = True
-        rex = re.compile("(?:{}).*".format(event_name_regex))
-        while 1:
-            try:
-                ev = self._event_queue.get(False)
-            except Empty:
-                break
-            else:
-                assert not rex.match(ev[0]), "event found {}".format(ev)
-
-    def get_matching(self, event_name_regex, check_error=True, timeout=None):
-        self._log("-- waiting for event with regex: {} --".format(event_name_regex))
-        rex = re.compile("(?:{}).*".format(event_name_regex))
-        while 1:
-            ev = self.get(timeout=timeout, check_error=check_error)
-            if rex.match(ev[0]):
-                return ev
-
-    def get_info_matching(self, regex):
-        rex = re.compile("(?:{}).*".format(regex))
-        while 1:
-            ev = self.get_matching("DC_EVENT_INFO")
-            if rex.match(ev[2]):
-                return ev
-
-    def _log_event(self, evt_name, data1, data2):
-        # don't show events that are anyway empty impls now
-        if evt_name == "DC_EVENT_GET_STRING":
-            return
-        if self._debug:
-            evpart = "{}({!r},{!r})".format(evt_name, data1, data2)
-            self._log(evpart)
-
-    def _log(self, msg):
-        t = threading.currentThread()
-        tname = getattr(t, "name", t)
-        if tname == "MainThread":
-            tname = "MAIN"
-        with self._loglock:
-            print("{:2.2f} [{}-{}] {}".format(time.time() - self.init_time, tname, self.logid, msg))
-
-
 def _destroy_dc_context(dc_context, dc_context_unref=lib.dc_context_unref):
    # destructor for dc_context
    dc_context_unref(dc_context)
--- a/python/src/deltachat/chat.py
+++ b/python/src/deltachat/chat.py
@@ -58,6 +58,13 @@ class Chat(object):
        """
        return self.id == const.DC_CHAT_ID_DEADDROP

+    def is_muted(self):
+        """ return true if this chat is muted.
+
+        :returns: True if chat is muted, False otherwise.
+        """
+        return lib.dc_chat_is_muted(self._dc_chat)
+
    def is_promoted(self):
        """ return True if this chat is promoted, i.e.
        the member contacts are aware of their membership,
@@ -84,12 +91,43 @@ class Chat(object):
    def set_name(self, name):
        """ set name of this chat.

-        :param: name as a unicode string.
+        :param name: as a unicode string.
        :returns: None
        """
        name = as_dc_charpointer(name)
        return lib.dc_set_chat_name(self._dc_context, self.id, name)

+    def mute(self, duration=None):
+        """ mutes the chat
+
+        :param duration: Number of seconds to mute the chat for. None to mute until unmuted again.
+        :returns: None
+        """
+        if duration is None:
+            mute_duration = -1
+        else:
+            mute_duration = duration
+        ret = lib.dc_set_chat_mute_duration(self._dc_context, self.id, mute_duration)
+        if not bool(ret):
+            raise ValueError("Call to dc_set_chat_mute_duration failed")
+
+    def unmute(self):
+        """ unmutes the chat
+
+        :returns: None
+        """
+        ret = lib.dc_set_chat_mute_duration(self._dc_context, self.id, 0)
+        if not bool(ret):
+            raise ValueError("Failed to unmute chat")
+
+    def get_mute_duration(self):
+        """ Returns the number of seconds until the mute of this chat is lifted.
+
+        :param duration:
+        :returns: Returns the number of seconds the chat is still muted for. (0 for not muted, -1 forever muted)
+        """
+        return bool(lib.dc_chat_get_remaining_mute_duration(self.id))
+
    def get_type(self):
        """ return type of this chat.

@@ -385,7 +423,7 @@ class Chat(object):
        """return True if this chat is archived.
        :returns: True if archived.
        """
-        return lib.dc_chat_get_archived(self._dc_chat)
+        return lib.dc_chat_get_visibility(self._dc_chat) == const.DC_CHAT_VISIBILITY_ARCHIVED

    def enable_sending_locations(self, seconds):
        """enable sending locations for this chat.
--- a/python/src/deltachat/const.py
+++ b/python/src/deltachat/const.py
@@ -18,6 +18,7 @@ DC_QR_ASK_VERIFYGROUP = 202
 DC_QR_FPR_OK = 210
 DC_QR_FPR_MISMATCH = 220
 DC_QR_FPR_WITHOUT_ADDR = 230
+DC_QR_ACCOUNT = 250
 DC_QR_ADDR = 320
 DC_QR_TEXT = 330
 DC_QR_URL = 332
@@ -102,9 +103,15 @@ DC_EVENT_FILE_COPIED = 2055
 DC_EVENT_IS_OFFLINE = 2081
 DC_EVENT_GET_STRING = 2091
 DC_STR_SELFNOTINGRP = 21
+DC_KEY_GEN_DEFAULT = 0
+DC_KEY_GEN_RSA2048 = 1
+DC_KEY_GEN_ED25519 = 2
 DC_PROVIDER_STATUS_OK = 1
 DC_PROVIDER_STATUS_PREPARATION = 2
 DC_PROVIDER_STATUS_BROKEN = 3
+DC_CHAT_VISIBILITY_NORMAL = 0
+DC_CHAT_VISIBILITY_ARCHIVED = 1
+DC_CHAT_VISIBILITY_PINNED = 2
 DC_STR_NOMESSAGES = 1
 DC_STR_SELF = 2
 DC_STR_DRAFT = 3
@@ -157,7 +164,7 @@ DC_STR_COUNT = 68

 def read_event_defines(f):
    rex = re.compile(r'#define\s+((?:DC_EVENT|DC_QR|DC_MSG|DC_LP|DC_EMPTY|DC_CERTCK|DC_STATE|DC_STR|'
-                     r'DC_CONTACT_ID|DC_GCL|DC_CHAT|DC_PROVIDER)_\S+)\s+([x\d]+).*')
+                     r'DC_CONTACT_ID|DC_GCL|DC_CHAT|DC_PROVIDER|DC_KEY_GEN)_\S+)\s+([x\d]+).*')
    for line in f:
        m = rex.match(line)
        if m:
--- a/python/src/deltachat/eventlogger.py
+++ b/python/src/deltachat/eventlogger.py
@@ -0,0 +1,81 @@
+import threading
+import re
+import time
+from queue import Queue, Empty
+from .hookspec import hookimpl
+
+
+class EventLogger:
+    _loglock = threading.RLock()
+
+    def __init__(self, account, logid=None, debug=True):
+        self.account = account
+        self._event_queue = Queue()
+        self._debug = debug
+        if logid is None:
+            logid = str(self.account._dc_context).strip(">").split()[-1]
+        self.logid = logid
+        self._timeout = None
+        self.init_time = time.time()
+
+    @hookimpl
+    def process_low_level_event(self, account, event_name, data1, data2):
+        if self.account == account:
+            self._log_event(event_name, data1, data2)
+            self._event_queue.put((event_name, data1, data2))
+
+    def set_timeout(self, timeout):
+        self._timeout = timeout
+
+    def consume_events(self, check_error=True):
+        while not self._event_queue.empty():
+            self.get(check_error=check_error)
+
+    def get(self, timeout=None, check_error=True):
+        timeout = timeout or self._timeout
+        ev = self._event_queue.get(timeout=timeout)
+        if check_error and ev[0] == "DC_EVENT_ERROR":
+            raise ValueError("{}({!r},{!r})".format(*ev))
+        return ev
+
+    def ensure_event_not_queued(self, event_name_regex):
+        __tracebackhide__ = True
+        rex = re.compile("(?:{}).*".format(event_name_regex))
+        while 1:
+            try:
+                ev = self._event_queue.get(False)
+            except Empty:
+                break
+            else:
+                assert not rex.match(ev[0]), "event found {}".format(ev)
+
+    def get_matching(self, event_name_regex, check_error=True, timeout=None):
+        self._log("-- waiting for event with regex: {} --".format(event_name_regex))
+        rex = re.compile("(?:{}).*".format(event_name_regex))
+        while 1:
+            ev = self.get(timeout=timeout, check_error=check_error)
+            if rex.match(ev[0]):
+                return ev
+
+    def get_info_matching(self, regex):
+        rex = re.compile("(?:{}).*".format(regex))
+        while 1:
+            ev = self.get_matching("DC_EVENT_INFO")
+            if rex.match(ev[2]):
+                return ev
+
+    def _log_event(self, evt_name, data1, data2):
+        # don't show events that are anyway empty impls now
+        if evt_name == "DC_EVENT_GET_STRING":
+            return
+        if self._debug:
+            evpart = "{}({!r},{!r})".format(evt_name, data1, data2)
+            self._log(evpart)
+
+    def _log(self, msg):
+        t = threading.currentThread()
+        tname = getattr(t, "name", t)
+        if tname == "MainThread":
+            tname = "MAIN"
+        with self._loglock:
+            print("{:2.2f} [{}-{}] {}".format(time.time() - self.init_time, tname, self.logid, msg))
--- a/python/src/deltachat/hookspec.py
+++ b/python/src/deltachat/hookspec.py
@@ -0,0 +1,25 @@
+""" Hooks for python bindings """
+
+import pluggy
+
+name = "deltachat"
+
+hookspec = pluggy.HookspecMarker(name)
+hookimpl = pluggy.HookimplMarker(name)
+_plugin_manager = None
+
+
+def get_plugin_manager():
+    global _plugin_manager
+    if _plugin_manager is None:
+        _plugin_manager = pluggy.PluginManager(name)
+        _plugin_manager.add_hookspecs(DeltaChatHookSpecs)
+    return _plugin_manager
+
+
+class DeltaChatHookSpecs:
+    """ Plugin Hook specifications for Python bindings to Delta Chat CFFI. """
+
+    @hookspec
+    def process_low_level_event(self, account, event_name, data1, data2):
+        """ process a CFFI low level events for a given account. """
--- a/python/src/deltachat/provider.py
+++ b/python/src/deltachat/provider.py
@@ -11,27 +11,18 @@ class ProviderNotFoundError(Exception):
 class Provider(object):
    """Provider information.

-    :param domain: The domain to get the provider info for, this is
-    normally the part following the `@` of the domain.
+    :param domain: The email to get the provider info for.
    """

-    def __init__(self, domain):
+    def __init__(self, account, addr):
        provider = ffi.gc(
-            lib.dc_provider_new_from_domain(as_dc_charpointer(domain)),
+            lib.dc_provider_new_from_email(account._dc_context, as_dc_charpointer(addr)),
            lib.dc_provider_unref,
        )
        if provider == ffi.NULL:
            raise ProviderNotFoundError("Provider not found")
        self._provider = provider

-    @classmethod
-    def from_email(cls, email):
-        """Create provider info from an email address.
-
-        :param email: Email address to get provider info for.
-        """
-        return cls(email.split('@')[-1])
-
    @property
    def overview_page(self):
        """URL to the overview page of the provider on providers.delta.chat."""
@@ -39,21 +30,10 @@ class Provider(object):
            lib.dc_provider_get_overview_page(self._provider))

    @property
-    def name(self):
-        """The name of the provider."""
-        return from_dc_charpointer(lib.dc_provider_get_name(self._provider))
-
-    @property
-    def markdown(self):
-        """Content of the information page, formatted as markdown."""
+    def get_before_login_hints(self):
+        """Should be shown to the user on login."""
        return from_dc_charpointer(
-            lib.dc_provider_get_markdown(self._provider))
-
-    @property
-    def status_date(self):
-        """The date the provider info was last updated, as a string."""
-        return from_dc_charpointer(
-            lib.dc_provider_get_status_date(self._provider))
+            lib.dc_provider_get_before_login_hints(self._provider))

    @property
    def status(self):
--- a/python/tests/conftest.py
+++ b/python/tests/conftest.py
@@ -1,11 +1,14 @@
 from __future__ import print_function
 import os
+import sys
+import py
 import pytest
 import requests
 import time
 from deltachat import Account
 from deltachat import const
 from deltachat.capi import lib
+from _pytest.monkeypatch import MonkeyPatch
 import tempfile


@@ -15,25 +18,41 @@ def pytest_addoption(parser):
        help="a file with >=2 lines where each line "
             "contains NAME=VALUE config settings for one account"
    )
+    parser.addoption(
+        "--ignored", action="store_true",
+        help="Also run tests marked with the ignored marker",
+    )


 def pytest_configure(config):
+    config.addinivalue_line(
+        "markers", "ignored: Mark test as bing slow, skipped unless --ignored is used."
+    )
    cfg = config.getoption('--liveconfig')
    if not cfg:
-        cfg = os.getenv('DCC_PY_LIVECONFIG')
+        cfg = os.getenv('DCC_NEW_TMP_EMAIL')
        if cfg:
            config.option.liveconfig = cfg


+def pytest_runtest_setup(item):
+    if (list(item.iter_markers(name="ignored"))
+            and not item.config.getoption("ignored")):
+        pytest.skip("Ignored tests not requested, use --ignored")
+
+
 def pytest_report_header(config, startdir):
    summary = []

    t = tempfile.mktemp()
+    m = MonkeyPatch()
    try:
-        ac = Account(t, eventlogging=False)
+        m.setattr(sys.stdout, "write", lambda x: len(x))
+        ac = Account(t)
        info = ac.get_info()
        ac.shutdown()
    finally:
+        m.undo()
        os.remove(t)
    summary.extend(['Deltachat core={} sqlite={}'.format(
         info['deltachat_core_version'],
@@ -83,17 +102,16 @@ class SessionLiveConfigFromFile:


 class SessionLiveConfigFromURL:
-    def __init__(self, url, create_token):
+    def __init__(self, url):
        self.configlist = []
        self.url = url
-        self.create_token = create_token

    def get(self, index):
        try:
            return self.configlist[index]
        except IndexError:
            assert index == len(self.configlist), index
-            res = requests.post(self.url, json={"token_create_user": int(self.create_token)})
+            res = requests.post(self.url)
            if res.status_code != 200:
                pytest.skip("creating newtmpuser failed {!r}".format(res))
            d = res.json()
@@ -110,14 +128,24 @@ def session_liveconfig(request):
    liveconfig_opt = request.config.option.liveconfig
    if liveconfig_opt:
        if liveconfig_opt.startswith("http"):
-            url, create_token = liveconfig_opt.split("#", 1)
-            return SessionLiveConfigFromURL(url, create_token)
+            return SessionLiveConfigFromURL(liveconfig_opt)
        else:
            return SessionLiveConfigFromFile(liveconfig_opt)


+@pytest.fixture(scope='session')
+def datadir():
+    """The py.path.local object of the test-data/ directory."""
+    for path in reversed(py.path.local(__file__).parts()):
+        datadir = path.join('test-data')
+        if datadir.isdir():
+            return datadir
+    else:
+        pytest.skip('test-data directory not found')
+
+
@pytest.fixture
-def acfactory(pytestconfig, tmpdir, request, session_liveconfig):
+def acfactory(pytestconfig, tmpdir, request, session_liveconfig, datadir):

    class AccountMaker:
        def __init__(self):
@@ -125,6 +153,8 @@ def acfactory(pytestconfig, tmpdir, request, session_liveconfig):
            self.offline_count = 0
            self._finalizers = []
            self.init_time = time.time()
+            self._generated_keys = ["alice", "bob", "charlie",
+                                    "dom", "elena", "fiona"]

        def finalize(self):
            while self._finalizers:
@@ -144,26 +174,32 @@ def acfactory(pytestconfig, tmpdir, request, session_liveconfig):
            ac._evlogger.set_timeout(2)
            return ac

+        def _preconfigure_key(self, account, addr):
+            # Only set a key if we haven't used it yet for another account.
+            if self._generated_keys:
+                keyname = self._generated_keys.pop(0)
+                fname_pub = "key/{name}-public.asc".format(name=keyname)
+                fname_sec = "key/{name}-secret.asc".format(name=keyname)
+                account._preconfigure_keypair(addr,
+                                              datadir.join(fname_pub).read(),
+                                              datadir.join(fname_sec).read())
+
        def get_configured_offline_account(self):
            ac = self.get_unconfigured_account()

            # do a pseudo-configured account
            addr = "addr{}@offline.org".format(self.offline_count)
            ac.set_config("addr", addr)
+            self._preconfigure_key(ac, addr)
            lib.dc_set_config(ac._dc_context, b"configured_addr", addr.encode("ascii"))
            ac.set_config("mail_pw", "123")
            lib.dc_set_config(ac._dc_context, b"configured_mail_pw", b"123")
            lib.dc_set_config(ac._dc_context, b"configured", b"1")
            return ac

-        def peek_online_config(self):
+        def get_online_config(self, pre_generated_key=True):
            if not session_liveconfig:
-                pytest.skip("specify DCC_PY_LIVECONFIG or --liveconfig")
-            return session_liveconfig.get(self.live_count)
-
-        def get_online_config(self):
-            if not session_liveconfig:
-                pytest.skip("specify DCC_PY_LIVECONFIG or --liveconfig")
+                pytest.skip("specify DCC_NEW_TMP_EMAIL or --liveconfig")
            configdict = session_liveconfig.get(self.live_count)
            self.live_count += 1
            if "e2ee_enabled" not in configdict:
@@ -175,18 +211,24 @@ def acfactory(pytestconfig, tmpdir, request, session_liveconfig):

            tmpdb = tmpdir.join("livedb%d" % self.live_count)
            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count))
+            if pre_generated_key:
+                self._preconfigure_key(ac, configdict['addr'])
            ac._evlogger.init_time = self.init_time
            ac._evlogger.set_timeout(30)
            return ac, dict(configdict)

-        def get_online_configuring_account(self, mvbox=False, sentbox=False):
-            ac, configdict = self.get_online_config()
+        def get_online_configuring_account(self, mvbox=False, sentbox=False,
+                                           pre_generated_key=True, config={}):
+            ac, configdict = self.get_online_config(
+                pre_generated_key=pre_generated_key)
+            configdict.update(config)
            ac.configure(**configdict)
            ac.start_threads(mvbox=mvbox, sentbox=sentbox)
            return ac

-        def get_one_online_account(self):
-            ac1 = self.get_online_configuring_account()
+        def get_one_online_account(self, pre_generated_key=True):
+            ac1 = self.get_online_configuring_account(
+                pre_generated_key=pre_generated_key)
            wait_successful_IMAP_SMTP_connection(ac1)
            wait_configuration_progress(ac1, 1000)
            return ac1
@@ -200,10 +242,12 @@ def acfactory(pytestconfig, tmpdir, request, session_liveconfig):
            wait_configuration_progress(ac2, 1000)
            return ac1, ac2

-        def clone_online_account(self, account):
+        def clone_online_account(self, account, pre_generated_key=True):
            self.live_count += 1
            tmpdb = tmpdir.join("livedb%d" % self.live_count)
            ac = self.make_account(tmpdb.strpath, logid="ac{}".format(self.live_count))
+            if pre_generated_key:
+                self._preconfigure_key(ac, account.get_config("addr"))
            ac._evlogger.init_time = self.init_time
            ac._evlogger.set_timeout(30)
            ac.configure(addr=account.get_config("addr"), mail_pw=account.get_config("mail_pw"))
--- a/python/tests/test_account.py
+++ b/python/tests/test_account.py
@@ -6,7 +6,8 @@ import time
 from deltachat import const, Account
 from deltachat.message import Message
 from datetime import datetime, timedelta
-from conftest import wait_configuration_progress, wait_successful_IMAP_SMTP_connection, wait_securejoin_inviter_progress
+from conftest import (wait_configuration_progress,
+                      wait_securejoin_inviter_progress)


 class TestOfflineAccountBasic:
@@ -24,6 +25,12 @@ class TestOfflineAccountBasic:
        ac1 = Account(p.strpath, os_name="solarpunk")
        ac1.get_info()

+    def test_preconfigure_keypair(self, acfactory, datadir):
+        ac = acfactory.get_unconfigured_account()
+        ac._preconfigure_keypair("alice@example.com",
+                                 datadir.join("key/alice-public.asc").read(),
+                                 datadir.join("key/alice-secret.asc").read())
+
    def test_getinfo(self, acfactory):
        ac1 = acfactory.get_unconfigured_account()
        d = ac1.get_info()
@@ -58,11 +65,6 @@ class TestOfflineAccountBasic:
        with pytest.raises(ValueError):
            ac1.get_self_contact()

-    def test_get_info(self, acfactory):
-        ac1 = acfactory.get_configured_offline_account()
-        out = ac1.get_infostring()
-        assert "number_of_chats=0" in out
-
    def test_selfcontact_configured(self, acfactory):
        ac1 = acfactory.get_configured_offline_account()
        me = ac1.get_self_contact()
@@ -212,6 +214,18 @@ class TestOfflineChat:
        chat.remove_profile_image()
        assert chat.get_profile_image() is None

+    def test_mute(self, ac1):
+        chat = ac1.create_group_chat(name="title1")
+        assert not chat.is_muted()
+        chat.mute()
+        assert chat.is_muted()
+        chat.unmute()
+        assert not chat.is_muted()
+        chat.mute(50)
+        assert chat.is_muted()
+        with pytest.raises(ValueError):
+            chat.mute(-51)
+
    def test_delete_and_send_fails(self, ac1, chat1):
        chat1.delete()
        ac1._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
@@ -417,6 +431,45 @@ class TestOnlineAccount:
            ac2.create_chat_by_contact(ac2.create_contact(email=ac1.get_config("addr")))
        return chat

+    @pytest.mark.ignored
+    def test_configure_generate_key(self, acfactory, lp):
+        # A slow test which will generate new keys.
+        ac1 = acfactory.get_online_configuring_account(
+            pre_generated_key=False,
+            config={"key_gen_type": str(const.DC_KEY_GEN_RSA2048)}
+        )
+        ac2 = acfactory.get_online_configuring_account(
+            pre_generated_key=False,
+            config={"key_gen_type": str(const.DC_KEY_GEN_ED25519)}
+        )
+        wait_configuration_progress(ac1, 1000)
+        wait_configuration_progress(ac2, 1000)
+        chat = self.get_chat(ac1, ac2, both_created=True)
+
+        lp.sec("ac1: send unencrypted message to ac2")
+        chat.send_text("message1")
+        lp.sec("ac2: waiting for message from ac1")
+        ev = ac2._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
+        msg_in = ac2.get_message_by_id(ev[2])
+        assert msg_in.text == "message1"
+        assert not msg_in.is_encrypted()
+
+        lp.sec("ac2: send encrypted message to ac1")
+        msg_in.chat.send_text("message2")
+        lp.sec("ac1: waiting for message from ac2")
+        ev = ac1._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
+        msg2_in = ac1.get_message_by_id(ev[2])
+        assert msg2_in.text == "message2"
+        assert msg2_in.is_encrypted()
+
+        lp.sec("ac1: send encrypted message to ac2")
+        msg2_in.chat.send_text("message3")
+        lp.sec("ac2: waiting for message from ac1")
+        ev = ac2._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
+        msg3_in = ac1.get_message_by_id(ev[2])
+        assert msg3_in.text == "message3"
+        assert msg3_in.is_encrypted()
+
    def test_configure_canceled(self, acfactory):
        ac1 = acfactory.get_online_configuring_account()
        wait_configuration_progress(ac1, 200)
@@ -435,37 +488,53 @@ class TestOnlineAccount:

    def test_one_account_send_bcc_setting(self, acfactory, lp):
        ac1 = acfactory.get_online_configuring_account()
-        ac2_config = acfactory.peek_online_config()
-        c2 = ac1.create_contact(email=ac2_config["addr"])
-        chat = ac1.create_chat_by_contact(c2)
-        assert chat.id > const.DC_CHAT_ID_LAST_SPECIAL
-        wait_successful_IMAP_SMTP_connection(ac1)
+        ac2 = acfactory.get_online_configuring_account()
+
+        # Clone the first account: we will test if sent messages
+        # are copied to it via BCC.
+        ac1_clone = acfactory.clone_online_account(ac1)
+
        wait_configuration_progress(ac1, 1000)
+        wait_configuration_progress(ac2, 1000)
+        wait_configuration_progress(ac1_clone, 1000)
+
+        chat = self.get_chat(ac1, ac2)
+
+        self_addr = ac1.get_config("addr")
+        other_addr = ac2.get_config("addr")
+
+        lp.sec("send out message without bcc to ourselves")
+        ac1.set_config("bcc_self", "0")
+        msg_out = chat.send_text("message1")
+        assert not msg_out.is_forwarded()
+
+        # wait for send out (no BCC)
+        ev = ac1._evlogger.get_matching("DC_EVENT_SMTP_MESSAGE_SENT")
+        assert ac1.get_config("bcc_self") == "0"
+
+        # make sure we are not sending message to ourselves
+        assert self_addr not in ev[2]
+        assert other_addr in ev[2]
+        ev = ac1._evlogger.get_matching("DC_EVENT_DELETED_BLOB_FILE")

        lp.sec("ac1: setting bcc_self=1")
        ac1.set_config("bcc_self", "1")

        lp.sec("send out message with bcc to ourselves")
        msg_out = chat.send_text("message2")
-        ev = ac1._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
-        assert ev[2] == msg_out.id
+
        # wait for send out (BCC)
-        assert ac1.get_config("bcc_self") == "1"
-        self_addr = ac1.get_config("addr")
        ev = ac1._evlogger.get_matching("DC_EVENT_SMTP_MESSAGE_SENT")
+        assert ac1.get_config("bcc_self") == "1"
+
+        # now make sure we are sending message to ourselves too
        assert self_addr in ev[2]
+        assert other_addr in ev[2]
        ev = ac1._evlogger.get_matching("DC_EVENT_DELETED_BLOB_FILE")

-        ac1._evlogger.consume_events()
-        lp.sec("send out message without bcc")
-        ac1.set_config("bcc_self", "0")
-        msg_out = chat.send_text("message3")
-        assert not msg_out.is_forwarded()
-        ev = ac1._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
-        assert ev[2] == msg_out.id
-        ev = ac1._evlogger.get_matching("DC_EVENT_SMTP_MESSAGE_SENT")
-        assert self_addr not in ev[2]
-        ev = ac1._evlogger.get_matching("DC_EVENT_DELETED_BLOB_FILE")
+        # Second client receives only second message, but not the first
+        ev = ac1_clone._evlogger.get_matching("DC_EVENT_MSGS_CHANGED")
+        assert ac1_clone.get_message_by_id(ev[2]).text == msg_out.text

    def test_send_file_twice_unicode_filename_mangling(self, tmpdir, acfactory, lp):
        ac1, ac2 = acfactory.get_two_online_accounts()
@@ -662,7 +731,7 @@ class TestOnlineAccount:
        assert not msg_in.is_forwarded()
        assert msg_in.get_sender_contact().display_name == ac1.get_config("displayname")

-        lp.sec("check the message arrived in contact-requets/deaddrop")
+        lp.sec("check the message arrived in contact-requests/deaddrop")
        chat2 = msg_in.chat
        assert msg_in in chat2.get_messages()
        assert chat2.is_deaddrop()
@@ -678,14 +747,26 @@ class TestOnlineAccount:
        chat2b.mark_noticed()
        assert chat2b.count_fresh_messages() == 0

-        lp.sec("mark message as seen on ac2, wait for changes on ac1")
-        ac2.mark_seen_messages([msg_in])
+        ac2._evlogger.consume_events()
+
+        lp.sec("sending a second message from ac1 to ac2")
+        msg_out2 = chat.send_text("message2")
+
+        lp.sec("wait for ac2 to receive second message")
+        ev = ac2._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
+        assert ev[2] == msg_out2.id
+        msg_in2 = ac2.get_message_by_id(msg_out2.id)
+
+        lp.sec("mark messages as seen on ac2, wait for changes on ac1")
+        ac2.mark_seen_messages([msg_in, msg_in2])
        lp.step("1")
-        ev = ac1._evlogger.get_matching("DC_EVENT_MSG_READ")
-        assert ev[1] > const.DC_CHAT_ID_LAST_SPECIAL
-        assert ev[2] > const.DC_MSG_ID_LAST_SPECIAL
+        for i in range(2):
+            ev = ac1._evlogger.get_matching("DC_EVENT_MSG_READ")
+            assert ev[1] > const.DC_CHAT_ID_LAST_SPECIAL
+            assert ev[2] > const.DC_MSG_ID_LAST_SPECIAL
        lp.step("2")
        assert msg_out.is_out_mdn_received()
+        assert msg_out2.is_out_mdn_received()

        lp.sec("check that a second call to mark_seen does not create change or smtp job")
        ac2._evlogger.consume_events()
@@ -722,11 +803,13 @@ class TestOnlineAccount:
        ac2.mark_seen_messages([msg])

        lp.sec("ac1: waiting for incoming activity")
-        # wait for MOVED event because even ignored read-receipts should be moved
+        # MDN should be moved even though MDNs are already disabled
        ac1._evlogger.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")

        assert len(chat.get_messages()) == 1
-        assert not msg_out.is_out_mdn_received()
+
+        # MDN is received even though MDNs are already disabled
+        assert msg_out.is_out_mdn_received()

    def test_send_and_receive_will_encrypt_decrypt(self, acfactory, lp):
        ac1, ac2 = acfactory.get_two_online_accounts()
@@ -827,7 +910,21 @@ class TestOnlineAccount:
        print("ac1: e2ee_enabled={}".format(ac1.get_config("e2ee_enabled")))
        print("ac2: e2ee_enabled={}".format(ac2.get_config("e2ee_enabled")))
        ac1.set_config("e2ee_enabled", "0")
-        chat.send_text("message2 -- should be encrypted")
+
+        # Set unprepared and unencrypted draft to test that it is not
+        # taken into account when determining whether last message is
+        # encrypted.
+        msg_draft = Message.new_empty(ac1, "text")
+        msg_draft.set_text("message2 -- should be encrypted")
+        chat.set_draft(msg_draft)
+
+        # Get the draft, prepare and send it.
+        msg_draft = chat.get_draft()
+        msg_out = chat.prepare_message(msg_draft)
+        chat.send_prepared(msg_out)
+
+        chat.set_draft(None)
+        assert chat.get_draft() is None

        lp.sec("wait for ac2 to receive message")
        ev = ac2._evlogger.get_matching("DC_EVENT_INCOMING_MSG")
@@ -1175,29 +1272,46 @@ class TestOnlineAccount:
 class TestGroupStressTests:
    def test_group_many_members_add_leave_remove(self, acfactory, lp):
        lp.sec("creating and configuring five accounts")
-        ac1 = acfactory.get_online_configuring_account()
-        accounts = [acfactory.get_online_configuring_account() for i in range(3)]
-        wait_configuration_progress(ac1, 1000)
+        accounts = [acfactory.get_online_configuring_account() for i in range(5)]
        for acc in accounts:
            wait_configuration_progress(acc, 1000)
+        ac1 = accounts.pop()
+
+        lp.sec("ac1: setting up contacts with 4 other members")
+        contacts = []
+        for acc, name in zip(accounts, list("äöüsr")):
+            contact = ac1.create_contact(acc.get_config("addr"), name=name)
+            contacts.append(contact)
+
+            # make sure we accept the "hi" message
+            ac1.create_chat_by_contact(contact)
+
+            # make sure the other side accepts our messages
+            c1 = acc.create_contact(ac1.get_config("addr"), "ä member")
+            chat1 = acc.create_chat_by_contact(c1)
+
+            # send a message to get the contact key via autocrypt header
+            chat1.send_text("hi")
+            msg = ac1.wait_next_incoming_message()
+            assert msg.text == "hi"
+
+        # Save fifth account for later
+        ac5 = accounts.pop()
+        contact5 = contacts.pop()

        lp.sec("ac1: creating group chat with 3 other members")
        chat = ac1.create_group_chat("title1")
-        contacts = []
-        chars = list("äöüsr")
-        for acc in accounts:
-            contact = ac1.create_contact(acc.get_config("addr"), name=chars.pop())
-            contacts.append(contact)
+        for contact in contacts:
            chat.add_contact(contact)
-            # make sure the other side accepts our messages
-            c1 = acc.create_contact(ac1.get_config("addr"), "ä member")
-            acc.create_chat_by_contact(c1)
-
        assert not chat.is_promoted()

        lp.sec("ac1: send mesage to new group chat")
-        chat.send_text("hello")
+        msg = chat.send_text("hello")
        assert chat.is_promoted()
+        assert msg.is_encrypted()
+
+        gossiped_timestamp = chat.get_summary()["gossiped_timestamp"]
+        assert gossiped_timestamp > 0

        num_contacts = len(chat.get_contacts())
        assert num_contacts == 3 + 1
@@ -1213,19 +1327,45 @@ class TestGroupStressTests:
        ac3 = accounts[1]
        msg3 = ac3.wait_next_incoming_message()
        assert msg3.text == "hello"
-        contacts = ac3.get_contacts()
-        assert len(contacts) == 3
+        ac3_contacts = ac3.get_contacts()
+        assert len(ac3_contacts) == 3
        ac4_contacts = ac3.get_contacts(query=accounts[2].get_config("addr"))
        assert len(ac4_contacts) == 1

-        lp.sec("ac1: removing one contacts and checking things are right")
-        to_remove = msg.chat.get_contacts()[-1]
+        lp.sec("ac2: removing one contact")
+        to_remove = contacts[-1]
        msg.chat.remove_contact(to_remove)

+        lp.sec("ac1: receiving system message about contact removal")
        sysmsg = ac1.wait_next_incoming_message()
        assert to_remove.addr in sysmsg.text
        assert len(sysmsg.chat.get_contacts()) == 3

+        # Receiving message about removed contact does not reset gossip
+        assert chat.get_summary()["gossiped_timestamp"] == gossiped_timestamp
+
+        lp.sec("ac1: sending another message to the chat")
+        chat.send_text("hello2")
+        msg = ac2.wait_next_incoming_message()
+        assert msg.text == "hello2"
+        assert chat.get_summary()["gossiped_timestamp"] == gossiped_timestamp
+
+        lp.sec("ac1: adding fifth member to the chat")
+        chat.add_contact(contact5)
+        # Additng contact to chat resets gossiped_timestamp
+        assert chat.get_summary()["gossiped_timestamp"] >= gossiped_timestamp
+
+        lp.sec("ac2: receiving system message about contact addition")
+        sysmsg = ac2.wait_next_incoming_message()
+        assert contact5.addr in sysmsg.text
+        assert len(sysmsg.chat.get_contacts()) == 4
+
+        lp.sec("ac5: waiting for message about addition to the chat")
+        sysmsg = ac5.wait_next_incoming_message()
+        msg = sysmsg.chat.send_text("hello!")
+        # Message should be encrypted because keys of other members are gossiped
+        assert msg.is_encrypted()
+

 class TestOnlineConfigureFails:
    def test_invalid_password(self, acfactory):
--- a/python/tests/test_lowlevel.py
+++ b/python/tests/test_lowlevel.py
@@ -2,7 +2,6 @@ from __future__ import print_function
 from deltachat import capi, cutil, const, set_context_callback, clear_context_callback
 from deltachat.capi import ffi
 from deltachat.capi import lib
-from deltachat.account import EventLogger


 def test_empty_context():
@@ -18,21 +17,13 @@ def test_callback_None2int():


 def test_dc_close_events(tmpdir):
-    ctx = ffi.gc(
-        capi.lib.dc_context_new(capi.lib.py_dc_callback, ffi.NULL, ffi.NULL),
-        lib.dc_context_unref,
-    )
-    evlog = EventLogger(ctx)
-    evlog.set_timeout(5)
-    set_context_callback(
-        ctx,
-        lambda ctx, evt_name, data1, data2: evlog(evt_name, data1, data2)
-    )
+    from deltachat.account import Account
    p = tmpdir.join("hello.db")
-    lib.dc_open(ctx, p.strpath.encode("ascii"), ffi.NULL)
-    capi.lib.dc_close(ctx)
+    ac1 = Account(p.strpath)
+    ac1.shutdown()

    def find(info_string):
+        evlog = ac1._evlogger
        while 1:
            ev = evlog.get_matching("DC_EVENT_INFO", check_error=False)
            data2 = ev[2]
@@ -102,19 +93,12 @@ def test_get_special_message_id_returns_empty_message(acfactory):
        assert msg.id == 0


-def test_provider_info():
-    provider = lib.dc_provider_new_from_email(cutil.as_dc_charpointer("ex@example.com"))
-    assert cutil.from_dc_charpointer(
-        lib.dc_provider_get_overview_page(provider)
-    ) == "https://providers.delta.chat/example.com"
-    assert cutil.from_dc_charpointer(lib.dc_provider_get_name(provider)) == "Example"
-    assert cutil.from_dc_charpointer(lib.dc_provider_get_markdown(provider)) == "\n..."
-    assert cutil.from_dc_charpointer(lib.dc_provider_get_status_date(provider)) == "2018-09"
-    assert lib.dc_provider_get_status(provider) == const.DC_PROVIDER_STATUS_PREPARATION
-
-
 def test_provider_info_none():
-    assert lib.dc_provider_new_from_email(cutil.as_dc_charpointer("email@unexistent.no")) == ffi.NULL
+    ctx = ffi.gc(
+        lib.dc_context_new(lib.py_dc_callback, ffi.NULL, ffi.NULL),
+        lib.dc_context_unref,
+    )
+    assert lib.dc_provider_new_from_email(ctx, cutil.as_dc_charpointer("email@unexistent.no")) == ffi.NULL


 def test_get_info_closed():
--- a/python/tests/test_provider_info.py
+++ b/python/tests/test_provider_info.py
@@ -1,27 +0,0 @@
-import pytest
-
-from deltachat import const
-from deltachat import provider
-
-
-def test_provider_info_from_email():
-    example = provider.Provider.from_email("email@example.com")
-    assert example.overview_page == "https://providers.delta.chat/example.com"
-    assert example.name == "Example"
-    assert example.markdown == "\n..."
-    assert example.status_date == "2018-09"
-    assert example.status == const.DC_PROVIDER_STATUS_PREPARATION
-
-
-def test_provider_info_from_domain():
-    example = provider.Provider("example.com")
-    assert example.overview_page == "https://providers.delta.chat/example.com"
-    assert example.name == "Example"
-    assert example.markdown == "\n..."
-    assert example.status_date == "2018-09"
-    assert example.status == const.DC_PROVIDER_STATUS_PREPARATION
-
-
-def test_provider_info_none():
-    with pytest.raises(provider.ProviderNotFoundError):
-        provider.Provider.from_email("email@unexistent.no")
--- a/python/tox.ini
+++ b/python/tox.ini
@@ -7,8 +7,8 @@ envlist =

 [testenv]
 commands = 
-    pytest -n6 --reruns 2 --reruns-delay 5 -v -rsXx {posargs:tests} 
-    # python tests/package_wheels.py {toxworkdir}/wheelhouse
+    pytest -n6 --reruns 2 --reruns-delay 5 -v -rsXx --ignored {posargs:tests}
+    python tests/package_wheels.py {toxworkdir}/wheelhouse
 passenv = 
    TRAVIS 
    DCC_RS_DEV
@@ -65,11 +65,11 @@ commands =


 [pytest]
-addopts = -v -ra
+addopts = -v -ra --strict-markers
 python_files = tests/test_*.py
 norecursedirs = .tox 
 xfail_strict=true
-timeout = 60 
+timeout = 90
 timeout_method = thread

 [flake8]
--- a/scripts/proxy.py
+++ b/scripts/proxy.py
@@ -0,0 +1,80 @@
+#!/usr/bin/env python3
+# Examples:
+#
+# Original server that doesn't use SSL:
+# ./proxy.py 8080 imap.nauta.cu 143
+# ./proxy.py 8081 smtp.nauta.cu 25
+#
+# Original server that uses SSL:
+# ./proxy.py 8080 testrun.org 993 --ssl
+# ./proxy.py 8081 testrun.org 465 --ssl
+
+from datetime import datetime
+import argparse
+import selectors
+import ssl
+import socket
+import socketserver
+
+
+class Proxy(socketserver.ThreadingTCPServer):
+    allow_reuse_address = True
+
+    def __init__(self, proxy_host, proxy_port, real_host, real_port, use_ssl):
+        self.real_host = real_host
+        self.real_port = real_port
+        self.use_ssl = use_ssl
+        super().__init__((proxy_host, proxy_port), RequestHandler)
+
+
+class RequestHandler(socketserver.BaseRequestHandler):
+
+    def handle(self):
+        print('{} - {} CONNECTED.'.format(datetime.now(), self.client_address))
+
+        total = 0
+        real_server = (self.server.real_host, self.server.real_port)
+        with socket.create_connection(real_server) as sock:
+            if self.server.use_ssl:
+                context = ssl.create_default_context()
+                sock = context.wrap_socket(
+                    sock, server_hostname=real_server[0])
+
+            forward = {self.request: sock, sock: self.request}
+
+            sel = selectors.DefaultSelector()
+            sel.register(self.request, selectors.EVENT_READ,
+                         self.client_address)
+            sel.register(sock, selectors.EVENT_READ, real_server)
+
+            active = True
+            while active:
+                events = sel.select()
+                for key, mask in events:
+                    print('\n{} - {} wrote:'.format(datetime.now(), key.data))
+                    data = key.fileobj.recv(1024)
+                    received = len(data)
+                    total += received
+                    print(data)
+                    print('{} Bytes\nTotal: {} Bytes'.format(received, total))
+                    if data:
+                        forward[key.fileobj].sendall(data)
+                    else:
+                        print('\nCLOSING CONNECTION.\n\n')
+                        forward[key.fileobj].close()
+                        key.fileobj.close()
+                        active = False
+
+
+if __name__ == '__main__':
+    p = argparse.ArgumentParser(description='Simple Python Proxy')
+    p.add_argument(
+        "proxy_port", help="the port where the proxy will listen", type=int)
+    p.add_argument('host', help="the real host")
+    p.add_argument('port', help="the port of the real host", type=int)
+    p.add_argument("--ssl", help="use ssl to connect to the real host",
+                   action="store_true")
+    args = p.parse_args()
+
+    with Proxy('', args.proxy_port, args.host, args.port, args.ssl) as proxy:
+        proxy.serve_forever()
--- a/set_core_version.py
+++ b/set_core_version.py
@@ -35,7 +35,7 @@ if __name__ == "__main__":
    if len(sys.argv) < 2:
        for x in ("Cargo.toml", "deltachat-ffi/Cargo.toml"):
            print("{}: {}".format(x, read_toml_version(x)))
-        raise SystemExit("need argument: new version, example 1.0.0-beta.27")
+        raise SystemExit("need argument: new version, example: 1.25.0")
    newversion = sys.argv[1]
    if newversion.count(".") < 2:
        raise SystemExit("need at least two dots in version")
@@ -45,7 +45,7 @@ if __name__ == "__main__":
    assert core_toml == ffi_toml, (core_toml, ffi_toml)

    for line in open("CHANGELOG.md"):
-        ## 1.0.0-beta5
+        ## 1.25.0
        if line.startswith("## "):
            if line[2:].strip().startswith(newversion):
                break
--- a/spec.md
+++ b/spec.md
@@ -1,6 +1,6 @@
 # Chat-over-Email specification

-Version 0.20.0
+Version 0.30.0

 This document describes how emails can be used
 to implement typical messenger functions
@@ -17,6 +17,9 @@ while staying compatible to existing MUAs.
    - [Change group name](#change-group-name)
    - [Set group image](#set-group-image)
 - [Set profile image](#set-profile-image)
+- [Locations](#locations)
+    - [User locations](#user-locations)
+    - [Points of interest](#points-of-interest)
 - [Miscellaneous](#miscellaneous)


@@ -29,8 +32,7 @@ Messages SHOULD be encrypted by the
 Meta data (at least the subject and all chat-headers) SHOULD be encrypted
 by the [Memoryhole](https://github.com/autocrypt/memoryhole) standard.
 If Memoryhole is not used,
-the subject of encrypted messages SHOULD be replaced by the string
-`Chat: Encrypted message` where the part after the colon MAY be localized.
+the subject of encrypted messages SHOULD be replaced by the string `...`.


 # Outgoing messages
@@ -113,6 +115,7 @@ but MUAs typically expose the sender in the UI.
 Groups are chats with usually more than one recipient,
 each defined by an email-address.
 The sender plus the recipients are the group members.
+All group members form the member list.

 To allow different groups with the same members,
 groups are identified by a group-id.
@@ -135,8 +138,7 @@ The group-name MUST be written to `Chat-Group-Name` header
 to join a group chat on a second device any time).

 The `Subject` header of outgoing group messages
-SHOULD start with the characters `Chat:`
-followed by the group-name and a colon followed by an excerpt of the message.
+SHOULD be set to the group-name.

 To identify the group-id on replies from normal MUAs,
 the group-id MUST also be added to the message-id of outgoing messages.
@@ -153,8 +155,8 @@ The message-id MUST have the format `Gr.<group-id>.<unique data>`.
    Hello group - this group contains three members

 Messengers adding the member list in the form `Name <email-address>`
-MUST take care only to spread the names authorized by the contacts themselves.
-Otherwise, names as _Daddy_ or _Honey_ may be spread
+MUST take care only to distribute the names authorized by the contacts themselves.
+Otherwise, names as _Daddy_ or _Honey_ may be distributed
 (this issue is also true for normal MUAs, however,
 for more contact- and chat-centralized apps
 such situations happen more frequently).
@@ -177,12 +179,22 @@ to a normal single-user chat with the email-address given in `From`.

 ## Add and remove members

-Messenger clients MUST construct the member list
-from the `From`/`To` headers only on the first group message
-or if they see a `Chat-Group-Member-Added`
-or `Chat-Group-Member-Removed` action header.
-Both headers MUST have the email-address
-of the added or removed member as the value.
+Messenger clients MUST init the member list
+from the `From`/`To` headers on the first group message.
+
+When a member is added later,
+a `Chat-Group-Member-Added` action header must be sent
+with the value set to the email-address of the added member.
+When receiving a `Chat-Group-Member-Added` header, however,
+_all missing_ members  the `From`/`To` headers has to be added.
+This is to mitigate problems when receiving messages
+in different orders, esp. on creating new groups.
+
+To remove a member, a `Chat-Group-Member-Removed` header must be sent
+with the value set to the email-address of the member to remove.
+When receiving a `Chat-Group-Member-Removed` header,
+only exaxtly the given member has to be removed from the member list.
+
 Messenger clients MUST NOT construct the member list
 on other group messages
 (this is to avoid accidentally altered To-lists in normal MUAs;
@@ -288,7 +300,7 @@ to add a `Chat-Group-Avatar` only on image changes.

 # Set profile image

-A user MAY have a profile-image that MAY be spread to their contacts.
+A user MAY have a profile-image that MAY be distributed to their contacts.
 To change or set the profile-image,
 the messenger MUST attach an image file to a message
 and MUST add the header `Chat-User-Avatar`
@@ -297,7 +309,7 @@ with the value set to the image name.
 To remove the profile-image,
 the messenger MUST add the header `Chat-User-Avatar: 0`.

-To spread the image,
+To distribute the image,
 the messenger MAY send the profile image
 together with the next mail to a given contact
 (to do this only once,
@@ -332,6 +344,64 @@ To save data, it is RECOMMENDED to add a `Chat-User-Avatar` header
 only on image changes.


+# Locations
+
+Locations can be attachted to messages using
+[standard kml-files](https://www.opengeospatial.org/standards/kml/)
+with well-known names.
+
+
+## User locations
+
+To send the location of the sender,
+the app can attach a file with the name `location.kml`.
+The file can contain one or more locations.
+Apps that support location streaming will typically collect some location events
+and send them together in one file.
+As each location has an independent timestamp,
+the apps can show the location as a track.
+
+Note that the `addr` attribute inside the  `location.kml` file
+MUST match the users email-address.
+Otherwise, the file is discarded silently;
+this is to protect against getting wrong locations,
+eg. forwarded from a normal MUA.
+
+    <?xml version="1.0" encoding="UTF-8"?>
+    <kml xmlns="http://www.opengis.net/kml/2.2">
+      <Document addr="ndh@deltachat.de">
+        <Placemark>
+          <Timestamp><when>2020-01-11T20:40:19Z</when></Timestamp>
+          <Point><coordinates accuracy="1.2">1.234,5.678</coordinates></Point>
+        </Placemark>
+        <Placemark>
+          <Timestamp><when>2020-01-11T20:40:25Z</when></Timestamp>
+          <Point><coordinates accuracy="5.4">7.654,3.21</coordinates></Point>
+        </Placemark>
+      </Document>
+    </kml>
+
+
+## Points of interest
+
+To send an "Point of interest", a POI,
+use a normal message and attach a file with the name  `message.kml`.
+In contrast to user locations, this file should contain only one location
+and an address-attribute is not needed -
+as the location belongs to the message content,
+it is fine if the location is detected on forwarding etc.
+
+    <?xml version="1.0" encoding="UTF-8"?>
+    <kml xmlns="http://www.opengis.net/kml/2.2">
+      <Document>
+        <Placemark>
+          <Timestamp><when>2020-01-01T20:40:19Z</when></Timestamp>
+          <Point><coordinates accuracy="1.2">1.234,5.678</coordinates></Point>
+        </Placemark>
+      </Document>
+    </kml>
+
+
 # Miscellaneous

 Messengers SHOULD use the header `In-Reply-To` as usual.
@@ -368,4 +438,4 @@ as the sending time of the message as indicated by its Date header,
 or the time of first receipt if that date is in the future or unavailable.


-Copyright © 2017-2019 Delta Chat contributors.
+Copyright © 2017-2020 Delta Chat contributors.
--- a/src/aheader.rs
+++ b/src/aheader.rs
@@ -6,10 +6,10 @@ use std::collections::BTreeMap;
 use std::str::FromStr;
 use std::{fmt, str};

-use crate::constants::*;
 use crate::contact::*;
 use crate::context::Context;
-use crate::key::*;
+use crate::headerdef::{HeaderDef, HeaderDefMap};
+use crate::key::{DcKey, SignedPublicKey};

 /// Possible values for encryption preference
 #[derive(PartialEq, Eq, Debug, Clone, Copy, FromPrimitive, ToPrimitive)]
@@ -52,13 +52,17 @@ impl str::FromStr for EncryptPreference {
 #[derive(Debug)]
 pub struct Aheader {
    pub addr: String,
-    pub public_key: Key,
+    pub public_key: SignedPublicKey,
    pub prefer_encrypt: EncryptPreference,
 }

 impl Aheader {
    /// Creates new autocrypt header
-    pub fn new(addr: String, public_key: Key, prefer_encrypt: EncryptPreference) -> Self {
+    pub fn new(
+        addr: String,
+        public_key: SignedPublicKey,
+        prefer_encrypt: EncryptPreference,
+    ) -> Self {
        Aheader {
            addr,
            public_key,
@@ -71,9 +75,7 @@ impl Aheader {
        wanted_from: &str,
        headers: &[mailparse::MailHeader<'_>],
    ) -> Option<Self> {
-        use mailparse::MailHeaderMap;
-
-        if let Ok(Some(value)) = headers.get_first_value("Autocrypt") {
+        if let Ok(Some(value)) = headers.get_header_value(HeaderDef::Autocrypt) {
            match Self::from_str(&value) {
                Ok(header) => {
                    if addr_cmp(&header.addr, wanted_from) {
@@ -142,22 +144,11 @@ impl str::FromStr for Aheader {
                return Err(());
            }
        };
-
-        let public_key = match attributes
+        let public_key: SignedPublicKey = attributes
            .remove("keydata")
-            .and_then(|raw| Key::from_base64(&raw, KeyType::Public))
-        {
-            Some(key) => {
-                if key.verify() {
-                    key
-                } else {
-                    return Err(());
-                }
-            }
-            None => {
-                return Err(());
-            }
-        };
+            .ok_or(())
+            .and_then(|raw| SignedPublicKey::from_base64(&raw).or(Err(())))
+            .and_then(|key| key.verify().and(Ok(key)).or(Err(())))?;

        let prefer_encrypt = attributes
            .remove("prefer-encrypt")
@@ -292,7 +283,7 @@ mod tests {
            "{}",
            Aheader::new(
                "test@example.com".to_string(),
-                Key::from_base64(RAWKEY, KeyType::Public).unwrap(),
+                SignedPublicKey::from_base64(RAWKEY).unwrap(),
                EncryptPreference::Mutual
            )
        )
@@ -305,7 +296,7 @@ mod tests {
            "{}",
            Aheader::new(
                "test@example.com".to_string(),
-                Key::from_base64(RAWKEY, KeyType::Public).unwrap(),
+                SignedPublicKey::from_base64(RAWKEY).unwrap(),
                EncryptPreference::NoPreference
            )
        )
--- a/src/blob.rs
+++ b/src/blob.rs
@@ -322,13 +322,12 @@ impl<'a> BlobObject<'a> {

        let clean = sanitize_filename::sanitize_with_options(name, opts);
        let mut iter = clean.splitn(2, '.');
-        let mut stem = iter.next().unwrap_or_default().to_string();
-        let mut ext = iter.next().unwrap_or_default().to_string();
-        stem.truncate(64);
-        ext.truncate(32);
-        match ext.len() {
-            0 => (stem, "".to_string()),
-            _ => (stem, format!(".{}", ext).to_lowercase()),
+        let stem: String = iter.next().unwrap_or_default().chars().take(64).collect();
+        let ext: String = iter.next().unwrap_or_default().chars().take(32).collect();
+        if ext.is_empty() {
+            (stem, "".to_string())
+        } else {
+            (stem, format!(".{}", ext).to_lowercase())
        }
    }

@@ -631,4 +630,11 @@ mod tests {
        assert!(!BlobObject::is_acceptible_blob_name("foo\\bar"));
        assert!(!BlobObject::is_acceptible_blob_name("foo\x00bar"));
    }
+
+    #[test]
+    fn test_sanitise_name() {
+        let (_, ext) =
+            BlobObject::sanitise_name("Я ЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯЯ.txt");
+        assert_eq!(ext, ".txt");
+    }
 }
--- a/src/chat.rs
+++ b/src/chat.rs
--- a/src/chatlist.rs
+++ b/src/chatlist.rs
@@ -36,7 +36,7 @@ use crate::stock::StockMessage;
 #[derive(Debug)]
 pub struct Chatlist {
    /// Stores pairs of `chat_id, message_id`
-    ids: Vec<(u32, MsgId)>,
+    ids: Vec<(ChatId, MsgId)>,
 }

 impl Chatlist {
@@ -60,7 +60,7 @@ impl Chatlist {
    ///   or "Not now".
    ///   The UI can also offer a "Close" button that calls dc_marknoticed_contact() then.
    /// - DC_CHAT_ID_ARCHIVED_LINK (6) - this special chat is present if the user has
-    ///   archived *any* chat using dc_archive_chat(). The UI should show a link as
+    ///   archived *any* chat using dc_set_chat_visibility(). The UI should show a link as
    ///   "Show archived chats", if the user clicks this item, the UI should show a
    ///   list of all archived chats that can be created by this function hen using
    ///   the DC_GCL_ARCHIVED_ONLY flag.
@@ -91,7 +91,7 @@ impl Chatlist {
        let mut add_archived_link_item = false;

        let process_row = |row: &rusqlite::Row| {
-            let chat_id: u32 = row.get(0)?;
+            let chat_id: ChatId = row.get(0)?;
            let msg_id: MsgId = row.get(1).unwrap_or_default();
            Ok((chat_id, msg_id))
        };
@@ -127,13 +127,13 @@ impl Chatlist {
                               SELECT MAX(timestamp)
                                 FROM msgs
                                WHERE chat_id=c.id
-                                  AND (hidden=0 OR state=?))
+                                  AND (hidden=0 OR state=?1))
                 WHERE c.id>9
                   AND c.blocked=0
-                   AND c.id IN(SELECT chat_id FROM chats_contacts WHERE contact_id=?)
+                   AND c.id IN(SELECT chat_id FROM chats_contacts WHERE contact_id=?2)
                 GROUP BY c.id
-                 ORDER BY IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
-                params![MessageState::OutDraft, query_contact_id as i32],
+                 ORDER BY c.archived=?3 DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                params![MessageState::OutDraft, query_contact_id as i32, ChatVisibility::Pinned],
                process_row,
                process_rows,
            )?
@@ -162,6 +162,12 @@ impl Chatlist {
            let query = query.trim().to_string();
            ensure!(!query.is_empty(), "missing query");

+            // allow searching over special names that may change at any time
+            // when the ui calls set_stock_translation()
+            if let Err(err) = update_special_chat_names(context) {
+                warn!(context, "cannot update special chat names: {:?}", err)
+            }
+
            let str_like_cmd = format!("%{}%", query);
            context.sql.query_map(
                "SELECT c.id, m.id
@@ -193,19 +199,22 @@ impl Chatlist {
                               SELECT MAX(timestamp)
                                 FROM msgs
                                WHERE chat_id=c.id
-                                  AND (hidden=0 OR state=?))
+                                  AND (hidden=0 OR state=?1))
                 WHERE c.id>9
                   AND c.blocked=0
-                   AND c.archived=0
+                   AND NOT c.archived=?2
                 GROUP BY c.id
-                 ORDER BY IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
-                params![MessageState::OutDraft],
+                 ORDER BY c.archived=?3 DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                params![MessageState::OutDraft, ChatVisibility::Archived, ChatVisibility::Pinned],
                process_row,
                process_rows,
            )?;
            if 0 == listflags & DC_GCL_NO_SPECIALS {
                if let Some(last_deaddrop_fresh_msg_id) = get_last_deaddrop_fresh_msg(context) {
-                    ids.insert(0, (DC_CHAT_ID_DEADDROP, last_deaddrop_fresh_msg_id));
+                    ids.insert(
+                        0,
+                        (ChatId::new(DC_CHAT_ID_DEADDROP), last_deaddrop_fresh_msg_id),
+                    );
                }
                add_archived_link_item = true;
            }
@@ -214,9 +223,9 @@ impl Chatlist {

        if add_archived_link_item && dc_get_archived_cnt(context) > 0 {
            if ids.is_empty() && 0 != listflags & DC_GCL_ADD_ALLDONE_HINT {
-                ids.push((DC_CHAT_ID_ALLDONE_HINT, MsgId::new(0)));
+                ids.push((ChatId::new(DC_CHAT_ID_ALLDONE_HINT), MsgId::new(0)));
            }
-            ids.push((DC_CHAT_ID_ARCHIVED_LINK, MsgId::new(0)));
+            ids.push((ChatId::new(DC_CHAT_ID_ARCHIVED_LINK), MsgId::new(0)));
        }

        Ok(Chatlist { ids })
@@ -235,9 +244,9 @@ impl Chatlist {
    /// Get a single chat ID of a chatlist.
    ///
    /// To get the message object from the message ID, use dc_get_chat().
-    pub fn get_chat_id(&self, index: usize) -> u32 {
+    pub fn get_chat_id(&self, index: usize) -> ChatId {
        if index >= self.ids.len() {
-            return 0;
+            return ChatId::new(0);
        }
        self.ids[index].0
    }
@@ -269,8 +278,8 @@ impl Chatlist {
        // This is because we may want to display drafts here or stuff as
        // "is typing".
        // Also, sth. as "No messages" would not work if the summary comes from a message.
-
        let mut ret = Lot::new();
+
        if index >= self.ids.len() {
            ret.text2 = Some("ErrBadChatlistIndex".to_string());
            return ret;
@@ -301,7 +310,7 @@ impl Chatlist {
            None
        };

-        if chat.id == DC_CHAT_ID_ARCHIVED_LINK {
+        if chat.id.is_archived_link() {
            ret.text2 = None;
        } else if lastmsg.is_none() || lastmsg.as_ref().unwrap().from_id == DC_CONTACT_ID_UNDEFINED
        {
@@ -312,6 +321,10 @@ impl Chatlist {

        ret
    }
+
+    pub fn get_index_for_id(&self, id: ChatId) -> Option<usize> {
+        self.ids.iter().position(|(chat_id, _)| chat_id == &id)
+    }
 }

 /// Returns the number of archived chats
@@ -349,7 +362,6 @@ fn get_last_deaddrop_fresh_msg(context: &Context) -> Option<MsgId> {
 mod tests {
    use super::*;

-    use crate::chat;
    use crate::test_utils::*;

    #[test]
@@ -369,7 +381,7 @@ mod tests {
        // drafts are sorted to the top
        let mut msg = Message::new(Viewtype::Text);
        msg.set_text(Some("hello".to_string()));
-        set_draft(&t.ctx, chat_id2, Some(&mut msg));
+        chat_id2.set_draft(&t.ctx, Some(&mut msg));
        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
        assert_eq!(chats.get_chat_id(0), chat_id2);

@@ -380,8 +392,33 @@ mod tests {
        let chats = Chatlist::try_load(&t.ctx, DC_GCL_ARCHIVED_ONLY, None, None).unwrap();
        assert_eq!(chats.len(), 0);

-        chat::archive(&t.ctx, chat_id1, true).ok();
+        chat_id1
+            .set_visibility(&t.ctx, ChatVisibility::Archived)
+            .ok();
        let chats = Chatlist::try_load(&t.ctx, DC_GCL_ARCHIVED_ONLY, None, None).unwrap();
        assert_eq!(chats.len(), 1);
    }
+
+    #[test]
+    fn test_search_special_chat_names() {
+        let t = dummy_context();
+        t.ctx.update_device_chats().unwrap();
+
+        let chats = Chatlist::try_load(&t.ctx, 0, Some("t-1234-s"), None).unwrap();
+        assert_eq!(chats.len(), 0);
+        let chats = Chatlist::try_load(&t.ctx, 0, Some("t-5678-b"), None).unwrap();
+        assert_eq!(chats.len(), 0);
+
+        t.ctx
+            .set_stock_translation(StockMessage::SavedMessages, "test-1234-save".to_string())
+            .unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, Some("t-1234-s"), None).unwrap();
+        assert_eq!(chats.len(), 1);
+
+        t.ctx
+            .set_stock_translation(StockMessage::DeviceMessages, "test-5678-babbel".to_string())
+            .unwrap();
+        let chats = Chatlist::try_load(&t.ctx, 0, Some("t-5678-b"), None).unwrap();
+        assert_eq!(chats.len(), 1);
+    }
 }
--- a/src/config.rs
+++ b/src/config.rs
@@ -8,6 +8,7 @@ use crate::constants::DC_VERSION_STR;
 use crate::context::Context;
 use crate::dc_tools::*;
 use crate::job::*;
+use crate::mimefactory::RECOMMENDED_FILE_SIZE;
 use crate::stock::StockMessage;
 use rusqlite::NO_PARAMS;

@@ -61,6 +62,9 @@ pub enum Config {
    #[strum(props(default = "0"))] // also change ShowEmails.default() on changes
    ShowEmails,

+    #[strum(props(default = "0"))]
+    KeyGenType,
+
    SaveMimeHeaders,
    ConfiguredAddr,
    ConfiguredMailServer,
@@ -98,7 +102,7 @@ impl Context {
                rel_path.map(|p| dc_get_abs_path(self, &p).to_string_lossy().into_owned())
            }
            Config::SysVersion => Some((&*DC_VERSION_STR).clone()),
-            Config::SysMsgsizeMaxRecommended => Some(format!("{}", 24 * 1024 * 1024 / 4 * 3)),
+            Config::SysMsgsizeMaxRecommended => Some(format!("{}", RECOMMENDED_FILE_SIZE)),
            Config::SysConfigKeys => Some(get_config_keys_string()),
            _ => self.sql.get_raw_config(self, key),
        };
@@ -190,7 +194,9 @@ mod tests {
    use std::str::FromStr;
    use std::string::ToString;

+    use crate::constants::AVATAR_SIZE;
    use crate::test_utils::*;
+    use image::GenericImageView;
    use std::fs::File;
    use std::io::Write;

@@ -212,32 +218,55 @@ mod tests {
    }

    #[test]
-    fn test_selfavatar_outside_blobdir() -> failure::Fallible<()> {
+    fn test_selfavatar_outside_blobdir() {
        let t = dummy_context();
        let avatar_src = t.dir.path().join("avatar.jpg");
        let avatar_bytes = include_bytes!("../test-data/image/avatar1000x1000.jpg");
-        File::create(&avatar_src)?.write_all(avatar_bytes)?;
+        File::create(&avatar_src)
+            .unwrap()
+            .write_all(avatar_bytes)
+            .unwrap();
        let avatar_blob = t.ctx.get_blobdir().join("avatar.jpg");
        assert!(!avatar_blob.exists());
        t.ctx
-            .set_config(Config::Selfavatar, Some(&avatar_src.to_str().unwrap()))?;
+            .set_config(Config::Selfavatar, Some(&avatar_src.to_str().unwrap()))
+            .unwrap();
        assert!(avatar_blob.exists());
        assert!(std::fs::metadata(&avatar_blob).unwrap().len() < avatar_bytes.len() as u64);
        let avatar_cfg = t.ctx.get_config(Config::Selfavatar);
        assert_eq!(avatar_cfg, avatar_blob.to_str().map(|s| s.to_string()));
-        Ok(())
+
+        let img = image::open(avatar_src).unwrap();
+        assert_eq!(img.width(), 1000);
+        assert_eq!(img.height(), 1000);
+
+        let img = image::open(avatar_blob).unwrap();
+        assert_eq!(img.width(), AVATAR_SIZE);
+        assert_eq!(img.height(), AVATAR_SIZE);
    }

    #[test]
-    fn test_selfavatar_in_blobdir() -> failure::Fallible<()> {
+    fn test_selfavatar_in_blobdir() {
        let t = dummy_context();
-        let avatar_src = t.ctx.get_blobdir().join("avatar.jpg");
-        let avatar_bytes = include_bytes!("../test-data/image/avatar1000x1000.jpg");
-        File::create(&avatar_src)?.write_all(avatar_bytes)?;
+        let avatar_src = t.ctx.get_blobdir().join("avatar.png");
+        let avatar_bytes = include_bytes!("../test-data/image/avatar900x900.png");
+        File::create(&avatar_src)
+            .unwrap()
+            .write_all(avatar_bytes)
+            .unwrap();
+
+        let img = image::open(&avatar_src).unwrap();
+        assert_eq!(img.width(), 900);
+        assert_eq!(img.height(), 900);
+
        t.ctx
-            .set_config(Config::Selfavatar, Some(&avatar_src.to_str().unwrap()))?;
+            .set_config(Config::Selfavatar, Some(&avatar_src.to_str().unwrap()))
+            .unwrap();
        let avatar_cfg = t.ctx.get_config(Config::Selfavatar);
        assert_eq!(avatar_cfg, avatar_src.to_str().map(|s| s.to_string()));
-        Ok(())
+
+        let img = image::open(avatar_src).unwrap();
+        assert_eq!(img.width(), AVATAR_SIZE);
+        assert_eq!(img.height(), AVATAR_SIZE);
    }
 }
--- a/src/configure/mod.rs
+++ b/src/configure/mod.rs
@@ -12,12 +12,13 @@ use crate::config::Config;
 use crate::constants::*;
 use crate::context::Context;
 use crate::dc_tools::*;
-use crate::e2ee;
-use crate::job::*;
+use crate::job::{self, job_add, job_kill_action};
 use crate::login_param::{CertificateChecks, LoginParam};
 use crate::oauth2::*;
 use crate::param::Params;
+use crate::{chat, e2ee, provider};

+use crate::message::Message;
 use auto_mozilla::moz_autoconfigure;
 use auto_outlook::outlk_autodiscover;

@@ -31,34 +32,36 @@ macro_rules! progress {
    };
 }

-// connect
-pub fn configure(context: &Context) {
-    if context.has_ongoing() {
-        warn!(context, "There is already another ongoing process running.",);
-        return;
+impl Context {
+    /// Starts a configuration job.
+    pub fn configure(&self) {
+        if self.has_ongoing() {
+            warn!(self, "There is already another ongoing process running.",);
+            return;
+        }
+        job_kill_action(self, job::Action::ConfigureImap);
+        job_add(self, job::Action::ConfigureImap, 0, Params::new(), 0);
    }
-    job_kill_action(context, Action::ConfigureImap);
-    job_add(context, Action::ConfigureImap, 0, Params::new(), 0);
-}

-/// Check if the context is already configured.
-pub fn dc_is_configured(context: &Context) -> bool {
-    context.sql.get_raw_config_bool(context, "configured")
+    /// Checks if the context is already configured.
+    pub fn is_configured(&self) -> bool {
+        self.sql.get_raw_config_bool(self, "configured")
+    }
 }

 /*******************************************************************************
 * Configure JOB
 ******************************************************************************/
-#[allow(non_snake_case, unused_must_use)]
-pub fn JobConfigureImap(context: &Context) {
+#[allow(non_snake_case, unused_must_use, clippy::cognitive_complexity)]
+pub(crate) fn JobConfigureImap(context: &Context) -> job::Status {
    if !context.sql.is_open() {
        error!(context, "Cannot configure, database not opened.",);
        progress!(context, 0);
-        return;
+        return job::Status::Finished(Err(format_err!("Database not opened")));
    }
    if !context.alloc_ongoing() {
        progress!(context, 0);
-        return;
+        return job::Status::Finished(Err(format_err!("Cannot allocated ongoing process")));
    }
    let mut success = false;
    let mut imap_connected_here = false;
@@ -200,10 +203,7 @@ pub fn JobConfigureImap(context: &Context) {
            7 => {
                progress!(context, 310);
                if param_autoconfig.is_none() {
-                    let url = format!(
-                        "https://{}{}/autodiscover/autodiscover.xml",
-                        "", param_domain
-                    );
+                    let url = format!("https://{}/autodiscover/autodiscover.xml", param_domain);
                    param_autoconfig = outlk_autodiscover(context, &url, &param).ok();
                }
                true
@@ -439,44 +439,77 @@ pub fn JobConfigureImap(context: &Context) {
        LoginParam::from_database(context, "configured_raw_").save_to_database(context, "");
    }

+    if let Some(provider) = provider::get_provider_info(&param.addr) {
+        if !provider.after_login_hint.is_empty() {
+            let mut msg = Message::new(Viewtype::Text);
+            msg.text = Some(provider.after_login_hint.to_string());
+            if chat::add_device_msg(context, Some("core-provider-info"), Some(&mut msg)).is_err() {
+                warn!(context, "cannot add after_login_hint as core-provider-info");
+            }
+        }
+    }
+
    context.free_ongoing();
    progress!(context, if success { 1000 } else { 0 });
+    job::Status::Finished(Ok(()))
 }

+#[allow(clippy::unnecessary_unwrap)]
 fn get_offline_autoconfig(context: &Context, param: &LoginParam) -> Option<LoginParam> {
-    // XXX we don't have https://github.com/deltachat/provider-db  APIs
-    // integrated yet but we'll already add nauta as a first use case, also
-    // showing what we need from provider-db in the future.
    info!(
        context,
        "checking internal provider-info for offline autoconfig"
    );

-    if param.addr.ends_with("@nauta.cu") {
-        let mut p = LoginParam::new();
+    if let Some(provider) = provider::get_provider_info(&param.addr) {
+        match provider.status {
+            provider::Status::OK | provider::Status::PREPARATION => {
+                let imap = provider.get_imap_server();
+                let smtp = provider.get_smtp_server();
+                // clippy complains about these is_some()/unwrap() settings,
+                // however, rewriting the code to "if let" would make things less obvious,
+                // esp. if we allow more combinations of servers (pop, jmap).
+                // therefore, #[allow(clippy::unnecessary_unwrap)] is added above.
+                if imap.is_some() && smtp.is_some() {
+                    let imap = imap.unwrap();
+                    let smtp = smtp.unwrap();

-        p.addr = param.addr.clone();
-        p.mail_server = "imap.nauta.cu".to_string();
-        p.mail_user = param.addr.clone();
-        p.mail_pw = param.mail_pw.clone();
-        p.mail_port = 143;
-        p.imap_certificate_checks = CertificateChecks::AcceptInvalidCertificates;
+                    let mut p = LoginParam::new();
+                    p.addr = param.addr.clone();

-        p.send_server = "smtp.nauta.cu".to_string();
-        p.send_user = param.addr.clone();
-        p.send_pw = param.mail_pw.clone();
-        p.send_port = 25;
-        p.smtp_certificate_checks = CertificateChecks::AcceptInvalidCertificates;
-        p.server_flags = DC_LP_AUTH_NORMAL as i32
-            | DC_LP_IMAP_SOCKET_STARTTLS as i32
-            | DC_LP_SMTP_SOCKET_STARTTLS as i32;
+                    p.mail_server = imap.hostname.to_string();
+                    p.mail_user = imap.apply_username_pattern(param.addr.clone());
+                    p.mail_port = imap.port as i32;
+                    p.imap_certificate_checks = CertificateChecks::AcceptInvalidCertificates;
+                    p.server_flags |= match imap.socket {
+                        provider::Socket::STARTTLS => DC_LP_IMAP_SOCKET_STARTTLS,
+                        provider::Socket::SSL => DC_LP_IMAP_SOCKET_SSL,
+                    };

-        info!(context, "found offline autoconfig: {}", p);
-        Some(p)
-    } else {
-        info!(context, "no offline autoconfig found");
-        None
+                    p.send_server = smtp.hostname.to_string();
+                    p.send_user = smtp.apply_username_pattern(param.addr.clone());
+                    p.send_port = smtp.port as i32;
+                    p.smtp_certificate_checks = CertificateChecks::AcceptInvalidCertificates;
+                    p.server_flags |= match smtp.socket {
+                        provider::Socket::STARTTLS => DC_LP_SMTP_SOCKET_STARTTLS as i32,
+                        provider::Socket::SSL => DC_LP_SMTP_SOCKET_SSL as i32,
+                    };
+
+                    info!(context, "offline autoconfig found: {}", p);
+                    return Some(p);
+                } else {
+                    info!(context, "offline autoconfig found, but no servers defined");
+                    return None;
+                }
+            }
+            provider::Status::BROKEN => {
+                info!(context, "offline autoconfig found, provider is broken");
+                return None;
+            }
+        }
    }
+    info!(context, "no offline autoconfig found");
+    None
 }

 fn try_imap_connections(
--- a/src/configure/read_url.rs
+++ b/src/configure/read_url.rs
@@ -11,10 +11,10 @@ pub type Result<T> = std::result::Result<T, Error>;
 pub fn read_url(context: &Context, url: &str) -> Result<String> {
    info!(context, "Requesting URL {}", url);

-    match reqwest::Client::new()
+    match reqwest::blocking::Client::new()
        .get(url)
        .send()
-        .and_then(|mut res| res.text())
+        .and_then(|res| res.text())
    {
        Ok(res) => Ok(res),
        Err(err) => {
--- a/src/constants.rs
+++ b/src/constants.rs
@@ -1,8 +1,9 @@
 //! # Constants
-#![allow(non_camel_case_types, dead_code)]
+#![allow(dead_code)]

 use deltachat_derive::*;
 use lazy_static::lazy_static;
+use serde::{Deserialize, Serialize};

 lazy_static! {
    pub static ref DC_VERSION_STR: String = env!("CARGO_PKG_VERSION").to_string();
@@ -15,7 +16,20 @@ const DC_SENTBOX_WATCH_DEFAULT: i32 = 1;
 const DC_MVBOX_WATCH_DEFAULT: i32 = 1;
 const DC_MVBOX_MOVE_DEFAULT: i32 = 1;

-#[derive(Debug, Display, Clone, Copy, PartialEq, Eq, FromPrimitive, ToPrimitive, FromSql, ToSql)]
+#[derive(
+    Debug,
+    Display,
+    Clone,
+    Copy,
+    PartialEq,
+    Eq,
+    FromPrimitive,
+    ToPrimitive,
+    FromSql,
+    ToSql,
+    Serialize,
+    Deserialize,
+)]
 #[repr(u8)]
 pub enum Blocked {
    Not = 0,
@@ -43,12 +57,26 @@ impl Default for ShowEmails {
    }
 }

-pub const DC_IMAP_SEEN: u32 = 0x1;
+#[derive(Debug, Display, Clone, Copy, PartialEq, Eq, FromPrimitive, ToPrimitive, FromSql, ToSql)]
+#[repr(u8)]
+pub enum KeyGenType {
+    Default = 0,
+    Rsa2048 = 1,
+    Ed25519 = 2,
+}
+
+impl Default for KeyGenType {
+    fn default() -> Self {
+        KeyGenType::Default
+    }
+}

 pub const DC_HANDSHAKE_CONTINUE_NORMAL_PROCESSING: i32 = 0x01;
 pub const DC_HANDSHAKE_STOP_NORMAL_PROCESSING: i32 = 0x02;
 pub const DC_HANDSHAKE_ADD_DELETE_JOB: i32 = 0x04;

+pub(crate) const DC_FROM_HANDSHAKE: i32 = 0x01;
+
 pub const DC_GCL_ARCHIVED_ONLY: usize = 0x01;
 pub const DC_GCL_NO_SPECIALS: usize = 0x02;
 pub const DC_GCL_ADD_ALLDONE_HINT: usize = 0x04;
@@ -61,10 +89,6 @@ pub const DC_GCL_ADD_SELF: usize = 0x02;
 // unchanged user avatars are resent to the recipients every some days
 pub const DC_RESEND_USER_AVATAR_DAYS: i64 = 14;

-// values for DC_PARAM_FORCE_PLAINTEXT
-pub(crate) const DC_FP_NO_AUTOCRYPT_HEADER: i32 = 2;
-pub(crate) const DC_FP_ADD_AUTOCRYPT_HEADER: i32 = 1;
-
 /// virtual chat showing all messages belonging to chats flagged with chats.blocked=2
 pub(crate) const DC_CHAT_ID_DEADDROP: u32 = 1;
 /// messages that should be deleted get this chat_id; the messages are deleted from the working thread later then. This is also needed as rfc724_mid should be preset as long as the message is not deleted on the server (otherwise it is downloaded again)
@@ -92,6 +116,8 @@ pub const DC_CHAT_ID_LAST_SPECIAL: u32 = 9;
    FromSql,
    ToSql,
    IntoStaticStr,
+    Serialize,
+    Deserialize,
 )]
 #[repr(u32)]
 pub enum Chattype {
@@ -187,7 +213,20 @@ pub const DC_BOB_SUCCESS: i32 = 1;
 // max. width/height of an avatar
 pub const AVATAR_SIZE: u32 = 192;

-#[derive(Debug, Display, Clone, Copy, PartialEq, Eq, FromPrimitive, ToPrimitive, FromSql, ToSql)]
+#[derive(
+    Debug,
+    Display,
+    Clone,
+    Copy,
+    PartialEq,
+    Eq,
+    FromPrimitive,
+    ToPrimitive,
+    FromSql,
+    ToSql,
+    Serialize,
+    Deserialize,
+)]
 #[repr(i32)]
 pub enum Viewtype {
    Unknown = 0,
--- a/src/contact.rs
+++ b/src/contact.rs
@@ -7,6 +7,7 @@ use itertools::Itertools;
 use rusqlite;

 use crate::aheader::EncryptPreference;
+use crate::chat::ChatId;
 use crate::config::Config;
 use crate::constants::*;
 use crate::context::Context;
@@ -59,11 +60,11 @@ pub struct Contact {
    /// to access this field.
    authname: String,

-    /// E-Mail-Address of the contact. It is recommended to use `Contact::get_addr`` to access this field.
+    /// E-Mail-Address of the contact. It is recommended to use `Contact::get_addr` to access this field.
    addr: String,

    /// Blocked state. Use dc_contact_is_blocked to access this field.
-    blocked: bool,
+    pub blocked: bool,

    /// The origin/source of the contact.
    pub origin: Origin,
@@ -125,7 +126,7 @@ pub enum Origin {
    /// set on Bob's side for contacts scanned and verified from a QR code. Only means the contact has once been established using the "securejoin" procedure in the past, getting the current key verification status requires calling dc_contact_is_verified() !
    SecurejoinJoined = 0x0200_0000,

-    /// contact added mannually by dc_create_contact(), this should be the largets origin as otherwise the user cannot modify the names
+    /// contact added mannually by dc_create_contact(), this should be the largest origin as otherwise the user cannot modify the names
    ManuallyCreated = 0x0400_0000,
 }

@@ -145,7 +146,7 @@ impl Origin {
 }

 #[derive(Debug, PartialEq, Eq, Clone, Copy)]
-pub enum Modifier {
+pub(crate) enum Modifier {
    None,
    Modified,
    Created,
@@ -262,7 +263,7 @@ impl Contact {
        .is_ok()
        {
            context.call_cb(Event::MsgsChanged {
-                chat_id: 0,
+                chat_id: ChatId::new(0),
                msg_id: MsgId::new(0),
            });
        }
@@ -299,9 +300,31 @@ impl Contact {
    }

    /// Lookup a contact and create it if it does not exist yet.
+    /// The contact is identified by the email-address, a name and an "origin" can be given.
+    ///
+    /// The "origin" is where the address comes from -
+    /// from-header, cc-header, addressbook, qr, manual-edit etc.
+    /// In general, "better" origins overwrite the names of "worse" origins -
+    /// Eg. if we got a name in cc-header and later in from-header, the name will change -
+    /// this does not happen the other way round.
+    ///
+    /// The "best" origin are manually created contacts -
+    /// names given manually can only be overwritten by further manual edits
+    /// (until they are set empty again or reset to the name seen in the From-header).
+    ///
+    /// These manually edited names are _never_ used for sending on the wire -
+    /// this should avoid sending sth. as "Mama" or "Daddy" to some 3rd party.
+    /// Instead, for the wire, we use so called "authnames"
+    /// that can only be set and updated by a From-header.
+    ///
+    /// The different names used in the function are:
+    /// - "name": name passed as function argument, belonging to the given origin
+    /// - "row_name": current name used in the database, typically set to "name"
+    /// - "row_authname": name as authorized from a contact, set only through a From-header
+    /// Depending on the origin, both, "row_name" and "row_authname" are updated from "name".
    ///
    /// Returns the contact_id and a `Modifier` value indicating if a modification occured.
-    pub fn add_or_lookup(
+    pub(crate) fn add_or_lookup(
        context: &Context,
        name: impl AsRef<str>,
        addr: impl AsRef<str>,
@@ -355,7 +378,9 @@ impl Contact {

                if !name.as_ref().is_empty() {
                    if !row_name.is_empty() {
-                        if origin >= row_origin && name.as_ref() != row_name {
+                        if (origin >= row_origin || row_name == row_authname)
+                            && name.as_ref() != row_name
+                        {
                            update_name = true;
                        }
                    } else {
@@ -364,6 +389,9 @@ impl Contact {
                    if origin == Origin::IncomingUnknownFrom && name.as_ref() != row_authname {
                        update_authname = true;
                    }
+                } else if origin == Origin::ManuallyCreated && !row_authname.is_empty() {
+                    // no name given on manual edit, this will update the name to the authname
+                    update_name = true;
                }

                Ok((row_id, row_name, row_addr, row_origin, row_authname))
@@ -374,16 +402,22 @@ impl Contact {
                update_addr = true;
            }
            if update_name || update_authname || update_addr || origin > row_origin {
+                let new_name = if update_name {
+                    if !name.as_ref().is_empty() {
+                        name.as_ref()
+                    } else {
+                        &row_authname
+                    }
+                } else {
+                    &row_name
+                };
+
                sql::execute(
                    context,
                    &context.sql,
                    "UPDATE contacts SET name=?, addr=?, origin=?, authname=? WHERE id=?;",
                    params![
-                        if update_name {
-                            name.as_ref()
-                        } else {
-                            &row_name
-                        },
+                        new_name,
                        if update_addr { addr } else { &row_addr },
                        if origin > row_origin {
                            origin
@@ -401,28 +435,41 @@ impl Contact {
                .ok();

                if update_name {
+                    // Update the contact name also if it is used as a group name.
+                    // This is one of the few duplicated data, however, getting the chat list is easier this way.
                    sql::execute(
                    context,
                    &context.sql,
                    "UPDATE chats SET name=? WHERE type=? AND id IN(SELECT chat_id FROM chats_contacts WHERE contact_id=?);",
-                    params![name.as_ref(), Chattype::Single, row_id]
+                    params![new_name, Chattype::Single, row_id]
                ).ok();
                }
                sth_modified = Modifier::Modified;
            }
-        } else if sql::execute(
-            context,
-            &context.sql,
-            "INSERT INTO contacts (name, addr, origin) VALUES(?, ?, ?);",
-            params![name.as_ref(), addr, origin,],
-        )
-        .is_ok()
-        {
-            row_id = sql::get_rowid(context, &context.sql, "contacts", "addr", addr);
-            sth_modified = Modifier::Created;
-            info!(context, "added contact id={} addr={}", row_id, addr);
        } else {
-            error!(context, "Cannot add contact.");
+            if origin == Origin::IncomingUnknownFrom {
+                update_authname = true;
+            }
+
+            if sql::execute(
+                context,
+                &context.sql,
+                "INSERT INTO contacts (name, addr, origin, authname) VALUES(?, ?, ?, ?);",
+                params![
+                    name.as_ref(),
+                    addr,
+                    origin,
+                    if update_authname { name.as_ref() } else { "" }
+                ],
+            )
+            .is_ok()
+            {
+                row_id = sql::get_rowid(context, &context.sql, "contacts", "addr", addr);
+                sth_modified = Modifier::Created;
+                info!(context, "added contact id={} addr={}", row_id, addr);
+            } else {
+                error!(context, "Cannot add contact.");
+            }
        }

        Ok((row_id, sth_modified))
@@ -892,22 +939,6 @@ impl Contact {
            .unwrap_or_default() as usize
    }

-    pub fn get_origin_by_id(context: &Context, contact_id: u32, ret_blocked: &mut bool) -> Origin {
-        let mut ret = Origin::Unknown;
-        *ret_blocked = false;
-
-        if let Ok(contact) = Contact::load_from_db(context, contact_id) {
-            /* we could optimize this by loading only the needed fields */
-            if contact.blocked {
-                *ret_blocked = true;
-            } else {
-                ret = contact.origin;
-            }
-        }
-
-        ret
-    }
-
    pub fn real_exists_by_id(context: &Context, contact_id: u32) -> bool {
        if !context.sql.is_open() || contact_id <= DC_CONTACT_ID_LAST_SPECIAL {
            return false;
@@ -988,7 +1019,7 @@ fn set_block_contact(context: &Context, contact_id: u32, new_blocking: bool) {
    }
 }

-pub fn set_profile_image(
+pub(crate) fn set_profile_image(
    context: &Context,
    contact_id: u32,
    profile_image: &AvatarAction,
@@ -1005,7 +1036,6 @@ pub fn set_profile_image(
            contact.param.remove(Param::ProfileImage);
            true
        }
-        AvatarAction::None => false,
    };
    if changed {
        contact.update_param(context)?;
@@ -1281,6 +1311,139 @@ mod tests {
        assert!(!contact.is_blocked());
    }

+    #[test]
+    fn test_remote_authnames() {
+        let t = dummy_context();
+
+        // incoming mail `From: bob1 <bob@example.org>` - this should init authname and name
+        let (contact_id, sth_modified) = Contact::add_or_lookup(
+            &t.ctx,
+            "bob1",
+            "bob@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        assert!(contact_id > DC_CONTACT_ID_LAST_SPECIAL);
+        assert_eq!(sth_modified, Modifier::Created);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "bob1");
+        assert_eq!(contact.get_name(), "bob1");
+        assert_eq!(contact.get_display_name(), "bob1");
+
+        // incoming mail `From: bob2 <bob@example.org>` - this should update authname and name
+        let (contact_id, sth_modified) = Contact::add_or_lookup(
+            &t.ctx,
+            "bob2",
+            "bob@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        assert!(contact_id > DC_CONTACT_ID_LAST_SPECIAL);
+        assert_eq!(sth_modified, Modifier::Modified);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "bob2");
+        assert_eq!(contact.get_name(), "bob2");
+        assert_eq!(contact.get_display_name(), "bob2");
+
+        // manually edit name to "bob3" - authname should be still be "bob2" a given in `From:` above
+        let contact_id = Contact::create(&t.ctx, "bob3", "bob@example.org").unwrap();
+        assert!(contact_id > DC_CONTACT_ID_LAST_SPECIAL);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "bob2");
+        assert_eq!(contact.get_name(), "bob3");
+        assert_eq!(contact.get_display_name(), "bob3");
+
+        // incoming mail `From: bob4 <bob@example.org>` - this should update authname, manually given name is still "bob3"
+        let (contact_id, sth_modified) = Contact::add_or_lookup(
+            &t.ctx,
+            "bob4",
+            "bob@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        assert!(contact_id > DC_CONTACT_ID_LAST_SPECIAL);
+        assert_eq!(sth_modified, Modifier::Modified);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "bob4");
+        assert_eq!(contact.get_name(), "bob3");
+        assert_eq!(contact.get_display_name(), "bob3");
+    }
+
+    #[test]
+    fn test_remote_authnames_create_empty() {
+        let t = dummy_context();
+
+        // manually create "claire@example.org" without a given name
+        let contact_id = Contact::create(&t.ctx, "", "claire@example.org").unwrap();
+        assert!(contact_id > DC_CONTACT_ID_LAST_SPECIAL);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "");
+        assert_eq!(contact.get_name(), "");
+        assert_eq!(contact.get_display_name(), "claire@example.org");
+
+        // incoming mail `From: claire1 <claire@example.org>` - this should update authname and name
+        let (contact_id_same, sth_modified) = Contact::add_or_lookup(
+            &t.ctx,
+            "claire1",
+            "claire@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        assert_eq!(contact_id, contact_id_same);
+        assert_eq!(sth_modified, Modifier::Modified);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "claire1");
+        assert_eq!(contact.get_name(), "claire1");
+        assert_eq!(contact.get_display_name(), "claire1");
+
+        // incoming mail `From: claire2 <claire@example.org>` - this should update authname and name
+        let (contact_id_same, sth_modified) = Contact::add_or_lookup(
+            &t.ctx,
+            "claire2",
+            "claire@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        assert_eq!(contact_id, contact_id_same);
+        assert_eq!(sth_modified, Modifier::Modified);
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "claire2");
+        assert_eq!(contact.get_name(), "claire2");
+        assert_eq!(contact.get_display_name(), "claire2");
+    }
+
+    #[test]
+    fn test_remote_authnames_edit_empty() {
+        let t = dummy_context();
+
+        // manually create "dave@example.org"
+        let contact_id = Contact::create(&t.ctx, "dave1", "dave@example.org").unwrap();
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "");
+        assert_eq!(contact.get_name(), "dave1");
+        assert_eq!(contact.get_display_name(), "dave1");
+
+        // incoming mail `From: dave2 <dave@example.org>` - this should update authname
+        Contact::add_or_lookup(
+            &t.ctx,
+            "dave2",
+            "dave@example.org",
+            Origin::IncomingUnknownFrom,
+        )
+        .unwrap();
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "dave2");
+        assert_eq!(contact.get_name(), "dave1");
+        assert_eq!(contact.get_display_name(), "dave1");
+
+        // manually clear the name
+        Contact::create(&t.ctx, "", "dave@example.org").unwrap();
+        let contact = Contact::load_from_db(&t.ctx, contact_id).unwrap();
+        assert_eq!(contact.get_authname(), "dave2");
+        assert_eq!(contact.get_name(), "dave2");
+        assert_eq!(contact.get_display_name(), "dave2");
+    }
+
    #[test]
    fn test_addr_cmp() {
        assert!(addr_cmp("AA@AA.ORG", "aa@aa.ORG"));
--- a/src/context.rs
+++ b/src/context.rs
@@ -5,8 +5,6 @@ use std::ffi::OsString;
 use std::path::{Path, PathBuf};
 use std::sync::{Arc, Condvar, Mutex, RwLock};

-use libc::uintptr_t;
-
 use crate::chat::*;
 use crate::config::Config;
 use crate::constants::*;
@@ -16,10 +14,10 @@ use crate::events::Event;
 use crate::imap::*;
 use crate::job::*;
 use crate::job_thread::JobThread;
-use crate::key::*;
+use crate::key::Key;
 use crate::login_param::LoginParam;
 use crate::lot::Lot;
-use crate::message::{self, Message, MsgId};
+use crate::message::{self, Message, MessengerMessage, MsgId};
 use crate::param::Params;
 use crate::smtp::Smtp;
 use crate::sql::Sql;
@@ -32,12 +30,7 @@ use crate::sql::Sql;
 /// * `event` - One of the [Event] items.
 /// * `data1` - Depends on the event parameter, see [Event].
 /// * `data2` - Depends on the event parameter, see [Event].
-///
-/// # Returns
-///
-/// This callback must return 0 unless stated otherwise in the event
-/// description at [Event].
-pub type ContextCallback = dyn Fn(&Context, Event) -> uintptr_t + Send + Sync;
+pub type ContextCallback = dyn Fn(&Context, Event) -> () + Send + Sync;

 #[derive(DebugStub)]
 pub struct Context {
@@ -57,8 +50,8 @@ pub struct Context {
    #[debug_stub = "Callback"]
    cb: Box<ContextCallback>,
    pub os_name: Option<String>,
-    pub cmdline_sel_chat_id: Arc<RwLock<u32>>,
-    pub bob: Arc<RwLock<BobStatus>>,
+    pub cmdline_sel_chat_id: Arc<RwLock<ChatId>>,
+    pub(crate) bob: Arc<RwLock<BobStatus>>,
    pub last_smeared_timestamp: RwLock<i64>,
    pub running_state: Arc<RwLock<RunningState>>,
    /// Mutex to avoid generating the key for the user more than once.
@@ -82,16 +75,7 @@ pub fn get_info() -> HashMap<&'static str, String> {
    let mut res = HashMap::new();
    res.insert("deltachat_core_version", format!("v{}", &*DC_VERSION_STR));
    res.insert("sqlite_version", rusqlite::version().to_string());
-    res.insert(
-        "sqlite_thread_safe",
-        unsafe { rusqlite::ffi::sqlite3_threadsafe() }.to_string(),
-    );
-    res.insert(
-        "arch",
-        (std::mem::size_of::<*mut libc::c_void>())
-            .wrapping_mul(8)
-            .to_string(),
-    );
+    res.insert("arch", (std::mem::size_of::<usize>() * 8).to_string());
    res.insert("level", "awesome".into());
    res
 }
@@ -99,6 +83,8 @@ pub fn get_info() -> HashMap<&'static str, String> {
 impl Context {
    /// Creates new context.
    pub fn new(cb: Box<ContextCallback>, os_name: String, dbfile: PathBuf) -> Result<Context> {
+        pretty_env_logger::try_init_timed().ok();
+
        let mut blob_fname = OsString::new();
        blob_fname.push(dbfile.file_name().unwrap_or_default());
        blob_fname.push("-blobs");
@@ -132,7 +118,7 @@ impl Context {
            oauth2_critical: Arc::new(Mutex::new(())),
            bob: Arc::new(RwLock::new(Default::default())),
            last_smeared_timestamp: RwLock::new(0),
-            cmdline_sel_chat_id: Arc::new(RwLock::new(0)),
+            cmdline_sel_chat_id: Arc::new(RwLock::new(ChatId::new(0))),
            inbox_thread: Arc::new(RwLock::new(JobThread::new(
                "INBOX",
                "configured_inbox_folder",
@@ -172,8 +158,8 @@ impl Context {
        self.blobdir.as_path()
    }

-    pub fn call_cb(&self, event: Event) -> uintptr_t {
-        (*self.cb)(self, event)
+    pub fn call_cb(&self, event: Event) {
+        (*self.cb)(self, event);
    }

    /*******************************************************************************
@@ -361,7 +347,7 @@ impl Context {
    }

    #[allow(non_snake_case)]
-    pub fn search_msgs(&self, chat_id: u32, query: impl AsRef<str>) -> Vec<MsgId> {
+    pub fn search_msgs(&self, chat_id: ChatId, query: impl AsRef<str>) -> Vec<MsgId> {
        let real_query = query.as_ref().trim();
        if real_query.is_empty() {
            return Vec::new();
@@ -369,7 +355,7 @@ impl Context {
        let strLikeInText = format!("%{}%", real_query);
        let strLikeBeg = format!("{}%", real_query);

-        let query = if 0 != chat_id {
+        let query = if !chat_id.is_unset() {
            concat!(
                "SELECT m.id AS id, m.timestamp AS timestamp",
                " FROM msgs m",
@@ -401,7 +387,7 @@ impl Context {
        self.sql
            .query_map(
                query,
-                params![chat_id as i32, &strLikeInText, &strLikeBeg],
+                params![chat_id, &strLikeInText, &strLikeBeg],
                |row| row.get::<_, MsgId>("id"),
                |rows| {
                    let mut ret = Vec::new();
@@ -452,15 +438,17 @@ impl Context {
                return;
            }

-            // 1 = dc message, 2 = reply to dc message
-            if 0 != msg.is_dc_message {
-                job_add(
-                    self,
-                    Action::MoveMsg,
-                    msg.id.to_u32() as i32,
-                    Params::new(),
-                    0,
-                );
+            match msg.is_dc_message {
+                MessengerMessage::No => {}
+                MessengerMessage::Yes | MessengerMessage::Reply => {
+                    job_add(
+                        self,
+                        Action::MoveMsg,
+                        msg.id.to_u32() as i32,
+                        Params::new(),
+                        0,
+                    );
+                }
            }
        }
    }
@@ -490,14 +478,14 @@ impl Default for RunningState {
 }

 #[derive(Debug, Default)]
-pub struct BobStatus {
+pub(crate) struct BobStatus {
    pub expects: i32,
    pub status: i32,
    pub qr_scan: Option<Lot>,
 }

 #[derive(Debug, PartialEq)]
-pub enum PerformJobsNeeded {
+pub(crate) enum PerformJobsNeeded {
    Not,
    AtOnce,
    AvoidDos,
@@ -514,7 +502,7 @@ pub struct SmtpState {
    pub idle: bool,
    pub suspended: bool,
    pub doing_jobs: bool,
-    pub perform_jobs_needed: PerformJobsNeeded,
+    pub(crate) perform_jobs_needed: PerformJobsNeeded,
    pub probe_network: bool,
 }

@@ -533,7 +521,7 @@ mod tests {
        let tmp = tempfile::tempdir().unwrap();
        let dbfile = tmp.path().join("db.sqlite");
        std::fs::write(&dbfile, b"123").unwrap();
-        let res = Context::new(Box::new(|_, _| 0), "FakeOs".into(), dbfile);
+        let res = Context::new(Box::new(|_, _| ()), "FakeOs".into(), dbfile);
        assert!(res.is_err());
    }

@@ -548,7 +536,7 @@ mod tests {
    fn test_blobdir_exists() {
        let tmp = tempfile::tempdir().unwrap();
        let dbfile = tmp.path().join("db.sqlite");
-        Context::new(Box::new(|_, _| 0), "FakeOS".into(), dbfile).unwrap();
+        Context::new(Box::new(|_, _| ()), "FakeOS".into(), dbfile).unwrap();
        let blobdir = tmp.path().join("db.sqlite-blobs");
        assert!(blobdir.is_dir());
    }
@@ -559,7 +547,7 @@ mod tests {
        let dbfile = tmp.path().join("db.sqlite");
        let blobdir = tmp.path().join("db.sqlite-blobs");
        std::fs::write(&blobdir, b"123").unwrap();
-        let res = Context::new(Box::new(|_, _| 0), "FakeOS".into(), dbfile);
+        let res = Context::new(Box::new(|_, _| ()), "FakeOS".into(), dbfile);
        assert!(res.is_err());
    }

@@ -569,7 +557,7 @@ mod tests {
        let subdir = tmp.path().join("subdir");
        let dbfile = subdir.join("db.sqlite");
        let dbfile2 = dbfile.clone();
-        Context::new(Box::new(|_, _| 0), "FakeOS".into(), dbfile).unwrap();
+        Context::new(Box::new(|_, _| ()), "FakeOS".into(), dbfile).unwrap();
        assert!(subdir.is_dir());
        assert!(dbfile2.is_file());
    }
@@ -579,7 +567,7 @@ mod tests {
        let tmp = tempfile::tempdir().unwrap();
        let dbfile = tmp.path().join("db.sqlite");
        let blobdir = PathBuf::new();
-        let res = Context::with_blobdir(Box::new(|_, _| 0), "FakeOS".into(), dbfile, blobdir);
+        let res = Context::with_blobdir(Box::new(|_, _| ()), "FakeOS".into(), dbfile, blobdir);
        assert!(res.is_err());
    }

@@ -588,7 +576,7 @@ mod tests {
        let tmp = tempfile::tempdir().unwrap();
        let dbfile = tmp.path().join("db.sqlite");
        let blobdir = tmp.path().join("blobs");
-        let res = Context::with_blobdir(Box::new(|_, _| 0), "FakeOS".into(), dbfile, blobdir);
+        let res = Context::with_blobdir(Box::new(|_, _| ()), "FakeOS".into(), dbfile, blobdir);
        assert!(res.is_err());
    }

--- a/src/dc_receive_imf.rs
+++ b/src/dc_receive_imf.rs
--- a/src/dc_tools.rs
+++ b/src/dc_tools.rs
@@ -222,45 +222,7 @@ pub(crate) fn dc_extract_grpid_from_rfc724_mid(mid: &str) -> Option<&str> {
    None
 }

-// Function returns a sanitized basename that does not contain
-// win/linux path separators and also not any non-ascii chars
-fn get_safe_basename(filename: &str) -> String {
-    // return the (potentially mangled) basename of the input filename
-    // this might be a path that comes in from another operating system
-    let mut index: usize = 0;
-
-    if let Some(unix_index) = filename.rfind('/') {
-        index = unix_index + 1;
-    }
-    if let Some(win_index) = filename.rfind('\\') {
-        index = max(index, win_index + 1);
-    }
-    if index >= filename.len() {
-        "nobasename".to_string()
-    } else {
-        // we don't allow any non-ascii to be super-safe
-        filename[index..].replace(|c: char| !c.is_ascii() || c == ':', "-")
-    }
-}
-
-pub fn dc_derive_safe_stem_ext(filename: &str) -> (String, String) {
-    let basename = get_safe_basename(&filename);
-    let (mut stem, mut ext) = if let Some(index) = basename.rfind('.') {
-        (
-            basename[0..index].to_string(),
-            basename[index..].to_string(),
-        )
-    } else {
-        (basename, "".to_string())
-    };
-    // limit length of stem and ext
-    stem.truncate(32);
-    ext.truncate(32);
-    (stem, ext)
-}
-
 // the returned suffix is lower-case
-#[allow(non_snake_case)]
 pub fn dc_get_filesuffix_lc(path_filename: impl AsRef<str>) -> Option<String> {
    Path::new(path_filename.as_ref())
        .extension()
@@ -486,7 +448,7 @@ pub(crate) fn dc_get_next_backup_path(
 pub(crate) fn time() -> i64 {
    SystemTime::now()
        .duration_since(SystemTime::UNIX_EPOCH)
-        .unwrap()
+        .unwrap_or_default()
        .as_secs() as i64
 }

@@ -506,7 +468,7 @@ pub(crate) fn time() -> i64 {
 /// assert_eq!(&email.domain, "example.com");
 /// assert_eq!(email.to_string(), "someone@example.com");
 /// ```
-#[derive(Debug, PartialEq, Clone)]
+#[derive(Debug, PartialEq, Eq, Clone)]
 pub struct EmailAddress {
    pub local: String,
    pub domain: String,
@@ -654,7 +616,6 @@ mod tests {
        );
    }

-    #[test]
    #[test]
    fn test_dc_extract_grpid_from_rfc724_mid() {
        // Should return None if we pass invalid mid
@@ -709,29 +670,29 @@ mod tests {

    #[test]
    fn test_emailaddress_parse() {
-        assert_eq!(EmailAddress::new("").is_ok(), false);
+        assert_eq!("".parse::<EmailAddress>().is_ok(), false);
        assert_eq!(
-            EmailAddress::new("user@domain.tld").unwrap(),
+            "user@domain.tld".parse::<EmailAddress>().unwrap(),
            EmailAddress {
                local: "user".into(),
                domain: "domain.tld".into(),
            }
        );
-        assert_eq!(EmailAddress::new("uuu").is_ok(), false);
-        assert_eq!(EmailAddress::new("dd.tt").is_ok(), false);
-        assert_eq!(EmailAddress::new("tt.dd@uu").is_ok(), false);
-        assert_eq!(EmailAddress::new("u@d").is_ok(), false);
-        assert_eq!(EmailAddress::new("u@d.").is_ok(), false);
-        assert_eq!(EmailAddress::new("u@d.t").is_ok(), false);
+        assert_eq!("uuu".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("dd.tt".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("tt.dd@uu".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("u@d".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("u@d.".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("u@d.t".parse::<EmailAddress>().is_ok(), false);
        assert_eq!(
-            EmailAddress::new("u@d.tt").unwrap(),
+            "u@d.tt".parse::<EmailAddress>().unwrap(),
            EmailAddress {
                local: "u".into(),
                domain: "d.tt".into(),
            }
        );
-        assert_eq!(EmailAddress::new("u@.tt").is_ok(), false);
-        assert_eq!(EmailAddress::new("@d.tt").is_ok(), false);
+        assert_eq!("u@tt".parse::<EmailAddress>().is_ok(), false);
+        assert_eq!("@d.tt".parse::<EmailAddress>().is_ok(), false);
    }

    use proptest::prelude::*;
@@ -767,19 +728,6 @@ mod tests {
        }
    }

-    #[test]
-    fn test_file_get_safe_basename() {
-        assert_eq!(get_safe_basename("12312/hello"), "hello");
-        assert_eq!(get_safe_basename("12312\\hello"), "hello");
-        assert_eq!(get_safe_basename("//12312\\hello"), "hello");
-        assert_eq!(get_safe_basename("//123:12\\hello"), "hello");
-        assert_eq!(get_safe_basename("//123:12/\\\\hello"), "hello");
-        assert_eq!(get_safe_basename("//123:12//hello"), "hello");
-        assert_eq!(get_safe_basename("//123:12//"), "nobasename");
-        assert_eq!(get_safe_basename("//123:12/"), "nobasename");
-        assert!(get_safe_basename("123\x012.hello").ends_with(".hello"));
-    }
-
    #[test]
    fn test_file_handling() {
        let t = dummy_context();
--- a/src/e2ee.rs
+++ b/src/e2ee.rs
@@ -1,15 +1,19 @@
 //! End-to-end encryption support.

 use std::collections::HashSet;
+use std::convert::TryFrom;

-use mailparse::{MailHeaderMap, ParsedMail};
+use mailparse::ParsedMail;
 use num_traits::FromPrimitive;

 use crate::aheader::*;
 use crate::config::Config;
+use crate::constants::KeyGenType;
 use crate::context::Context;
+use crate::dc_tools::EmailAddress;
 use crate::error::*;
-use crate::key::*;
+use crate::headerdef::{HeaderDef, HeaderDefMap};
+use crate::key::{self, Key, KeyPairUse, SignedPublicKey};
 use crate::keyring::*;
 use crate::peerstate::*;
 use crate::pgp;
@@ -19,7 +23,7 @@ use crate::securejoin::handle_degrade_event;
 pub struct EncryptHelper {
    pub prefer_encrypt: EncryptPreference,
    pub addr: String,
-    pub public_key: Key,
+    pub public_key: SignedPublicKey,
 }

 impl EncryptHelper {
@@ -102,8 +106,8 @@ impl EncryptHelper {
            })?;
            keyring.add_ref(key);
        }
-
-        keyring.add_ref(&self.public_key);
+        let public_key = Key::from(self.public_key.clone());
+        keyring.add_ref(&public_key);
        let sign_key = Key::from_self_private(context, self.addr.clone(), &context.sql)
            .ok_or_else(|| format_err!("missing own private key"))?;

@@ -122,7 +126,7 @@ pub fn try_decrypt(
 ) -> Result<(Option<Vec<u8>>, HashSet<String>)> {
    let from = mail
        .headers
-        .get_first_value("From")?
+        .get_header_value(HeaderDef::From_)?
        .and_then(|from_addr| mailparse::addrparse(&from_addr).ok())
        .and_then(|from| from.extract_single_info())
        .map(|from| from.addr)
@@ -191,44 +195,35 @@ pub fn try_decrypt(
 /// storing a new one when one doesn't exist yet.  Care is taken to
 /// only generate one key per context even when multiple threads call
 /// this function concurrently.
-fn load_or_generate_self_public_key(context: &Context, self_addr: impl AsRef<str>) -> Result<Key> {
+fn load_or_generate_self_public_key(
+    context: &Context,
+    self_addr: impl AsRef<str>,
+) -> Result<SignedPublicKey> {
    if let Some(key) = Key::from_self_public(context, &self_addr, &context.sql) {
-        return Ok(key);
+        return SignedPublicKey::try_from(key)
+            .map_err(|_| Error::Message("Not a public key".into()));
    }
    let _guard = context.generating_key_mutex.lock().unwrap();

    // Check again in case the key was generated while we were waiting for the lock.
    if let Some(key) = Key::from_self_public(context, &self_addr, &context.sql) {
-        return Ok(key);
+        return SignedPublicKey::try_from(key)
+            .map_err(|_| Error::Message("Not a public key".into()));
    }

    let start = std::time::Instant::now();
+
+    let keygen_type =
+        KeyGenType::from_i32(context.get_config_int(Config::KeyGenType)).unwrap_or_default();
+    info!(context, "Generating keypair with type {}", keygen_type);
+    let keypair = pgp::create_keypair(EmailAddress::new(self_addr.as_ref())?, keygen_type)?;
+    key::store_self_keypair(context, &keypair, KeyPairUse::Default)?;
    info!(
        context,
-        "Generating keypair with {} bits, e={} ...", 2048, 65537,
+        "Keypair generated in {:.3}s.",
+        start.elapsed().as_secs()
    );
-    match pgp::create_keypair(&self_addr) {
-        Some((public_key, private_key)) => {
-            if dc_key_save_self_keypair(
-                context,
-                &public_key,
-                &private_key,
-                &self_addr,
-                true,
-                &context.sql,
-            ) {
-                info!(
-                    context,
-                    "Keypair generated in {:.3}s.",
-                    start.elapsed().as_secs()
-                );
-                Ok(public_key)
-            } else {
-                Err(format_err!("Failed to save keypair"))
-            }
-        }
-        None => Err(format_err!("Failed to generate keypair")),
-    }
+    Ok(keypair.public)
 }

 /// Returns a reference to the encrypted payload and validates the autocrypt structure.
--- a/src/error.rs
+++ b/src/error.rs
@@ -16,6 +16,9 @@ pub enum Error {
    #[fail(display = "{:?}", _0)]
    Message(String),

+    #[fail(display = "{:?}", _0)]
+    MessageWithCause(String, #[cause] failure::Error, failure::Backtrace),
+
    #[fail(display = "{:?}", _0)]
    Image(image_meta::ImageError),

@@ -46,6 +49,9 @@ pub enum Error {
    #[fail(display = "Building invalid Email: {:?}", _0)]
    LettreError(#[cause] lettre_email::error::Error),

+    #[fail(display = "SMTP error: {:?}", _0)]
+    SmtpError(#[cause] async_smtp::error::Error),
+
    #[fail(display = "FromStr error: {:?}", _0)]
    FromStr(#[cause] mime::FromStrError),

@@ -115,6 +121,18 @@ impl From<crate::message::InvalidMsgId> for Error {
    }
 }

+impl From<crate::key::SaveKeyError> for Error {
+    fn from(err: crate::key::SaveKeyError) -> Error {
+        Error::MessageWithCause(format!("{}", err), err.into(), failure::Backtrace::new())
+    }
+}
+
+impl From<crate::pgp::PgpKeygenError> for Error {
+    fn from(err: crate::pgp::PgpKeygenError) -> Error {
+        Error::MessageWithCause(format!("{}", err), err.into(), failure::Backtrace::new())
+    }
+}
+
 impl From<mailparse::MailParseError> for Error {
    fn from(err: mailparse::MailParseError) -> Error {
        Error::MailParseError(err)
--- a/src/events.rs
+++ b/src/events.rs
@@ -4,6 +4,7 @@ use std::path::PathBuf;

 use strum::EnumProperty;

+use crate::chat::ChatId;
 use crate::message::MsgId;

 impl Event {
@@ -21,56 +22,38 @@ pub enum Event {
    /// The library-user may write an informational string to the log.
    /// Passed to the callback given to dc_context_new().
    /// This event should not be reported to the end-user using a popup or something like that.
-    ///
-    /// @return 0
    #[strum(props(id = "100"))]
    Info(String),

    /// Emitted when SMTP connection is established and login was successful.
-    ///
-    /// @return 0
    #[strum(props(id = "101"))]
    SmtpConnected(String),

    /// Emitted when IMAP connection is established and login was successful.
-    ///
-    /// @return 0
    #[strum(props(id = "102"))]
    ImapConnected(String),

    /// Emitted when a message was successfully sent to the SMTP server.
-    ///
-    /// @return 0
    #[strum(props(id = "103"))]
    SmtpMessageSent(String),

    /// Emitted when an IMAP message has been marked as deleted
-    ///
-    /// @return 0
    #[strum(props(id = "104"))]
    ImapMessageDeleted(String),

    /// Emitted when an IMAP message has been moved
-    ///
-    /// @return 0
    #[strum(props(id = "105"))]
    ImapMessageMoved(String),

    /// Emitted when an IMAP folder was emptied
-    ///
-    /// @return 0
    #[strum(props(id = "106"))]
    ImapFolderEmptied(String),

    /// Emitted when an new file in the $BLOBDIR was created
-    ///
-    /// @return 0
    #[strum(props(id = "150"))]
    NewBlobFile(String),

    /// Emitted when an new file in the $BLOBDIR was created
-    ///
-    /// @return 0
    #[strum(props(id = "151"))]
    DeletedBlobFile(String),

@@ -78,8 +61,6 @@ pub enum Event {
    /// Passed to the callback given to dc_context_new().
    ///
    /// This event should not be reported to the end-user using a popup or something like that.
-    ///
-    /// @return 0
    #[strum(props(id = "300"))]
    Warning(String),

@@ -94,8 +75,6 @@ pub enum Event {
    /// it might be better to delay showing these events until the function has really
    /// failed (returned false). It should be sufficient to report only the *last* error
    /// in a messasge box then.
-    ///
-    /// @return
    #[strum(props(id = "400"))]
    Error(String),

@@ -112,8 +91,6 @@ pub enum Event {
    /// Moreover, if the UI detects that the device is offline,
    /// it is probably more useful to report this to the user
    /// instead of the string from data2.
-    ///
-    /// @return 0
    #[strum(props(id = "401"))]
    ErrorNetwork(String),

@@ -122,8 +99,6 @@ pub enum Event {
    /// dc_set_chat_name(), dc_set_chat_profile_image(),
    /// dc_add_contact_to_chat(), dc_remove_contact_from_chat(),
    /// dc_send_text_msg() or another sending function.
-    ///
-    /// @return 0
    #[strum(props(id = "410"))]
    ErrorSelfNotInGroup(String),

@@ -132,54 +107,41 @@ pub enum Event {
    /// - Messages sent, received or removed
    /// - Chats created, deleted or archived
    /// - A draft has been set
-    ///
-    /// @return 0
    #[strum(props(id = "2000"))]
-    MsgsChanged { chat_id: u32, msg_id: MsgId },
+    MsgsChanged { chat_id: ChatId, msg_id: MsgId },

    /// There is a fresh message. Typically, the user will show an notification
    /// when receiving this message.
    ///
    /// There is no extra #DC_EVENT_MSGS_CHANGED event send together with this event.
-    ///
-    /// @return 0
    #[strum(props(id = "2005"))]
-    IncomingMsg { chat_id: u32, msg_id: MsgId },
+    IncomingMsg { chat_id: ChatId, msg_id: MsgId },

    /// A single message is sent successfully. State changed from  DC_STATE_OUT_PENDING to
    /// DC_STATE_OUT_DELIVERED, see dc_msg_get_state().
-    ///
-    /// @return 0
    #[strum(props(id = "2010"))]
-    MsgDelivered { chat_id: u32, msg_id: MsgId },
+    MsgDelivered { chat_id: ChatId, msg_id: MsgId },

    /// A single message could not be sent. State changed from DC_STATE_OUT_PENDING or DC_STATE_OUT_DELIVERED to
    /// DC_STATE_OUT_FAILED, see dc_msg_get_state().
-    ///
-    /// @return 0
    #[strum(props(id = "2012"))]
-    MsgFailed { chat_id: u32, msg_id: MsgId },
+    MsgFailed { chat_id: ChatId, msg_id: MsgId },

    /// A single message is read by the receiver. State changed from DC_STATE_OUT_DELIVERED to
    /// DC_STATE_OUT_MDN_RCVD, see dc_msg_get_state().
-    ///
-    /// @return 0
    #[strum(props(id = "2015"))]
-    MsgRead { chat_id: u32, msg_id: MsgId },
+    MsgRead { chat_id: ChatId, msg_id: MsgId },

    /// Chat changed.  The name or the image of a chat group was changed or members were added or removed.
    /// Or the verify state of a chat has changed.
    /// See dc_set_chat_name(), dc_set_chat_profile_image(), dc_add_contact_to_chat()
    /// and dc_remove_contact_from_chat().
-    ///
-    /// @return 0
    #[strum(props(id = "2020"))]
-    ChatModified(u32),
+    ChatModified(ChatId),

    /// Contact(s) created, renamed, blocked or deleted.
    ///
    /// @param data1 (int) If set, this is the contact_id of an added contact that should be selected.
-    /// @return 0
    #[strum(props(id = "2030"))]
    ContactsChanged(Option<u32>),

@@ -188,14 +150,12 @@ pub enum Event {
    /// @param data1 (u32) contact_id of the contact for which the location has changed.
    ///     If the locations of several contacts have been changed,
    ///     eg. after calling dc_delete_all_locations(), this parameter is set to `None`.
-    /// @return 0
    #[strum(props(id = "2035"))]
    LocationChanged(Option<u32>),

    /// Inform about the configuration progress started by configure().
    ///
    /// @param data1 (usize) 0=error, 1-999=progress in permille, 1000=success and done
-    /// @return 0
    #[strum(props(id = "2041"))]
    ConfigureProgress(usize),

@@ -203,7 +163,6 @@ pub enum Event {
    ///
    /// @param data1 (usize) 0=error, 1-999=progress in permille, 1000=success and done
    /// @param data2 0
-    /// @return 0
    #[strum(props(id = "2051"))]
    ImexProgress(usize),

@@ -214,7 +173,6 @@ pub enum Event {
    /// services.
    ///
    /// @param data2 0
-    /// @return 0
    #[strum(props(id = "2052"))]
    ImexFileWritten(PathBuf),

@@ -230,7 +188,6 @@ pub enum Event {
    ///     600=vg-/vc-request-with-auth received, vg-member-added/vc-contact-confirm sent, typically shown as "bob@addr verified".
    ///     800=vg-member-added-received received, shown as "bob@addr securely joined GROUP", only sent for the verified-group-protocol.
    ///     1000=Protocol finished for this contact.
-    /// @return 0
    #[strum(props(id = "2060"))]
    SecurejoinInviterProgress { contact_id: u32, progress: usize },

@@ -242,14 +199,12 @@ pub enum Event {
    /// @param data2 (int) Progress as:
    ///     400=vg-/vc-request-with-auth sent, typically shown as "alice@addr verified, introducing myself."
    ///     (Bob has verified alice and waits until Alice does the same for him)
-    /// @return 0
    #[strum(props(id = "2061"))]
    SecurejoinJoinerProgress { contact_id: u32, progress: usize },

    /// This event is sent out to the inviter when a joiner successfully joined a group.
    /// @param data1 (int) chat_id
    /// @param data2 (int) contact_id
-    /// @return 0
    #[strum(props(id = "2062"))]
-    SecurejoinMemberAdded { chat_id: u32, contact_id: u32 },
+    SecurejoinMemberAdded { chat_id: ChatId, contact_id: u32 },
 }
--- a/src/headerdef.rs
+++ b/src/headerdef.rs
@@ -1,4 +1,7 @@
-#[derive(Debug, Display, Clone, PartialEq, Eq, EnumVariantNames)]
+use crate::strum::AsStaticRef;
+use mailparse::{MailHeader, MailHeaderMap, MailParseError};
+
+#[derive(Debug, Display, Clone, PartialEq, Eq, EnumVariantNames, AsStaticStr)]
 #[strum(serialize_all = "kebab_case")]
 #[allow(dead_code)]
 pub enum HeaderDef {
@@ -10,6 +13,10 @@ pub enum HeaderDef {
    Cc,
    Disposition,
    OriginalMessageId,
+
+    /// Delta Chat extension for message IDs in combined MDNs
+    AdditionalMessageIds,
+
    ListId,
    References,
    InReplyTo,
@@ -19,7 +26,6 @@ pub enum HeaderDef {
    ChatGroupName,
    ChatGroupNameChanged,
    ChatVerified,
-    ChatGroupImage, // deprecated
    ChatGroupAvatar,
    ChatUserAvatar,
    ChatVoiceMessage,
@@ -28,6 +34,7 @@ pub enum HeaderDef {
    ChatContent,
    ChatDuration,
    ChatDispositionNotificationTo,
+    Autocrypt,
    AutocryptSetupMessage,
    SecureJoin,
    SecureJoinGroup,
@@ -39,8 +46,18 @@ pub enum HeaderDef {

 impl HeaderDef {
    /// Returns the corresponding Event id.
-    pub fn get_headername(&self) -> String {
-        self.to_string()
+    pub fn get_headername(&self) -> &'static str {
+        self.as_static()
+    }
+}
+
+pub trait HeaderDefMap {
+    fn get_header_value(&self, headerdef: HeaderDef) -> Result<Option<String>, MailParseError>;
+}
+
+impl HeaderDefMap for [MailHeader<'_>] {
+    fn get_header_value(&self, headerdef: HeaderDef) -> Result<Option<String>, MailParseError> {
+        self.get_first_value(headerdef.get_headername())
    }
 }

@@ -51,8 +68,29 @@ mod tests {
    #[test]
    /// Test that kebab_case serialization works as expected
    fn kebab_test() {
-        assert_eq!(HeaderDef::From_.to_string(), "from");
+        assert_eq!(HeaderDef::From_.get_headername(), "from");

-        assert_eq!(HeaderDef::_TestHeader.to_string(), "test-header");
+        assert_eq!(HeaderDef::_TestHeader.get_headername(), "test-header");
+    }
+
+    #[test]
+    /// Test that headers are parsed case-insensitively
+    fn test_get_header_value_case() {
+        let (headers, _) =
+            mailparse::parse_headers(b"fRoM: Bob\naUtoCryPt-SeTup-MessAge: v99").unwrap();
+        assert_eq!(
+            headers
+                .get_header_value(HeaderDef::AutocryptSetupMessage)
+                .unwrap(),
+            Some("v99".to_string())
+        );
+        assert_eq!(
+            headers.get_header_value(HeaderDef::From_).unwrap(),
+            Some("Bob".to_string())
+        );
+        assert_eq!(
+            headers.get_header_value(HeaderDef::Autocrypt).unwrap(),
+            None
+        );
    }
 }
--- a/src/imap/client.rs
+++ b/src/imap/client.rs
@@ -0,0 +1,104 @@
+use async_imap::{
+    error::{Error as ImapError, Result as ImapResult},
+    Client as ImapClient,
+};
+use async_native_tls::TlsStream;
+use async_std::net::{self, TcpStream};
+
+use super::session::Session;
+use crate::login_param::{dc_build_tls, CertificateChecks};
+
+#[derive(Debug)]
+pub(crate) enum Client {
+    Secure(ImapClient<TlsStream<TcpStream>>),
+    Insecure(ImapClient<TcpStream>),
+}
+
+impl Client {
+    pub async fn connect_secure<A: net::ToSocketAddrs, S: AsRef<str>>(
+        addr: A,
+        domain: S,
+        certificate_checks: CertificateChecks,
+    ) -> ImapResult<Self> {
+        let stream = TcpStream::connect(addr).await?;
+        let tls = dc_build_tls(certificate_checks);
+        let tls_stream = tls.connect(domain.as_ref(), stream).await?;
+        let mut client = ImapClient::new(tls_stream);
+        if std::env::var(crate::DCC_IMAP_DEBUG).is_ok() {
+            client.debug = true;
+        }
+
+        let _greeting = client
+            .read_response()
+            .await
+            .ok_or_else(|| ImapError::Bad("failed to read greeting".to_string()))?;
+
+        Ok(Client::Secure(client))
+    }
+
+    pub async fn connect_insecure<A: net::ToSocketAddrs>(addr: A) -> ImapResult<Self> {
+        let stream = TcpStream::connect(addr).await?;
+
+        let mut client = ImapClient::new(stream);
+        if std::env::var(crate::DCC_IMAP_DEBUG).is_ok() {
+            client.debug = true;
+        }
+        let _greeting = client
+            .read_response()
+            .await
+            .ok_or_else(|| ImapError::Bad("failed to read greeting".to_string()))?;
+
+        Ok(Client::Insecure(client))
+    }
+
+    pub async fn secure<S: AsRef<str>>(
+        self,
+        domain: S,
+        certificate_checks: CertificateChecks,
+    ) -> ImapResult<Client> {
+        match self {
+            Client::Insecure(client) => {
+                let tls = dc_build_tls(certificate_checks);
+                let client_sec = client.secure(domain, tls).await?;
+
+                Ok(Client::Secure(client_sec))
+            }
+            // Nothing to do
+            Client::Secure(_) => Ok(self),
+        }
+    }
+
+    pub async fn authenticate<A: async_imap::Authenticator, S: AsRef<str>>(
+        self,
+        auth_type: S,
+        authenticator: &A,
+    ) -> Result<Session, (ImapError, Client)> {
+        match self {
+            Client::Secure(i) => match i.authenticate(auth_type, authenticator).await {
+                Ok(session) => Ok(Session::Secure(session)),
+                Err((err, c)) => Err((err, Client::Secure(c))),
+            },
+            Client::Insecure(i) => match i.authenticate(auth_type, authenticator).await {
+                Ok(session) => Ok(Session::Insecure(session)),
+                Err((err, c)) => Err((err, Client::Insecure(c))),
+            },
+        }
+    }
+
+    pub async fn login<U: AsRef<str>, P: AsRef<str>>(
+        self,
+        username: U,
+        password: P,
+    ) -> Result<Session, (ImapError, Client)> {
+        match self {
+            Client::Secure(i) => match i.login(username, password).await {
+                Ok(session) => Ok(Session::Secure(session)),
+                Err((err, c)) => Err((err, Client::Secure(c))),
+            },
+            Client::Insecure(i) => match i.login(username, password).await {
+                Ok(session) => Ok(Session::Insecure(session)),
+                Err((err, c)) => Err((err, Client::Insecure(c))),
+            },
+        }
+    }
+}
--- a/src/imap/idle.rs
+++ b/src/imap/idle.rs
@@ -1,15 +1,17 @@
 use super::Imap;

-use async_imap::extensions::idle::IdleResponse;
+use async_imap::extensions::idle::{Handle as ImapIdleHandle, IdleResponse};
+use async_native_tls::TlsStream;
+use async_std::net::TcpStream;
 use async_std::prelude::*;
 use async_std::task;
 use std::sync::atomic::Ordering;
 use std::time::{Duration, SystemTime};

 use crate::context::Context;
-use crate::imap_client::*;

 use super::select_folder;
+use super::session::Session;

 type Result<T> = std::result::Result<T, Error>;

@@ -27,9 +29,6 @@ pub enum Error {
    #[fail(display = "IMAP select folder error")]
    SelectFolderError(#[cause] select_folder::Error),

-    #[fail(display = "IMAP error")]
-    ImapError(#[cause] async_imap::error::Error),
-
    #[fail(display = "Setup handle error")]
    SetupHandleError(#[cause] super::Error),
 }
@@ -40,6 +39,27 @@ impl From<select_folder::Error> for Error {
    }
 }

+#[derive(Debug)]
+pub(crate) enum IdleHandle {
+    Secure(ImapIdleHandle<TlsStream<TcpStream>>),
+    Insecure(ImapIdleHandle<TcpStream>),
+}
+
+impl Session {
+    pub fn idle(self) -> IdleHandle {
+        match self {
+            Session::Secure(i) => {
+                let h = i.idle();
+                IdleHandle::Secure(h)
+            }
+            Session::Insecure(i) => {
+                let h = i.idle();
+                IdleHandle::Insecure(h)
+            }
+        }
+    }
+}
+
 impl Imap {
    pub fn can_idle(&self) -> bool {
        task::block_on(async move { self.config.read().await.can_idle })
@@ -80,18 +100,21 @@ impl Imap {
                        } else {
                            info!(context, "Idle entering wait-on-remote state");
                            match idle_wait.await {
-                                IdleResponse::NewData(_) => {
+                                Ok(IdleResponse::NewData(_)) => {
                                    info!(context, "Idle has NewData");
                                }
                                // TODO: idle_wait does not distinguish manual interrupts
                                // from Timeouts if we would know it's a Timeout we could bail
                                // directly and reconnect .
-                                IdleResponse::Timeout => {
+                                Ok(IdleResponse::Timeout) => {
                                    info!(context, "Idle-wait timeout or interruption");
                                }
-                                IdleResponse::ManualInterrupt => {
+                                Ok(IdleResponse::ManualInterrupt) => {
                                    info!(context, "Idle wait was interrupted");
                                }
+                                Err(err) => {
+                                    warn!(context, "Idle wait errored: {:?}", err);
+                                }
                            }
                        }
                        // if we can't properly terminate the idle
@@ -134,18 +157,21 @@ impl Imap {
                        } else {
                            info!(context, "Idle entering wait-on-remote state");
                            match idle_wait.await {
-                                IdleResponse::NewData(_) => {
+                                Ok(IdleResponse::NewData(_)) => {
                                    info!(context, "Idle has NewData");
                                }
                                // TODO: idle_wait does not distinguish manual interrupts
                                // from Timeouts if we would know it's a Timeout we could bail
                                // directly and reconnect .
-                                IdleResponse::Timeout => {
+                                Ok(IdleResponse::Timeout) => {
                                    info!(context, "Idle-wait timeout or interruption");
                                }
-                                IdleResponse::ManualInterrupt => {
+                                Ok(IdleResponse::ManualInterrupt) => {
                                    info!(context, "Idle wait was interrupted");
                                }
+                                Err(err) => {
+                                    warn!(context, "Idle wait errored: {:?}", err);
+                                }
                            }
                        }
                        // if we can't properly terminate the idle
--- a/src/imap/mod.rs
+++ b/src/imap/mod.rs
@@ -5,6 +5,8 @@

 use std::sync::atomic::{AtomicBool, Ordering};

+use num_traits::FromPrimitive;
+
 use async_imap::{
    error::Result as ImapResult,
    types::{Capability, Fetch, Flag, Mailbox, Name, NameAttribute},
@@ -12,11 +14,14 @@ use async_imap::{
 use async_std::sync::{Mutex, RwLock};
 use async_std::task;

+use crate::config::*;
 use crate::constants::*;
 use crate::context::Context;
-use crate::dc_receive_imf::dc_receive_imf;
+use crate::dc_receive_imf::{
+    dc_receive_imf, from_field_to_contact_id, is_msgrmsg_rfc724_mid_in_list,
+};
 use crate::events::Event;
-use crate::imap_client::*;
+use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::job::{job_add, Action};
 use crate::login_param::{CertificateChecks, LoginParam};
 use crate::message::{self, update_server_uid};
@@ -24,10 +29,13 @@ use crate::oauth2::dc_get_oauth2_access_token;
 use crate::param::Params;
 use crate::stock::StockMessage;

+mod client;
 mod idle;
 pub mod select_folder;
+mod session;

-const DC_IMAP_SEEN: usize = 0x0001;
+use client::Client;
+use session::Session;

 type Result<T> = std::result::Result<T, Error>;

@@ -63,6 +71,9 @@ pub enum Error {
    #[fail(display = "IMAP select folder error")]
    SelectFolderError(#[cause] select_folder::Error),

+    #[fail(display = "Mail parse error")]
+    MailParseError(#[cause] mailparse::MailParseError),
+
    #[fail(display = "No mailbox selected, folder: {:?}", _0)]
    NoMailbox(String),

@@ -94,6 +105,12 @@ impl From<select_folder::Error> for Error {
    }
 }

+impl From<mailparse::MailParseError> for Error {
+    fn from(err: mailparse::MailParseError) -> Error {
+        Error::MailParseError(err)
+    }
+}
+
 #[derive(Debug, Display, Clone, Copy, PartialEq, Eq)]
 pub enum ImapActionResult {
    Failed,
@@ -102,7 +119,20 @@ pub enum ImapActionResult {
    Success,
 }

-const PREFETCH_FLAGS: &str = "(UID ENVELOPE)";
+/// Prefetch:
+/// - Message-ID to check if we already have the message.
+/// - In-Reply-To and References to check if message is a reply to chat message.
+/// - Chat-Version to check if a message is a chat message
+/// - Autocrypt-Setup-Message to check if a message is an autocrypt setup message,
+///   not necessarily sent by Delta Chat.
+const PREFETCH_FLAGS: &str = "(UID BODY.PEEK[HEADER.FIELDS (\
+                              MESSAGE-ID \
+                              FROM \
+                              IN-REPLY-TO REFERENCES \
+                              CHAT-VERSION \
+                              AUTOCRYPT-SETUP-MESSAGE\
+                              )])";
+const DELETE_CHECK_FLAGS: &str = "(UID BODY.PEEK[HEADER.FIELDS (MESSAGE-ID)])";
 const JUST_UID: &str = "(UID)";
 const BODY_FLAGS: &str = "(FLAGS BODY.PEEK[])";
 const SELECT_ALL: &str = "1:*";
@@ -154,7 +184,10 @@ struct ImapConfig {
    pub selected_mailbox: Option<Mailbox>,
    pub selected_folder_needs_expunge: bool,
    pub can_idle: bool,
-    pub has_xlist: bool,
+
+    /// True if the server has MOVE capability as defined in
+    /// https://tools.ietf.org/html/rfc6851
+    pub can_move: bool,
    pub imap_delimiter: char,
 }

@@ -172,7 +205,7 @@ impl Default for ImapConfig {
            selected_mailbox: None,
            selected_folder_needs_expunge: false,
            can_idle: false,
-            has_xlist: false,
+            can_move: false,
            imap_delimiter: '.',
        }
    }
@@ -326,7 +359,7 @@ impl Imap {
        cfg.imap_port = 0;

        cfg.can_idle = false;
-        cfg.has_xlist = false;
+        cfg.can_move = false;
    }

    /// Connects to imap account using already-configured parameters.
@@ -387,7 +420,7 @@ impl Imap {
                        true
                    } else {
                        let can_idle = caps.has_str("IDLE");
-                        let has_xlist = caps.has_str("XLIST");
+                        let can_move = caps.has_str("MOVE");
                        let caps_list = caps.iter().fold(String::new(), |s, c| {
                            if let Capability::Atom(x) = c {
                                s + &format!(" {}", x)
@@ -397,7 +430,7 @@ impl Imap {
                        });

                        self.config.write().await.can_idle = can_idle;
-                        self.config.write().await.has_xlist = has_xlist;
+                        self.config.write().await.can_move = can_move;
                        *self.connected.lock().await = true;
                        emit_event!(
                            context,
@@ -555,6 +588,9 @@ impl Imap {
        context: &Context,
        folder: S,
    ) -> Result<bool> {
+        let show_emails =
+            ShowEmails::from_i32(context.get_config_int(Config::ShowEmails)).unwrap_or_default();
+
        let (uid_validity, last_seen_uid) =
            self.select_with_uidvalidity(context, folder.as_ref())?;

@@ -562,7 +598,7 @@ impl Imap {

        let mut list = if let Some(ref mut session) = &mut *self.session.lock().await {
            // fetch messages with larger UID than the last one seen
-            // (`UID FETCH lastseenuid+1:*)`, see RFC 4549
+            // `(UID FETCH lastseenuid+1:*)`, see RFC 4549
            let set = format!("{}:*", last_seen_uid + 1);
            match session.uid_fetch(set, PREFETCH_FLAGS).await {
                Ok(list) => list,
@@ -580,11 +616,16 @@ impl Imap {

        list.sort_unstable_by_key(|msg| msg.uid.unwrap_or_default());

-        for msg in &list {
-            let cur_uid = msg.uid.unwrap_or_default();
+        for fetch in &list {
+            let cur_uid = fetch.uid.unwrap_or_default();
            if cur_uid <= last_seen_uid {
-                // seems that at least dovecot sends the last available UID
-                // even if we asked for higher UID+N:*
+                // If the mailbox is not empty, results always include
+                // at least one UID, even if last_seen_uid+1 is past
+                // the last UID in the mailbox.  It happens because
+                // uid+1:* is interpreted the same way as *:uid+1.
+                // See https://tools.ietf.org/html/rfc3501#page-61 for
+                // standard reference. Therefore, sometimes we receive
+                // already seen messages and have to filter them out.
                info!(
                    context,
                    "fetch_new_messages: ignoring uid {}, last seen was {}", cur_uid, last_seen_uid
@@ -593,20 +634,9 @@ impl Imap {
            }
            read_cnt += 1;

-            let message_id = prefetch_get_message_id(msg).unwrap_or_default();
-
-            if !precheck_imf(context, &message_id, folder.as_ref(), cur_uid) {
-                // check passed, go fetch the rest
-                if self.fetch_single_msg(context, &folder, cur_uid).await == 0 {
-                    info!(
-                        context,
-                        "Read error for message {} from \"{}\", trying over later.",
-                        message_id,
-                        folder.as_ref()
-                    );
-                    read_errors += 1;
-                }
-            } else {
+            let headers = get_fetch_headers(fetch)?;
+            let message_id = prefetch_get_message_id(&headers).unwrap_or_default();
+            if precheck_imf(context, &message_id, folder.as_ref(), cur_uid) {
                // we know the message-id already or don't want the message otherwise.
                info!(
                    context,
@@ -614,6 +644,34 @@ impl Imap {
                    message_id,
                    folder.as_ref(),
                );
+            } else {
+                let show = prefetch_should_download(context, &headers, show_emails)
+                    .map_err(|err| {
+                        warn!(context, "prefetch_should_download error: {}", err);
+                        err
+                    })
+                    .unwrap_or(true);
+
+                if !show {
+                    info!(
+                        context,
+                        "Ignoring new message {} from \"{}\".",
+                        message_id,
+                        folder.as_ref(),
+                    );
+                } else {
+                    // check passed, go fetch the rest
+                    if let Err(err) = self.fetch_single_msg(context, &folder, cur_uid).await {
+                        info!(
+                            context,
+                            "Read error for message {} from \"{}\", trying over later: {}.",
+                            message_id,
+                            folder.as_ref(),
+                            err
+                        );
+                        read_errors += 1;
+                    }
+                }
            }
            if read_errors == 0 {
                new_last_seen_uid = cur_uid;
@@ -657,17 +715,19 @@ impl Imap {
        context.sql.set_raw_config(context, &key, Some(&val)).ok();
    }

+    /// Fetches a single message by server UID.
+    ///
+    /// If it succeeds, the message should be treated as received even
+    /// if no database entries are created. If the function returns an
+    /// error, the caller should try again later.
    async fn fetch_single_msg<S: AsRef<str>>(
        &self,
        context: &Context,
        folder: S,
        server_uid: u32,
-    ) -> usize {
-        // the function returns:
-        // 0  the caller should try over again later
-        // or  1  if the messages should be treated as received, the caller should not try to read the message again (even if no database entries are returned)
+    ) -> Result<()> {
        if !self.is_connected().await {
-            return 0;
+            return Err(Error::Other("Not connected".to_string()));
        }

        let set = format!("{}", server_uid);
@@ -686,41 +746,24 @@ impl Imap {
                        folder.as_ref(),
                        err
                    );
-                    return 0;
+                    return Err(Error::FetchFailed(err));
                }
            }
        } else {
            // we could not get a valid imap session, this should be retried
            self.trigger_reconnect();
-            return 0;
+            return Err(Error::Other("Could not get IMAP session".to_string()));
        };

-        if msgs.is_empty() {
-            warn!(
-                context,
-                "Message #{} does not exist in folder \"{}\".",
-                server_uid,
-                folder.as_ref()
-            );
-        } else {
-            let msg = &msgs[0];
-
+        if let Some(msg) = msgs.first() {
            // XXX put flags into a set and pass them to dc_receive_imf
-            let is_deleted = msg.flags().any(|flag| match flag {
-                Flag::Deleted => true,
-                _ => false,
-            });
-            let is_seen = msg.flags().any(|flag| match flag {
-                Flag::Seen => true,
-                _ => false,
-            });
-
-            let flags = if is_seen { DC_IMAP_SEEN } else { 0 };
+            let is_deleted = msg.flags().any(|flag| flag == Flag::Deleted);
+            let is_seen = msg.flags().any(|flag| flag == Flag::Seen);

            if !is_deleted && msg.body().is_some() {
                let body = msg.body().unwrap_or_default();
                if let Err(err) =
-                    dc_receive_imf(context, &body, folder.as_ref(), server_uid, flags as u32)
+                    dc_receive_imf(context, &body, folder.as_ref(), server_uid, is_seen)
                {
                    warn!(
                        context,
@@ -731,9 +774,20 @@ impl Imap {
                    );
                }
            }
+        } else {
+            warn!(
+                context,
+                "Message #{} does not exist in folder \"{}\".",
+                server_uid,
+                folder.as_ref()
+            );
        }

-        1
+        Ok(())
+    }
+
+    pub fn can_move(&self) -> bool {
+        task::block_on(async move { self.config.read().await.can_move })
    }

    pub fn mv(
@@ -765,52 +819,74 @@ impl Imap {

            let set = format!("{}", uid);
            let display_folder_id = format!("{}/{}", folder, uid);
-            if let Some(ref mut session) = &mut *self.session.lock().await {
-                match session.uid_mv(&set, &dest_folder).await {
-                    Ok(_) => {
-                        emit_event!(
-                            context,
-                            Event::ImapMessageMoved(format!(
-                                "IMAP Message {} moved to {}",
-                                display_folder_id, dest_folder
-                            ))
-                        );
-                        return ImapActionResult::Success;
-                    }
-                    Err(err) => {
-                        warn!(
-                            context,
-                            "Cannot move message, fallback to COPY/DELETE {}/{} to {}: {}",
-                            folder,
-                            uid,
-                            dest_folder,
-                            err
-                        );
-                    }
-                }
-            } else {
-                unreachable!();
-            };

-            if let Some(ref mut session) = &mut *self.session.lock().await {
-                match session.uid_copy(&set, &dest_folder).await {
-                    Ok(_) => {
-                        if !self.add_flag_finalized(context, uid, "\\Deleted").await {
-                            warn!(context, "Cannot mark {} as \"Deleted\" after copy.", uid);
-                            ImapActionResult::Failed
-                        } else {
-                            self.config.write().await.selected_folder_needs_expunge = true;
-                            ImapActionResult::Success
+            if self.can_move() {
+                if let Some(ref mut session) = &mut *self.session.lock().await {
+                    match session.uid_mv(&set, &dest_folder).await {
+                        Ok(_) => {
+                            emit_event!(
+                                context,
+                                Event::ImapMessageMoved(format!(
+                                    "IMAP Message {} moved to {}",
+                                    display_folder_id, dest_folder
+                                ))
+                            );
+                            return ImapActionResult::Success;
+                        }
+                        Err(err) => {
+                            warn!(
+                                context,
+                                "Cannot move message, fallback to COPY/DELETE {}/{} to {}: {}",
+                                folder,
+                                uid,
+                                dest_folder,
+                                err
+                            );
                        }
                    }
-                    Err(err) => {
-                        warn!(context, "Could not copy message: {}", err);
-                        ImapActionResult::Failed
-                    }
+                } else {
+                    unreachable!();
+                };
+            } else {
+                info!(
+                    context,
+                    "Server does not support MOVE, fallback to COPY/DELETE {}/{} to {}",
+                    folder,
+                    uid,
+                    dest_folder
+                );
+            }
+
+            if let Some(ref mut session) = &mut *self.session.lock().await {
+                if let Err(err) = session.uid_copy(&set, &dest_folder).await {
+                    warn!(context, "Could not copy message: {}", err);
+                    return ImapActionResult::Failed;
                }
            } else {
                unreachable!();
            }
+
+            if !self.add_flag_finalized(context, uid, "\\Deleted").await {
+                warn!(context, "Cannot mark {} as \"Deleted\" after copy.", uid);
+                emit_event!(
+                    context,
+                    Event::ImapMessageMoved(format!(
+                        "IMAP Message {} copied to {} (delete FAILED)",
+                        display_folder_id, dest_folder
+                    ))
+                );
+                ImapActionResult::Failed
+            } else {
+                self.config.write().await.selected_folder_needs_expunge = true;
+                emit_event!(
+                    context,
+                    Event::ImapMessageMoved(format!(
+                        "IMAP Message {} copied to {} (delete successfull)",
+                        display_folder_id, dest_folder
+                    ))
+                );
+                ImapActionResult::Success
+            }
        })
    }

@@ -915,7 +991,6 @@ impl Imap {
        })
    }

-    // only returns 0 on connection problems; we should try later again in this case *
    pub fn delete_msg(
        &self,
        context: &Context,
@@ -935,9 +1010,11 @@ impl Imap {
            // double-check that we are deleting the correct message-id
            // this comes at the expense of another imap query
            if let Some(ref mut session) = &mut *self.session.lock().await {
-                match session.uid_fetch(set, PREFETCH_FLAGS).await {
+                match session.uid_fetch(set, DELETE_CHECK_FLAGS).await {
                    Ok(msgs) => {
-                        if msgs.is_empty() {
+                        let fetch = if let Some(fetch) = msgs.first() {
+                            fetch
+                        } else {
                            warn!(
                                context,
                                "Cannot delete on IMAP, {}: imap entry gone '{}'",
@@ -945,9 +1022,11 @@ impl Imap {
                                message_id,
                            );
                            return ImapActionResult::Failed;
-                        }
-                        let remote_message_id =
-                            prefetch_get_message_id(msgs.first().unwrap()).unwrap_or_default();
+                        };
+
+                        let remote_message_id = get_fetch_headers(fetch)
+                            .and_then(|headers| prefetch_get_message_id(&headers))
+                            .unwrap_or_default();

                        if remote_message_id != message_id {
                            warn!(
@@ -957,8 +1036,8 @@ impl Imap {
                                remote_message_id,
                                message_id,
                            );
+                            *uid = 0;
                        }
-                        *uid = 0;
                    }
                    Err(err) => {
                        warn!(
@@ -1099,7 +1178,6 @@ impl Imap {
    }

    async fn list_folders(&self, session: &mut Session, context: &Context) -> Option<Vec<Name>> {
-        // TODO: use xlist when available
        match session.list(Some(""), Some("*")).await {
            Ok(list) => {
                if list.is_empty() {
@@ -1206,7 +1284,7 @@ fn precheck_imf(context: &Context, rfc724_mid: &str, server_folder: &str, server
        message::rfc724_mid_exists(context, &rfc724_mid)
    {
        if old_server_folder.is_empty() && old_server_uid == 0 {
-            info!(context, "[move] detected bbc-self {}", rfc724_mid,);
+            info!(context, "[move] detected bcc-self {}", rfc724_mid,);
            context.do_heuristics_moves(server_folder.as_ref(), msg_id);
            job_add(
                context,
@@ -1228,46 +1306,70 @@ fn precheck_imf(context: &Context, rfc724_mid: &str, server_folder: &str, server
    }
 }

-fn parse_message_id(message_id: &[u8]) -> crate::error::Result<String> {
-    let value = std::str::from_utf8(message_id)?;
-    let addrs = mailparse::addrparse(value)
-        .map_err(|err| format_err!("failed to parse message id {:?}", err))?;
-
-    if let Some(info) = addrs.extract_single_info() {
-        return Ok(info.addr);
-    }
-
-    bail!("could not parse message_id: {}", value);
+fn get_fetch_headers(prefetch_msg: &Fetch) -> Result<Vec<mailparse::MailHeader>> {
+    let header_bytes = match prefetch_msg.header() {
+        Some(header_bytes) => header_bytes,
+        None => return Ok(Vec::new()),
+    };
+    let (headers, _) = mailparse::parse_headers(header_bytes)?;
+    Ok(headers)
 }

-fn prefetch_get_message_id(prefetch_msg: &Fetch) -> Result<String> {
-    if prefetch_msg.envelope().is_none() {
-        return Err(Error::Other(
-            "prefectch: message has no envelope".to_string(),
-        ));
-    }
-
-    let message_id = prefetch_msg.envelope().unwrap().message_id;
-    if message_id.is_none() {
-        return Err(Error::Other("prefetch: No message ID found".to_string()));
-    }
-
-    parse_message_id(&message_id.unwrap()).map_err(Into::into)
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_parse_message_id() {
-        assert_eq!(
-            parse_message_id(b"Mr.PRUe8HJBoaO.3whNvLCMFU0@testrun.org").unwrap(),
-            "Mr.PRUe8HJBoaO.3whNvLCMFU0@testrun.org"
-        );
-        assert_eq!(
-            parse_message_id(b"<Mr.PRUe8HJBoaO.3whNvLCMFU0@testrun.org>").unwrap(),
-            "Mr.PRUe8HJBoaO.3whNvLCMFU0@testrun.org"
-        );
+fn prefetch_get_message_id(headers: &[mailparse::MailHeader]) -> Result<String> {
+    if let Some(message_id) = headers.get_header_value(HeaderDef::MessageId)? {
+        Ok(crate::mimeparser::parse_message_id(&message_id)?)
+    } else {
+        Err(Error::Other("prefetch: No message ID found".to_string()))
    }
 }
+
+fn prefetch_is_reply_to_chat_message(
+    context: &Context,
+    headers: &[mailparse::MailHeader],
+) -> Result<bool> {
+    if let Some(value) = headers.get_header_value(HeaderDef::InReplyTo)? {
+        if is_msgrmsg_rfc724_mid_in_list(context, &value) {
+            return Ok(true);
+        }
+    }
+
+    if let Some(value) = headers.get_header_value(HeaderDef::References)? {
+        if is_msgrmsg_rfc724_mid_in_list(context, &value) {
+            return Ok(true);
+        }
+    }
+
+    Ok(false)
+}
+
+fn prefetch_should_download(
+    context: &Context,
+    headers: &[mailparse::MailHeader],
+    show_emails: ShowEmails,
+) -> Result<bool> {
+    let is_chat_message = headers.get_header_value(HeaderDef::ChatVersion)?.is_some();
+    let is_reply_to_chat_message = prefetch_is_reply_to_chat_message(context, &headers)?;
+
+    // Autocrypt Setup Message should be shown even if it is from non-chat client.
+    let is_autocrypt_setup_message = headers
+        .get_header_value(HeaderDef::AutocryptSetupMessage)?
+        .is_some();
+
+    let from_field = headers
+        .get_header_value(HeaderDef::From_)?
+        .unwrap_or_default();
+
+    let (_contact_id, blocked_contact, origin) = from_field_to_contact_id(context, &from_field)?;
+    let accepted_contact = origin.is_known();
+
+    let show = is_autocrypt_setup_message
+        || match show_emails {
+            ShowEmails::Off => is_chat_message || is_reply_to_chat_message,
+            ShowEmails::AcceptedContacts => {
+                is_chat_message || is_reply_to_chat_message || accepted_contact
+            }
+            ShowEmails::All => true,
+        };
+    let show = show && !blocked_contact;
+    Ok(show)
+}
--- a/src/imap/session.rs
+++ b/src/imap/session.rs
@@ -1,125 +1,18 @@
 use async_imap::{
-    error::{Error as ImapError, Result as ImapResult},
-    extensions::idle::Handle as ImapIdleHandle,
+    error::Result as ImapResult,
    types::{Capabilities, Fetch, Mailbox, Name},
-    Client as ImapClient, Session as ImapSession,
+    Session as ImapSession,
 };
 use async_native_tls::TlsStream;
-use async_std::net::{self, TcpStream};
+use async_std::net::TcpStream;
 use async_std::prelude::*;

-use crate::login_param::{dc_build_tls, CertificateChecks};
-
-#[derive(Debug)]
-pub(crate) enum Client {
-    Secure(ImapClient<TlsStream<TcpStream>>),
-    Insecure(ImapClient<TcpStream>),
-}
-
 #[derive(Debug)]
 pub(crate) enum Session {
    Secure(ImapSession<TlsStream<TcpStream>>),
    Insecure(ImapSession<TcpStream>),
 }

-#[derive(Debug)]
-pub(crate) enum IdleHandle {
-    Secure(ImapIdleHandle<TlsStream<TcpStream>>),
-    Insecure(ImapIdleHandle<TcpStream>),
-}
-
-impl Client {
-    pub async fn connect_secure<A: net::ToSocketAddrs, S: AsRef<str>>(
-        addr: A,
-        domain: S,
-        certificate_checks: CertificateChecks,
-    ) -> ImapResult<Self> {
-        let stream = TcpStream::connect(addr).await?;
-        let tls = dc_build_tls(certificate_checks)?;
-        let tls_connector: async_native_tls::TlsConnector = tls.into();
-        let tls_stream = tls_connector.connect(domain.as_ref(), stream).await?;
-        let mut client = ImapClient::new(tls_stream);
-        if std::env::var(crate::DCC_IMAP_DEBUG).is_ok() {
-            client.debug = true;
-        }
-
-        let _greeting = client
-            .read_response()
-            .await
-            .ok_or_else(|| ImapError::Bad("failed to read greeting".to_string()))?;
-
-        Ok(Client::Secure(client))
-    }
-
-    pub async fn connect_insecure<A: net::ToSocketAddrs>(addr: A) -> ImapResult<Self> {
-        let stream = TcpStream::connect(addr).await?;
-
-        let mut client = ImapClient::new(stream);
-        if std::env::var(crate::DCC_IMAP_DEBUG).is_ok() {
-            client.debug = true;
-        }
-        let _greeting = client
-            .read_response()
-            .await
-            .ok_or_else(|| ImapError::Bad("failed to read greeting".to_string()))?;
-
-        Ok(Client::Insecure(client))
-    }
-
-    pub async fn secure<S: AsRef<str>>(
-        self,
-        domain: S,
-        certificate_checks: CertificateChecks,
-    ) -> ImapResult<Client> {
-        match self {
-            Client::Insecure(client) => {
-                let tls = dc_build_tls(certificate_checks)?;
-                let tls_stream = tls.into();
-
-                let client_sec = client.secure(domain, &tls_stream).await?;
-
-                Ok(Client::Secure(client_sec))
-            }
-            // Nothing to do
-            Client::Secure(_) => Ok(self),
-        }
-    }
-
-    pub async fn authenticate<A: async_imap::Authenticator, S: AsRef<str>>(
-        self,
-        auth_type: S,
-        authenticator: &A,
-    ) -> Result<Session, (ImapError, Client)> {
-        match self {
-            Client::Secure(i) => match i.authenticate(auth_type, authenticator).await {
-                Ok(session) => Ok(Session::Secure(session)),
-                Err((err, c)) => Err((err, Client::Secure(c))),
-            },
-            Client::Insecure(i) => match i.authenticate(auth_type, authenticator).await {
-                Ok(session) => Ok(Session::Insecure(session)),
-                Err((err, c)) => Err((err, Client::Insecure(c))),
-            },
-        }
-    }
-
-    pub async fn login<U: AsRef<str>, P: AsRef<str>>(
-        self,
-        username: U,
-        password: P,
-    ) -> Result<Session, (ImapError, Client)> {
-        match self {
-            Client::Secure(i) => match i.login(username, password).await {
-                Ok(session) => Ok(Session::Secure(session)),
-                Err((err, c)) => Err((err, Client::Secure(c))),
-            },
-            Client::Insecure(i) => match i.login(username, password).await {
-                Ok(session) => Ok(Session::Insecure(session)),
-                Err((err, c)) => Err((err, Client::Insecure(c))),
-            },
-        }
-    }
-}
-
 impl Session {
    pub async fn capabilities(&mut self) -> ImapResult<Capabilities> {
        let res = match self {
@@ -230,19 +123,6 @@ impl Session {
        Ok(res)
    }

-    pub fn idle(self) -> IdleHandle {
-        match self {
-            Session::Secure(i) => {
-                let h = i.idle();
-                IdleHandle::Secure(h)
-            }
-            Session::Insecure(i) => {
-                let h = i.idle();
-                IdleHandle::Insecure(h)
-            }
-        }
-    }
-
    pub async fn uid_store<S1, S2>(&mut self, uid_set: S1, query: S2) -> ImapResult<Vec<Fetch>>
    where
        S1: AsRef<str>,
--- a/src/imex.rs
+++ b/src/imex.rs
@@ -8,8 +8,8 @@ use rand::{thread_rng, Rng};

 use crate::blob::BlobObject;
 use crate::chat;
+use crate::chat::delete_and_reset_all_device_msgs;
 use crate::config::Config;
-use crate::configure::*;
 use crate::constants::*;
 use crate::context::Context;
 use crate::dc_tools::*;
@@ -17,7 +17,7 @@ use crate::e2ee;
 use crate::error::*;
 use crate::events::Event;
 use crate::job::*;
-use crate::key::*;
+use crate::key::{self, Key};
 use crate::message::{Message, MsgId};
 use crate::mimeparser::SystemMessage;
 use crate::param::*;
@@ -136,14 +136,16 @@ fn do_initiate_key_transfer(context: &Context) -> Result<String> {

    let chat_id = chat::create_by_contact_id(context, DC_CONTACT_ID_SELF)?;
    msg = Message::default();
-    msg.type_0 = Viewtype::File;
+    msg.viewtype = Viewtype::File;
    msg.param.set(Param::File, setup_file_blob.as_name());

    msg.param
        .set(Param::MimeType, "application/autocrypt-setup");
    msg.param.set_cmd(SystemMessage::AutocryptSetupMessage);
-    msg.param
-        .set_int(Param::ForcePlaintext, DC_FP_NO_AUTOCRYPT_HEADER);
+    msg.param.set_int(
+        Param::ForcePlaintext,
+        ForcePlaintext::NoAutocryptHeader as i32,
+    );

    ensure!(!context.shall_stop_ongoing(), "canceled");
    let msg_id = chat::send_msg(context, chat_id, &mut msg)?;
@@ -286,7 +288,6 @@ fn set_self_key(
        .and_then(|(k, h)| k.split_key().map(|pub_key| (k, pub_key, h)));

    ensure!(keys.is_some(), "Not a valid private key");
-
    let (private_key, public_key, header) = keys.unwrap();
    let preferencrypt = header.get("Autocrypt-Prefer-Encrypt");
    match preferencrypt.map(|s| s.as_str()) {
@@ -311,34 +312,26 @@ fn set_self_key(

    let self_addr = context.get_config(Config::ConfiguredAddr);
    ensure!(self_addr.is_some(), "Missing self addr");
+    let addr = EmailAddress::new(&self_addr.unwrap_or_default())?;

-    // XXX maybe better make dc_key_save_self_keypair delete things
-    sql::execute(
+    let (public, secret) = match (public_key, private_key) {
+        (Key::Public(p), Key::Secret(s)) => (p, s),
+        _ => bail!("wrong keys unpacked"),
+    };
+    let keypair = pgp::KeyPair {
+        addr,
+        public,
+        secret,
+    };
+    key::store_self_keypair(
        context,
-        &context.sql,
-        "DELETE FROM keypairs WHERE public_key=? OR private_key=?;",
-        params![public_key.to_bytes(), private_key.to_bytes()],
+        &keypair,
+        if set_default {
+            key::KeyPairUse::Default
+        } else {
+            key::KeyPairUse::ReadOnly
+        },
    )?;
-
-    if set_default {
-        sql::execute(
-            context,
-            &context.sql,
-            "UPDATE keypairs SET is_default=0;",
-            params![],
-        )?;
-    }
-
-    if !dc_key_save_self_keypair(
-        context,
-        &public_key,
-        &private_key,
-        self_addr.unwrap_or_default(),
-        set_default,
-        &context.sql,
-    ) {
-        bail!("Cannot save keypair, internal key-state possibly corrupted now!");
-    }
    Ok(())
 }

@@ -420,7 +413,7 @@ fn import_backup(context: &Context, backup_to_import: impl AsRef<Path>) -> Resul
    );

    ensure!(
-        !dc_is_configured(context),
+        !context.is_configured(),
        "Cannot import backups to accounts in use."
    );
    context.sql.close(&context);
@@ -441,6 +434,8 @@ fn import_backup(context: &Context, backup_to_import: impl AsRef<Path>) -> Resul
        "could not re-open db"
    );

+    delete_and_reset_all_device_msgs(&context)?;
+
    let total_files_cnt = context
        .sql
        .query_get_value::<_, isize>(context, "SELECT COUNT(*) FROM backup_blobs;", params![])
@@ -741,7 +736,6 @@ fn export_key_to_asc_file(
 #[cfg(test)]
 mod tests {
    use super::*;
-
    use crate::pgp::{split_armored_data, HEADER_AUTOCRYPT, HEADER_SETUPCODE};
    use crate::test_utils::*;
    use ::pgp::armor::BlockType;
@@ -796,8 +790,7 @@ mod tests {
    #[test]
    fn test_export_key_to_asc_file() {
        let context = dummy_context();
-        let base64 = include_str!("../test-data/key/public.asc");
-        let key = Key::from_base64(base64, KeyType::Public).unwrap();
+        let key = Key::from(alice_keypair().public);
        let blobdir = "$BLOBDIR";
        assert!(export_key_to_asc_file(&context.ctx, blobdir, None, &key).is_ok());
        let blobdir = context.ctx.get_blobdir().to_str().unwrap();
--- a/src/job.rs
+++ b/src/job.rs
--- a/src/job_thread.rs
+++ b/src/job_thread.rs
@@ -143,7 +143,7 @@ impl JobThread {
            if state.jobs_needed {
                info!(
                    context,
-                    "{}-IDLE will not be started as it was interrupted while not ideling.",
+                    "{}-IDLE will not be started as it was interrupted while not idling.",
                    self.name,
                );
                state.jobs_needed = false;
--- a/src/key.rs
+++ b/src/key.rs
@@ -4,14 +4,84 @@ use std::collections::BTreeMap;
 use std::io::Cursor;
 use std::path::Path;

-use pgp::composed::{Deserializable, SignedPublicKey, SignedSecretKey};
+use pgp::composed::Deserializable;
 use pgp::ser::Serialize;
 use pgp::types::{KeyTrait, SecretKeyTrait};

 use crate::constants::*;
 use crate::context::Context;
 use crate::dc_tools::*;
-use crate::sql::{self, Sql};
+use crate::sql::Sql;
+
+// Re-export key types
+pub use crate::pgp::KeyPair;
+pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
+
+/// Error type for deltachat key handling.
+#[derive(Fail, Debug)]
+pub enum Error {
+    #[fail(display = "Could not decode base64")]
+    Base64Decode(#[cause] base64::DecodeError, failure::Backtrace),
+    #[fail(display = "rPGP error: {}", _0)]
+    PgpError(#[cause] pgp::errors::Error, failure::Backtrace),
+}
+
+impl From<base64::DecodeError> for Error {
+    fn from(err: base64::DecodeError) -> Error {
+        Error::Base64Decode(err, failure::Backtrace::new())
+    }
+}
+
+impl From<pgp::errors::Error> for Error {
+    fn from(err: pgp::errors::Error) -> Error {
+        Error::PgpError(err, failure::Backtrace::new())
+    }
+}
+
+pub type Result<T> = std::result::Result<T, Error>;
+
+/// Convenience trait for working with keys.
+///
+/// This trait is implemented for rPGP's [SignedPublicKey] and
+/// [SignedSecretKey] types and makes working with them a little
+/// easier in the deltachat world.
+pub trait DcKey: Serialize + Deserializable {
+    type KeyType: Serialize + Deserializable;
+
+    /// Create a key from some bytes.
+    fn from_slice(bytes: &[u8]) -> Result<Self::KeyType> {
+        Ok(<Self::KeyType as Deserializable>::from_bytes(Cursor::new(
+            bytes,
+        ))?)
+    }
+
+    /// Create a key from a base64 string.
+    fn from_base64(data: &str) -> Result<Self::KeyType> {
+        // strip newlines and other whitespace
+        let cleaned: String = data.trim().split_whitespace().collect();
+        let bytes = base64::decode(cleaned.as_bytes())?;
+        Self::from_slice(&bytes)
+    }
+
+    /// Serialise the key to a base64 string.
+    fn to_base64(&self) -> String {
+        // Not using Serialize::to_bytes() to make clear *why* it is
+        // safe to ignore this error.
+        // Because we write to a Vec<u8> the io::Write impls never
+        // fail and we can hide this error.
+        let mut buf = Vec::new();
+        self.to_writer(&mut buf).unwrap();
+        base64::encode(&buf)
+    }
+}
+
+impl DcKey for SignedPublicKey {
+    type KeyType = SignedPublicKey;
+}
+
+impl DcKey for SignedSecretKey {
+    type KeyType = SignedSecretKey;
+}

 /// Cryptographic key
 #[derive(Debug, PartialEq, Eq, Clone)]
@@ -35,7 +105,7 @@ impl From<SignedSecretKey> for Key {
 impl std::convert::TryFrom<Key> for SignedSecretKey {
    type Error = ();

-    fn try_from(value: Key) -> Result<Self, Self::Error> {
+    fn try_from(value: Key) -> std::result::Result<Self, Self::Error> {
        match value {
            Key::Public(_) => Err(()),
            Key::Secret(key) => Ok(key),
@@ -46,7 +116,7 @@ impl std::convert::TryFrom<Key> for SignedSecretKey {
 impl<'a> std::convert::TryFrom<&'a Key> for &'a SignedSecretKey {
    type Error = ();

-    fn try_from(value: &'a Key) -> Result<Self, Self::Error> {
+    fn try_from(value: &'a Key) -> std::result::Result<Self, Self::Error> {
        match value {
            Key::Public(_) => Err(()),
            Key::Secret(key) => Ok(key),
@@ -57,7 +127,7 @@ impl<'a> std::convert::TryFrom<&'a Key> for &'a SignedSecretKey {
 impl std::convert::TryFrom<Key> for SignedPublicKey {
    type Error = ();

-    fn try_from(value: Key) -> Result<Self, Self::Error> {
+    fn try_from(value: Key) -> std::result::Result<Self, Self::Error> {
        match value {
            Key::Public(key) => Ok(key),
            Key::Secret(_) => Err(()),
@@ -68,7 +138,7 @@ impl std::convert::TryFrom<Key> for SignedPublicKey {
 impl<'a> std::convert::TryFrom<&'a Key> for &'a SignedPublicKey {
    type Error = ();

-    fn try_from(value: &'a Key) -> Result<Self, Self::Error> {
+    fn try_from(value: &'a Key) -> std::result::Result<Self, Self::Error> {
        match value {
            Key::Public(key) => Ok(key),
            Key::Secret(_) => Err(()),
@@ -92,7 +162,7 @@ impl Key {
        if bytes.is_empty() {
            return None;
        }
-        let res: Result<Key, _> = match key_type {
+        let res: std::result::Result<Key, _> = match key_type {
            KeyType::Public => SignedPublicKey::from_bytes(Cursor::new(bytes)).map(Into::into),
            KeyType::Private => SignedSecretKey::from_bytes(Cursor::new(bytes)).map(Into::into),
        };
@@ -111,7 +181,7 @@ impl Key {
        key_type: KeyType,
    ) -> Option<(Self, BTreeMap<String, String>)> {
        let bytes = data.as_bytes();
-        let res: Result<(Key, _), _> = match key_type {
+        let res: std::result::Result<(Key, _), _> = match key_type {
            KeyType::Public => SignedPublicKey::from_armor_single(Cursor::new(bytes))
                .map(|(k, h)| (Into::into(k), h)),
            KeyType::Private => SignedSecretKey::from_armor_single(Cursor::new(bytes))
@@ -127,15 +197,6 @@ impl Key {
        }
    }

-    pub fn from_base64(encoded_data: &str, key_type: KeyType) -> Option<Self> {
-        // strip newlines and other whitespace
-        let cleaned: String = encoded_data.trim().split_whitespace().collect();
-        let bytes = cleaned.as_bytes();
-        base64::decode(bytes)
-            .ok()
-            .and_then(|decoded| Self::from_slice(&decoded, key_type))
-    }
-
    pub fn from_self_public(
        context: &Context,
        self_addr: impl AsRef<str>,
@@ -242,20 +303,97 @@ impl Key {
    }
 }

-pub fn dc_key_save_self_keypair(
+/// Use of a [KeyPair] for encryption or decryption.
+///
+/// This is used by [store_self_keypair] to know what kind of key is
+/// being saved.
+#[derive(Debug, Clone, Eq, PartialEq)]
+pub enum KeyPairUse {
+    /// The default key used to encrypt new messages.
+    Default,
+    /// Only used to decrypt existing message.
+    ReadOnly,
+}
+
+/// Error saving a keypair to the database.
+#[derive(Fail, Debug)]
+#[fail(display = "SaveKeyError: {}", message)]
+pub struct SaveKeyError {
+    message: String,
+    #[cause]
+    cause: failure::Error,
+    backtrace: failure::Backtrace,
+}
+
+impl SaveKeyError {
+    fn new(message: impl Into<String>, cause: impl Into<failure::Error>) -> Self {
+        Self {
+            message: message.into(),
+            cause: cause.into(),
+            backtrace: failure::Backtrace::new(),
+        }
+    }
+}
+
+/// Store the keypair as an owned keypair for addr in the database.
+///
+/// This will save the keypair as keys for the given address.  The
+/// "self" here refers to the fact that this DC instance owns the
+/// keypair.  Usually `addr` will be [Config::ConfiguredAddr].
+///
+/// If either the public or private keys are already present in the
+/// database, this entry will be removed first regardless of the
+/// address associated with it.  Practically this means saving the
+/// same key again overwrites it.
+///
+/// [Config::ConfiguredAddr]: crate::config::Config::ConfiguredAddr
+pub fn store_self_keypair(
    context: &Context,
-    public_key: &Key,
-    private_key: &Key,
-    addr: impl AsRef<str>,
-    is_default: bool,
-    sql: &Sql,
-) -> bool {
-    sql::execute(
-        context,
-        sql,
-        "INSERT INTO keypairs (addr, is_default, public_key, private_key, created) VALUES (?,?,?,?,?);",
-        params![addr.as_ref(), is_default as i32, public_key.to_bytes(), private_key.to_bytes(), time()],
-    ).is_ok()
+    keypair: &KeyPair,
+    default: KeyPairUse,
+) -> std::result::Result<(), SaveKeyError> {
+    // Everything should really be one transaction, more refactoring
+    // is needed for that.
+    let public_key = keypair
+        .public
+        .to_bytes()
+        .map_err(|err| SaveKeyError::new("failed to serialise public key", err))?;
+    let secret_key = keypair
+        .secret
+        .to_bytes()
+        .map_err(|err| SaveKeyError::new("failed to serialise secret key", err))?;
+    context
+        .sql
+        .execute(
+            "DELETE FROM keypairs WHERE public_key=? OR private_key=?;",
+            params![public_key, secret_key],
+        )
+        .map_err(|err| SaveKeyError::new("failed to remove old use of key", err))?;
+    if default == KeyPairUse::Default {
+        context
+            .sql
+            .execute("UPDATE keypairs SET is_default=0;", params![])
+            .map_err(|err| SaveKeyError::new("failed to clear default", err))?;
+    }
+    let is_default = match default {
+        KeyPairUse::Default => true,
+        KeyPairUse::ReadOnly => false,
+    };
+    context
+        .sql
+        .execute(
+            "INSERT INTO keypairs (addr, is_default, public_key, private_key, created)
+                VALUES (?,?,?,?,?);",
+            params![
+                keypair.addr.to_string(),
+                is_default as i32,
+                public_key,
+                secret_key,
+                time()
+            ],
+        )
+        .map(|_| ())
+        .map_err(|err| SaveKeyError::new("failed to insert keypair", err))
 }

 /// Make a fingerprint human-readable, in hex format.
@@ -287,6 +425,14 @@ pub fn dc_normalize_fingerprint(fp: &str) -> String {
 #[cfg(test)]
 mod tests {
    use super::*;
+    use crate::test_utils::*;
+    use std::convert::TryFrom;
+
+    use lazy_static::lazy_static;
+
+    lazy_static! {
+        static ref KEYPAIR: KeyPair = alice_keypair();
+    }

    #[test]
    fn test_normalize_fingerprint() {
@@ -373,9 +519,9 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
    }

    #[test]
-    #[ignore] // is too expensive
    fn test_from_slice_roundtrip() {
-        let (public_key, private_key) = crate::pgp::create_keypair("hello").unwrap();
+        let public_key = Key::from(KEYPAIR.public.clone());
+        let private_key = Key::from(KEYPAIR.secret.clone());

        let binary = public_key.to_bytes();
        let public_key2 = Key::from_slice(&binary, KeyType::Public).expect("invalid public key");
@@ -408,9 +554,9 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
    }

    #[test]
-    #[ignore] // is too expensive
    fn test_ascii_roundtrip() {
-        let (public_key, private_key) = crate::pgp::create_keypair("hello").unwrap();
+        let public_key = Key::from(KEYPAIR.public.clone());
+        let private_key = Key::from(KEYPAIR.secret.clone());

        let s = public_key.to_armored_string(None).unwrap();
        let (public_key2, _) =
@@ -423,4 +569,51 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
            Key::from_armored_string(&s, KeyType::Private).expect("invalid private key");
        assert_eq!(private_key, private_key2);
    }
+
+    #[test]
+    fn test_split_key() {
+        let private_key = Key::from(KEYPAIR.secret.clone());
+        let public_wrapped = private_key.split_key().unwrap();
+        let public = SignedPublicKey::try_from(public_wrapped).unwrap();
+        assert_eq!(public.primary_key, KEYPAIR.public.primary_key);
+    }
+
+    #[test]
+    fn test_save_self_key_twice() {
+        // Saving the same key twice should result in only one row in
+        // the keypairs table.
+        let t = dummy_context();
+        let nrows = || {
+            t.ctx
+                .sql
+                .query_get_value::<_, u32>(&t.ctx, "SELECT COUNT(*) FROM keypairs;", params![])
+                .unwrap()
+        };
+        assert_eq!(nrows(), 0);
+        store_self_keypair(&t.ctx, &KEYPAIR, KeyPairUse::Default).unwrap();
+        assert_eq!(nrows(), 1);
+        store_self_keypair(&t.ctx, &KEYPAIR, KeyPairUse::Default).unwrap();
+        assert_eq!(nrows(), 1);
+    }
+
+    // Convenient way to create a new key if you need one, run with
+    // `cargo test key::tests::gen_key`.
+    // #[test]
+    // fn gen_key() {
+    //     let name = "fiona";
+    //     let keypair = crate::pgp::create_keypair(
+    //         EmailAddress::new(&format!("{}@example.net", name)).unwrap(),
+    //     )
+    //     .unwrap();
+    //     std::fs::write(
+    //         format!("test-data/key/{}-public.asc", name),
+    //         keypair.public.to_base64(),
+    //     )
+    //     .unwrap();
+    //     std::fs::write(
+    //         format!("test-data/key/{}-secret.asc", name),
+    //         keypair.secret.to_base64(),
+    //     )
+    //     .unwrap();
+    // }
 }
--- a/src/keyring.rs
+++ b/src/keyring.rs
@@ -1,8 +1,8 @@
 use std::borrow::Cow;

-use crate::constants::*;
+use crate::constants::KeyType;
 use crate::context::Context;
-use crate::key::*;
+use crate::key::Key;
 use crate::sql::Sql;

 #[derive(Default, Clone, Debug)]
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,9 +1,6 @@
+#![forbid(unsafe_code)]
 #![deny(clippy::correctness, missing_debug_implementations, clippy::all)]
-// for now we hide warnings to not clutter/hide errors during "cargo clippy"
-#![allow(clippy::cognitive_complexity, clippy::too_many_arguments)]
 #![allow(clippy::match_bool)]
-#![feature(ptr_wrapping_offset_from)]
-#![feature(drain_filter)]

 #[macro_use]
 extern crate failure_derive;
@@ -30,22 +27,22 @@ pub(crate) mod events;
 pub use events::*;

 mod aheader;
-pub mod blob;
+mod blob;
 pub mod chat;
 pub mod chatlist;
 pub mod config;
-pub mod configure;
+mod configure;
 pub mod constants;
 pub mod contact;
 pub mod context;
 mod e2ee;
 mod imap;
-mod imap_client;
 pub mod imex;
+#[macro_use]
 pub mod job;
 mod job_thread;
 pub mod key;
-pub mod keyring;
+mod keyring;
 pub mod location;
 mod login_param;
 pub mod lot;
@@ -56,6 +53,7 @@ pub mod oauth2;
 mod param;
 pub mod peerstate;
 pub mod pgp;
+pub mod provider;
 pub mod qr;
 pub mod securejoin;
 mod simplify;
--- a/src/location.rs
+++ b/src/location.rs
@@ -4,14 +4,14 @@ use bitflags::bitflags;
 use quick_xml;
 use quick_xml::events::{BytesEnd, BytesStart, BytesText};

-use crate::chat;
+use crate::chat::{self, ChatId};
 use crate::config::Config;
 use crate::constants::*;
 use crate::context::*;
 use crate::dc_tools::*;
 use crate::error::Error;
 use crate::events::Event;
-use crate::job::*;
+use crate::job::{self, job_action_exists, job_add, Job};
 use crate::message::{Message, MsgId};
 use crate::mimeparser::SystemMessage;
 use crate::param::*;
@@ -28,7 +28,7 @@ pub struct Location {
    pub timestamp: i64,
    pub contact_id: u32,
    pub msg_id: u32,
-    pub chat_id: u32,
+    pub chat_id: ChatId,
    pub marker: Option<String>,
    pub independent: u32,
 }
@@ -64,11 +64,10 @@ impl Kml {
        Default::default()
    }

-    pub fn parse(context: &Context, content: &[u8]) -> Result<Self, Error> {
-        ensure!(content.len() <= 1024 * 1024, "kml-file is too large");
+    pub fn parse(context: &Context, to_parse: &[u8]) -> Result<Self, Error> {
+        ensure!(to_parse.len() <= 1024 * 1024, "kml-file is too large");

-        let to_parse = String::from_utf8_lossy(content);
-        let mut reader = quick_xml::Reader::from_str(&to_parse);
+        let mut reader = quick_xml::Reader::from_reader(to_parse);
        reader.trim_text(true);

        let mut kml = Kml::new();
@@ -193,9 +192,9 @@ impl Kml {
 }

 // location streaming
-pub fn send_locations_to_chat(context: &Context, chat_id: u32, seconds: i64) {
+pub fn send_locations_to_chat(context: &Context, chat_id: ChatId, seconds: i64) {
    let now = time();
-    if !(seconds < 0 || chat_id <= DC_CHAT_ID_LAST_SPECIAL) {
+    if !(seconds < 0 || chat_id.is_special()) {
        let is_sending_locations_before = is_sending_locations_to_chat(context, chat_id);
        if sql::execute(
            context,
@@ -207,7 +206,7 @@ pub fn send_locations_to_chat(context: &Context, chat_id: u32, seconds: i64) {
            params![
                if 0 != seconds { now } else { 0 },
                if 0 != seconds { now + seconds } else { 0 },
-                chat_id as i32,
+                chat_id,
            ],
        )
        .is_ok()
@@ -228,8 +227,8 @@ pub fn send_locations_to_chat(context: &Context, chat_id: u32, seconds: i64) {
                schedule_MAYBE_SEND_LOCATIONS(context, false);
                job_add(
                    context,
-                    Action::MaybeSendLocationsEnded,
-                    chat_id as i32,
+                    job::Action::MaybeSendLocationsEnded,
+                    chat_id.to_u32() as i32,
                    Params::new(),
                    seconds + 1,
                );
@@ -240,17 +239,23 @@ pub fn send_locations_to_chat(context: &Context, chat_id: u32, seconds: i64) {

 #[allow(non_snake_case)]
 fn schedule_MAYBE_SEND_LOCATIONS(context: &Context, force_schedule: bool) {
-    if force_schedule || !job_action_exists(context, Action::MaybeSendLocations) {
-        job_add(context, Action::MaybeSendLocations, 0, Params::new(), 60);
+    if force_schedule || !job_action_exists(context, job::Action::MaybeSendLocations) {
+        job_add(
+            context,
+            job::Action::MaybeSendLocations,
+            0,
+            Params::new(),
+            60,
+        );
    };
 }

-pub fn is_sending_locations_to_chat(context: &Context, chat_id: u32) -> bool {
+pub fn is_sending_locations_to_chat(context: &Context, chat_id: ChatId) -> bool {
    context
        .sql
        .exists(
            "SELECT id  FROM chats  WHERE (? OR id=?)   AND locations_send_until>?;",
-            params![if chat_id == 0 { 1 } else { 0 }, chat_id as i32, time()],
+            params![if chat_id.is_unset() { 1 } else { 0 }, chat_id, time()],
        )
        .unwrap_or_default()
 }
@@ -296,7 +301,7 @@ pub fn set(context: &Context, latitude: f64, longitude: f64, accuracy: f64) -> b

 pub fn get_range(
    context: &Context,
-    chat_id: u32,
+    chat_id: ChatId,
    contact_id: u32,
    timestamp_from: i64,
    mut timestamp_to: i64,
@@ -314,8 +319,8 @@ pub fn get_range(
             AND (l.independent=1 OR (l.timestamp>=? AND l.timestamp<=?)) \
             ORDER BY l.timestamp DESC, l.id DESC, msg_id DESC;",
            params![
-                if chat_id == 0 { 1 } else { 0 },
-                chat_id as i32,
+                if chat_id.is_unset() { 1 } else { 0 },
+                chat_id,
                if contact_id == 0 { 1 } else { 0 },
                contact_id as i32,
                timestamp_from,
@@ -359,13 +364,14 @@ fn is_marker(txt: &str) -> bool {
    txt.len() == 1 && !txt.starts_with(' ')
 }

+/// Deletes all locations from the database.
 pub fn delete_all(context: &Context) -> Result<(), Error> {
    sql::execute(context, &context.sql, "DELETE FROM locations;", params![])?;
    context.call_cb(Event::LocationChanged(None));
    Ok(())
 }

-pub fn get_kml(context: &Context, chat_id: u32) -> Result<(String, u32), Error> {
+pub fn get_kml(context: &Context, chat_id: ChatId) -> Result<(String, u32), Error> {
    let mut last_added_location_id = 0;

    let self_addr = context
@@ -374,7 +380,7 @@ pub fn get_kml(context: &Context, chat_id: u32) -> Result<(String, u32), Error>

    let (locations_send_begin, locations_send_until, locations_last_sent) = context.sql.query_row(
        "SELECT locations_send_begin, locations_send_until, locations_last_sent  FROM chats  WHERE id=?;",
-        params![chat_id as i32], |row| {
+        params![chat_id], |row| {
            let send_begin: i64 = row.get(0)?;
            let send_until: i64 = row.get(1)?;
            let last_sent: i64 = row.get(2)?;
@@ -459,14 +465,14 @@ pub fn get_message_kml(timestamp: i64, latitude: f64, longitude: f64) -> String

 pub fn set_kml_sent_timestamp(
    context: &Context,
-    chat_id: u32,
+    chat_id: ChatId,
    timestamp: i64,
 ) -> Result<(), Error> {
    sql::execute(
        context,
        &context.sql,
        "UPDATE chats SET locations_last_sent=? WHERE id=?;",
-        params![timestamp, chat_id as i32],
+        params![timestamp, chat_id],
    )?;

    Ok(())
@@ -489,12 +495,12 @@ pub fn set_msg_location_id(

 pub fn save(
    context: &Context,
-    chat_id: u32,
+    chat_id: ChatId,
    contact_id: u32,
    locations: &[Location],
    independent: bool,
 ) -> Result<u32, Error> {
-    ensure!(chat_id > DC_CHAT_ID_LAST_SPECIAL, "Invalid chat id");
+    ensure!(!chat_id.is_special(), "Invalid chat id");
    context
        .sql
        .prepare2(
@@ -514,7 +520,7 @@ pub fn save(
                        stmt_insert.execute(params![
                            location.timestamp,
                            contact_id as i32,
-                            chat_id as i32,
+                            chat_id,
                            location.latitude,
                            location.longitude,
                            location.accuracy,
@@ -542,7 +548,7 @@ pub fn save(
 }

 #[allow(non_snake_case)]
-pub fn JobMaybeSendLocations(context: &Context, _job: &Job) {
+pub(crate) fn JobMaybeSendLocations(context: &Context, _job: &Job) -> job::Status {
    let now = time();
    let mut continue_streaming = false;
    info!(
@@ -556,7 +562,7 @@ pub fn JobMaybeSendLocations(context: &Context, _job: &Job) {
         WHERE locations_send_until>?;",
        params![now],
        |row| {
-            let chat_id: i32 = row.get(0)?;
+            let chat_id: ChatId = row.get(0)?;
            let locations_send_begin: i64 = row.get(1)?;
            let locations_last_sent: i64 = row.get(2)?;
            continue_streaming = true;
@@ -623,44 +629,46 @@ pub fn JobMaybeSendLocations(context: &Context, _job: &Job) {

        for (chat_id, mut msg) in msgs.into_iter() {
            // TODO: better error handling
-            chat::send_msg(context, chat_id as u32, &mut msg).unwrap_or_default();
+            chat::send_msg(context, chat_id, &mut msg).unwrap_or_default();
        }
    }
    if continue_streaming {
        schedule_MAYBE_SEND_LOCATIONS(context, true);
    }
+    job::Status::Finished(Ok(()))
 }

 #[allow(non_snake_case)]
-pub fn JobMaybeSendLocationsEnded(context: &Context, job: &mut Job) {
+pub(crate) fn JobMaybeSendLocationsEnded(context: &Context, job: &mut Job) -> job::Status {
    // this function is called when location-streaming _might_ have ended for a chat.
    // the function checks, if location-streaming is really ended;
    // if so, a device-message is added if not yet done.

-    let chat_id = job.foreign_id;
+    let chat_id = ChatId::new(job.foreign_id);

-    if let Ok((send_begin, send_until)) = context.sql.query_row(
+    let (send_begin, send_until) = job_try!(context.sql.query_row(
        "SELECT locations_send_begin, locations_send_until  FROM chats  WHERE id=?",
-        params![chat_id as i32],
+        params![chat_id],
        |row| Ok((row.get::<_, i64>(0)?, row.get::<_, i64>(1)?)),
-    ) {
-        if !(send_begin != 0 && time() <= send_until) {
-            // still streaming -
-            // may happen as several calls to dc_send_locations_to_chat()
-            // do not un-schedule pending DC_MAYBE_SEND_LOC_ENDED jobs
-            if !(send_begin == 0 && send_until == 0) {
-                // not streaming, device-message already sent
-                if context.sql.execute(
-                    "UPDATE chats    SET locations_send_begin=0, locations_send_until=0  WHERE id=?",
-                    params![chat_id as i32],
-                ).is_ok() {
-                    let stock_str = context.stock_system_msg(StockMessage::MsgLocationDisabled, "", "", 0);
-                    chat::add_info_msg(context, chat_id, stock_str);
-                    context.call_cb(Event::ChatModified(chat_id));
-                }
-            }
+    ));
+
+    if !(send_begin != 0 && time() <= send_until) {
+        // still streaming -
+        // may happen as several calls to dc_send_locations_to_chat()
+        // do not un-schedule pending DC_MAYBE_SEND_LOC_ENDED jobs
+        if !(send_begin == 0 && send_until == 0) {
+            // not streaming, device-message already sent
+            job_try!(context.sql.execute(
+                "UPDATE chats    SET locations_send_begin=0, locations_send_until=0  WHERE id=?",
+                params![chat_id],
+            ));
+
+            let stock_str = context.stock_system_msg(StockMessage::MsgLocationDisabled, "", "", 0);
+            chat::add_info_msg(context, chat_id, stock_str);
+            context.call_cb(Event::ChatModified(chat_id));
        }
    }
+    job::Status::Finished(Ok(()))
 }

 #[cfg(test)]
--- a/src/login_param.rs
+++ b/src/login_param.rs
@@ -258,10 +258,8 @@ fn get_readable_flags(flags: i32) -> String {
    res
 }

-pub fn dc_build_tls(
-    certificate_checks: CertificateChecks,
-) -> Result<native_tls::TlsConnector, native_tls::Error> {
-    let mut tls_builder = native_tls::TlsConnector::builder();
+pub fn dc_build_tls(certificate_checks: CertificateChecks) -> async_native_tls::TlsConnector {
+    let tls_builder = async_native_tls::TlsConnector::new();
    match certificate_checks {
        CertificateChecks::Automatic => {
            // Same as AcceptInvalidCertificates for now.
@@ -270,13 +268,12 @@ pub fn dc_build_tls(
                .danger_accept_invalid_hostnames(true)
                .danger_accept_invalid_certs(true)
        }
-        CertificateChecks::Strict => &mut tls_builder,
+        CertificateChecks::Strict => tls_builder,
        CertificateChecks::AcceptInvalidCertificates
        | CertificateChecks::AcceptInvalidCertificates2 => tls_builder
            .danger_accept_invalid_hostnames(true)
            .danger_accept_invalid_certs(true),
    }
-    .build()
 }

 #[cfg(test)]
--- a/src/lot.rs
+++ b/src/lot.rs
@@ -86,6 +86,9 @@ pub enum LotState {
    /// test1=formatted fingerprint
    QrFprWithoutAddr = 230,

+    /// text1=domain
+    QrAccount = 250,
+
    /// id=contact
    QrAddr = 320,

--- a/src/message.rs
+++ b/src/message.rs
@@ -4,8 +4,9 @@ use std::path::{Path, PathBuf};

 use deltachat_derive::{FromSql, ToSql};
 use failure::Fail;
+use serde::{Deserialize, Serialize};

-use crate::chat::{self, Chat};
+use crate::chat::{self, Chat, ChatId};
 use crate::constants::*;
 use crate::contact::*;
 use crate::context::*;
@@ -29,7 +30,9 @@ const SUMMARY_CHARACTERS: usize = 160;
 /// Some message IDs are reserved to identify special message types.
 /// This type can represent both the special as well as normal
 /// messages.
-#[derive(Debug, Copy, Clone, Default, PartialEq, Eq)]
+#[derive(
+    Debug, Copy, Clone, Default, PartialEq, Eq, Hash, PartialOrd, Ord, Serialize, Deserialize,
+)]
 pub struct MsgId(u32);

 impl MsgId {
@@ -47,10 +50,7 @@ impl MsgId {
    ///
    /// This kind of message ID can not be used for real messages.
    pub fn is_special(self) -> bool {
-        match self.0 {
-            0..=DC_MSG_ID_LAST_SPECIAL => true,
-            _ => false,
-        }
+        self.0 <= DC_MSG_ID_LAST_SPECIAL
    }

    /// Whether the message ID is unset.
@@ -148,6 +148,33 @@ impl rusqlite::types::FromSql for MsgId {
 #[fail(display = "Invalid Message ID.")]
 pub struct InvalidMsgId;

+#[derive(
+    Debug,
+    Copy,
+    Clone,
+    PartialEq,
+    FromPrimitive,
+    ToPrimitive,
+    FromSql,
+    ToSql,
+    Serialize,
+    Deserialize,
+)]
+#[repr(u8)]
+pub(crate) enum MessengerMessage {
+    No = 0,
+    Yes = 1,
+
+    /// No, but reply to messenger message.
+    Reply = 2,
+}
+
+impl Default for MessengerMessage {
+    fn default() -> Self {
+        Self::No
+    }
+}
+
 /// An object representing a single message in memory.
 /// The message object is not updated.
 /// If you want an update, you have to recreate the object.
@@ -155,13 +182,13 @@ pub struct InvalidMsgId;
 /// to check if a mail was sent, use dc_msg_is_sent()
 /// approx. max. length returned by dc_msg_get_text()
 /// approx. max. length returned by dc_get_msg_info()
-#[derive(Debug, Clone, Default)]
+#[derive(Debug, Clone, Default, Serialize, Deserialize)]
 pub struct Message {
    pub(crate) id: MsgId,
    pub(crate) from_id: u32,
    pub(crate) to_id: u32,
-    pub(crate) chat_id: u32,
-    pub(crate) type_0: Viewtype,
+    pub(crate) chat_id: ChatId,
+    pub(crate) viewtype: Viewtype,
    pub(crate) state: MessageState,
    pub(crate) hidden: bool,
    pub(crate) timestamp_sort: i64,
@@ -172,8 +199,7 @@ pub struct Message {
    pub(crate) in_reply_to: Option<String>,
    pub(crate) server_folder: Option<String>,
    pub(crate) server_uid: u32,
-    // TODO: enum
-    pub(crate) is_dc_message: u32,
+    pub(crate) is_dc_message: MessengerMessage,
    pub(crate) starred: bool,
    pub(crate) chat_blocked: Blocked,
    pub(crate) location_id: u32,
@@ -183,7 +209,7 @@ pub struct Message {
 impl Message {
    pub fn new(viewtype: Viewtype) -> Self {
        let mut msg = Message::default();
-        msg.type_0 = viewtype;
+        msg.viewtype = viewtype;

        msg
    }
@@ -236,7 +262,7 @@ impl Message {
                    msg.timestamp_sort = row.get("timestamp")?;
                    msg.timestamp_sent = row.get("timestamp_sent")?;
                    msg.timestamp_rcvd = row.get("timestamp_rcvd")?;
-                    msg.type_0 = row.get("type")?;
+                    msg.viewtype = row.get("type")?;
                    msg.state = row.get("state")?;
                    msg.is_dc_message = row.get("msgrmsg")?;

@@ -312,10 +338,10 @@ impl Message {
    }

    pub fn try_calc_and_set_dimensions(&mut self, context: &Context) -> Result<(), Error> {
-        if chat::msgtype_has_file(self.type_0) {
+        if chat::msgtype_has_file(self.viewtype) {
            let file_param = self.param.get_path(Param::File, context)?;
            if let Some(path_and_filename) = file_param {
-                if (self.type_0 == Viewtype::Image || self.type_0 == Viewtype::Gif)
+                if (self.viewtype == Viewtype::Image || self.viewtype == Viewtype::Gif)
                    && !self.param.exists(Param::Width)
                {
                    self.param.set_int(Param::Width, 0);
@@ -385,16 +411,16 @@ impl Message {
        self.from_id
    }

-    pub fn get_chat_id(&self) -> u32 {
+    pub fn get_chat_id(&self) -> ChatId {
        if self.chat_blocked != Blocked::Not {
-            1
+            ChatId::new(DC_CHAT_ID_DEADDROP)
        } else {
            self.chat_id
        }
    }

    pub fn get_viewtype(&self) -> Viewtype {
-        self.type_0
+        self.viewtype
    }

    pub fn get_state(&self) -> MessageState {
@@ -474,7 +500,7 @@ impl Message {

    pub fn get_summarytext(&self, context: &Context, approx_characters: usize) -> String {
        get_summarytext_by_raw(
-            self.type_0,
+            self.viewtype,
            self.text.as_ref(),
            &self.param,
            approx_characters,
@@ -518,11 +544,11 @@ impl Message {
    /// copied to the blobdir.  Thus those attachments need to be
    /// created immediately in the blobdir with a valid filename.
    pub fn is_increation(&self) -> bool {
-        chat::msgtype_has_file(self.type_0) && self.state == MessageState::OutPreparing
+        chat::msgtype_has_file(self.viewtype) && self.state == MessageState::OutPreparing
    }

    pub fn is_setupmessage(&self) -> bool {
-        if self.type_0 != Viewtype::File {
+        if self.viewtype != Viewtype::File {
            return false;
        }

@@ -595,18 +621,60 @@ impl Message {
    }
 }

-#[derive(Debug, Display, Clone, Copy, PartialEq, Eq, FromPrimitive, ToPrimitive, ToSql, FromSql)]
+#[derive(
+    Debug,
+    Clone,
+    Copy,
+    PartialEq,
+    Eq,
+    FromPrimitive,
+    ToPrimitive,
+    ToSql,
+    FromSql,
+    Serialize,
+    Deserialize,
+)]
 #[repr(i32)]
 pub enum MessageState {
    Undefined = 0,
+
+    /// Incoming *fresh* message. Fresh messages are neither noticed
+    /// nor seen and are typically shown in notifications.
    InFresh = 10,
+
+    /// Incoming *noticed* message. E.g. chat opened but message not
+    /// yet read - noticed messages are not counted as unread but did
+    /// not marked as read nor resulted in MDNs.
    InNoticed = 13,
+
+    /// Incoming message, really *seen* by the user. Marked as read on
+    /// IMAP and MDN may be sent.
    InSeen = 16,
+
+    /// For files which need time to be prepared before they can be
+    /// sent, the message enters this state before
+    /// OutPending.
    OutPreparing = 18,
+
+    /// Message saved as draft.
    OutDraft = 19,
+
+    /// The user has pressed the "send" button but the message is not
+    /// yet sent and is pending in some way. Maybe we're offline (no
+    /// checkmark).
    OutPending = 20,
+
+    /// *Unrecoverable* error (*recoverable* errors result in pending
+    /// messages).
    OutFailed = 24,
+
+    /// Outgoing message successfully delivered to server (one
+    /// checkmark). Note, that already delivered messages may get into
+    /// the OutFailed state if we get such a hint from the server.
    OutDelivered = 26,
+
+    /// Outgoing message read by the recipient (two checkmarks; this
+    /// requires goodwill on the receiver's side)
    OutMdnRcvd = 28,
 }

@@ -616,6 +684,27 @@ impl Default for MessageState {
    }
 }

+impl std::fmt::Display for MessageState {
+    fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
+        write!(
+            f,
+            "{}",
+            match self {
+                Self::Undefined => "Undefined",
+                Self::InFresh => "Fresh",
+                Self::InNoticed => "Noticed",
+                Self::InSeen => "Seen",
+                Self::OutPreparing => "Preparing",
+                Self::OutDraft => "Draft",
+                Self::OutPending => "Pending",
+                Self::OutFailed => "Failed",
+                Self::OutDelivered => "Delivered",
+                Self::OutMdnRcvd => "Read",
+            }
+        )
+    }
+}
+
 impl From<MessageState> for LotState {
    fn from(s: MessageState) -> Self {
        use MessageState::*;
@@ -671,7 +760,7 @@ impl Lot {
                self.text1 = None;
                self.text1_meaning = Meaning::None;
            } else {
-                if chat.id == DC_CHAT_ID_DEADDROP {
+                if chat.id.is_deaddrop() {
                    if let Some(contact) = contact {
                        self.text1 = Some(contact.get_display_name().into());
                    } else {
@@ -687,7 +776,7 @@ impl Lot {
        }

        self.text2 = Some(get_summarytext_by_raw(
-            msg.type_0,
+            msg.viewtype,
            msg.text.as_ref(),
            &msg.param,
            SUMMARY_CHARACTERS,
@@ -770,19 +859,7 @@ pub fn get_msg_info(context: &Context, msg_id: MsgId) -> String {
        }
    }

-    ret += "State: ";
-    use MessageState::*;
-    match msg.state {
-        InFresh => ret += "Fresh",
-        InNoticed => ret += "Noticed",
-        InSeen => ret += "Seen",
-        OutDelivered => ret += "Delivered",
-        OutFailed => ret += "Failed",
-        OutMdnRcvd => ret += "Read",
-        OutPending => ret += "Pending",
-        OutPreparing => ret += "Preparing",
-        _ => ret += &format!("{}", msg.state),
-    }
+    ret += &format!("State: {}", msg.state);

    if msg.has_location() {
        ret += ", Location sent";
@@ -808,9 +885,9 @@ pub fn get_msg_info(context: &Context, msg_id: MsgId) -> String {
        ret += &format!("\nFile: {}, {}, bytes\n", path.display(), bytes);
    }

-    if msg.type_0 != Viewtype::Text {
+    if msg.viewtype != Viewtype::Text {
        ret += "Type: ";
-        ret += &format!("{}", msg.type_0);
+        ret += &format!("{}", msg.viewtype);
        ret += "\n";
        ret += &format!("Mimetype: {}\n", &msg.get_filemime().unwrap_or_default());
    }
@@ -844,6 +921,7 @@ pub fn guess_msgtype_from_suffix(path: &Path) -> Option<(Viewtype, &str)> {
        "mp3" => (Viewtype::Audio, "audio/mpeg"),
        "aac" => (Viewtype::Audio, "audio/aac"),
        "mp4" => (Viewtype::Video, "video/mp4"),
+        "webm" => (Viewtype::Video, "video/webm"),
        "jpg" => (Viewtype::Image, "image/jpeg"),
        "jpeg" => (Viewtype::Image, "image/jpeg"),
        "jpe" => (Viewtype::Image, "image/jpeg"),
@@ -874,7 +952,7 @@ pub fn delete_msgs(context: &Context, msg_ids: &[MsgId]) {
                delete_poi_location(context, msg.location_id);
            }
        }
-        update_msg_chat_id(context, *msg_id, DC_CHAT_ID_TRASH);
+        update_msg_chat_id(context, *msg_id, ChatId::new(DC_CHAT_ID_TRASH));
        job_add(
            context,
            Action::DeleteMsgOnImap,
@@ -886,7 +964,7 @@ pub fn delete_msgs(context: &Context, msg_ids: &[MsgId]) {

    if !msg_ids.is_empty() {
        context.call_cb(Event::MsgsChanged {
-            chat_id: 0,
+            chat_id: ChatId::new(0),
            msg_id: MsgId::new(0),
        });
        job_kill_action(context, Action::Housekeeping);
@@ -894,12 +972,12 @@ pub fn delete_msgs(context: &Context, msg_ids: &[MsgId]) {
    };
 }

-fn update_msg_chat_id(context: &Context, msg_id: MsgId, chat_id: u32) -> bool {
+fn update_msg_chat_id(context: &Context, msg_id: MsgId, chat_id: ChatId) -> bool {
    sql::execute(
        context,
        &context.sql,
        "UPDATE msgs SET chat_id=? WHERE id=?;",
-        params![chat_id as i32, msg_id],
+        params![chat_id, msg_id],
    )
    .is_ok()
 }
@@ -978,7 +1056,7 @@ pub fn markseen_msgs(context: &Context, msg_ids: &[MsgId]) -> bool {

    if send_event {
        context.call_cb(Event::MsgsChanged {
-            chat_id: 0,
+            chat_id: ChatId::new(0),
            msg_id: MsgId::new(0),
        });
    }
@@ -1089,14 +1167,14 @@ pub fn exists(context: &Context, msg_id: MsgId) -> bool {
        return false;
    }

-    let chat_id: Option<u32> = context.sql.query_get_value(
+    let chat_id: Option<ChatId> = context.sql.query_get_value(
        context,
        "SELECT chat_id FROM msgs WHERE id=?;",
        params![msg_id],
    );

    if let Some(chat_id) = chat_id {
-        chat_id != DC_CHAT_ID_TRASH
+        !chat_id.is_trash()
    } else {
        false
    }
@@ -1134,7 +1212,7 @@ pub fn mdn_from_ext(
    from_id: u32,
    rfc724_mid: &str,
    timestamp_sent: i64,
-) -> Option<(u32, MsgId)> {
+) -> Option<(ChatId, MsgId)> {
    if from_id <= DC_MSG_ID_LAST_SPECIAL || rfc724_mid.is_empty() {
        return None;
    }
@@ -1154,7 +1232,7 @@ pub fn mdn_from_ext(
        |row| {
            Ok((
                row.get::<_, MsgId>("msg_id")?,
-                row.get::<_, u32>("chat_id")?,
+                row.get::<_, ChatId>("chat_id")?,
                row.get::<_, Chattype>("type")?,
                row.get::<_, MessageState>("state")?,
            ))
--- a/src/mimefactory.rs
+++ b/src/mimefactory.rs
@@ -11,36 +11,42 @@ use crate::dc_tools::*;
 use crate::e2ee::*;
 use crate::error::Error;
 use crate::location;
-use crate::message::MsgId;
 use crate::message::{self, Message};
 use crate::mimeparser::SystemMessage;
 use crate::param::*;
 use crate::peerstate::{Peerstate, PeerstateVerifiedStatus};
 use crate::stock::StockMessage;

-#[derive(Clone, Copy, Eq, PartialEq)]
+// attachments of 25 mb brutto should work on the majority of providers
+// (brutto examples: web.de=50, 1&1=40, t-online.de=32, gmail=25, posteo=50, yahoo=25, all-inkl=100).
+// as an upper limit, we double the size; the core won't send messages larger than this
+// to get the netto sizes, we subtract 1 mb header-overhead and the base64-overhead.
+pub const RECOMMENDED_FILE_SIZE: u64 = 24 * 1024 * 1024 / 4 * 3;
+const UPPER_LIMIT_FILE_SIZE: u64 = 49 * 1024 * 1024 / 4 * 3;
+
+#[derive(Debug, Clone)]
 pub enum Loaded {
-    Message,
-    MDN,
+    Message { chat: Chat },
+    MDN { additional_msg_ids: Vec<String> },
 }

 /// Helper to construct mime messages.
-#[derive(Clone)]
+#[derive(Debug, Clone)]
 pub struct MimeFactory<'a, 'b> {
-    pub from_addr: String,
-    pub from_displayname: String,
-    pub selfstatus: String,
-    pub recipients_names: Vec<String>,
-    pub recipients_addr: Vec<String>,
-    pub timestamp: i64,
-    pub loaded: Loaded,
-    pub msg: &'b Message,
-    pub chat: Option<Chat>,
-    pub increation: bool,
-    pub in_reply_to: String,
-    pub references: String,
-    pub req_mdn: bool,
-    pub context: &'a Context,
+    from_addr: String,
+    from_displayname: String,
+    selfstatus: String,
+
+    /// Vector of pairs of recipient name and address
+    recipients: Vec<(String, String)>,
+
+    timestamp: i64,
+    loaded: Loaded,
+    msg: &'b Message,
+    in_reply_to: String,
+    references: String,
+    req_mdn: bool,
+    context: &'a Context,
    last_added_location_id: u32,
    attach_selfavatar: bool,
 }
@@ -53,11 +59,6 @@ pub struct RenderedEmail {
    pub is_encrypted: bool,
    pub is_gossiped: bool,
    pub last_added_location_id: u32,
-    /// None for MDN, the message id otherwise
-    pub foreign_id: Option<MsgId>,
-
-    pub from: String,
-    pub recipients: Vec<String>,

    /// Message ID (Message in the sense of Email)
    pub rfc724_mid: String,
@@ -67,48 +68,26 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
    pub fn from_msg(
        context: &'a Context,
        msg: &'b Message,
-        add_selfavatar: bool,
+        attach_selfavatar: bool,
    ) -> Result<MimeFactory<'a, 'b>, Error> {
        let chat = Chat::load_from_db(context, msg.chat_id)?;

-        let mut factory = MimeFactory {
-            from_addr: context
-                .get_config(Config::ConfiguredAddr)
-                .unwrap_or_default(),
-            from_displayname: context.get_config(Config::Displayname).unwrap_or_default(),
-            selfstatus: context
-                .get_config(Config::Selfstatus)
-                .unwrap_or_else(|| context.stock_str(StockMessage::StatusLine).to_string()),
-            recipients_names: Vec::with_capacity(5),
-            recipients_addr: Vec::with_capacity(5),
-            timestamp: msg.timestamp_sort,
-            loaded: Loaded::Message,
-            msg,
-            chat: Some(chat),
-            increation: msg.is_increation(),
-            in_reply_to: String::default(),
-            references: String::default(),
-            req_mdn: false,
-            last_added_location_id: 0,
-            attach_selfavatar: add_selfavatar,
-            context,
-        };
-
-        // just set the chat above
-        let chat = factory.chat.as_ref().unwrap();
+        let from_addr = context
+            .get_config(Config::ConfiguredAddr)
+            .unwrap_or_default();
+        let from_displayname = context.get_config(Config::Displayname).unwrap_or_default();
+        let mut recipients = Vec::with_capacity(5);
+        let mut req_mdn = false;

        if chat.is_self_talk() {
-            factory
-                .recipients_names
-                .push(factory.from_displayname.to_string());
-            factory.recipients_addr.push(factory.from_addr.to_string());
+            recipients.push((from_displayname.to_string(), from_addr.to_string()));
        } else {
            context.sql.query_map(
                "SELECT c.authname, c.addr  \
                 FROM chats_contacts cc  \
                 LEFT JOIN contacts c ON cc.contact_id=c.id  \
                 WHERE cc.chat_id=? AND cc.contact_id>9;",
-                params![factory.msg.chat_id as i32],
+                params![msg.chat_id],
                |row| {
                    let authname: String = row.get(0)?;
                    let addr: String = row.get(1)?;
@@ -117,17 +96,15 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                |rows| {
                    for row in rows {
                        let (authname, addr) = row?;
-                        if !vec_contains_lowercase(&factory.recipients_addr, &addr) {
-                            factory.recipients_addr.push(addr);
-                            factory.recipients_names.push(authname);
+                        if !recipients_contain_addr(&recipients, &addr) {
+                            recipients.push((authname, addr));
                        }
                    }
                    Ok(())
                },
            )?;

-            let command = factory.msg.param.get_cmd();
-            let msg = &factory.msg;
+            let command = msg.param.get_cmd();

            /* for added members, the list is just fine */
            if command == SystemMessage::MemberRemovedFromGroup {
@@ -139,20 +116,19 @@ impl<'a, 'b> MimeFactory<'a, 'b> {

                if !email_to_remove.is_empty()
                    && !addr_cmp(email_to_remove, self_addr)
-                    && !vec_contains_lowercase(&factory.recipients_addr, &email_to_remove)
+                    && !recipients_contain_addr(&recipients, &email_to_remove)
                {
-                    factory.recipients_names.push("".to_string());
-                    factory.recipients_addr.push(email_to_remove.to_string());
+                    recipients.push(("".to_string(), email_to_remove.to_string()));
                }
            }
            if command != SystemMessage::AutocryptSetupMessage
                && command != SystemMessage::SecurejoinMessage
                && context.get_config_bool(Config::MdnsEnabled)
            {
-                factory.req_mdn = true;
+                req_mdn = true;
            }
        }
-        let row = context.sql.query_row(
+        let (in_reply_to, references) = context.sql.query_row(
            "SELECT mime_in_reply_to, mime_references FROM msgs WHERE id=?",
            params![msg.id],
            |row| {
@@ -164,39 +140,37 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                    render_rfc724_mid_list(&references),
                ))
            },
-        );
-
-        match row {
-            Ok((in_reply_to, references)) => {
-                factory.in_reply_to = in_reply_to;
-                factory.references = references;
-            }
-            Err(err) => {
-                error!(
-                    context,
-                    "mimefactory: failed to load mime_in_reply_to: {:?}", err
-                );
-            }
-        }
+        )?;

+        let factory = MimeFactory {
+            from_addr,
+            from_displayname,
+            selfstatus: context
+                .get_config(Config::Selfstatus)
+                .unwrap_or_else(|| context.stock_str(StockMessage::StatusLine).to_string()),
+            recipients,
+            timestamp: msg.timestamp_sort,
+            loaded: Loaded::Message { chat },
+            msg,
+            in_reply_to,
+            references,
+            req_mdn,
+            last_added_location_id: 0,
+            attach_selfavatar,
+            context,
+        };
        Ok(factory)
    }

-    pub fn from_mdn(context: &'a Context, msg: &'b Message) -> Result<Self, Error> {
-        // MDNs not enabled - check this is late, in the job. the
-        // user may have changed its choice while offline ...
-        ensure!(
-            context.get_config_bool(Config::MdnsEnabled),
-            "MDNs meanwhile disabled"
-        );
+    pub fn from_mdn(
+        context: &'a Context,
+        msg: &'b Message,
+        additional_msg_ids: Vec<String>,
+    ) -> Result<Self, Error> {
+        ensure!(!msg.chat_id.is_special(), "Invalid chat id");

        let contact = Contact::load_from_db(context, msg.from_id)?;

-        // Do not send MDNs trash etc.; chats.blocked is already checked by the caller
-        // in dc_markseen_msgs()
-        ensure!(!contact.is_blocked(), "Contact blocked");
-        ensure!(msg.chat_id > DC_CHAT_ID_LAST_SPECIAL, "Invalid chat id");
-
        Ok(MimeFactory {
            context,
            from_addr: context
@@ -206,13 +180,13 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            selfstatus: context
                .get_config(Config::Selfstatus)
                .unwrap_or_else(|| context.stock_str(StockMessage::StatusLine).to_string()),
-            recipients_names: vec![contact.get_authname().to_string()],
-            recipients_addr: vec![contact.get_addr().to_string()],
+            recipients: vec![(
+                contact.get_authname().to_string(),
+                contact.get_addr().to_string(),
+            )],
            timestamp: dc_create_smeared_timestamp(context),
-            loaded: Loaded::MDN,
+            loaded: Loaded::MDN { additional_msg_ids },
            msg,
-            chat: None,
-            increation: false,
            in_reply_to: String::default(),
            references: String::default(),
            req_mdn: false,
@@ -228,10 +202,10 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            .ok_or_else(|| format_err!("Not configured"))?;

        Ok(self
-            .recipients_addr
+            .recipients
            .iter()
-            .filter(|addr| *addr != &self_addr)
-            .map(|addr| {
+            .filter(|(_, addr)| addr != &self_addr)
+            .map(|(_, addr)| {
                (
                    Peerstate::from_addr(self.context, &self.context.sql, addr),
                    addr.as_str(),
@@ -240,10 +214,10 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            .collect())
    }

-    fn is_e2ee_guranteed(&self) -> bool {
-        match self.loaded {
-            Loaded::Message => {
-                if self.chat.as_ref().unwrap().typ == Chattype::VerifiedGroup {
+    fn is_e2ee_guaranteed(&self) -> bool {
+        match &self.loaded {
+            Loaded::Message { chat } => {
+                if chat.typ == Chattype::VerifiedGroup {
                    return true;
                }

@@ -264,28 +238,26 @@ impl<'a, 'b> MimeFactory<'a, 'b> {

                false
            }
-            Loaded::MDN => false,
+            Loaded::MDN { .. } => false,
        }
    }

    fn min_verified(&self) -> PeerstateVerifiedStatus {
-        match self.loaded {
-            Loaded::Message => {
-                let chat = self.chat.as_ref().unwrap();
+        match &self.loaded {
+            Loaded::Message { chat } => {
                if chat.typ == Chattype::VerifiedGroup {
                    PeerstateVerifiedStatus::BidirectVerified
                } else {
                    PeerstateVerifiedStatus::Unverified
                }
            }
-            Loaded::MDN => PeerstateVerifiedStatus::Unverified,
+            Loaded::MDN { .. } => PeerstateVerifiedStatus::Unverified,
        }
    }

    fn should_force_plaintext(&self) -> i32 {
-        match self.loaded {
-            Loaded::Message => {
-                let chat = self.chat.as_ref().unwrap();
+        match &self.loaded {
+            Loaded::Message { chat } => {
                if chat.typ == Chattype::VerifiedGroup {
                    0
                } else {
@@ -295,30 +267,28 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                        .unwrap_or_default()
                }
            }
-            Loaded::MDN => DC_FP_NO_AUTOCRYPT_HEADER,
+            Loaded::MDN { .. } => ForcePlaintext::NoAutocryptHeader as i32,
        }
    }

    fn should_do_gossip(&self) -> bool {
-        match self.loaded {
-            Loaded::Message => {
-                let chat = self.chat.as_ref().unwrap();
+        match &self.loaded {
+            Loaded::Message { chat } => {
                // beside key- and member-changes, force re-gossip every 48 hours
                let gossiped_timestamp = chat.get_gossiped_timestamp(self.context);
-                if gossiped_timestamp == 0 || (gossiped_timestamp + (2 * 24 * 60 * 60)) > time() {
+                if time() > gossiped_timestamp + (2 * 24 * 60 * 60) {
                    return true;
                }

                self.msg.param.get_cmd() == SystemMessage::MemberAddedToGroup
            }
-            Loaded::MDN => false,
+            Loaded::MDN { .. } => false,
        }
    }

    fn grpimage(&self) -> Option<String> {
-        match self.loaded {
-            Loaded::Message => {
-                let chat = self.chat.as_ref().unwrap();
+        match &self.loaded {
+            Loaded::Message { chat } => {
                let cmd = self.msg.param.get_cmd();

                match cmd {
@@ -342,54 +312,47 @@ impl<'a, 'b> MimeFactory<'a, 'b> {

                None
            }
-            Loaded::MDN => None,
+            Loaded::MDN { .. } => None,
        }
    }

    fn subject_str(&self) -> String {
        match self.loaded {
-            Loaded::Message => {
-                match self.chat {
-                    Some(ref chat) => {
-                        let raw = message::get_summarytext_by_raw(
-                            self.msg.type_0,
-                            self.msg.text.as_ref(),
-                            &self.msg.param,
-                            32,
-                            self.context,
-                        );
-                        let mut lines = raw.lines();
-                        let raw_subject = if let Some(line) = lines.next() {
-                            line
-                        } else {
-                            ""
-                        };
-
-                        let afwd_email = self.msg.param.exists(Param::Forwarded);
-                        let fwd = if afwd_email { "Fwd: " } else { "" };
-
-                        if self.msg.param.get_cmd() == SystemMessage::AutocryptSetupMessage {
-                            // do not add the "Chat:" prefix for setup messages
-                            self.context
-                                .stock_str(StockMessage::AcSetupMsgSubject)
-                                .into_owned()
-                        } else if chat.typ == Chattype::Group || chat.typ == Chattype::VerifiedGroup
-                        {
-                            format!("Chat: {}: {}{}", chat.name, fwd, raw_subject)
-                        } else {
-                            format!("Chat: {}{}", fwd, raw_subject)
-                        }
-                    }
-                    None => String::new(),
+            Loaded::Message { ref chat } => {
+                if self.msg.param.get_cmd() == SystemMessage::AutocryptSetupMessage {
+                    self.context
+                        .stock_str(StockMessage::AcSetupMsgSubject)
+                        .into_owned()
+                } else if chat.typ == Chattype::Group || chat.typ == Chattype::VerifiedGroup {
+                    let re = if self.in_reply_to.is_empty() {
+                        ""
+                    } else {
+                        "Re: "
+                    };
+                    format!("{}{}", re, chat.name)
+                } else {
+                    let raw = message::get_summarytext_by_raw(
+                        self.msg.viewtype,
+                        self.msg.text.as_ref(),
+                        &self.msg.param,
+                        32,
+                        self.context,
+                    );
+                    let raw_subject = raw.lines().next().unwrap_or_default();
+                    format!("Chat: {}", raw_subject)
                }
            }
-            Loaded::MDN => {
-                let e = self.context.stock_str(StockMessage::ReadRcpt);
-                format!("Chat: {}", e)
-            }
+            Loaded::MDN { .. } => self.context.stock_str(StockMessage::ReadRcpt).into_owned(),
        }
    }

+    pub fn recipients(&self) -> Vec<String> {
+        self.recipients
+            .iter()
+            .map(|(_, addr)| addr.clone())
+            .collect()
+    }
+
    pub fn render(mut self) -> Result<RenderedEmail, Error> {
        // Headers that are encrypted
        // - Chat-*, except Chat-Version
@@ -405,10 +368,8 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            self.from_addr.clone(),
        );

-        let mut to = Vec::with_capacity(self.recipients_names.len());
-        let name_iter = self.recipients_names.iter();
-        let addr_iter = self.recipients_addr.iter();
-        for (name, addr) in name_iter.zip(addr_iter) {
+        let mut to = Vec::with_capacity(self.recipients.len());
+        for (name, addr) in self.recipients.iter() {
            if name.is_empty() {
                to.push(Address::new_mailbox(addr.clone()));
            } else {
@@ -451,6 +412,13 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        ));
        unprotected_headers.push(Header::new("Chat-Version".to_string(), "1.0".to_string()));

+        if let Loaded::MDN { .. } = self.loaded {
+            unprotected_headers.push(Header::new(
+                "Auto-Submitted".to_string(),
+                "auto-replied".to_string(),
+            ));
+        }
+
        if self.req_mdn {
            // we use "Chat-Disposition-Notification-To"
            // because replies to "Disposition-Notification-To" are weird in many cases
@@ -465,19 +433,19 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        let grpimage = self.grpimage();
        let force_plaintext = self.should_force_plaintext();
        let subject_str = self.subject_str();
-        let e2ee_guranteed = self.is_e2ee_guranteed();
+        let e2ee_guaranteed = self.is_e2ee_guaranteed();
        let mut encrypt_helper = EncryptHelper::new(self.context)?;

        let subject = encode_words(&subject_str);

        let mut message = match self.loaded {
-            Loaded::Message => {
+            Loaded::Message { .. } => {
                self.render_message(&mut protected_headers, &mut unprotected_headers, &grpimage)?
            }
-            Loaded::MDN => self.render_mdn()?,
+            Loaded::MDN { .. } => self.render_mdn()?,
        };

-        if force_plaintext != DC_FP_NO_AUTOCRYPT_HEADER {
+        if force_plaintext != ForcePlaintext::NoAutocryptHeader as i32 {
            // unless determined otherwise we add the Autocrypt header
            let aheader = encrypt_helper.get_aheader().to_string();
            unprotected_headers.push(Header::new("Autocrypt".into(), aheader));
@@ -487,12 +455,12 @@ impl<'a, 'b> MimeFactory<'a, 'b> {

        let peerstates = self.peerstates_for_recipients()?;
        let should_encrypt =
-            encrypt_helper.should_encrypt(self.context, e2ee_guranteed, &peerstates)?;
+            encrypt_helper.should_encrypt(self.context, e2ee_guaranteed, &peerstates)?;
        let is_encrypted = should_encrypt && force_plaintext == 0;

        let rfc724_mid = match self.loaded {
-            Loaded::Message => self.msg.rfc724_mid.clone(),
-            Loaded::MDN => dc_create_outgoing_rfc724_mid(None, &self.from_addr),
+            Loaded::Message { .. } => self.msg.rfc724_mid.clone(),
+            Loaded::MDN { .. } => dc_create_outgoing_rfc724_mid(None, &self.from_addr),
        };

        // we could also store the message-id in the protected headers
@@ -601,11 +569,7 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        };

        let MimeFactory {
-            recipients_addr,
-            from_addr,
            last_added_location_id,
-            msg,
-            loaded,
            ..
        } = self;

@@ -615,16 +579,51 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            is_encrypted,
            is_gossiped,
            last_added_location_id,
-            foreign_id: match loaded {
-                Loaded::Message => Some(msg.id),
-                Loaded::MDN => None,
-            },
-            recipients: recipients_addr,
-            from: from_addr,
            rfc724_mid,
        })
    }

+    fn get_message_kml_part(&self) -> Option<PartBuilder> {
+        let latitude = self.msg.param.get_float(Param::SetLatitude)?;
+        let longitude = self.msg.param.get_float(Param::SetLongitude)?;
+
+        let kml_file = location::get_message_kml(self.msg.timestamp_sort, latitude, longitude);
+        let part = PartBuilder::new()
+            .content_type(
+                &"application/vnd.google-earth.kml+xml"
+                    .parse::<mime::Mime>()
+                    .unwrap(),
+            )
+            .header((
+                "Content-Disposition",
+                "attachment; filename=\"message.kml\"",
+            ))
+            .body(kml_file);
+        Some(part)
+    }
+
+    fn get_location_kml_part(&mut self) -> Result<PartBuilder, Error> {
+        let (kml_content, last_added_location_id) =
+            location::get_kml(self.context, self.msg.chat_id)?;
+        let part = PartBuilder::new()
+            .content_type(
+                &"application/vnd.google-earth.kml+xml"
+                    .parse::<mime::Mime>()
+                    .unwrap(),
+            )
+            .header((
+                "Content-Disposition",
+                "attachment; filename=\"location.kml\"",
+            ))
+            .body(kml_content);
+        if !self.msg.param.exists(Param::SetLatitude) {
+            // otherwise, the independent location is already filed
+            self.last_added_location_id = last_added_location_id;
+        }
+        Ok(part)
+    }
+
+    #[allow(clippy::cognitive_complexity)]
    fn render_message(
        &mut self,
        protected_headers: &mut Vec<Header>,
@@ -632,11 +631,13 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        grpimage: &Option<String>,
    ) -> Result<PartBuilder, Error> {
        let context = self.context;
-        let chat = self.chat.as_ref().unwrap();
+        let chat = match &self.loaded {
+            Loaded::Message { chat } => chat,
+            Loaded::MDN { .. } => bail!("Attempt to render MDN as a message"),
+        };
        let command = self.msg.param.get_cmd();
        let mut placeholdertext = None;
        let mut meta_part = None;
-        let mut add_compatibility_header = false;

        if chat.typ == Chattype::VerifiedGroup {
            protected_headers.push(Header::new("Chat-Verified".to_string(), "1".to_string()));
@@ -666,7 +667,9 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                            email_to_add.into(),
                        ));
                    }
-                    if 0 != self.msg.param.get_int(Param::Arg2).unwrap_or_default() & 0x1 {
+                    if 0 != self.msg.param.get_int(Param::Arg2).unwrap_or_default()
+                        & DC_FROM_HANDSHAKE
+                    {
                        info!(
                            context,
                            "sending secure-join message \'{}\' >>>>>>>>>>>>>>>>>>>>>>>>>",
@@ -677,7 +680,6 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                            "vg-member-added".to_string(),
                        ));
                    }
-                    add_compatibility_header = true;
                }
                SystemMessage::GroupNameChanged => {
                    let value_to_add = self.msg.param.get(Param::Arg).unwrap_or_default();
@@ -698,7 +700,6 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
                            "0".to_string(),
                        ));
                    }
-                    add_compatibility_header = true;
                }
                _ => {}
            }
@@ -761,34 +762,23 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        if let Some(grpimage) = grpimage {
            info!(self.context, "setting group image '{}'", grpimage);
            let mut meta = Message::default();
-            meta.type_0 = Viewtype::Image;
+            meta.viewtype = Viewtype::Image;
            meta.param.set(Param::File, grpimage);

            let (mail, filename_as_sent) = build_body_file(context, &meta, "group-image")?;
            meta_part = Some(mail);
-            protected_headers.push(Header::new(
-                "Chat-Group-Avatar".into(),
-                filename_as_sent.clone(),
-            ));
-
-            // add the old group-image headers for versions <=0.973 resp. <=beta.15 (december 2019)
-            // image deletion is not supported in the compatibility layer.
-            // this can be removed some time after releasing 1.0,
-            // grep for #DeprecatedAvatar to get the place where compatibility parsing takes place.
-            if add_compatibility_header {
-                protected_headers.push(Header::new("Chat-Group-Image".into(), filename_as_sent));
-            }
+            protected_headers.push(Header::new("Chat-Group-Avatar".into(), filename_as_sent));
        }

-        if self.msg.type_0 == Viewtype::Sticker {
+        if self.msg.viewtype == Viewtype::Sticker {
            protected_headers.push(Header::new("Chat-Content".into(), "sticker".into()));
        }

-        if self.msg.type_0 == Viewtype::Voice
-            || self.msg.type_0 == Viewtype::Audio
-            || self.msg.type_0 == Viewtype::Video
+        if self.msg.viewtype == Viewtype::Voice
+            || self.msg.viewtype == Viewtype::Audio
+            || self.msg.viewtype == Viewtype::Video
        {
-            if self.msg.type_0 == Viewtype::Voice {
+            if self.msg.viewtype == Viewtype::Voice {
                protected_headers.push(Header::new("Chat-Voice-Message".into(), "1".into()));
            }
            let duration_ms = self.msg.param.get_int(Param::Duration).unwrap_or_default();
@@ -839,16 +829,17 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        );

        // Message is sent as text/plain, with charset = utf-8
-        let mut parts = vec![PartBuilder::new()
+        let main_part = PartBuilder::new()
            .content_type(&mime::TEXT_PLAIN_UTF_8)
-            .body(message_text)];
+            .body(message_text);
+        let mut parts = Vec::new();

        // add attachment part
-        if chat::msgtype_has_file(self.msg.type_0) {
+        if chat::msgtype_has_file(self.msg.viewtype) {
            if !is_file_size_okay(context, &self.msg) {
                bail!(
                    "Message exceeds the recommended {} MB.",
-                    24 * 1024 * 1024 / 4 * 3 / 1000 / 1000,
+                    RECOMMENDED_FILE_SIZE / 1_000_000,
                );
            } else {
                let (file_part, _) = build_body_file(context, &self.msg, "")?;
@@ -860,58 +851,22 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            parts.push(meta_part);
        }

-        if self.msg.param.exists(Param::SetLatitude) {
-            let param = &self.msg.param;
-            let kml_file = location::get_message_kml(
-                self.msg.timestamp_sort,
-                param.get_float(Param::SetLatitude).unwrap_or_default(),
-                param.get_float(Param::SetLongitude).unwrap_or_default(),
-            );
-            parts.push(
-                PartBuilder::new()
-                    .content_type(
-                        &"application/vnd.google-earth.kml+xml"
-                            .parse::<mime::Mime>()
-                            .unwrap(),
-                    )
-                    .header((
-                        "Content-Disposition",
-                        "attachment; filename=\"message.kml\"",
-                    ))
-                    .body(kml_file),
-            );
+        if let Some(msg_kml_part) = self.get_message_kml_part() {
+            parts.push(msg_kml_part);
        }

        if location::is_sending_locations_to_chat(context, self.msg.chat_id) {
-            match location::get_kml(context, self.msg.chat_id) {
-                Ok((kml_content, last_added_location_id)) => {
-                    parts.push(
-                        PartBuilder::new()
-                            .content_type(
-                                &"application/vnd.google-earth.kml+xml"
-                                    .parse::<mime::Mime>()
-                                    .unwrap(),
-                            )
-                            .header((
-                                "Content-Disposition",
-                                "attachment; filename=\"message.kml\"",
-                            ))
-                            .body(kml_content),
-                    );
-                    if !self.msg.param.exists(Param::SetLatitude) {
-                        // otherwise, the independent location is already filed
-                        self.last_added_location_id = last_added_location_id;
-                    }
-                }
+            match self.get_location_kml_part() {
+                Ok(part) => parts.push(part),
                Err(err) => {
-                    warn!(context, "mimefactory: could not get location: {}", err);
+                    warn!(context, "mimefactory: could not send location: {}", err);
                }
            }
        }

        if self.attach_selfavatar {
            match context.get_config(Config::Selfavatar) {
-                Some(path) => match build_selfavatar_file(context, path) {
+                Some(path) => match build_selfavatar_file(context, &path) {
                    Ok((part, filename)) => {
                        parts.push(part);
                        protected_headers.push(Header::new("Chat-User-Avatar".into(), filename))
@@ -922,24 +877,24 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            }
        }

-        // Single part, render as regular message.
-        if parts.len() == 1 {
-            return Ok(parts.pop().unwrap());
+        if parts.is_empty() {
+            // Single part, render as regular message.
+            Ok(main_part)
+        } else {
+            // Multiple parts, render as multipart.
+            let mut message = PartBuilder::new().message_type(MimeMultipartType::Mixed);
+            message = message.child(main_part.build());
+            for part in parts.into_iter() {
+                message = message.child(part.build());
+            }
+            Ok(message)
        }
-
-        // Multiple parts, render as multipart.
-        let mut message = PartBuilder::new().message_type(MimeMultipartType::Mixed);
-        for part in parts.into_iter() {
-            message = message.child(part.build());
-        }
-
-        Ok(message)
    }

    /// Render an MDN
    fn render_mdn(&mut self) -> Result<PartBuilder, Error> {
        // RFC 6522, this also requires the `report-type` parameter which is equal
-        // to the MIME subtype of the second body part of the multipart/report */
+        // to the MIME subtype of the second body part of the multipart/report
        //
        // currently, we do not send MDNs encrypted:
        // - in a multi-device-setup that is not set up properly, MDNs would disturb the communication as they
@@ -950,6 +905,13 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
        //   are forwarded for any reasons (eg. gmail always forwards to IMAP), we have no chance to decrypt them;
        //   this issue is fixed with 0.9.4

+        let additional_msg_ids = match &self.loaded {
+            Loaded::Message { .. } => bail!("Attempt to render a message as MDN"),
+            Loaded::MDN {
+                additional_msg_ids, ..
+            } => additional_msg_ids,
+        };
+
        let mut message = PartBuilder::new().header((
            "Content-Type".to_string(),
            "multipart/report; report-type=disposition-notification".to_string(),
@@ -991,10 +953,22 @@ impl<'a, 'b> MimeFactory<'a, 'b> {
            version, self.from_addr, self.from_addr, self.msg.rfc724_mid
        );

+        let extension_fields = if additional_msg_ids.is_empty() {
+            "".to_string()
+        } else {
+            "Additional-Message-IDs: ".to_string()
+                + &additional_msg_ids
+                    .iter()
+                    .map(|mid| render_rfc724_mid(&mid))
+                    .collect::<Vec<String>>()
+                    .join(" ")
+                + "\r\n"
+        };
+
        message = message.child(
            PartBuilder::new()
                .content_type(&"message/disposition-notification".parse().unwrap())
-                .body(message_text2)
+                .body(message_text2 + &extension_fields)
                .build(),
        );

@@ -1031,7 +1005,7 @@ fn build_body_file(
    // not transfer the original filenames eg. for images; these names
    // are normally not needed and contain timestamps, running numbers
    // etc.
-    let filename_to_send: String = match msg.type_0 {
+    let filename_to_send: String = match msg.viewtype {
        Viewtype::Voice => chrono::Utc
            .timestamp(msg.timestamp_sort as i64, 0)
            .format(&format!("voice-message_%Y-%m-%d_%H-%M-%S.{}", &suffix))
@@ -1087,7 +1061,7 @@ fn build_body_file(
    Ok((mail, filename_to_send))
 }

-fn build_selfavatar_file(context: &Context, path: String) -> Result<(PartBuilder, String), Error> {
+fn build_selfavatar_file(context: &Context, path: &str) -> Result<(PartBuilder, String), Error> {
    let blob = BlobObject::from_path(context, path)?;
    let filename_to_send = match blob.suffix() {
        Some(suffix) => format!("avatar.{}", suffix),
@@ -1112,21 +1086,18 @@ fn build_selfavatar_file(context: &Context, path: String) -> Result<(PartBuilder
    Ok((part, filename_to_send))
 }

-pub(crate) fn vec_contains_lowercase(vec: &[String], part: &str) -> bool {
-    let partlc = part.to_lowercase();
-    for cur in vec.iter() {
-        if cur.to_lowercase() == partlc {
-            return true;
-        }
-    }
-    false
+fn recipients_contain_addr(recipients: &[(String, String)], addr: &str) -> bool {
+    let addr_lc = addr.to_lowercase();
+    recipients
+        .iter()
+        .any(|(_, cur)| cur.to_lowercase() == addr_lc)
 }

 fn is_file_size_okay(context: &Context, msg: &Message) -> bool {
    match msg.param.get_path(Param::File, context).unwrap_or(None) {
        Some(path) => {
            let bytes = dc_get_filebytes(context, &path);
-            bytes <= (49 * 1024 * 1024 / 4 * 3)
+            bytes <= UPPER_LIMIT_FILE_SIZE
        }
        None => false,
    }
@@ -1160,14 +1131,8 @@ fn encode_words(word: &str) -> String {
 }

 pub fn needs_encoding(to_check: impl AsRef<str>) -> bool {
-    let to_check = to_check.as_ref();
-
-    if to_check.is_empty() {
-        return false;
-    }
-
-    to_check.chars().any(|c| {
-        !c.is_ascii_alphanumeric() && c != '-' && c != '_' && c != '.' && c != '~' && c != '%'
+    !to_check.as_ref().chars().all(|c| {
+        c.is_ascii_alphanumeric() || c == '-' || c == '_' || c == '.' || c == '~' || c == '%'
    })
 }

@@ -1226,4 +1191,12 @@ mod tests {
             FBQUFBQUFBQQ==";
        assert_eq!(wrapped_base64_encode(input), output);
    }
+
+    #[test]
+    fn test_needs_encoding() {
+        assert!(!needs_encoding(""));
+        assert!(!needs_encoding("foobar"));
+        assert!(needs_encoding(" "));
+        assert!(needs_encoding("foo bar"));
+    }
 }
--- a/src/mimeparser.rs
+++ b/src/mimeparser.rs
--- a/src/oauth2.rs
+++ b/src/oauth2.rs
@@ -154,7 +154,7 @@ pub fn dc_get_oauth2_access_token(
        }

        // ... and POST
-        let response = reqwest::Client::new()
+        let response = reqwest::blocking::Client::new()
            .post(post_url)
            .form(&post_param)
            .send();
@@ -165,7 +165,7 @@ pub fn dc_get_oauth2_access_token(
            );
            return None;
        }
-        let mut response = response.unwrap();
+        let response = response.unwrap();
        if !response.status().is_success() {
            warn!(
                context,
@@ -271,7 +271,8 @@ impl Oauth2 {
        {
            match domain {
                "gmail.com" | "googlemail.com" => Some(OAUTH2_GMAIL),
-                "yandex.com" | "yandex.ru" | "yandex.ua" => Some(OAUTH2_YANDEX),
+                "yandex.com" | "yandex.by" | "yandex.kz" | "yandex.ru" | "yandex.ua" | "ya.ru"
+                | "narod.ru" => Some(OAUTH2_YANDEX),
                _ => None,
            }
        } else {
@@ -290,12 +291,12 @@ impl Oauth2 {
        //   "verified_email": true,
        //   "picture": "https://lh4.googleusercontent.com/-Gj5jh_9R0BY/AAAAAAAAAAI/AAAAAAAAAAA/IAjtjfjtjNA/photo.jpg"
        // }
-        let response = reqwest::Client::new().get(&userinfo_url).send();
+        let response = reqwest::blocking::Client::new().get(&userinfo_url).send();
        if response.is_err() {
            warn!(context, "Error getting userinfo: {:?}", response);
            return None;
        }
-        let mut response = response.unwrap();
+        let response = response.unwrap();
        if !response.status().is_success() {
            warn!(context, "Error getting userinfo: {:?}", response.status());
            return None;
@@ -310,14 +311,19 @@ impl Oauth2 {
            return None;
        }
        if let Ok(response) = parsed {
-            // serde_json::Value.as_str() removes the quotes of json-strings
-            let addr = response.get("email");
-            if addr.is_none() {
+            // CAVE: serde_json::Value.as_str() removes the quotes of json-strings
+            // but serde_json::Value.to_string() does not!
+            if let Some(addr) = response.get("email") {
+                if let Some(s) = addr.as_str() {
+                    Some(s.to_string())
+                } else {
+                    warn!(context, "E-mail in userinfo is not a string: {}", addr);
+                    None
+                }
+            } else {
                warn!(context, "E-mail missing in userinfo.");
-                return None;
+                None
            }
-            let addr = addr.unwrap().as_str();
-            addr.map(|addr| addr.to_string())
        } else {
            warn!(context, "Failed to parse userinfo.");
            None
--- a/src/param.rs
+++ b/src/param.rs
@@ -4,14 +4,18 @@ use std::path::PathBuf;
 use std::str;

 use num_traits::FromPrimitive;
+use serde::{Deserialize, Serialize};

 use crate::blob::{BlobError, BlobObject};
 use crate::context::Context;
 use crate::error;
+use crate::message::MsgId;
 use crate::mimeparser::SystemMessage;

 /// Available param keys.
-#[derive(PartialEq, Eq, Debug, Clone, Copy, Hash, PartialOrd, Ord, FromPrimitive)]
+#[derive(
+    PartialEq, Eq, Debug, Clone, Copy, Hash, PartialOrd, Ord, FromPrimitive, Serialize, Deserialize,
+)]
 #[repr(u8)]
 pub enum Param {
    /// For messages and jobs
@@ -96,26 +100,29 @@ pub enum Param {
    /// For Jobs: space-separated list of message recipients
    Recipients = b'R',

-    // For Groups
+    /// For Groups
    Unpromoted = b'U',

-    // For Groups and Contacts
+    /// For Groups and Contacts
    ProfileImage = b'i',

-    // For Chats
+    /// For Chats
    Selftalk = b'K',

-    // For Chats
+    /// For Chats
    Devicetalk = b'D',

-    // For QR
+    /// For QR
    Auth = b's',

-    // For QR
+    /// For QR
    GroupId = b'x',

-    // For QR
+    /// For QR
    GroupName = b'g',
+
+    /// For MDN-sending job
+    MsgId = b'I',
 }

 /// Possible values for `Param::ForcePlaintext`.
@@ -131,7 +138,7 @@ pub enum ForcePlaintext {
 /// The structure is serialized by calling `to_string()` on it.
 ///
 /// Only for library-internal use.
-#[derive(Debug, Clone, PartialEq, Eq, Default)]
+#[derive(Debug, Clone, PartialEq, Eq, Default, Serialize, Deserialize)]
 pub struct Params {
    inner: BTreeMap<Param, String>,
 }
@@ -312,6 +319,12 @@ impl Params {
        Ok(Some(path))
    }

+    pub fn get_msg_id(&self) -> Option<MsgId> {
+        self.get(Param::MsgId)
+            .and_then(|x| x.parse::<u32>().ok())
+            .map(MsgId::new)
+    }
+
    /// Set the given paramter to the passed in `i32`.
    pub fn set_int(&mut self, key: Param, value: i32) -> &mut Self {
        self.set(key, format!("{}", value));
--- a/src/peerstate.rs
+++ b/src/peerstate.rs
@@ -1,14 +1,14 @@
 //! # [Autocrypt Peer State](https://autocrypt.org/level1.html#peer-state-management) module
 use std::collections::HashSet;
+use std::convert::TryFrom;
 use std::fmt;

 use num_traits::FromPrimitive;

 use crate::aheader::*;
-use crate::chat::*;
 use crate::constants::*;
 use crate::context::Context;
-use crate::key::*;
+use crate::key::{Key, SignedPublicKey};
 use crate::sql::{self, Sql};

 #[derive(Debug)]
@@ -127,7 +127,7 @@ impl<'a> Peerstate<'a> {
        res.last_seen_autocrypt = message_time;
        res.to_save = Some(ToSave::All);
        res.prefer_encrypt = header.prefer_encrypt;
-        res.public_key = Some(header.public_key.clone());
+        res.public_key = Some(Key::from(header.public_key.clone()));
        res.recalc_fingerprint();

        res
@@ -138,7 +138,7 @@ impl<'a> Peerstate<'a> {

        res.gossip_timestamp = message_time;
        res.to_save = Some(ToSave::All);
-        res.gossip_key = Some(gossip_header.public_key.clone());
+        res.gossip_key = Some(Key::from(gossip_header.public_key.clone()));
        res.recalc_fingerprint();

        res
@@ -294,8 +294,8 @@ impl<'a> Peerstate<'a> {
                self.to_save = Some(ToSave::All)
            }

-            if self.public_key.as_ref() != Some(&header.public_key) {
-                self.public_key = Some(header.public_key.clone());
+            if self.public_key.as_ref() != Some(&Key::from(header.public_key.clone())) {
+                self.public_key = Some(Key::from(header.public_key.clone()));
                self.recalc_fingerprint();
                self.to_save = Some(ToSave::All);
            }
@@ -310,21 +310,50 @@ impl<'a> Peerstate<'a> {
        if message_time > self.gossip_timestamp {
            self.gossip_timestamp = message_time;
            self.to_save = Some(ToSave::Timestamps);
-            if self.gossip_key.as_ref() != Some(&gossip_header.public_key) {
-                self.gossip_key = Some(gossip_header.public_key.clone());
+            let hdr_key = Key::from(gossip_header.public_key.clone());
+            if self.gossip_key.as_ref() != Some(&hdr_key) {
+                self.gossip_key = Some(hdr_key);
                self.recalc_fingerprint();
                self.to_save = Some(ToSave::All)
            }
+
+            // This is non-standard.
+            //
+            // According to Autocrypt 1.1.0 gossip headers SHOULD NOT
+            // contain encryption preference, but we include it into
+            // Autocrypt-Gossip and apply it one way (from
+            // "nopreference" to "mutual").
+            //
+            // This is compatible to standard clients, because they
+            // can't distinguish it from the case where we have
+            // contacted the client in the past and received this
+            // preference via Autocrypt header.
+            if self.last_seen_autocrypt == 0
+                && self.prefer_encrypt == EncryptPreference::NoPreference
+                && gossip_header.prefer_encrypt == EncryptPreference::Mutual
+            {
+                self.prefer_encrypt = EncryptPreference::Mutual;
+                self.to_save = Some(ToSave::All);
+            }
        };
    }

    pub fn render_gossip_header(&self, min_verified: PeerstateVerifiedStatus) -> Option<String> {
        if let Some(key) = self.peek_key(min_verified) {
            // TODO: avoid cloning
+            let public_key = SignedPublicKey::try_from(key.clone()).ok()?;
            let header = Aheader::new(
                self.addr.clone(),
-                key.clone(),
-                EncryptPreference::NoPreference,
+                public_key,
+                // Autocrypt 1.1.0 specification says that
+                // `prefer-encrypt` attribute SHOULD NOT be included,
+                // but we include it anyway to propagate encryption
+                // preference to new members in group chats.
+                if self.last_seen_autocrypt > 0 {
+                    self.prefer_encrypt
+                } else {
+                    EncryptPreference::NoPreference
+                },
            );
            Some(header.to_string())
        } else {
@@ -333,18 +362,13 @@ impl<'a> Peerstate<'a> {
    }

    pub fn peek_key(&self, min_verified: PeerstateVerifiedStatus) -> Option<&Key> {
-        if self.public_key.is_none() && self.gossip_key.is_none() && self.verified_key.is_none() {
-            return None;
+        match min_verified {
+            PeerstateVerifiedStatus::BidirectVerified => self.verified_key.as_ref(),
+            PeerstateVerifiedStatus::Unverified => self
+                .public_key
+                .as_ref()
+                .or_else(|| self.gossip_key.as_ref()),
        }
-
-        if min_verified != PeerstateVerifiedStatus::Unverified {
-            return self.verified_key.as_ref();
-        }
-        if self.public_key.is_some() {
-            return self.public_key.as_ref();
-        }
-
-        self.gossip_key.as_ref()
    }

    pub fn set_verified(
@@ -418,7 +442,6 @@ impl<'a> Peerstate<'a> {
                    &self.addr,
                ],
            )?;
-            reset_gossiped_timestamp(self.context, 0)?;
        } else if self.to_save == Some(ToSave::Timestamps) {
            sql::execute(
                self.context,
@@ -452,8 +475,8 @@ impl<'a> Peerstate<'a> {
 #[cfg(test)]
 mod tests {
    use super::*;
+    use crate::test_utils::*;
    use pretty_assertions::assert_eq;
-
    use tempfile::TempDir;

    #[test]
@@ -461,11 +484,7 @@ mod tests {
        let ctx = crate::test_utils::dummy_context();
        let addr = "hello@mail.com";

-        let pub_key = crate::key::Key::from_base64(
-            include_str!("../test-data/key/public.asc"),
-            KeyType::Public,
-        )
-        .unwrap();
+        let pub_key = crate::key::Key::from(alice_keypair().public);

        let mut peerstate = Peerstate {
            context: &ctx.ctx,
@@ -505,12 +524,7 @@ mod tests {
    fn test_peerstate_double_create() {
        let ctx = crate::test_utils::dummy_context();
        let addr = "hello@mail.com";
-
-        let pub_key = crate::key::Key::from_base64(
-            include_str!("../test-data/key/public.asc"),
-            KeyType::Public,
-        )
-        .unwrap();
+        let pub_key = crate::key::Key::from(alice_keypair().public);

        let peerstate = Peerstate {
            context: &ctx.ctx,
@@ -544,11 +558,7 @@ mod tests {
        let ctx = crate::test_utils::dummy_context();
        let addr = "hello@mail.com";

-        let pub_key = crate::key::Key::from_base64(
-            include_str!("../test-data/key/public.asc"),
-            KeyType::Public,
-        )
-        .unwrap();
+        let pub_key = crate::key::Key::from(alice_keypair().public);

        let mut peerstate = Peerstate {
            context: &ctx.ctx,
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -16,6 +16,8 @@ use pgp::types::{
 };
 use rand::{thread_rng, CryptoRng, Rng};

+use crate::constants::KeyGenType;
+use crate::dc_tools::EmailAddress;
 use crate::error::Result;
 use crate::key::*;
 use crate::keyring::*;
@@ -111,12 +113,53 @@ pub fn split_armored_data(buf: &[u8]) -> Result<(BlockType, BTreeMap<String, Str
    Ok((typ, headers, bytes))
 }

-/// Create a new key pair.
-pub fn create_keypair(addr: impl AsRef<str>) -> Option<(Key, Key)> {
-    let user_id = format!("<{}>", addr.as_ref());
+/// Error with generating a PGP keypair.
+///
+/// Most of these are likely coding errors rather than user errors
+/// since all variability is hardcoded.
+#[derive(Fail, Debug)]
+#[fail(display = "PgpKeygenError: {}", message)]
+pub(crate) struct PgpKeygenError {
+    message: String,
+    #[cause]
+    cause: failure::Error,
+    backtrace: failure::Backtrace,
+}

+impl PgpKeygenError {
+    fn new(message: impl Into<String>, cause: impl Into<failure::Error>) -> Self {
+        Self {
+            message: message.into(),
+            cause: cause.into(),
+            backtrace: failure::Backtrace::new(),
+        }
+    }
+}
+
+/// A PGP keypair.
+///
+/// This has it's own struct to be able to keep the public and secret
+/// keys together as they are one unit.
+#[derive(Debug, Clone, Eq, PartialEq)]
+pub struct KeyPair {
+    pub addr: EmailAddress,
+    pub public: SignedPublicKey,
+    pub secret: SignedSecretKey,
+}
+
+/// Create a new key pair.
+pub(crate) fn create_keypair(
+    addr: EmailAddress,
+    keygen_type: KeyGenType,
+) -> std::result::Result<KeyPair, PgpKeygenError> {
+    let (secret_key_type, public_key_type) = match keygen_type {
+        KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
+        KeyGenType::Ed25519 | KeyGenType::Default => (PgpKeyType::EdDSA, PgpKeyType::ECDH),
+    };
+
+    let user_id = format!("<{}>", addr);
    let key_params = SecretKeyParamsBuilder::default()
-        .key_type(PgpKeyType::Rsa(2048))
+        .key_type(secret_key_type)
        .can_create_certificates(true)
        .can_sign(true)
        .primary_user_id(user_id)
@@ -139,27 +182,36 @@ pub fn create_keypair(addr: impl AsRef<str>) -> Option<(Key, Key)> {
        ])
        .subkey(
            SubkeyParamsBuilder::default()
-                .key_type(PgpKeyType::Rsa(2048))
+                .key_type(public_key_type)
                .can_encrypt(true)
                .passphrase(None)
                .build()
                .unwrap(),
        )
        .build()
-        .expect("invalid key params");
-
-    let key = key_params.generate().expect("invalid params");
+        .map_err(|err| PgpKeygenError::new("invalid key params", failure::err_msg(err)))?;
+    let key = key_params
+        .generate()
+        .map_err(|err| PgpKeygenError::new("invalid params", err))?;
    let private_key = key.sign(|| "".into()).expect("failed to sign secret key");

    let public_key = private_key.public_key();
    let public_key = public_key
        .sign(&private_key, || "".into())
-        .expect("failed to sign public key");
+        .map_err(|err| PgpKeygenError::new("failed to sign public key", err))?;

-    private_key.verify().expect("invalid private key generated");
-    public_key.verify().expect("invalid public key generated");
+    private_key
+        .verify()
+        .map_err(|err| PgpKeygenError::new("invalid private key generated", err))?;
+    public_key
+        .verify()
+        .map_err(|err| PgpKeygenError::new("invalid public key generated", err))?;

-    Some((Key::Public(public_key), Key::Secret(private_key)))
+    Ok(KeyPair {
+        addr,
+        public: public_key,
+        secret: private_key,
+    })
 }

 /// Select public key or subkey to use for encryption.
@@ -311,6 +363,8 @@ pub fn symm_decrypt<T: std::io::Read + std::io::Seek>(
 #[cfg(test)]
 mod tests {
    use super::*;
+    use crate::test_utils::*;
+    use lazy_static::lazy_static;

    #[test]
    fn test_split_armored_data_1() {
@@ -338,4 +392,269 @@ mod tests {
        assert!(!base64.is_empty());
        assert_eq!(headers.get(HEADER_AUTOCRYPT), Some(&"mutual".to_string()));
    }
+
+    #[test]
+    #[ignore] // is too expensive
+    fn test_create_keypair() {
+        let keypair0 = create_keypair(
+            EmailAddress::new("foo@bar.de").unwrap(),
+            KeyGenType::Default,
+        )
+        .unwrap();
+        let keypair1 = create_keypair(
+            EmailAddress::new("two@zwo.de").unwrap(),
+            KeyGenType::Default,
+        )
+        .unwrap();
+        assert_ne!(keypair0.public, keypair1.public);
+    }
+
+    /// [Key] objects to use in tests.
+    struct TestKeys {
+        alice_secret: Key,
+        alice_public: Key,
+        bob_secret: Key,
+        bob_public: Key,
+    }
+
+    impl TestKeys {
+        fn new() -> TestKeys {
+            let alice = alice_keypair();
+            let bob = bob_keypair();
+            TestKeys {
+                alice_secret: Key::from(alice.secret.clone()),
+                alice_public: Key::from(alice.public.clone()),
+                bob_secret: Key::from(bob.secret.clone()),
+                bob_public: Key::from(bob.public.clone()),
+            }
+        }
+    }
+
+    /// The original text of [CTEXT_SIGNED]
+    static CLEARTEXT: &[u8] = b"This is a test";
+
+    lazy_static! {
+        /// Initialised [TestKeys] for tests.
+        static ref KEYS: TestKeys = TestKeys::new();
+
+        /// A cyphertext encrypted to Alice & Bob, signed by Alice.
+        static ref CTEXT_SIGNED: String = {
+            let mut keyring = Keyring::default();
+            keyring.add_owned(KEYS.alice_public.clone());
+            keyring.add_ref(&KEYS.bob_public);
+            pk_encrypt(CLEARTEXT, &keyring, Some(&KEYS.alice_secret)).unwrap()
+        };
+
+        /// A cyphertext encrypted to Alice & Bob, not signed.
+        static ref CTEXT_UNSIGNED: String = {
+            let mut keyring = Keyring::default();
+            keyring.add_owned(KEYS.alice_public.clone());
+            keyring.add_ref(&KEYS.bob_public);
+            pk_encrypt(CLEARTEXT, &keyring, None).unwrap()
+        };
+    }
+
+    #[test]
+    fn test_encrypt_signed() {
+        assert!(!CTEXT_SIGNED.is_empty());
+        assert!(CTEXT_SIGNED.starts_with("-----BEGIN PGP MESSAGE-----"));
+    }
+
+    #[test]
+    fn test_encrypt_unsigned() {
+        assert!(!CTEXT_UNSIGNED.is_empty());
+        assert!(CTEXT_UNSIGNED.starts_with("-----BEGIN PGP MESSAGE-----"));
+    }
+
+    #[test]
+    fn test_decrypt_singed() {
+        // Check decrypting as Alice
+        let mut decrypt_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.alice_secret);
+        let mut sig_check_keyring = Keyring::default();
+        sig_check_keyring.add_ref(&KEYS.alice_public);
+        let mut valid_signatures: HashSet<String> = Default::default();
+        let plain = pk_decrypt(
+            CTEXT_SIGNED.as_bytes(),
+            &decrypt_keyring,
+            &sig_check_keyring,
+            Some(&mut valid_signatures),
+        )
+        .map_err(|err| println!("{:?}", err))
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(valid_signatures.len(), 1);
+
+        // Check decrypting as Bob
+        let mut decrypt_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.bob_secret);
+        let mut sig_check_keyring = Keyring::default();
+        sig_check_keyring.add_ref(&KEYS.alice_public);
+        let mut valid_signatures: HashSet<String> = Default::default();
+        let plain = pk_decrypt(
+            CTEXT_SIGNED.as_bytes(),
+            &decrypt_keyring,
+            &sig_check_keyring,
+            Some(&mut valid_signatures),
+        )
+        .map_err(|err| println!("{:?}", err))
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(valid_signatures.len(), 1);
+    }
+
+    #[test]
+    fn test_decrypt_no_sig_check() {
+        let mut keyring = Keyring::default();
+        keyring.add_ref(&KEYS.alice_secret);
+        let empty_keyring = Keyring::default();
+        let mut valid_signatures: HashSet<String> = Default::default();
+        let plain = pk_decrypt(
+            CTEXT_SIGNED.as_bytes(),
+            &keyring,
+            &empty_keyring,
+            Some(&mut valid_signatures),
+        )
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(valid_signatures.len(), 0);
+    }
+
+    #[test]
+    fn test_decrypt_signed_no_key() {
+        // The validation does not have the public key of the signer.
+        let mut decrypt_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.bob_secret);
+        let mut sig_check_keyring = Keyring::default();
+        sig_check_keyring.add_ref(&KEYS.bob_public);
+        let mut valid_signatures: HashSet<String> = Default::default();
+        let plain = pk_decrypt(
+            CTEXT_SIGNED.as_bytes(),
+            &decrypt_keyring,
+            &sig_check_keyring,
+            Some(&mut valid_signatures),
+        )
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(valid_signatures.len(), 0);
+    }
+
+    #[test]
+    fn test_decrypt_unsigned() {
+        let mut decrypt_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.bob_secret);
+        let sig_check_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.alice_public);
+        let mut valid_signatures: HashSet<String> = Default::default();
+        let plain = pk_decrypt(
+            CTEXT_UNSIGNED.as_bytes(),
+            &decrypt_keyring,
+            &sig_check_keyring,
+            Some(&mut valid_signatures),
+        )
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(valid_signatures.len(), 0);
+    }
+
+    #[test]
+    fn test_decrypt_signed_no_sigret() {
+        // Check decrypting signed cyphertext without providing the HashSet for signatures.
+        let mut decrypt_keyring = Keyring::default();
+        decrypt_keyring.add_ref(&KEYS.bob_secret);
+        let mut sig_check_keyring = Keyring::default();
+        sig_check_keyring.add_ref(&KEYS.alice_public);
+        let plain = pk_decrypt(
+            CTEXT_SIGNED.as_bytes(),
+            &decrypt_keyring,
+            &sig_check_keyring,
+            None,
+        )
+        .unwrap();
+        assert_eq!(plain, CLEARTEXT);
+    }
+
+    fn test_encrypt_decrypt_fuzz(key_type: KeyGenType) {
+        // sending messages from Alice to Bob
+        let alice = create_keypair(EmailAddress::new("a@e.org").unwrap(), key_type).unwrap();
+        let bob = create_keypair(EmailAddress::new("b@e.org").unwrap(), key_type).unwrap();
+
+        let alice_secret = Key::from(alice.secret.clone());
+        let alice_public = Key::from(alice.public.clone());
+        let bob_secret = Key::from(bob.secret.clone());
+        let bob_public = Key::from(bob.public.clone());
+
+        let plain: &[u8] = b"just a test";
+
+        let mut encr_keyring = Keyring::default();
+        encr_keyring.add_ref(&bob_public);
+
+        let mut decr_keyring = Keyring::default();
+        decr_keyring.add_ref(&bob_secret);
+        let mut validate_keyring = Keyring::default();
+        validate_keyring.add_ref(&alice_public);
+
+        for _ in 0..1000 {
+            let ctext = pk_encrypt(plain.as_ref(), &encr_keyring, Some(&alice_secret)).unwrap();
+            let plain2 =
+                pk_decrypt(ctext.as_ref(), &decr_keyring, &validate_keyring, None).unwrap();
+            assert_eq!(plain2, plain);
+        }
+    }
+
+    #[test]
+    #[ignore]
+    fn test_encrypt_decrypt_fuzz_rsa() {
+        test_encrypt_decrypt_fuzz(KeyGenType::Rsa2048)
+    }
+
+    #[test]
+    fn test_encrypt_decrypt_fuzz_ecc() {
+        test_encrypt_decrypt_fuzz(KeyGenType::Ed25519)
+    }
+
+    #[test]
+    fn test_encrypt_decrypt_fuzz_alice() -> Result<()> {
+        let plain: &[u8] = b"just a test";
+        let lit_msg = Message::new_literal_bytes("", plain);
+
+        let mut rng = thread_rng();
+
+        let enc_key =
+            SignedPublicKey::from_base64(include_str!("../test-data/key/alice-public.asc"))
+                .unwrap();
+        let enc_subkey = &enc_key.public_subkeys[0];
+        assert!(enc_subkey.is_encryption_key());
+        let pkeys: Vec<&SignedPublicSubKey> = vec![&enc_subkey];
+
+        let skey = SignedSecretKey::from_base64(include_str!("../test-data/key/alice-secret.asc"))
+            .unwrap();
+        let skeys: Vec<&SignedSecretKey> = vec![&skey];
+
+        for _ in 0..1000 {
+            let msg = lit_msg.encrypt_to_keys(
+                &mut rng,
+                pgp::crypto::sym::SymmetricKeyAlgorithm::AES128,
+                &pkeys[..],
+            )?;
+            let ctext = msg.to_armored_string(None)?;
+
+            println!("{}", ctext);
+
+            let (decryptor, _) = msg.decrypt(|| "".into(), || "".into(), &skeys[..])?;
+            let msgs = decryptor.collect::<pgp::errors::Result<Vec<_>>>()?;
+            ensure!(!msgs.is_empty(), "No valid messages found");
+
+            let dec_msg = &msgs[0];
+
+            let plain2: Vec<u8> = match dec_msg.get_content()? {
+                Some(content) => content,
+                None => bail!("Decrypted message is empty"),
+            };
+
+            assert_eq!(plain2, plain);
+        }
+
+        Ok(())
+    }
 }
--- a/src/provider/data.rs
+++ b/src/provider/data.rs
@@ -0,0 +1,365 @@
+// file generated by src/provider/update.py
+
+use crate::provider::Protocol::*;
+use crate::provider::Socket::*;
+use crate::provider::UsernamePattern::*;
+use crate::provider::*;
+use std::collections::HashMap;
+
+lazy_static::lazy_static! {
+
+    // aktivix.org.md: aktivix.org
+    static ref P_AKTIVIX_ORG: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/aktivix-org",
+        server: vec![
+            Server { protocol: IMAP, socket: STARTTLS, hostname: "newyear.aktivix.org", port: 143, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "newyear.aktivix.org", port: 25, username_pattern: EMAIL },
+        ],
+    };
+
+    // aol.md: aol.com
+    static ref P_AOL: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "To log in to AOL with Delta Chat, you need to set up an app password in the AOL web interface.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/aol",
+        server: vec![
+        ],
+    };
+
+    // autistici.org.md: autistici.org
+    static ref P_AUTISTICI_ORG: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/autistici-org",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "mail.autistici.org", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "smtp.autistici.org", port: 465, username_pattern: EMAIL },
+        ],
+    };
+
+    // bluewin.ch.md: bluewin.ch
+    static ref P_BLUEWIN_CH: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/bluewin-ch",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imaps.bluewin.ch", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "smtpauths.bluewin.ch", port: 465, username_pattern: EMAIL },
+        ],
+    };
+
+    // comcast.md: xfinity.com, comcast.net
+    // - skipping provider with status OK and no special things to do
+
+    // dismail.de.md: dismail.de
+    // - skipping provider with status OK and no special things to do
+
+    // disroot.md: disroot.org
+    // - skipping provider with status OK and no special things to do
+
+    // example.com.md: example.com, example.org
+    static ref P_EXAMPLE_COM: Provider = Provider {
+        status: Status::BROKEN,
+        before_login_hint: "Hush this provider doesn't exist!",
+        after_login_hint: "This provider doesn't really exist, so you can't use it :/ If you need an email provider for Delta Chat, take a look at providers.delta.chat!",
+        overview_page: "https://providers.delta.chat/example-com",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.example.com", port: 1337, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp.example.com", port: 1337, username_pattern: EMAIL },
+        ],
+    };
+
+    // fastmail.md: fastmail.com
+    static ref P_FASTMAIL: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "You must create an app-specific password for Delta Chat before you can log in.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/fastmail",
+        server: vec![
+        ],
+    };
+
+    // freenet.de.md: freenet.de
+    static ref P_FREENET_DE: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/freenet-de",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "mx.freenet.de", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "mx.freenet.de", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // gmail.md: gmail.com, googlemail.com
+    static ref P_GMAIL: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "For Gmail accounts, you need to create an app-password if you have \"2-Step Verification\" enabled. If this setting is not available, you need to enable \"less secure apps\".",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/gmail",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.gmail.com", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "smtp.gmail.com", port: 465, username_pattern: EMAIL },
+        ],
+    };
+
+    // gmx.net.md: gmx.net, gmx.de, gmx.at, gmx.ch, gmx.org, gmx.eu, gmx.info, gmx.biz, gmx.com
+    static ref P_GMX_NET: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "You must allow IMAP access to your account before you can login.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/gmx-net",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.gmx.net", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "mail.gmx.net", port: 465, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "mail.gmx.net", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // i.ua.md: i.ua
+    // - skipping provider with status OK and no special things to do
+
+    // icloud.md: icloud.com, me.com, mac.com
+    static ref P_ICLOUD: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "You must create an app-specific password for Delta Chat before you can login.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/icloud",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.mail.me.com", port: 993, username_pattern: EMAILLOCALPART },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp.mail.me.com", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // kolst.com.md: kolst.com
+    // - skipping provider with status OK and no special things to do
+
+    // kontent.com.md: kontent.com
+    // - skipping provider with status OK and no special things to do
+
+    // mail.ru.md: mail.ru, inbox.ru, bk.ru, list.ru
+    // - skipping provider with status OK and no special things to do
+
+    // mailbox.org.md: mailbox.org, secure.mailbox.org
+    // - skipping provider with status OK and no special things to do
+
+    // nauta.cu.md: nauta.cu
+    static ref P_NAUTA_CU: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "Atención - con nauta.cu, puede enviar mensajes sólo a un máximo de 20 personas a la vez. En grupos más grandes, no puede enviar mensajes o abandonar el grupo.",
+        overview_page: "https://providers.delta.chat/nauta-cu",
+        server: vec![
+            Server { protocol: IMAP, socket: STARTTLS, hostname: "imap.nauta.cu", port: 143, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp.nauta.cu", port: 25, username_pattern: EMAIL },
+        ],
+    };
+
+    // outlook.com.md: hotmail.com, outlook.com, office365.com, outlook.com.tr, live.com
+    static ref P_OUTLOOK_COM: Provider = Provider {
+        status: Status::BROKEN,
+        before_login_hint: "Outlook.com email addresses will not work as expected as these servers remove some important transport information. Hopefully sooner or later there will be a fix, for now we suggest to use another email address.",
+        after_login_hint: "Outlook.com email addresses will not work as expected as these servers remove some important transport information. Unencrypted 1-on-1 chats kind of work, but groups and encryption don't. Hopefully sooner or later there will be a fix, for now we suggest to use another email address.",
+        overview_page: "https://providers.delta.chat/outlook-com",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap-mail.outlook.com", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp-mail.outlook.com", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // posteo.md: posteo.de
+    static ref P_POSTEO: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/posteo",
+        server: vec![
+            Server { protocol: IMAP, socket: STARTTLS, hostname: "posteo.de", port: 143, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "posteo.de", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // protonmail.md: protonmail.com, protonmail.ch
+    static ref P_PROTONMAIL: Provider = Provider {
+        status: Status::BROKEN,
+        before_login_hint: "Protonmail does not offer the standard IMAP e-mail protocol, so you cannot log in with Delta Chat to Protonmail.",
+        after_login_hint: "To use Delta Chat with Protonmail, the IMAP bridge must be running in the background. If you have connectivity issues, double check whether it works as expected.",
+        overview_page: "https://providers.delta.chat/protonmail",
+        server: vec![
+        ],
+    };
+
+    // riseup.net.md: riseup.net
+    // - skipping provider with status OK and no special things to do
+
+    // rogers.com.md: rogers.com
+    // - skipping provider with status OK and no special things to do
+
+    // t-online.md: t-online.de, magenta.de
+    static ref P_T_ONLINE: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "To use Delta Chat with a T-Online email address, you need to create an app password in the web interface.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/t-online",
+        server: vec![
+        ],
+    };
+
+    // testrun.md: testrun.org
+    static ref P_TESTRUN: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/testrun",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "testrun.org", port: 993, username_pattern: EMAIL },
+            Server { protocol: IMAP, socket: STARTTLS, hostname: "testrun.org", port: 143, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "testrun.org", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    // tiscali.it.md: tiscali.it
+    static ref P_TISCALI_IT: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/tiscali-it",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.tiscali.it", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "smtp.tiscali.it", port: 465, username_pattern: EMAIL },
+        ],
+    };
+
+    // ukr.net.md: ukr.net
+    // - skipping provider with status OK and no special things to do
+
+    // vfemail.md: vfemail.net
+    // - skipping provider with status OK and no special things to do
+
+    // web.de.md: web.de, email.de, flirt.ms, hallo.ms, kuss.ms, love.ms, magic.ms, singles.ms, cool.ms, kanzler.ms, okay.ms, party.ms, pop.ms, stars.ms, techno.ms, clever.ms, deutschland.ms, genial.ms, ich.ms, online.ms, smart.ms, wichtig.ms, action.ms, fussball.ms, joker.ms, planet.ms, power.ms
+    static ref P_WEB_DE: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "You must allow IMAP access to your account before you can login.",
+        after_login_hint: "Note: if you have your web.de spam settings too strict, you won't receive contact requests from new people. If you want to receive contact requests, you should disable the \"3-Wege-Spamschutz\" in the web.de settings.  Read how: https://hilfe.web.de/email/spam-und-viren/spamschutz-einstellungen.html",
+        overview_page: "https://providers.delta.chat/web-de",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.web.de", port: 993, username_pattern: EMAILLOCALPART },
+            Server { protocol: IMAP, socket: STARTTLS, hostname: "imap.web.de", port: 143, username_pattern: EMAILLOCALPART },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp.web.de", port: 587, username_pattern: EMAILLOCALPART },
+        ],
+    };
+
+    // yahoo.md: yahoo.com, yahoo.de, yahoo.it, yahoo.fr, yahoo.es, yahoo.se, yahoo.co.uk, yahoo.co.nz, yahoo.com.au, yahoo.com.ar, yahoo.com.br, yahoo.com.mx, ymail.com, rocketmail.com, yahoodns.net
+    static ref P_YAHOO: Provider = Provider {
+        status: Status::PREPARATION,
+        before_login_hint: "To use Delta Chat with your Yahoo email address you have to allow \"less secure apps\" in the Yahoo webinterface.",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/yahoo",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.mail.yahoo.com", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: SSL, hostname: "smtp.mail.yahoo.com", port: 465, username_pattern: EMAIL },
+        ],
+    };
+
+    // yandex.ru.md: yandex.ru, yandex.com
+    // - skipping provider with status OK and no special things to do
+
+    // ziggo.nl.md: ziggo.nl
+    static ref P_ZIGGO_NL: Provider = Provider {
+        status: Status::OK,
+        before_login_hint: "",
+        after_login_hint: "",
+        overview_page: "https://providers.delta.chat/ziggo-nl",
+        server: vec![
+            Server { protocol: IMAP, socket: SSL, hostname: "imap.ziggo.nl", port: 993, username_pattern: EMAIL },
+            Server { protocol: SMTP, socket: STARTTLS, hostname: "smtp.ziggo.nl", port: 587, username_pattern: EMAIL },
+        ],
+    };
+
+    pub static ref PROVIDER_DATA: HashMap<&'static str, &'static Provider> = [
+        ("aktivix.org", &*P_AKTIVIX_ORG),
+        ("aol.com", &*P_AOL),
+        ("autistici.org", &*P_AUTISTICI_ORG),
+        ("bluewin.ch", &*P_BLUEWIN_CH),
+        ("example.com", &*P_EXAMPLE_COM),
+        ("example.org", &*P_EXAMPLE_COM),
+        ("fastmail.com", &*P_FASTMAIL),
+        ("freenet.de", &*P_FREENET_DE),
+        ("gmail.com", &*P_GMAIL),
+        ("googlemail.com", &*P_GMAIL),
+        ("gmx.net", &*P_GMX_NET),
+        ("gmx.de", &*P_GMX_NET),
+        ("gmx.at", &*P_GMX_NET),
+        ("gmx.ch", &*P_GMX_NET),
+        ("gmx.org", &*P_GMX_NET),
+        ("gmx.eu", &*P_GMX_NET),
+        ("gmx.info", &*P_GMX_NET),
+        ("gmx.biz", &*P_GMX_NET),
+        ("gmx.com", &*P_GMX_NET),
+        ("icloud.com", &*P_ICLOUD),
+        ("me.com", &*P_ICLOUD),
+        ("mac.com", &*P_ICLOUD),
+        ("nauta.cu", &*P_NAUTA_CU),
+        ("hotmail.com", &*P_OUTLOOK_COM),
+        ("outlook.com", &*P_OUTLOOK_COM),
+        ("office365.com", &*P_OUTLOOK_COM),
+        ("outlook.com.tr", &*P_OUTLOOK_COM),
+        ("live.com", &*P_OUTLOOK_COM),
+        ("posteo.de", &*P_POSTEO),
+        ("protonmail.com", &*P_PROTONMAIL),
+        ("protonmail.ch", &*P_PROTONMAIL),
+        ("t-online.de", &*P_T_ONLINE),
+        ("magenta.de", &*P_T_ONLINE),
+        ("testrun.org", &*P_TESTRUN),
+        ("tiscali.it", &*P_TISCALI_IT),
+        ("web.de", &*P_WEB_DE),
+        ("email.de", &*P_WEB_DE),
+        ("flirt.ms", &*P_WEB_DE),
+        ("hallo.ms", &*P_WEB_DE),
+        ("kuss.ms", &*P_WEB_DE),
+        ("love.ms", &*P_WEB_DE),
+        ("magic.ms", &*P_WEB_DE),
+        ("singles.ms", &*P_WEB_DE),
+        ("cool.ms", &*P_WEB_DE),
+        ("kanzler.ms", &*P_WEB_DE),
+        ("okay.ms", &*P_WEB_DE),
+        ("party.ms", &*P_WEB_DE),
+        ("pop.ms", &*P_WEB_DE),
+        ("stars.ms", &*P_WEB_DE),
+        ("techno.ms", &*P_WEB_DE),
+        ("clever.ms", &*P_WEB_DE),
+        ("deutschland.ms", &*P_WEB_DE),
+        ("genial.ms", &*P_WEB_DE),
+        ("ich.ms", &*P_WEB_DE),
+        ("online.ms", &*P_WEB_DE),
+        ("smart.ms", &*P_WEB_DE),
+        ("wichtig.ms", &*P_WEB_DE),
+        ("action.ms", &*P_WEB_DE),
+        ("fussball.ms", &*P_WEB_DE),
+        ("joker.ms", &*P_WEB_DE),
+        ("planet.ms", &*P_WEB_DE),
+        ("power.ms", &*P_WEB_DE),
+        ("yahoo.com", &*P_YAHOO),
+        ("yahoo.de", &*P_YAHOO),
+        ("yahoo.it", &*P_YAHOO),
+        ("yahoo.fr", &*P_YAHOO),
+        ("yahoo.es", &*P_YAHOO),
+        ("yahoo.se", &*P_YAHOO),
+        ("yahoo.co.uk", &*P_YAHOO),
+        ("yahoo.co.nz", &*P_YAHOO),
+        ("yahoo.com.au", &*P_YAHOO),
+        ("yahoo.com.ar", &*P_YAHOO),
+        ("yahoo.com.br", &*P_YAHOO),
+        ("yahoo.com.mx", &*P_YAHOO),
+        ("ymail.com", &*P_YAHOO),
+        ("rocketmail.com", &*P_YAHOO),
+        ("yahoodns.net", &*P_YAHOO),
+        ("ziggo.nl", &*P_ZIGGO_NL),
+    ].iter().copied().collect();
+}
--- a/src/provider/mod.rs
+++ b/src/provider/mod.rs
@@ -0,0 +1,146 @@
+//! [Provider database](https://providers.delta.chat/) module
+
+mod data;
+
+use crate::dc_tools::EmailAddress;
+use crate::provider::data::PROVIDER_DATA;
+
+#[derive(Debug, Copy, Clone, PartialEq, ToPrimitive)]
+#[repr(u8)]
+pub enum Status {
+    OK = 1,
+    PREPARATION = 2,
+    BROKEN = 3,
+}
+
+#[derive(Debug, PartialEq)]
+#[repr(u8)]
+pub enum Protocol {
+    SMTP = 1,
+    IMAP = 2,
+}
+
+#[derive(Debug, PartialEq)]
+#[repr(u8)]
+pub enum Socket {
+    STARTTLS = 1,
+    SSL = 2,
+}
+
+#[derive(Debug, PartialEq)]
+#[repr(u8)]
+pub enum UsernamePattern {
+    EMAIL = 1,
+    EMAILLOCALPART = 2,
+}
+
+#[derive(Debug)]
+pub struct Server {
+    pub protocol: Protocol,
+    pub socket: Socket,
+    pub hostname: &'static str,
+    pub port: u16,
+    pub username_pattern: UsernamePattern,
+}
+
+impl Server {
+    pub fn apply_username_pattern(&self, addr: String) -> String {
+        match self.username_pattern {
+            UsernamePattern::EMAIL => addr,
+            UsernamePattern::EMAILLOCALPART => {
+                if let Some(at) = addr.find('@') {
+                    return addr.split_at(at).0.to_string();
+                }
+                addr
+            }
+        }
+    }
+}
+
+#[derive(Debug)]
+pub struct Provider {
+    pub status: Status,
+    pub before_login_hint: &'static str,
+    pub after_login_hint: &'static str,
+    pub overview_page: &'static str,
+    pub server: Vec<Server>,
+}
+
+impl Provider {
+    pub fn get_server(&self, protocol: Protocol) -> Option<&Server> {
+        for record in self.server.iter() {
+            if record.protocol == protocol {
+                return Some(record);
+            }
+        }
+        None
+    }
+
+    pub fn get_imap_server(&self) -> Option<&Server> {
+        self.get_server(Protocol::IMAP)
+    }
+
+    pub fn get_smtp_server(&self) -> Option<&Server> {
+        self.get_server(Protocol::SMTP)
+    }
+}
+
+pub fn get_provider_info(addr: &str) -> Option<&Provider> {
+    let domain = match addr.parse::<EmailAddress>() {
+        Ok(addr) => addr.domain,
+        Err(_err) => return None,
+    }
+    .to_lowercase();
+
+    if let Some(provider) = PROVIDER_DATA.get(domain.as_str()) {
+        return Some(*provider);
+    }
+
+    None
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_get_provider_info_unexistant() {
+        let provider = get_provider_info("user@unexistant.org");
+        assert!(provider.is_none());
+    }
+
+    #[test]
+    fn test_get_provider_info_mixed_case() {
+        let provider = get_provider_info("uSer@nAUta.Cu").unwrap();
+        assert!(provider.status == Status::OK);
+    }
+
+    #[test]
+    fn test_get_provider_info() {
+        let provider = get_provider_info("nauta.cu"); // this is no email address
+        assert!(provider.is_none());
+
+        let provider = get_provider_info("user@nauta.cu").unwrap();
+        assert!(provider.status == Status::OK);
+        let server = provider.get_imap_server().unwrap();
+        assert_eq!(server.protocol, Protocol::IMAP);
+        assert_eq!(server.socket, Socket::STARTTLS);
+        assert_eq!(server.hostname, "imap.nauta.cu");
+        assert_eq!(server.port, 143);
+        assert_eq!(server.username_pattern, UsernamePattern::EMAIL);
+        let server = provider.get_smtp_server().unwrap();
+        assert_eq!(server.protocol, Protocol::SMTP);
+        assert_eq!(server.socket, Socket::STARTTLS);
+        assert_eq!(server.hostname, "smtp.nauta.cu");
+        assert_eq!(server.port, 25);
+        assert_eq!(server.username_pattern, UsernamePattern::EMAIL);
+
+        let provider = get_provider_info("user@gmail.com").unwrap();
+        assert!(provider.status == Status::PREPARATION);
+        assert!(!provider.before_login_hint.is_empty());
+        assert!(!provider.overview_page.is_empty());
+
+        let provider = get_provider_info("user@googlemail.com").unwrap();
+        assert!(provider.status == Status::PREPARATION);
+    }
+}
--- a/src/provider/update.py
+++ b/src/provider/update.py
@@ -0,0 +1,148 @@
+#!/usr/bin/env python3
+# if the yaml import fails, run "pip install pyyaml"
+
+import sys
+import os
+import yaml
+
+out_all = ""
+out_domains = ""
+domains_dict = {}
+
+
+def cleanstr(s):
+    s = s.strip()
+    s = s.replace("\n", " ")
+    s = s.replace("\\", "\\\\")
+    s = s.replace("\"", "\\\"")
+    return s
+
+
+def file2varname(f):
+    f = f[f.rindex("/")+1:].replace(".md", "")
+    f = f.replace(".", "_")
+    f = f.replace("-", "_")
+    return "P_" + f.upper()
+
+
+def file2url(f):
+    f = f[f.rindex("/")+1:].replace(".md", "")
+    f = f.replace(".", "-")
+    return "https://providers.delta.chat/" + f
+
+
+def process_data(data, file):
+    status = data.get("status", "")
+    if status != "OK" and status != "PREPARATION" and status != "BROKEN":
+        raise TypeError("bad status")
+
+    comment = ""
+    domains = ""
+    if not "domains" in data:
+        raise TypeError("no domains found")
+    for domain in data["domains"]:
+        domain = cleanstr(domain)
+        if domain == "" or domain.count(".") < 1 or domain.lower() != domain:
+            raise TypeError("bad domain: " + domain)
+
+        global domains_dict
+        if domains_dict.get(domain, False):
+            raise TypeError("domain used twice: " + domain)
+        domains_dict[domain] = True
+
+        domains += "        (\"" + domain + "\", &*" + file2varname(file) + "),\n"
+        comment += domain + ", "
+
+
+    server = ""
+    has_imap = False
+    has_smtp = False
+    if "server" in data:
+        for s in data["server"]:
+            hostname = cleanstr(s.get("hostname", ""))
+            port = int(s.get("port", ""))
+            if hostname == "" or hostname.count(".") < 1 or port <= 0:
+                raise TypeError("bad hostname or port")
+
+            protocol = s.get("type", "").upper()
+            if protocol == "IMAP":
+                has_imap = True
+            elif protocol == "SMTP":
+                has_smtp = True
+            else:
+                raise TypeError("bad protocol")
+
+            socket = s.get("socket", "").upper()
+            if socket != "STARTTLS" and socket != "SSL":
+                raise TypeError("bad socket")
+
+            username_pattern = s.get("username_pattern", "EMAIL").upper()
+            if username_pattern != "EMAIL" and username_pattern != "EMAILLOCALPART":
+                raise TypeError("bad username pattern")
+
+            server += ("            Server { protocol: " + protocol + ", socket: " + socket + ", hostname: \""
+            + hostname + "\", port: " + str(port) + ", username_pattern: " + username_pattern + " },\n")
+
+    provider = ""
+    before_login_hint = cleanstr(data.get("before_login_hint", ""))
+    after_login_hint = cleanstr(data.get("after_login_hint", ""))
+    if (not has_imap and not has_smtp) or (has_imap and has_smtp):
+        provider += "    static ref " + file2varname(file) + ": Provider = Provider {\n"
+        provider += "        status: Status::" + status + ",\n"
+        provider += "        before_login_hint: \"" + before_login_hint + "\",\n"
+        provider += "        after_login_hint: \"" + after_login_hint + "\",\n"
+        provider += "        overview_page: \"" + file2url(file) + "\",\n"
+        provider += "        server: vec![\n" + server + "        ],\n"
+        provider += "    };\n\n"
+    else:
+        raise TypeError("SMTP and IMAP must be specified together or left out both")
+
+    if status != "OK" and before_login_hint == "":
+        raise TypeError("status PREPARATION or BROKEN requires before_login_hint: " + file)
+
+    # finally, add the provider
+    global out_all, out_domains
+    out_all += "    // " + file[file.rindex("/")+1:] + ": " + comment.strip(", ") + "\n"
+    if status == "OK" and before_login_hint == "" and after_login_hint == "" and server == "":
+        out_all += "    // - skipping provider with status OK and no special things to do\n\n"
+    else:
+        out_all += provider
+        out_domains += domains
+
+
+def process_file(file):
+    print("processing file: " + file, file=sys.stderr)
+    with open(file) as f:
+        # load_all() loads "---"-separated yamls -
+        # by coincidence, this is also the frontmatter separator :)
+        data = next(yaml.load_all(f, Loader=yaml.SafeLoader))
+        process_data(data, file)
+
+
+def process_dir(dir):
+    print("processing directory: " + dir, file=sys.stderr)
+    files = [f for f in os.listdir(dir) if f.endswith(".md")]
+    files.sort()
+    for f in files:
+        process_file(os.path.join(dir, f))
+
+
+if __name__ == "__main__":
+    if len(sys.argv) < 2:
+        raise SystemExit("usage: update.py DIR_WITH_MD_FILES > data.rs")
+
+    out_all = ("// file generated by src/provider/update.py\n\n"
+    "use crate::provider::Protocol::*;\n"
+    "use crate::provider::Socket::*;\n"
+    "use crate::provider::UsernamePattern::*;\n"
+    "use crate::provider::*;\n"
+    "use std::collections::HashMap;\n\n"
+    "lazy_static::lazy_static! {\n\n")
+
+    process_dir(sys.argv[1])
+
+    out_all += "    pub static ref PROVIDER_DATA: HashMap<&'static str, &'static Provider> = [\n"
+    out_all += out_domains;
+    out_all += "    ].iter().copied().collect();\n}"
+
+    print(out_all)
--- a/src/qr.rs
+++ b/src/qr.rs
@@ -4,17 +4,21 @@ use lazy_static::lazy_static;
 use percent_encoding::percent_decode_str;

 use crate::chat;
+use crate::config::*;
 use crate::constants::Blocked;
 use crate::contact::*;
 use crate::context::Context;
 use crate::error::Error;
 use crate::key::dc_format_fingerprint;
-use crate::key::*;
+use crate::key::dc_normalize_fingerprint;
 use crate::lot::{Lot, LotState};
 use crate::param::*;
 use crate::peerstate::*;
+use reqwest::Url;
+use serde::Deserialize;

 const OPENPGP4FPR_SCHEME: &str = "OPENPGP4FPR:"; // yes: uppercase
+const DCACCOUNT_SCHEME: &str = "DCACCOUNT:";
 const MAILTO_SCHEME: &str = "mailto:";
 const MATMSG_SCHEME: &str = "MATMSG:";
 const VCARD_SCHEME: &str = "BEGIN:VCARD";
@@ -43,6 +47,8 @@ pub fn check_qr(context: &Context, qr: impl AsRef<str>) -> Lot {

    if qr.starts_with(OPENPGP4FPR_SCHEME) {
        decode_openpgp(context, qr)
+    } else if qr.starts_with(DCACCOUNT_SCHEME) {
+        decode_account(context, qr)
    } else if qr.starts_with(MAILTO_SCHEME) {
        decode_mailto(context, qr)
    } else if qr.starts_with(SMTP_SCHEME) {
@@ -69,7 +75,7 @@ fn decode_openpgp(context: &Context, qr: &str) -> Lot {
        (fp, &rest[1..])
    }) {
        Some(pair) => pair,
-        None => return format_err!("Invalid OPENPGP4FPR found").into(),
+        None => (payload, ""),
    };

    // replace & with \n to match expected param format
@@ -83,11 +89,11 @@ fn decode_openpgp(context: &Context, qr: &str) -> Lot {

    let addr = if let Some(addr) = param.get(Param::Forwarded) {
        match normalize_address(addr) {
-            Ok(addr) => addr,
+            Ok(addr) => Some(addr),
            Err(err) => return err.into(),
        }
    } else {
-        return format_err!("Missing address").into();
+        None
    };

    // what is up with that param name?
@@ -157,7 +163,7 @@ fn decode_openpgp(context: &Context, qr: &str) -> Lot {
            lot.state = LotState::QrFprWithoutAddr;
            lot.text1 = Some(dc_format_fingerprint(&fingerprint));
        }
-    } else {
+    } else if let Some(addr) = addr {
        if grpid.is_some() && grpname.is_some() {
            lot.state = LotState::QrAskVerifyGroup;
            lot.text1 = grpname;
@@ -172,11 +178,80 @@ fn decode_openpgp(context: &Context, qr: &str) -> Lot {
        lot.fingerprint = Some(fingerprint);
        lot.invitenumber = invitenumber;
        lot.auth = auth;
+    } else {
+        return format_err!("Missing address").into();
    }

    lot
 }

+/// scheme: `DCACCOUNT:https://example.org/new_email?t=1w_7wDjgjelxeX884x96v3`
+fn decode_account(_context: &Context, qr: &str) -> Lot {
+    let payload = &qr[DCACCOUNT_SCHEME.len()..];
+
+    let mut lot = Lot::new();
+
+    if let Ok(url) = Url::parse(payload) {
+        if url.scheme() == "https" {
+            lot.state = LotState::QrAccount;
+            lot.text1 = url.host_str().map(|x| x.to_string());
+        } else {
+            lot.state = LotState::QrError;
+            lot.text1 = Some(format!("Bad scheme for account url: {}", payload));
+        }
+    } else {
+        lot.state = LotState::QrError;
+        lot.text1 = Some(format!("Invalid account url: {}", payload));
+    }
+
+    lot
+}
+
+#[derive(Debug, Deserialize)]
+struct CreateAccountResponse {
+    email: String,
+    password: String,
+}
+
+/// take a qr of the type DC_QR_ACCOUNT, parse it's parameters,
+/// download additional information from the contained url and set the parameters.
+/// on success, a configure::configure() should be able to log in to the account
+pub fn set_config_from_qr(context: &Context, qr: &str) -> Result<(), Error> {
+    let url_str = &qr[DCACCOUNT_SCHEME.len()..];
+
+    let response = reqwest::blocking::Client::new().post(url_str).send();
+    if response.is_err() {
+        return Err(format_err!(
+            "Cannot create account, request to {} failed",
+            url_str
+        ));
+    }
+    let response = response.unwrap();
+    if !response.status().is_success() {
+        return Err(format_err!(
+            "Request to {} unsuccessful: {:?}",
+            url_str,
+            response
+        ));
+    }
+
+    let parsed: reqwest::Result<CreateAccountResponse> = response.json();
+    if parsed.is_err() {
+        return Err(format_err!(
+            "Failed to parse JSON response from {}: error: {:?}",
+            url_str,
+            parsed
+        ));
+    }
+    println!("response: {:?}", &parsed);
+    let parsed = parsed.unwrap();
+
+    context.set_config(Config::Addr, Some(&parsed.email))?;
+    context.set_config(Config::MailPw, Some(&parsed.password))?;
+
+    Ok(())
+}
+
 /// Extract address for the mailto scheme.
 ///
 /// Scheme: `mailto:addr...?subject=...&body=..`
@@ -471,4 +546,48 @@ mod tests {
        assert_eq!(contact.get_addr(), "cli@deltachat.de");
        assert_eq!(contact.get_name(), "Jörn P. P.");
    }
+
+    #[test]
+    fn test_decode_openpgp_without_addr() {
+        let ctx = dummy_context();
+
+        let res = check_qr(
+            &ctx.ctx,
+            "OPENPGP4FPR:1234567890123456789012345678901234567890",
+        );
+        assert_eq!(res.get_state(), LotState::QrFprWithoutAddr);
+        assert_eq!(
+            res.get_text1().unwrap(),
+            "1234 5678 9012 3456 7890\n1234 5678 9012 3456 7890"
+        );
+        assert_eq!(res.get_id(), 0);
+
+        let res = check_qr(&ctx.ctx, "OPENPGP4FPR:12345678901234567890");
+        assert_eq!(res.get_state(), LotState::QrError);
+        assert_eq!(res.get_id(), 0);
+    }
+
+    #[test]
+    fn test_decode_account() {
+        let ctx = dummy_context();
+
+        let res = check_qr(
+            &ctx.ctx,
+            "DCACCOUNT:https://example.org/new_email?t=1w_7wDjgjelxeX884x96v3",
+        );
+        assert_eq!(res.get_state(), LotState::QrAccount);
+        assert_eq!(res.get_text1().unwrap(), "example.org");
+    }
+
+    #[test]
+    fn test_decode_account_bad_scheme() {
+        let ctx = dummy_context();
+
+        let res = check_qr(
+            &ctx.ctx,
+            "DCACCOUNT:http://example.org/new_email?t=1w_7wDjgjelxeX884x96v3",
+        );
+        assert_eq!(res.get_state(), LotState::QrError);
+        assert!(res.get_text1().is_some());
+    }
 }
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -3,7 +3,7 @@
 use percent_encoding::{utf8_percent_encode, AsciiSet, NON_ALPHANUMERIC};

 use crate::aheader::EncryptPreference;
-use crate::chat::{self, Chat};
+use crate::chat::{self, Chat, ChatId};
 use crate::config::*;
 use crate::constants::*;
 use crate::contact::*;
@@ -12,7 +12,7 @@ use crate::e2ee::*;
 use crate::error::Error;
 use crate::events::Event;
 use crate::headerdef::HeaderDef;
-use crate::key::*;
+use crate::key::{dc_normalize_fingerprint, Key};
 use crate::lot::LotState;
 use crate::message::Message;
 use crate::mimeparser::*;
@@ -65,15 +65,18 @@ macro_rules! get_qr_attr {
    };
 }

-pub fn dc_get_securejoin_qr(context: &Context, group_chat_id: u32) -> Option<String> {
-    /* =========================================================
+pub fn dc_get_securejoin_qr(context: &Context, group_chat_id: ChatId) -> Option<String> {
+    /*=======================================================
    ====             Alice - the inviter side            ====
    ====   Step 1 in "Setup verified contact" protocol   ====
-    ========================================================= */
+    =======================================================*/

    let fingerprint: String;

    ensure_secret_key_exists(context).ok();
+
+    // invitenumber will be used to allow starting the handshake,
+    // auth will be used to verify the fingerprint
    let invitenumber = token::lookup_or_new(context, token::Namespace::InviteNumber, group_chat_id);
    let auth = token::lookup_or_new(context, token::Namespace::Auth, group_chat_id);
    let self_addr = match context.get_config(Config::ConfiguredAddr) {
@@ -98,7 +101,8 @@ pub fn dc_get_securejoin_qr(context: &Context, group_chat_id: u32) -> Option<Str
    let self_name_urlencoded =
        utf8_percent_encode(&self_name, NON_ALPHANUMERIC_WITHOUT_DOT).to_string();

-    let qr = if 0 != group_chat_id {
+    let qr = if !group_chat_id.is_unset() {
+        // parameters used: a=g=x=i=s=
        if let Ok(chat) = Chat::load_from_db(context, group_chat_id) {
            let group_name = chat.get_name();
            let group_name_urlencoded =
@@ -118,6 +122,7 @@ pub fn dc_get_securejoin_qr(context: &Context, group_chat_id: u32) -> Option<Str
            return None;
        }
    } else {
+        // parameters used: a=n=i=s=
        Some(format!(
            "OPENPGP4FPR:{}#a={}&n={}&i={}&s={}",
            fingerprint, self_addr_urlencoded, self_name_urlencoded, &invitenumber, &auth,
@@ -138,36 +143,41 @@ fn get_self_fingerprint(context: &Context) -> Option<String> {
    None
 }

-pub fn dc_join_securejoin(context: &Context, qr: &str) -> u32 {
+/// Take a scanned QR-code and do the setup-contact/join-group handshake.
+/// See the ffi-documentation for more details.
+pub fn dc_join_securejoin(context: &Context, qr: &str) -> ChatId {
    let cleanup =
-        |context: &Context, contact_chat_id: u32, ongoing_allocated: bool, join_vg: bool| {
+        |context: &Context, contact_chat_id: ChatId, ongoing_allocated: bool, join_vg: bool| {
            let mut bob = context.bob.write().unwrap();
            bob.expects = 0;
-            let ret_chat_id = if bob.status == DC_BOB_SUCCESS {
+            let ret_chat_id: ChatId = if bob.status == DC_BOB_SUCCESS {
                if join_vg {
                    chat::get_chat_id_by_grpid(
                        context,
                        bob.qr_scan.as_ref().unwrap().text2.as_ref().unwrap(),
                    )
+                    .unwrap_or((ChatId::new(0), false, Blocked::Not))
                    .0
                } else {
                    contact_chat_id
                }
            } else {
-                0
+                ChatId::new(0)
            };
            bob.qr_scan = None;

            if ongoing_allocated {
                context.free_ongoing();
            }
-            ret_chat_id as u32
+            ret_chat_id
        };
-    /* ==========================================================
+
+    /*========================================================
    ====             Bob - the joiner's side             =====
    ====   Step 2 in "Setup verified contact" protocol   =====
-    ========================================================== */
-    let mut contact_chat_id: u32 = 0;
+    ========================================================*/
+
+    let mut contact_chat_id = ChatId::new(0);
    let mut join_vg: bool = false;

    info!(context, "Requesting secure-join ...",);
@@ -181,11 +191,13 @@ pub fn dc_join_securejoin(context: &Context, qr: &str) -> u32 {
        error!(context, "Unknown QR code.",);
        return cleanup(&context, contact_chat_id, true, join_vg);
    }
-    contact_chat_id = chat::create_by_contact_id(context, qr_scan.id).unwrap_or_default();
-    if contact_chat_id == 0 {
-        error!(context, "Unknown contact.",);
-        return cleanup(&context, contact_chat_id, true, join_vg);
-    }
+    contact_chat_id = match chat::create_by_contact_id(context, qr_scan.id) {
+        Ok(chat_id) => chat_id,
+        Err(_) => {
+            error!(context, "Unknown contact.");
+            return cleanup(&context, contact_chat_id, true, join_vg);
+        }
+    };
    if context.shall_stop_ongoing() {
        return cleanup(&context, contact_chat_id, true, join_vg);
    }
@@ -209,10 +221,14 @@ pub fn dc_join_securejoin(context: &Context, qr: &str) -> u32 {
            .unwrap(),
        contact_chat_id,
    ) {
+        // the scanned fingerprint matches Alice's key,
+        // we can proceed to step 4b) directly and save two mails
        info!(context, "Taking protocol shortcut.");
        context.bob.write().unwrap().expects = DC_VC_CONTACT_CONFIRM;
        joiner_progress!(context, chat_id_2_contact_id(context, contact_chat_id), 400);
        let own_fingerprint = get_self_fingerprint(context).unwrap_or_default();
+
+        // Bob -> Alice
        send_handshake_msg(
            context,
            contact_chat_id,
@@ -231,6 +247,8 @@ pub fn dc_join_securejoin(context: &Context, qr: &str) -> u32 {
        );
    } else {
        context.bob.write().unwrap().expects = DC_VC_AUTH_REQUIRED;
+
+        // Bob -> Alice
        send_handshake_msg(
            context,
            contact_chat_id,
@@ -241,24 +259,30 @@ pub fn dc_join_securejoin(context: &Context, qr: &str) -> u32 {
        );
    }

-    // Bob -> Alice
-    while !context.shall_stop_ongoing() {
-        // Don't sleep too long, the user is waiting.
-        std::thread::sleep(std::time::Duration::from_millis(200));
+    if join_vg {
+        // for a group-join, wait until the secure-join is done and the group is created
+        while !context.shall_stop_ongoing() {
+            std::thread::sleep(std::time::Duration::from_millis(200));
+        }
+        cleanup(&context, contact_chat_id, true, join_vg)
+    } else {
+        // for a one-to-one-chat, the chat is already known, return the chat-id,
+        // the verification runs in background
+        context.free_ongoing();
+        contact_chat_id
    }
-    cleanup(&context, contact_chat_id, true, join_vg)
 }

 fn send_handshake_msg(
    context: &Context,
-    contact_chat_id: u32,
+    contact_chat_id: ChatId,
    step: &str,
    param2: impl AsRef<str>,
    fingerprint: Option<String>,
    grpid: impl AsRef<str>,
 ) {
    let mut msg = Message::default();
-    msg.type_0 = Viewtype::Text;
+    msg.viewtype = Viewtype::Text;
    msg.text = Some(format!("Secure-Join: {}", step));
    msg.hidden = true;
    msg.param.set_cmd(SystemMessage::SecurejoinMessage);
@@ -288,7 +312,7 @@ fn send_handshake_msg(
    chat::send_msg(context, contact_chat_id, &mut msg).unwrap_or_default();
 }

-fn chat_id_2_contact_id(context: &Context, contact_chat_id: u32) -> u32 {
+fn chat_id_2_contact_id(context: &Context, contact_chat_id: ChatId) -> u32 {
    let contacts = chat::get_chat_contacts(context, contact_chat_id);
    if contacts.len() == 1 {
        contacts[0]
@@ -300,7 +324,7 @@ fn chat_id_2_contact_id(context: &Context, contact_chat_id: u32) -> u32 {
 fn fingerprint_equals_sender(
    context: &Context,
    fingerprint: impl AsRef<str>,
-    contact_chat_id: u32,
+    contact_chat_id: ChatId,
 ) -> bool {
    let contacts = chat::get_chat_contacts(context, contact_chat_id);

@@ -319,80 +343,115 @@ fn fingerprint_equals_sender(
    }
    false
 }
-
-pub(crate) struct HandshakeMessageStatus {
-    pub(crate) hide_this_msg: bool,
-    pub(crate) delete_this_msg: bool,
-    pub(crate) stop_ongoing_process: bool,
-    pub(crate) bob_securejoin_success: Option<bool>,
+#[derive(Fail, Debug)]
+pub(crate) enum HandshakeError {
+    #[fail(display = "Can not be called with special contact ID")]
+    SpecialContactId,
+    #[fail(display = "Not a Secure-Join message")]
+    NotSecureJoinMsg,
+    #[fail(
+        display = "Failed to look up or create chat for contact #{}",
+        contact_id
+    )]
+    NoChat {
+        contact_id: u32,
+        #[cause]
+        cause: Error,
+    },
+    #[fail(display = "Chat for group {} not found", group)]
+    ChatNotFound { group: String },
+    #[fail(display = "No configured self address found")]
+    NoSelfAddr,
 }

-impl Default for HandshakeMessageStatus {
-    fn default() -> Self {
-        Self {
-            hide_this_msg: true,
-            delete_this_msg: false,
-            stop_ongoing_process: false,
-            bob_securejoin_success: None,
-        }
-    }
+/// What to do with a Secure-Join handshake message after it was handled.
+pub(crate) enum HandshakeMessage {
+    /// The message has been fully handled and should be removed/delete.
+    Done,
+    /// The message should be ignored/hidden, but not removed/deleted.
+    Ignore,
+    /// The message should be further processed by incoming message handling.
+    Propagate,
 }

 /// Handle incoming secure-join handshake.
+///
+/// This function will update the securejoin state in [Context::bob]
+/// and also terminate the ongoing process using
+/// [Context::stop_ongoing] as required by the protocol.
+///
+/// A message which results in [Err] will be hidden from the user but
+/// not deleted, it may be a valid message for something else we are
+/// not aware off.  E.g. it could be part of a handshake performed by
+/// another DC app on the same account.
+///
+/// When handle_securejoin_handshake() is called,
+/// the message is not yet filed in the database;
+/// this is done by receive_imf() later on as needed.
 pub(crate) fn handle_securejoin_handshake(
    context: &Context,
-    mimeparser: &MimeParser,
+    mime_message: &MimeMessage,
    contact_id: u32,
-) -> Result<HandshakeMessageStatus, Error> {
+) -> Result<HandshakeMessage, HandshakeError> {
    let own_fingerprint: String;

-    ensure!(
-        contact_id > DC_CONTACT_ID_LAST_SPECIAL,
-        "handle_securejoin_handshake(): called with special contact id"
-    );
-    let step = mimeparser
+    if contact_id <= DC_CONTACT_ID_LAST_SPECIAL {
+        return Err(HandshakeError::SpecialContactId);
+    }
+    let step = mime_message
        .get(HeaderDef::SecureJoin)
-        .ok_or_else(|| format_err!("This message is not a Secure-Join message"))?;
+        .ok_or(HandshakeError::NotSecureJoinMsg)?;

    info!(
        context,
        ">>>>>>>>>>>>>>>>>>>>>>>>> secure-join message \'{}\' received", step,
    );

-    let (contact_chat_id, contact_chat_id_blocked) =
-        chat::create_or_lookup_by_contact_id(context, contact_id, Blocked::Not).unwrap_or_default();
-
-    if contact_chat_id_blocked != Blocked::Not {
-        chat::unblock(context, contact_chat_id);
-    }
+    let contact_chat_id =
+        match chat::create_or_lookup_by_contact_id(context, contact_id, Blocked::Not) {
+            Ok((chat_id, blocked)) => {
+                if blocked != Blocked::Not {
+                    chat_id.unblock(context);
+                }
+                chat_id
+            }
+            Err(err) => {
+                return Err(HandshakeError::NoChat {
+                    contact_id,
+                    cause: err,
+                });
+            }
+        };

    let join_vg = step.starts_with("vg-");
-    let mut ret = HandshakeMessageStatus::default();

    match step.as_str() {
        "vg-request" | "vc-request" => {
-            /* =========================================================
+            /*=======================================================
            ====             Alice - the inviter side            ====
            ====   Step 3 in "Setup verified contact" protocol   ====
-            ========================================================= */
-            // this message may be unencrypted (Bob, the joinder and the sender, might not have Alice's key yet)
+            =======================================================*/
+
+            // this message may be unencrypted (Bob, the joiner and the sender, might not have Alice's key yet)
            // it just ensures, we have Bobs key now. If we do _not_ have the key because eg. MitM has removed it,
            // send_message() will fail with the error "End-to-end-encryption unavailable unexpectedly.", so, there is no additional check needed here.
            // verify that the `Secure-Join-Invitenumber:`-header matches invitenumber written to the QR code
-            let invitenumber = match mimeparser.get(HeaderDef::SecureJoinInvitenumber) {
+            let invitenumber = match mime_message.get(HeaderDef::SecureJoinInvitenumber) {
                Some(n) => n,
                None => {
-                    warn!(context, "Secure-join denied (invitenumber missing).",);
-                    return Ok(ret);
+                    warn!(context, "Secure-join denied (invitenumber missing)");
+                    return Ok(HandshakeMessage::Ignore);
                }
            };
            if !token::exists(context, token::Namespace::InviteNumber, &invitenumber) {
-                warn!(context, "Secure-join denied (bad invitenumber).",);
-                return Ok(ret);
+                warn!(context, "Secure-join denied (bad invitenumber).");
+                return Ok(HandshakeMessage::Ignore);
            }
            info!(context, "Secure-join requested.",);

            inviter_progress!(context, contact_id, 300);
+
+            // Alice -> Bob
            send_handshake_msg(
                context,
                contact_chat_id,
@@ -401,8 +460,15 @@ pub(crate) fn handle_securejoin_handshake(
                None,
                "",
            );
+            Ok(HandshakeMessage::Done)
        }
        "vg-auth-required" | "vc-auth-required" => {
+            /*========================================================
+            ====             Bob - the joiner's side             =====
+            ====   Step 4 in "Setup verified contact" protocol   =====
+            ========================================================*/
+
+            // verify that Alice's Autocrypt key and fingerprint matches the QR-code
            let cond = {
                let bob = context.bob.read().unwrap();
                let scan = bob.qr_scan.as_ref();
@@ -412,26 +478,26 @@ pub(crate) fn handle_securejoin_handshake(
            };

            if cond {
-                warn!(context, "auth-required message out of sync.",);
+                warn!(context, "auth-required message out of sync.");
                // no error, just aborted somehow or a mail from another handshake
-                return Ok(ret);
+                return Ok(HandshakeMessage::Ignore);
            }
            let scanned_fingerprint_of_alice = get_qr_attr!(context, fingerprint).to_string();
            let auth = get_qr_attr!(context, auth).to_string();

-            if !encrypted_and_signed(mimeparser, &scanned_fingerprint_of_alice) {
+            if !encrypted_and_signed(context, mime_message, &scanned_fingerprint_of_alice) {
                could_not_establish_secure_connection(
                    context,
                    contact_chat_id,
-                    if mimeparser.was_encrypted() {
+                    if mime_message.was_encrypted() {
                        "No valid signature."
                    } else {
                        "Not encrypted."
                    },
                );
-                ret.stop_ongoing_process = true;
-                ret.bob_securejoin_success = Some(false);
-                return Ok(ret);
+                context.bob.write().unwrap().status = 0; // secure-join failed
+                context.stop_ongoing();
+                return Ok(HandshakeMessage::Ignore);
            }
            if !fingerprint_equals_sender(context, &scanned_fingerprint_of_alice, contact_chat_id) {
                could_not_establish_secure_connection(
@@ -439,15 +505,16 @@ pub(crate) fn handle_securejoin_handshake(
                    contact_chat_id,
                    "Fingerprint mismatch on joiner-side.",
                );
-                ret.stop_ongoing_process = true;
-                ret.bob_securejoin_success = Some(false);
-                return Ok(ret);
+                context.bob.write().unwrap().status = 0; // secure-join failed
+                context.stop_ongoing();
+                return Ok(HandshakeMessage::Ignore);
            }
            info!(context, "Fingerprint verified.",);
            own_fingerprint = get_self_fingerprint(context).unwrap();
            joiner_progress!(context, contact_id, 400);
            context.bob.write().unwrap().expects = DC_VC_CONTACT_CONFIRM;

+            // Bob -> Alice
            send_handshake_msg(
                context,
                contact_chat_id,
@@ -460,15 +527,17 @@ pub(crate) fn handle_securejoin_handshake(
                    "".to_string()
                },
            );
+            Ok(HandshakeMessage::Done)
        }
        "vg-request-with-auth" | "vc-request-with-auth" => {
-            /* ============================================================
+            /*==========================================================
            ====              Alice - the inviter side              ====
            ====   Steps 5+6 in "Setup verified contact" protocol   ====
            ====  Step 6 in "Out-of-band verified groups" protocol  ====
-            ============================================================ */
+            ==========================================================*/
+
            // verify that Secure-Join-Fingerprint:-header matches the fingerprint of Bob
-            let fingerprint = match mimeparser.get(HeaderDef::SecureJoinFingerprint) {
+            let fingerprint = match mime_message.get(HeaderDef::SecureJoinFingerprint) {
                Some(fp) => fp,
                None => {
                    could_not_establish_secure_connection(
@@ -476,16 +545,16 @@ pub(crate) fn handle_securejoin_handshake(
                        contact_chat_id,
                        "Fingerprint not provided.",
                    );
-                    return Ok(ret);
+                    return Ok(HandshakeMessage::Ignore);
                }
            };
-            if !encrypted_and_signed(mimeparser, &fingerprint) {
+            if !encrypted_and_signed(context, mime_message, &fingerprint) {
                could_not_establish_secure_connection(
                    context,
                    contact_chat_id,
                    "Auth not encrypted.",
                );
-                return Ok(ret);
+                return Ok(HandshakeMessage::Ignore);
            }
            if !fingerprint_equals_sender(context, &fingerprint, contact_chat_id) {
                could_not_establish_secure_connection(
@@ -493,11 +562,11 @@ pub(crate) fn handle_securejoin_handshake(
                    contact_chat_id,
                    "Fingerprint mismatch on inviter-side.",
                );
-                return Ok(ret);
+                return Ok(HandshakeMessage::Ignore);
            }
            info!(context, "Fingerprint verified.",);
            // verify that the `Secure-Join-Auth:`-header matches the secret written to the QR code
-            let auth_0 = match mimeparser.get(HeaderDef::SecureJoinAuth) {
+            let auth_0 = match mime_message.get(HeaderDef::SecureJoinAuth) {
                Some(auth) => auth,
                None => {
                    could_not_establish_secure_connection(
@@ -505,12 +574,12 @@ pub(crate) fn handle_securejoin_handshake(
                        contact_chat_id,
                        "Auth not provided.",
                    );
-                    return Ok(ret);
+                    return Ok(HandshakeMessage::Ignore);
                }
            };
            if !token::exists(context, token::Namespace::Auth, &auth_0) {
                could_not_establish_secure_connection(context, contact_chat_id, "Auth invalid.");
-                return Ok(ret);
+                return Ok(HandshakeMessage::Ignore);
            }
            if mark_peer_as_verified(context, fingerprint).is_err() {
                could_not_establish_secure_connection(
@@ -518,7 +587,7 @@ pub(crate) fn handle_securejoin_handshake(
                    contact_chat_id,
                    "Fingerprint mismatch on inviter-side.",
                );
-                return Ok(ret);
+                return Ok(HandshakeMessage::Ignore);
            }
            Contact::scaleup_origin_by_id(context, contact_id, Origin::SecurejoinInvited);
            info!(context, "Auth verified.",);
@@ -526,49 +595,76 @@ pub(crate) fn handle_securejoin_handshake(
            emit_event!(context, Event::ContactsChanged(Some(contact_id)));
            inviter_progress!(context, contact_id, 600);
            if join_vg {
-                let field_grpid = mimeparser
-                    .get(HeaderDef::SecureJoinGroup)
-                    .map(|s| s.as_str())
-                    .unwrap_or_else(|| "");
-                let (group_chat_id, _, _) = chat::get_chat_id_by_grpid(context, field_grpid);
-                if group_chat_id == 0 {
-                    error!(context, "Chat {} not found.", &field_grpid);
-                    return Ok(ret);
-                } else if let Err(err) =
-                    chat::add_contact_to_chat_ex(context, group_chat_id, contact_id, true)
-                {
-                    error!(context, "failed to add contact: {}", err);
+                // the vg-member-added message is special:
+                // this is a normal Chat-Group-Member-Added message
+                // with an additional Secure-Join header
+                let field_grpid = match mime_message.get(HeaderDef::SecureJoinGroup) {
+                    Some(s) => s.as_str(),
+                    None => {
+                        warn!(context, "Missing Secure-Join-Group header");
+                        return Ok(HandshakeMessage::Ignore);
+                    }
+                };
+                match chat::get_chat_id_by_grpid(context, field_grpid) {
+                    Ok((group_chat_id, _, _)) => {
+                        if let Err(err) =
+                            chat::add_contact_to_chat_ex(context, group_chat_id, contact_id, true)
+                        {
+                            error!(context, "failed to add contact: {}", err);
+                        }
+                    }
+                    Err(err) => {
+                        error!(context, "Chat {} not found: {}", &field_grpid, err);
+                        return Err(HandshakeError::ChatNotFound {
+                            group: field_grpid.to_string(),
+                        });
+                    }
                }
            } else {
+                // Alice -> Bob
                send_handshake_msg(context, contact_chat_id, "vc-contact-confirm", "", None, "");
                inviter_progress!(context, contact_id, 1000);
            }
+            Ok(HandshakeMessage::Done)
        }
        "vg-member-added" | "vc-contact-confirm" => {
-            if join_vg {
-                ret.hide_this_msg = false;
-            }
+            /*=======================================================
+            ====             Bob - the joiner's side             ====
+            ====   Step 7 in "Setup verified contact" protocol   ====
+            =======================================================*/
+            let abort_retval = if join_vg {
+                HandshakeMessage::Propagate
+            } else {
+                HandshakeMessage::Ignore
+            };
+
            if context.bob.read().unwrap().expects != DC_VC_CONTACT_CONFIRM {
                info!(context, "Message belongs to a different handshake.",);
-                return Ok(ret);
+                return Ok(abort_retval);
            }
            let cond = {
                let bob = context.bob.read().unwrap();
                let scan = bob.qr_scan.as_ref();
-                scan.is_none() || join_vg && scan.unwrap().state != LotState::QrAskVerifyGroup
+                scan.is_none() || (join_vg && scan.unwrap().state != LotState::QrAskVerifyGroup)
            };
            if cond {
                warn!(
                    context,
                    "Message out of sync or belongs to a different handshake.",
                );
-                return Ok(ret);
+                return Ok(abort_retval);
            }
            let scanned_fingerprint_of_alice = get_qr_attr!(context, fingerprint).to_string();

            let vg_expect_encrypted = if join_vg {
                let group_id = get_qr_attr!(context, text2).to_string();
-                let (_, is_verified_group, _) = chat::get_chat_id_by_grpid(context, group_id);
+                // This is buggy, is_verified_group will always be
+                // false since the group is created by receive_imf by
+                // the very handshake message we're handling now.  But
+                // only after we have returned.  It does not impact
+                // the security invariants of secure-join however.
+                let (_, is_verified_group, _) = chat::get_chat_id_by_grpid(context, &group_id)
+                    .unwrap_or((ChatId::new(0), false, Blocked::Not));
                // when joining a non-verified group
                // the vg-member-added message may be unencrypted
                // when not all group members have keys or prefer encryption.
@@ -579,15 +675,15 @@ pub(crate) fn handle_securejoin_handshake(
                true
            };
            if vg_expect_encrypted
-                && !encrypted_and_signed(mimeparser, &scanned_fingerprint_of_alice)
+                && !encrypted_and_signed(context, mime_message, &scanned_fingerprint_of_alice)
            {
                could_not_establish_secure_connection(
                    context,
                    contact_chat_id,
                    "Contact confirm message not encrypted.",
                );
-                ret.bob_securejoin_success = Some(false);
-                return Ok(ret);
+                context.bob.write().unwrap().status = 0;
+                return Ok(abort_retval);
            }

            if mark_peer_as_verified(context, &scanned_fingerprint_of_alice).is_err() {
@@ -596,21 +692,26 @@ pub(crate) fn handle_securejoin_handshake(
                    contact_chat_id,
                    "Fingerprint mismatch on joiner-side.",
                );
-                return Ok(ret);
+                return Ok(abort_retval);
            }
            Contact::scaleup_origin_by_id(context, contact_id, Origin::SecurejoinJoined);
            emit_event!(context, Event::ContactsChanged(None));
-            let cg_member_added = mimeparser
+            let cg_member_added = mime_message
                .get(HeaderDef::ChatGroupMemberAdded)
                .map(|s| s.as_str())
                .unwrap_or_else(|| "");
-            if join_vg && !context.is_self_addr(cg_member_added)? {
+            if join_vg
+                && !context
+                    .is_self_addr(cg_member_added)
+                    .map_err(|_| HandshakeError::NoSelfAddr)?
+            {
                info!(context, "Message belongs to a different handshake (scaled up contact anyway to allow creation of group).");
-                return Ok(ret);
+                return Ok(abort_retval);
            }
            secure_connection_established(context, contact_chat_id);
            context.bob.write().unwrap().expects = 0;
            if join_vg {
+                // Bob -> Alice
                send_handshake_msg(
                    context,
                    contact_chat_id,
@@ -620,48 +721,56 @@ pub(crate) fn handle_securejoin_handshake(
                    "",
                );
            }
-            ret.stop_ongoing_process = true;
-            ret.bob_securejoin_success = Some(true);
+            context.bob.write().unwrap().status = 1;
+            context.stop_ongoing();
+            Ok(if join_vg {
+                HandshakeMessage::Propagate
+            } else {
+                HandshakeMessage::Done
+            })
        }
        "vg-member-added-received" => {
-            /* ============================================================
+            /*==========================================================
            ====              Alice - the inviter side              ====
            ====  Step 8 in "Out-of-band verified groups" protocol  ====
-            ============================================================ */
+            ==========================================================*/
+
            if let Ok(contact) = Contact::get_by_id(context, contact_id) {
                if contact.is_verified(context) == VerifiedStatus::Unverified {
                    warn!(context, "vg-member-added-received invalid.",);
-                    return Ok(ret);
+                    return Ok(HandshakeMessage::Ignore);
                }
                inviter_progress!(context, contact_id, 800);
                inviter_progress!(context, contact_id, 1000);
-                let field_grpid = mimeparser
+                let field_grpid = mime_message
                    .get(HeaderDef::SecureJoinGroup)
                    .map(|s| s.as_str())
                    .unwrap_or_else(|| "");
-                let (group_chat_id, _, _) = chat::get_chat_id_by_grpid(context, &field_grpid);
+                let (group_chat_id, _, _) = chat::get_chat_id_by_grpid(context, &field_grpid)
+                    .map_err(|err| {
+                        warn!(context, "Failed to lookup chat_id from grpid: {}", err);
+                        HandshakeError::ChatNotFound {
+                            group: field_grpid.to_string(),
+                        }
+                    })?;
                context.call_cb(Event::SecurejoinMemberAdded {
                    chat_id: group_chat_id,
                    contact_id,
                });
+                Ok(HandshakeMessage::Done)
            } else {
                warn!(context, "vg-member-added-received invalid.",);
-                return Ok(ret);
+                Ok(HandshakeMessage::Ignore)
            }
        }
        _ => {
            warn!(context, "invalid step: {}", step);
+            Ok(HandshakeMessage::Ignore)
        }
    }
-
-    if ret.hide_this_msg {
-        ret.delete_this_msg = true;
-    }
-
-    Ok(ret)
 }

-fn secure_connection_established(context: &Context, contact_chat_id: u32) {
+fn secure_connection_established(context: &Context, contact_chat_id: ChatId) {
    let contact_id: u32 = chat_id_2_contact_id(context, contact_chat_id);
    let contact = Contact::get_by_id(context, contact_id);
    let addr = if let Ok(ref contact) = contact {
@@ -674,7 +783,11 @@ fn secure_connection_established(context: &Context, contact_chat_id: u32) {
    emit_event!(context, Event::ChatModified(contact_chat_id));
 }

-fn could_not_establish_secure_connection(context: &Context, contact_chat_id: u32, details: &str) {
+fn could_not_establish_secure_connection(
+    context: &Context,
+    contact_chat_id: ChatId,
+    details: &str,
+) {
    let contact_id = chat_id_2_contact_id(context, contact_chat_id);
    let contact = Contact::get_by_id(context, contact_id);
    let msg = context.stock_string_repl_str(
@@ -717,22 +830,26 @@ fn mark_peer_as_verified(context: &Context, fingerprint: impl AsRef<str>) -> Res
 * Tools: Misc.
 ******************************************************************************/

-fn encrypted_and_signed(mimeparser: &MimeParser, expected_fingerprint: impl AsRef<str>) -> bool {
+fn encrypted_and_signed(
+    context: &Context,
+    mimeparser: &MimeMessage,
+    expected_fingerprint: impl AsRef<str>,
+) -> bool {
    if !mimeparser.was_encrypted() {
-        warn!(mimeparser.context, "Message not encrypted.",);
+        warn!(context, "Message not encrypted.",);
        false
    } else if mimeparser.signatures.is_empty() {
-        warn!(mimeparser.context, "Message not signed.",);
+        warn!(context, "Message not signed.",);
        false
    } else if expected_fingerprint.as_ref().is_empty() {
-        warn!(mimeparser.context, "Fingerprint for comparison missing.",);
+        warn!(context, "Fingerprint for comparison missing.",);
        false
    } else if !mimeparser
        .signatures
        .contains(expected_fingerprint.as_ref())
    {
        warn!(
-            mimeparser.context,
+            context,
            "Message does not match expected fingerprint {}.",
            expected_fingerprint.as_ref(),
        );
--- a/src/smtp/mod.rs
+++ b/src/smtp/mod.rs
@@ -2,7 +2,7 @@

 pub mod send;

-use std::time::Duration;
+use std::time::{Duration, Instant};

 use async_smtp::smtp::client::net::*;
 use async_smtp::*;
@@ -38,11 +38,11 @@ pub enum Error {
    Oauth2Error { address: String },

    #[fail(display = "TLS error")]
-    Tls(#[cause] native_tls::Error),
+    Tls(#[cause] async_native_tls::Error),
 }

-impl From<native_tls::Error> for Error {
-    fn from(err: native_tls::Error) -> Error {
+impl From<async_native_tls::Error> for Error {
+    fn from(err: async_native_tls::Error) -> Error {
        Error::Tls(err)
    }
 }
@@ -53,8 +53,14 @@ pub type Result<T> = std::result::Result<T, Error>;
 pub struct Smtp {
    #[debug_stub(some = "SmtpTransport")]
    transport: Option<smtp::SmtpTransport>,
+
    /// Email address we are sending from.
    from: Option<EmailAddress>,
+
+    /// Timestamp of last successful send/receive network interaction
+    /// (eg connect or send succeeded). On initialization and disconnect
+    /// it is set to None.
+    last_success: Option<Instant>,
 }

 impl Smtp {
@@ -68,6 +74,17 @@ impl Smtp {
        if let Some(mut transport) = self.transport.take() {
            async_std::task::block_on(transport.close()).ok();
        }
+        self.last_success = None;
+    }
+
+    /// Return true if smtp was connected but is not known to
+    /// have been successfully used the last 60 seconds
+    pub fn has_maybe_stale_connection(&self) -> bool {
+        if let Some(last_success) = self.last_success {
+            Instant::now().duration_since(last_success).as_secs() > 60
+        } else {
+            false
+        }
    }

    /// Check whether we are connected.
@@ -104,7 +121,7 @@ impl Smtp {
        let domain = &lp.send_server;
        let port = lp.send_port as u16;

-        let tls_config = dc_build_tls(lp.smtp_certificate_checks)?.into();
+        let tls_config = dc_build_tls(lp.smtp_certificate_checks);
        let tls_parameters = ClientTlsParameters::new(domain.to_string(), tls_config);

        let (creds, mechanism) = if 0 != lp.server_flags & (DC_LP_AUTH_OAUTH2 as i32) {
@@ -161,6 +178,7 @@ impl Smtp {
        trans.connect().await.map_err(Error::ConnectionFailure)?;

        self.transport = Some(trans);
+        self.last_success = Some(Instant::now());
        context.call_cb(Event::SmtpConnected(format!(
            "SMTP-LOGIN as {} ok",
            lp.send_user,
--- a/src/smtp/send.rs
+++ b/src/smtp/send.rs
@@ -18,15 +18,6 @@ pub enum Error {

    #[fail(display = "SMTP has no transport")]
    NoTransport,
-
-    #[fail(display = "SMTP send timed out")]
-    SendTimeout(#[cause] async_std::future::TimeoutError),
-}
-
-impl From<async_std::future::TimeoutError> for Error {
-    fn from(err: async_std::future::TimeoutError) -> Error {
-        Error::SendTimeout(err)
-    }
 }

 impl Smtp {
@@ -62,6 +53,8 @@ impl Smtp {
                "Message len={} was smtp-sent to {}",
                message_len, recipients_display
            )));
+            self.last_success = Some(std::time::Instant::now());
+
            Ok(())
        } else {
            warn!(
--- a/src/sql.rs
+++ b/src/sql.rs
@@ -113,16 +113,16 @@ impl Sql {
        self.with_conn(|conn| conn.execute(sql, params).map_err(Into::into))
    }

-    fn with_conn<T, G>(&self, g: G) -> Result<T>
+    pub fn with_conn<T, G>(&self, g: G) -> Result<T>
    where
-        G: FnOnce(&Connection) -> Result<T>,
+        G: FnOnce(&mut Connection) -> Result<T>,
    {
        let res = match &*self.pool.read().unwrap() {
            Some(pool) => {
-                let conn = pool.get()?;
+                let mut conn = pool.get()?;

                // Only one process can make changes to the database at one time.
-                // busy_timeout defines, that if a seconds process wants write access,
+                // busy_timeout defines, that if a second process wants write access,
                // this second process will wait some milliseconds
                // and try over until it gets write access or the given timeout is elapsed.
                // If the second process does not get write access within the given timeout,
@@ -130,7 +130,7 @@ impl Sql {
                // (without a busy_timeout, sqlite3_step() would return SQLITE_BUSY _at once_)
                conn.busy_timeout(Duration::from_secs(10))?;

-                g(&conn)
+                g(&mut conn)
            }
            None => Err(Error::SqlNoConnection),
        };
@@ -217,20 +217,37 @@ impl Sql {
            .unwrap_or_default()
    }

-    pub fn query_get_value<P, T>(&self, context: &Context, query: &str, params: P) -> Option<T>
+    /// Executes a query which is expected to return one row and one
+    /// column. If the query does not return a value or returns SQL
+    /// `NULL`, returns `Ok(None)`.
+    pub fn query_get_value_result<P, T>(&self, query: &str, params: P) -> Result<Option<T>>
    where
        P: IntoIterator,
        P::Item: rusqlite::ToSql,
        T: rusqlite::types::FromSql,
    {
        match self.query_row(query, params, |row| row.get::<_, T>(0)) {
-            Ok(res) => Some(res),
-            Err(Error::Sql(rusqlite::Error::QueryReturnedNoRows)) => None,
+            Ok(res) => Ok(Some(res)),
+            Err(Error::Sql(rusqlite::Error::QueryReturnedNoRows)) => Ok(None),
            Err(Error::Sql(rusqlite::Error::InvalidColumnType(
                _,
                _,
                rusqlite::types::Type::Null,
-            ))) => None,
+            ))) => Ok(None),
+            Err(err) => Err(err),
+        }
+    }
+
+    /// Not resultified version of `query_get_value_result`. Returns
+    /// `None` on error.
+    pub fn query_get_value<P, T>(&self, context: &Context, query: &str, params: P) -> Option<T>
+    where
+        P: IntoIterator,
+        P::Item: rusqlite::ToSql,
+        T: rusqlite::types::FromSql,
+    {
+        match self.query_get_value_result(query, params) {
+            Ok(res) => res,
            Err(err) => {
                error!(context, "sql: Failed query_row: {}", err);
                None
@@ -343,7 +360,7 @@ impl Sql {
            .and_then(|r| r.parse().ok())
    }

-    fn start_stmt(&self, stmt: impl AsRef<str>) {
+    pub fn start_stmt(&self, stmt: impl AsRef<str>) {
        if let Some(query) = self.in_use.get_cloned() {
            let bt = backtrace::Backtrace::new();
            eprintln!("old query: {}", query);
@@ -365,6 +382,7 @@ fn table_exists(conn: &Connection, name: impl AsRef<str>) -> Result<bool> {
    Ok(exists)
 }

+#[allow(clippy::cognitive_complexity)]
 fn open(
    context: &Context,
    sql: &Sql,
@@ -867,6 +885,19 @@ fn open(
            update_icons = true;
            sql.set_raw_config_int(context, "dbversion", 61)?;
        }
+        if dbversion < 62 {
+            info!(context, "[migration] v62");
+            sql.execute(
+                "ALTER TABLE chats ADD COLUMN muted_until INTEGER DEFAULT 0;",
+                NO_PARAMS,
+            )?;
+            sql.set_raw_config_int(context, "dbversion", 62)?;
+        }
+        if dbversion < 63 {
+            info!(context, "[migration] v63");
+            sql.execute("UPDATE chats SET grpid='' WHERE type=100", NO_PARAMS)?;
+            sql.set_raw_config_int(context, "dbversion", 63)?;
+        }

        // (2) updates that require high-level objects
        // (the structure is complete now and all objects are usable)
--- a/src/stock.rs
+++ b/src/stock.rs
@@ -547,8 +547,8 @@ mod tests {
        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
        assert_eq!(chats.len(), 2);

-        chat::delete(&t.ctx, chats.get_chat_id(0)).ok();
-        chat::delete(&t.ctx, chats.get_chat_id(1)).ok();
+        chats.get_chat_id(0).delete(&t.ctx).ok();
+        chats.get_chat_id(1).delete(&t.ctx).ok();
        let chats = Chatlist::try_load(&t.ctx, 0, None, None).unwrap();
        assert_eq!(chats.len(), 0);

--- a/src/test_utils.rs
+++ b/src/test_utils.rs
@@ -2,20 +2,19 @@
 //!
 //! This module is only compiled for test runs.

-use libc::uintptr_t;
 use tempfile::{tempdir, TempDir};

 use crate::config::Config;
-use crate::constants::KeyType;
 use crate::context::{Context, ContextCallback};
+use crate::dc_tools::EmailAddress;
 use crate::events::Event;
-use crate::key;
+use crate::key::{self, DcKey};

 /// A Context and temporary directory.
 ///
 /// The temporary directory can be used to store the SQLite database,
 /// see e.g. [test_context] which does this.
-pub struct TestContext {
+pub(crate) struct TestContext {
    pub ctx: Context,
    pub dir: TempDir,
 }
@@ -26,12 +25,12 @@ pub struct TestContext {
 /// "db.sqlite" in the [TestContext.dir] directory.
 ///
 /// [Context]: crate::context::Context
-pub fn test_context(callback: Option<Box<ContextCallback>>) -> TestContext {
+pub(crate) fn test_context(callback: Option<Box<ContextCallback>>) -> TestContext {
    let dir = tempdir().unwrap();
    let dbfile = dir.path().join("db.sqlite");
    let cb: Box<ContextCallback> = match callback {
        Some(cb) => cb,
-        None => Box::new(|_, _| 0),
+        None => Box::new(|_, _| ()),
    };
    let ctx = Context::new(cb, "FakeOs".into(), dbfile).unwrap();
    TestContext { ctx, dir }
@@ -42,41 +41,63 @@ pub fn test_context(callback: Option<Box<ContextCallback>>) -> TestContext {
 /// The context will be opened and use the SQLite database as
 /// specified in [test_context] but there is no callback hooked up,
 /// i.e. [Context::call_cb] will always return `0`.
-pub fn dummy_context() -> TestContext {
+pub(crate) fn dummy_context() -> TestContext {
    test_context(None)
 }

-pub fn logging_cb(_ctx: &Context, evt: Event) -> uintptr_t {
+pub(crate) fn logging_cb(_ctx: &Context, evt: Event) {
    match evt {
        Event::Info(msg) => println!("I: {}", msg),
        Event::Warning(msg) => println!("W: {}", msg),
        Event::Error(msg) => println!("E: {}", msg),
        _ => (),
    }
-    0
+}
+
+/// Load a pre-generated keypair for alice@example.com from disk.
+///
+/// This saves CPU cycles by avoiding having to generate a key.
+///
+/// The keypair was created using the crate::key::tests::gen_key test.
+pub(crate) fn alice_keypair() -> key::KeyPair {
+    let addr = EmailAddress::new("alice@example.com").unwrap();
+    let public =
+        key::SignedPublicKey::from_base64(include_str!("../test-data/key/alice-public.asc"))
+            .unwrap();
+    let secret =
+        key::SignedSecretKey::from_base64(include_str!("../test-data/key/alice-secret.asc"))
+            .unwrap();
+    key::KeyPair {
+        addr,
+        public,
+        secret,
+    }
 }

 /// Creates Alice with a pre-generated keypair.
 ///
-/// Returns the address of the keypair created (alice@example.org).
-pub fn configure_alice_keypair(ctx: &Context) -> String {
-    let addr = String::from("alice@example.org");
-    ctx.set_config(Config::ConfiguredAddr, Some(&addr)).unwrap();
-
-    // The keypair was created using:
-    //   let (public, private) = crate::pgp::dc_pgp_create_keypair("alice@example.com")
-    //       .unwrap();
-    //   println!("{}", public.to_base64(64));
-    //   println!("{}", private.to_base64(64));
-    let public =
-        key::Key::from_base64(include_str!("../test-data/key/public.asc"), KeyType::Public)
-            .unwrap();
-    let private = key::Key::from_base64(
-        include_str!("../test-data/key/private.asc"),
-        KeyType::Private,
-    )
-    .unwrap();
-    let saved = key::dc_key_save_self_keypair(&ctx, &public, &private, &addr, true, &ctx.sql);
-    assert_eq!(saved, true, "Failed to save Alice's key");
-    addr
+/// Returns the address of the keypair created (alice@example.com).
+pub(crate) fn configure_alice_keypair(ctx: &Context) -> String {
+    let keypair = alice_keypair();
+    ctx.set_config(Config::ConfiguredAddr, Some(&keypair.addr.to_string()))
+        .unwrap();
+    key::store_self_keypair(&ctx, &keypair, key::KeyPairUse::Default)
+        .expect("Failed to save Alice's key");
+    keypair.addr.to_string()
+}
+
+/// Load a pre-generated keypair for bob@example.net from disk.
+///
+/// Like [alice_keypair] but a different key and identity.
+pub(crate) fn bob_keypair() -> key::KeyPair {
+    let addr = EmailAddress::new("bob@example.net").unwrap();
+    let public =
+        key::SignedPublicKey::from_base64(include_str!("../test-data/key/bob-public.asc")).unwrap();
+    let secret =
+        key::SignedSecretKey::from_base64(include_str!("../test-data/key/bob-secret.asc")).unwrap();
+    key::KeyPair {
+        addr,
+        public,
+        secret,
+    }
 }
--- a/src/token.rs
+++ b/src/token.rs
@@ -6,6 +6,7 @@

 use deltachat_derive::*;

+use crate::chat::ChatId;
 use crate::context::Context;
 use crate::dc_tools::*;
 use crate::sql;
@@ -27,28 +28,28 @@ impl Default for Namespace {

 /// Creates a new token and saves it into the database.
 /// Returns created token.
-pub fn save(context: &Context, namespace: Namespace, foreign_id: u32) -> String {
+pub fn save(context: &Context, namespace: Namespace, foreign_id: ChatId) -> String {
    // foreign_id may be 0
    let token = dc_create_id();
    sql::execute(
        context,
        &context.sql,
        "INSERT INTO tokens (namespc, foreign_id, token, timestamp) VALUES (?, ?, ?, ?);",
-        params![namespace, foreign_id as i32, &token, time()],
+        params![namespace, foreign_id, &token, time()],
    )
    .ok();
    token
 }

-pub fn lookup(context: &Context, namespace: Namespace, foreign_id: u32) -> Option<String> {
+pub fn lookup(context: &Context, namespace: Namespace, foreign_id: ChatId) -> Option<String> {
    context.sql.query_get_value::<_, String>(
        context,
        "SELECT token FROM tokens WHERE namespc=? AND foreign_id=?;",
-        params![namespace, foreign_id as i32],
+        params![namespace, foreign_id],
    )
 }

-pub fn lookup_or_new(context: &Context, namespace: Namespace, foreign_id: u32) -> String {
+pub fn lookup_or_new(context: &Context, namespace: Namespace, foreign_id: ChatId) -> String {
    lookup(context, namespace, foreign_id).unwrap_or_else(|| save(context, namespace, foreign_id))
 }

--- a/src/top_evil_rs.py
+++ b/src/top_evil_rs.py
@@ -1,40 +0,0 @@
-#!/usr/bin/env python3
-
-
-from pathlib import Path
-import os
-import re
-
-if __name__ == "__main__":
-    if Path('src/top_evil_rs.py').exists():
-        os.chdir('src')
-    filestats = []
-    for fn in Path(".").glob("**/*.rs"):
-        s = fn.read_text()
-        s = re.sub(r"(?m)///.*$", "", s)  # remove comments
-        unsafe = s.count("unsafe")
-        free = s.count("free(")
-        unsafe_fn = s.count("unsafe fn")
-        chars = s.count("c_char") + s.count("CStr")
-        libc = s.count("libc")
-        filestats.append((fn, unsafe, free, unsafe_fn, chars, libc))
-
-    sum_unsafe, sum_free, sum_unsafe_fn, sum_chars, sum_libc = 0, 0, 0, 0, 0
-
-    for fn, unsafe, free, unsafe_fn, chars, libc in reversed(sorted(filestats, key=lambda x: sum(x[1:]))):
-        if unsafe + free + unsafe_fn + chars + libc == 0:
-            continue
-        print("{0: <25} unsafe: {1: >3} free: {2: >3} unsafe-fn: {3: >3} chars: {4: >3} libc: {5: >3}".format(str(fn), unsafe, free, unsafe_fn, chars, libc))
-        sum_unsafe += unsafe
-        sum_free += free
-        sum_unsafe_fn += unsafe_fn
-        sum_chars += chars
-        sum_libc += libc
-
-
-    print()
-    print("total unsafe:", sum_unsafe)
-    print("total free:", sum_free)
-    print("total unsafe-fn:", sum_unsafe_fn)
-    print("total c_chars:", sum_chars)
-    print("total libc:", sum_libc)
--- a/test-data/image/avatar900x900.png
+++ b/test-data/image/avatar900x900.png
--- a/test-data/key/alice-public.asc
+++ b/test-data/key/alice-public.asc
@@ -0,0 +1 @@
+mDMEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5C0GUFsaWNlIDxhbGljZUBleGFtcGxlLm9yZz6IkAQTFggAOBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGSwj2Gp7ZRDE3oA/i4MCyDMTsjWqDZoQwX/A/GoTO2/V0wKPhjJJy/8m2pMAPkBjOnGOtx2SZpQvJGTa9h804RY6iDrRuI8A/8tEEXAA7g4BF5Ydd0SCisGAQQBl1UBBQEBB0AG7cjWy2SFAU8KnltlubVW67rFiyfp01JrRe6Xqy22HQMBCAeIeAQYFggAIBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsMAAoJEGSwj2Gp7ZRDLo8BAObE8GnsGVwKzNqCvHeWgJsqhjS3C6gvSlV3tEm9XmF6AQDXucIyVfoBwoyMh2h6cSn/ATn5QJb35pgo+ivp3jsMAg==
--- a/test-data/key/alice-secret.asc
+++ b/test-data/key/alice-secret.asc
@@ -0,0 +1 @@
+lFgEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5AAAQDMpCY4sD5/DUR0jRjGC5WstwShz1q+5Vofo5mY9+XRXRA3tBlBbGljZSA8YWxpY2VAZXhhbXBsZS5vcmc+iJAEExYIADgWIQQub6LLI7Uy1yhjS1hksI9hqe2UQwUCXlh13QIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBksI9hqe2UQxN6AP4uDAsgzE7I1qg2aEMF/wPxqEztv1dMCj4YyScv/JtqTAD5AYzpxjrcdkmaULyRk2vYfNOEWOog60biPAP/LRBFwAOcXQReWHXdEgorBgEEAZdVAQUBAQdABu3I1stkhQFPCp5bZbm1Vuu6xYsn6dNSa0Xul6stth0DAQgHAAD/X9y9I/JFBeArkgR3U363cWXXxMCWftS+BDwM9zE4PrgQb4h4BBgWCAAgFiEELm+iyyO1MtcoY0tYZLCPYantlEMFAl5Ydd0CGwwACgkQZLCPYantlEMujwEA5sTwaewZXArM2oK8d5aAmyqGNLcLqC9KVXe0Sb1eYXoBANe5wjJV+gHCjIyHaHpxKf8BOflAlvfmmCj6K+neOwwC
--- a/test-data/key/bob-public.asc
+++ b/test-data/key/bob-public.asc
@@ -0,0 +1 @@
+xsBNBF4wx1cBCADOwLS/xCd8iKDWUsyTfVzWby+ZGKPpamPTvdj0GFgnf0B1EBaA5//PjAzbK5iKio6QNEmZagzJPkXPByJcAIRUm0T16tqDtCvxm+H93YEXpHi/XWOeJw9kohATSqUtsRO0pFJeDvPiMTmQrEmHYoWDSQBfCrowZdvnMAlbJ9JjYOngcMeTxc0jxmPs5s17yFC+1OWu4fwWCyUM3wy1JzdKTcDWryrSkvmgFdUqJ7pJDk1HFTt+x9tvQlK3un9BXiRwv0u0zDSuI8eDH/dRLA4UL9Pq6vmJmBame1BPsE1PA7VzeTSJR2ooJXMT6o2AmH8PPUfRkv3OiWuh7LM5FSpHABEBAAHNETxib2JAZXhhbXBsZS5uZXQ+wsCJBBABCAAzAhkBBQJeMMduAhsDBAsJCAcGFQgJCgsCAxYCARYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSH9oIIALbpmicuVghM3CloiCgJhPEFLFMaQZRDV/KCVVtBcHAhw6d42q8T50mhs+W3Va5E37DN+wcenj8CgeGPQY3kPp2cnZruYtLhLkZ1+VEay5BQFUMb8kY21XrNTQQET8vc0L8cCLQ7RCgm1tGiFVp1nqbjmGUdoru90ksoufWfoqVPjNrW+9eHFvY/Z7PqchCdMnbKOJiwwv4E3NDTySZ1UVZnDztGy95Aa8OZ3cntvbq4JVi7S+N38rRPPPzpZKx+M4DUGfDAoaq7O/Xemyk1sP6C/NgQvS8rri54PgkMgKSS4TyyEzdM+fzeNYFPXFGTbgj4p0pSueQV7/JUfYHRfe3OwE0EXjDHVwEIAKIHgS2yI2niSCN1tqcbLvkhLrEJCVcpGxmA7asl1flwWYrGOBhNJE2sCuZqkofqw6qrgsQ4GFgUU5xmcBCqIZ49jRu+aY38lT4WDFHSbe/mGtaIhb2ZYK6zo9W7Y3r6ud8hbUKJTDfl9qEvJpX/Y0syMjwng8SZNTdYMWgAE4NwcgMgdU3dMA3RT6ePJ4vKs38hmXmInLyZce+GJzmo2tpZyP8viPS7JpqojoCPB3G5h9aHeakp1Y4XKQaExANeWCyBJEhNwtNEOVEpQ0txFYPyDrtxV5y5e79IUP418r/PHsnH6UnxXGzB6LfVbSeEyDyKEl+w0PrlNklySomTZFUAEQEAAcLAdgQYAQgAIAUCXjDHbgIbDBYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSHVCIIAIH694HkQLXRAJlXmi8K/xMVP96ywJovL/B5l4S/vk/iR4P1lYsF55A3Z2PK/iFtwAgVsppcBIPBlqSI0GPDMvEIxj7UFOQfQzVpDes29wG8grHJEJqI/4TlRjOacxTGaJ5fIMsLXJD6nLBuoN5Z6zm3LjqIyOx4ZGrwradPO95OMGT2Xll3YNzUqSWe33RJLqNQ5ea9I7+qvKnW5Z9Yt5nQwOo8yD+f5fql8904B3eAyLqxgkdLmngAWmYhc7KOaKdAsx7TXBAKsoeHk51OPk59u7EbX35HWD6snl/phJdUYDXiddyYN/n2ZY9g80ycle2JfgpfrQGlh7oJqgCjZuk=
--- a/test-data/key/bob-secret.asc
+++ b/test-data/key/bob-secret.asc
@@ -0,0 +1 @@
+xcLYBF4wx1cBCADOwLS/xCd8iKDWUsyTfVzWby+ZGKPpamPTvdj0GFgnf0B1EBaA5//PjAzbK5iKio6QNEmZagzJPkXPByJcAIRUm0T16tqDtCvxm+H93YEXpHi/XWOeJw9kohATSqUtsRO0pFJeDvPiMTmQrEmHYoWDSQBfCrowZdvnMAlbJ9JjYOngcMeTxc0jxmPs5s17yFC+1OWu4fwWCyUM3wy1JzdKTcDWryrSkvmgFdUqJ7pJDk1HFTt+x9tvQlK3un9BXiRwv0u0zDSuI8eDH/dRLA4UL9Pq6vmJmBame1BPsE1PA7VzeTSJR2ooJXMT6o2AmH8PPUfRkv3OiWuh7LM5FSpHABEBAAEACACcqjFMTlqNZwpY3QzfhdLfOgkbPSyXJmLWg7jt3bSO2UICclpa+3E/16O2P+aqtCsq4jQS5+UgaOuE4KcMh+e+JJmwrnE98zyJK9GnCD1VqO9GMoHVyUtEufjsZVecs912uD0hwLrU3u/7zFE7IVCCFsMNQZesLMLg/+lXBWnKmrty5XwRMxoxM0yweiJ2b2wdfntQbur7pSdWrwrdBdU1Vprj2VZ/fG6ASMXQ34QTrkq9dYzRGq4T5r6etC5wi8BpAfQX/eD1ktLc/535JmfRwEXFkbmRKwYbMxVk6hrfE+N9xlg+xmUUIlJv29qrB4Q2UjO9FPG9XetrCfExQQShBADVOrBYlkzDFprBC+m1d+RABPo7D5oCiBtrhX+v1UE8By78DCP8jm2VLqmW0hKfEyQDYfiGcnCmjvDciVzZjaB1+K8ov/1YPZ0I29PlolFROyl49H/uEtLn5UwDExD49koQGbqad16M4lDM+MG9pzsfYOV5luXn1fTblvQHhVDhbQQA+DlzEmQ6RkLLw1ta5pCigCHeqaNU8qy4wadst3rAqwM4FtONtHVUr1T9xSvTGJiSGqfD93kNk3Kn2OyC0dNcboBMhwlrCKGqWoXMEGaO2ayL6jjrwri17WsW19NGubrniIPSKPZY75yahx+PckJ5sHDh3jFkvE1p5ThULpp+3gMEAK3buTiGWap0cKcAQYYCNBtt1mcDhgYnXWSaKDDf+e+yTX+Ts3YdrofhwRmBsTbWLYeE4oLO+0vRhGk5b/DcfoleiiwT61LubJmmtlg6EpPp/aWWq7c1+unzulrYjhfLhaoMBrGkudEw7q+pd/Xd3I0UKrPWHfzGGnmiGYUq1K2sTQPNETxib2JAZXhhbXBsZS5uZXQ+wsCJBBABCAAzAhkBBQJeMMdtAhsDBAsJCAcGFQgJCgsCAxYCARYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSH8ggH+QHLm+gAwetZs7C8NVcdMXLeKCQGLCn4QOeC0HNcPr94rUROlYSxhWGaZWfLiNwte01Lufj4d/Blz5gn+VHKx6lRGw69vxogZI++ikOgdbZIRYAdhmEun0SXtTm6ha9GvuH9ux8UNlP6IQuR6za2uFEeg33TUCgCh2uuQsYkheeOQ2vDjBZvhE2JVEn53uamAkjDDeDw2d71HNXmYGzJfp6MUhAEV8M/aZMcMgeW5sbzp5c6Xs0I1OQATBPI/wheZS3n5Ar/qWCF2HMvoL7Oy3eBMYgOBBXp9z4UKqFACS5XcKjhZO9mZ0Lt4UTqTprv+L4zvGFeuDmPKlKF2PV6AiTHwtgEXjDHVwEIAKIHgS2yI2niSCN1tqcbLvkhLrEJCVcpGxmA7asl1flwWYrGOBhNJE2sCuZqkofqw6qrgsQ4GFgUU5xmcBCqIZ49jRu+aY38lT4WDFHSbe/mGtaIhb2ZYK6zo9W7Y3r6ud8hbUKJTDfl9qEvJpX/Y0syMjwng8SZNTdYMWgAE4NwcgMgdU3dMA3RT6ePJ4vKs38hmXmInLyZce+GJzmo2tpZyP8viPS7JpqojoCPB3G5h9aHeakp1Y4XKQaExANeWCyBJEhNwtNEOVEpQ0txFYPyDrtxV5y5e79IUP418r/PHsnH6UnxXGzB6LfVbSeEyDyKEl+w0PrlNklySomTZFUAEQEAAQAH/jFUmZbBApktJItvPlH4K7/7w0xxFN/tiuuj3jhaR6Au/YQLv25epivjslnenog1CKeAmkqFTZwbbC1U3s+kDKIx2TFWMqrg+MszSULsDz6Xzxn77MQB23a1CK984tfBWC+/7JTyWjs2j3UZduT6IU/2k2bPHQYRIyubdUdVpptAd+GcuBq1DERJVuSJxcAzHgUydJpj5Ao4v+oznZmKgtzTJiuhz1o+1TEUCojw3etE0RCHZ66yhFaRp4crq89BnltMIDHSf2cEYVhiPblYcBx84c6msMczKU4pJzFnvX+I4h6JEhYdxshVv5JnaLKC3Zrum9IjMCWPZ1Act0hD1m0EAMrLfD8wXEIHsbz2MPAif7Au/g9pGhOYW56DF9ABuP9uttLqhe+7YYsagpJbzOzQRFrdL15LwqKRikjnZoRTmV5JGFeCKUkTXy/5Arpc9MBizwVgA8DnvghJWMNYuCtcSkY5O2WJIGd/HnP/iuv8TTK9FcuZo2hEP0IFphwiTwSfBADMigqzx/aLSqd7Aox3Jt9+UxIhoPUEDY9876ann4Aggapw+IAk/ra/q3+bxsxBJSMO9bhUj3NzldHCYi3GBOrreyvJRaO/b7WCTBUpVuU2kahJZf5lqKCojDdBqLz7PqPi86I6Zpv06fzosI4AsE9UwnALsa2QbQ9utYyg4xbeiwQApV9wOUrAV2SUINxEp0I92aT7DvrQtDwUw8DKJXiX90e7DUjPjDjPdUc/WgRMWmVAvxmeN2UOd3nN1EELeOYVsvITipqO65U8B1GjLZHx2gAYvCY96TAEV7qm57uedh5ciwStFGdSrGxY4rVQ9lFgRGUFsRFwp8E0f7LRDMberMA33sLAdgQYAQgAIAUCXjDHbQIbDBYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSHrKcH/0icTs9x4JKHU6+TvCjBxzgZIP0eRsm71F/tnDi3oLrIDaOu/9y+c1qbWdoJfEqIWjXSJzRCpChvn2eGU8Vv4V6G/Fpv7XsOCzsWwyFbbJ9MoyTfGBDcywOhStHA47pqBgFCeAu/fBefriBP8iue64ZMc48kYA2mHyoUCfqgMgD65XooePgPiQ1R1TVHskoY3uVAYe0JBElkegjGc6+OBeOWo/cnP0LlkDlmooaUTgA36ept53sjLu5YBt5bsi21owfH6RTm8+azAcxQZB53qERP8oS/7V2dJEt0CBG7+dyHqURLIcEginVboKszq4J8mfOF7wy7sMVvFBX3zWfjxDU=
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				mDMEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5C0GUFsaWNlIDxhbGljZUBleGFtcGxlLm9yZz6IkAQTFggAOBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGSwj2Gp7ZRDE3oA/i4MCyDMTsjWqDZoQwX/A/GoTO2/V0wKPhjJJy/8m2pMAPkBjOnGOtx2SZpQvJGTa9h804RY6iDrRuI8A/8tEEXAA7g4BF5Ydd0SCisGAQQBl1UBBQEBB0AG7cjWy2SFAU8KnltlubVW67rFiyfp01JrRe6Xqy22HQMBCAeIeAQYFggAIBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsMAAoJEGSwj2Gp7ZRDLo8BAObE8GnsGVwKzNqCvHeWgJsqhjS3C6gvSlV3tEm9XmF6AQDXucIyVfoBwoyMh2h6cSn/ATn5QJb35pgo+ivp3jsMAg==
				`@@ -0,0 +1 @@`
				lFgEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5AAAQDMpCY4sD5/DUR0jRjGC5WstwShz1q+5Vofo5mY9+XRXRA3tBlBbGljZSA8YWxpY2VAZXhhbXBsZS5vcmc+iJAEExYIADgWIQQub6LLI7Uy1yhjS1hksI9hqe2UQwUCXlh13QIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBksI9hqe2UQxN6AP4uDAsgzE7I1qg2aEMF/wPxqEztv1dMCj4YyScv/JtqTAD5AYzpxjrcdkmaULyRk2vYfNOEWOog60biPAP/LRBFwAOcXQReWHXdEgorBgEEAZdVAQUBAQdABu3I1stkhQFPCp5bZbm1Vuu6xYsn6dNSa0Xul6stth0DAQgHAAD/X9y9I/JFBeArkgR3U363cWXXxMCWftS+BDwM9zE4PrgQb4h4BBgWCAAgFiEELm+iyyO1MtcoY0tYZLCPYantlEMFAl5Ydd0CGwwACgkQZLCPYantlEMujwEA5sTwaewZXArM2oK8d5aAmyqGNLcLqC9KVXe0Sb1eYXoBANe5wjJV+gHCjIyHaHpxKf8BOflAlvfmmCj6K+neOwwC
				`@@ -0,0 +1 @@`
				xsBNBF4wx1cBCADOwLS/xCd8iKDWUsyTfVzWby+ZGKPpamPTvdj0GFgnf0B1EBaA5//PjAzbK5iKio6QNEmZagzJPkXPByJcAIRUm0T16tqDtCvxm+H93YEXpHi/XWOeJw9kohATSqUtsRO0pFJeDvPiMTmQrEmHYoWDSQBfCrowZdvnMAlbJ9JjYOngcMeTxc0jxmPs5s17yFC+1OWu4fwWCyUM3wy1JzdKTcDWryrSkvmgFdUqJ7pJDk1HFTt+x9tvQlK3un9BXiRwv0u0zDSuI8eDH/dRLA4UL9Pq6vmJmBame1BPsE1PA7VzeTSJR2ooJXMT6o2AmH8PPUfRkv3OiWuh7LM5FSpHABEBAAHNETxib2JAZXhhbXBsZS5uZXQ+wsCJBBABCAAzAhkBBQJeMMduAhsDBAsJCAcGFQgJCgsCAxYCARYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSH9oIIALbpmicuVghM3CloiCgJhPEFLFMaQZRDV/KCVVtBcHAhw6d42q8T50mhs+W3Va5E37DN+wcenj8CgeGPQY3kPp2cnZruYtLhLkZ1+VEay5BQFUMb8kY21XrNTQQET8vc0L8cCLQ7RCgm1tGiFVp1nqbjmGUdoru90ksoufWfoqVPjNrW+9eHFvY/Z7PqchCdMnbKOJiwwv4E3NDTySZ1UVZnDztGy95Aa8OZ3cntvbq4JVi7S+N38rRPPPzpZKx+M4DUGfDAoaq7O/Xemyk1sP6C/NgQvS8rri54PgkMgKSS4TyyEzdM+fzeNYFPXFGTbgj4p0pSueQV7/JUfYHRfe3OwE0EXjDHVwEIAKIHgS2yI2niSCN1tqcbLvkhLrEJCVcpGxmA7asl1flwWYrGOBhNJE2sCuZqkofqw6qrgsQ4GFgUU5xmcBCqIZ49jRu+aY38lT4WDFHSbe/mGtaIhb2ZYK6zo9W7Y3r6ud8hbUKJTDfl9qEvJpX/Y0syMjwng8SZNTdYMWgAE4NwcgMgdU3dMA3RT6ePJ4vKs38hmXmInLyZce+GJzmo2tpZyP8viPS7JpqojoCPB3G5h9aHeakp1Y4XKQaExANeWCyBJEhNwtNEOVEpQ0txFYPyDrtxV5y5e79IUP418r/PHsnH6UnxXGzB6LfVbSeEyDyKEl+w0PrlNklySomTZFUAEQEAAcLAdgQYAQgAIAUCXjDHbgIbDBYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSHVCIIAIH694HkQLXRAJlXmi8K/xMVP96ywJovL/B5l4S/vk/iR4P1lYsF55A3Z2PK/iFtwAgVsppcBIPBlqSI0GPDMvEIxj7UFOQfQzVpDes29wG8grHJEJqI/4TlRjOacxTGaJ5fIMsLXJD6nLBuoN5Z6zm3LjqIyOx4ZGrwradPO95OMGT2Xll3YNzUqSWe33RJLqNQ5ea9I7+qvKnW5Z9Yt5nQwOo8yD+f5fql8904B3eAyLqxgkdLmngAWmYhc7KOaKdAsx7TXBAKsoeHk51OPk59u7EbX35HWD6snl/phJdUYDXiddyYN/n2ZY9g80ycle2JfgpfrQGlh7oJqgCjZuk=
				`@@ -0,0 +1 @@`
				xcLYBF4wx1cBCADOwLS/xCd8iKDWUsyTfVzWby+ZGKPpamPTvdj0GFgnf0B1EBaA5//PjAzbK5iKio6QNEmZagzJPkXPByJcAIRUm0T16tqDtCvxm+H93YEXpHi/XWOeJw9kohATSqUtsRO0pFJeDvPiMTmQrEmHYoWDSQBfCrowZdvnMAlbJ9JjYOngcMeTxc0jxmPs5s17yFC+1OWu4fwWCyUM3wy1JzdKTcDWryrSkvmgFdUqJ7pJDk1HFTt+x9tvQlK3un9BXiRwv0u0zDSuI8eDH/dRLA4UL9Pq6vmJmBame1BPsE1PA7VzeTSJR2ooJXMT6o2AmH8PPUfRkv3OiWuh7LM5FSpHABEBAAEACACcqjFMTlqNZwpY3QzfhdLfOgkbPSyXJmLWg7jt3bSO2UICclpa+3E/16O2P+aqtCsq4jQS5+UgaOuE4KcMh+e+JJmwrnE98zyJK9GnCD1VqO9GMoHVyUtEufjsZVecs912uD0hwLrU3u/7zFE7IVCCFsMNQZesLMLg/+lXBWnKmrty5XwRMxoxM0yweiJ2b2wdfntQbur7pSdWrwrdBdU1Vprj2VZ/fG6ASMXQ34QTrkq9dYzRGq4T5r6etC5wi8BpAfQX/eD1ktLc/535JmfRwEXFkbmRKwYbMxVk6hrfE+N9xlg+xmUUIlJv29qrB4Q2UjO9FPG9XetrCfExQQShBADVOrBYlkzDFprBC+m1d+RABPo7D5oCiBtrhX+v1UE8By78DCP8jm2VLqmW0hKfEyQDYfiGcnCmjvDciVzZjaB1+K8ov/1YPZ0I29PlolFROyl49H/uEtLn5UwDExD49koQGbqad16M4lDM+MG9pzsfYOV5luXn1fTblvQHhVDhbQQA+DlzEmQ6RkLLw1ta5pCigCHeqaNU8qy4wadst3rAqwM4FtONtHVUr1T9xSvTGJiSGqfD93kNk3Kn2OyC0dNcboBMhwlrCKGqWoXMEGaO2ayL6jjrwri17WsW19NGubrniIPSKPZY75yahx+PckJ5sHDh3jFkvE1p5ThULpp+3gMEAK3buTiGWap0cKcAQYYCNBtt1mcDhgYnXWSaKDDf+e+yTX+Ts3YdrofhwRmBsTbWLYeE4oLO+0vRhGk5b/DcfoleiiwT61LubJmmtlg6EpPp/aWWq7c1+unzulrYjhfLhaoMBrGkudEw7q+pd/Xd3I0UKrPWHfzGGnmiGYUq1K2sTQPNETxib2JAZXhhbXBsZS5uZXQ+wsCJBBABCAAzAhkBBQJeMMdtAhsDBAsJCAcGFQgJCgsCAxYCARYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSH8ggH+QHLm+gAwetZs7C8NVcdMXLeKCQGLCn4QOeC0HNcPr94rUROlYSxhWGaZWfLiNwte01Lufj4d/Blz5gn+VHKx6lRGw69vxogZI++ikOgdbZIRYAdhmEun0SXtTm6ha9GvuH9ux8UNlP6IQuR6za2uFEeg33TUCgCh2uuQsYkheeOQ2vDjBZvhE2JVEn53uamAkjDDeDw2d71HNXmYGzJfp6MUhAEV8M/aZMcMgeW5sbzp5c6Xs0I1OQATBPI/wheZS3n5Ar/qWCF2HMvoL7Oy3eBMYgOBBXp9z4UKqFACS5XcKjhZO9mZ0Lt4UTqTprv+L4zvGFeuDmPKlKF2PV6AiTHwtgEXjDHVwEIAKIHgS2yI2niSCN1tqcbLvkhLrEJCVcpGxmA7asl1flwWYrGOBhNJE2sCuZqkofqw6qrgsQ4GFgUU5xmcBCqIZ49jRu+aY38lT4WDFHSbe/mGtaIhb2ZYK6zo9W7Y3r6ud8hbUKJTDfl9qEvJpX/Y0syMjwng8SZNTdYMWgAE4NwcgMgdU3dMA3RT6ePJ4vKs38hmXmInLyZce+GJzmo2tpZyP8viPS7JpqojoCPB3G5h9aHeakp1Y4XKQaExANeWCyBJEhNwtNEOVEpQ0txFYPyDrtxV5y5e79IUP418r/PHsnH6UnxXGzB6LfVbSeEyDyKEl+w0PrlNklySomTZFUAEQEAAQAH/jFUmZbBApktJItvPlH4K7/7w0xxFN/tiuuj3jhaR6Au/YQLv25epivjslnenog1CKeAmkqFTZwbbC1U3s+kDKIx2TFWMqrg+MszSULsDz6Xzxn77MQB23a1CK984tfBWC+/7JTyWjs2j3UZduT6IU/2k2bPHQYRIyubdUdVpptAd+GcuBq1DERJVuSJxcAzHgUydJpj5Ao4v+oznZmKgtzTJiuhz1o+1TEUCojw3etE0RCHZ66yhFaRp4crq89BnltMIDHSf2cEYVhiPblYcBx84c6msMczKU4pJzFnvX+I4h6JEhYdxshVv5JnaLKC3Zrum9IjMCWPZ1Act0hD1m0EAMrLfD8wXEIHsbz2MPAif7Au/g9pGhOYW56DF9ABuP9uttLqhe+7YYsagpJbzOzQRFrdL15LwqKRikjnZoRTmV5JGFeCKUkTXy/5Arpc9MBizwVgA8DnvghJWMNYuCtcSkY5O2WJIGd/HnP/iuv8TTK9FcuZo2hEP0IFphwiTwSfBADMigqzx/aLSqd7Aox3Jt9+UxIhoPUEDY9876ann4Aggapw+IAk/ra/q3+bxsxBJSMO9bhUj3NzldHCYi3GBOrreyvJRaO/b7WCTBUpVuU2kahJZf5lqKCojDdBqLz7PqPi86I6Zpv06fzosI4AsE9UwnALsa2QbQ9utYyg4xbeiwQApV9wOUrAV2SUINxEp0I92aT7DvrQtDwUw8DKJXiX90e7DUjPjDjPdUc/WgRMWmVAvxmeN2UOd3nN1EELeOYVsvITipqO65U8B1GjLZHx2gAYvCY96TAEV7qm57uedh5ciwStFGdSrGxY4rVQ9lFgRGUFsRFwp8E0f7LRDMberMA33sLAdgQYAQgAIAUCXjDHbQIbDBYhBMzLWqn24RQclDFl8dsYsYy89wSHAAoJENsYsYy89wSHrKcH/0icTs9x4JKHU6+TvCjBxzgZIP0eRsm71F/tnDi3oLrIDaOu/9y+c1qbWdoJfEqIWjXSJzRCpChvn2eGU8Vv4V6G/Fpv7XsOCzsWwyFbbJ9MoyTfGBDcywOhStHA47pqBgFCeAu/fBefriBP8iue64ZMc48kYA2mHyoUCfqgMgD65XooePgPiQ1R1TVHskoY3uVAYe0JBElkegjGc6+OBeOWo/cnP0LlkDlmooaUTgA36ept53sjLu5YBt5bsi21owfH6RTm8+azAcxQZB53qERP8oS/7V2dJEt0CBG7+dyHqURLIcEginVboKszq4J8mfOF7wy7sMVvFBX3zWfjxDU=