Update deltachat-jsonrpc/src/api.rs

Co-authored-by: adb <asieldbenitez@gmail.com>

.github/workflows/ci.yml

@@ -20,7 +20,7 @@ permissions: {}
 
 env:
   RUSTFLAGS: -Dwarnings
-  RUST_VERSION: 1.94.0
+  RUST_VERSION: 1.95.0
 
   # Minimum Supported Rust Version
   MSRV: 1.88.0
@@ -40,7 +40,7 @@ jobs:
       - run: rustup override set $RUST_VERSION
         shell: bash
       - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
       - name: Run rustfmt
         run: cargo fmt --all -- --check
       - name: Run clippy
@@ -59,7 +59,7 @@ jobs:
         with:
           show-progress: false
           persist-credentials: false
-      - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979
+      - uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb
         with:
           arguments: --workspace --all-features --locked
           command: check
@@ -91,7 +91,7 @@ jobs:
           show-progress: false
           persist-credentials: false
       - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
       - name: Rustdoc
         run: cargo doc --document-private-items --no-deps
 
@@ -134,10 +134,10 @@ jobs:
         shell: bash
 
       - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
 
       - name: Install nextest
-        uses: taiki-e/install-action@69e777b377e4ec209ddad9426ae3e0c1008b0ef3
+        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754
         with:
           tool: nextest
 
@@ -168,7 +168,7 @@ jobs:
           persist-credentials: false
 
       - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
 
       - name: Build C library
         run: cargo build -p deltachat_ffi
@@ -194,7 +194,7 @@ jobs:
           persist-credentials: false
 
       - name: Cache rust cargo artifacts
-        uses: swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
 
       - name: Build deltachat-rpc-server
         run: cargo build -p deltachat-rpc-server

.github/workflows/deltachat-rpc-server.yml

@@ -382,7 +382,7 @@ jobs:
 
       - name: Publish deltachat-rpc-server to PyPI
         if: github.event_name == 'release'
-        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
+        uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b
 
   publish_npm_package:
     name: Build & Publish npm prebuilds and deltachat-rpc-server

.github/workflows/dependabot.yml

@@ -10,11 +10,11 @@ permissions:
 jobs:
   dependabot:
     runs-on: ubuntu-latest
-    if: ${{ github.actor == 'dependabot[bot]' }}
+    if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == github.event.pull_request.head.repo.full_name
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v2.4.0
+        uses: dependabot/fetch-metadata@v3.0.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: Approve a PR

.github/workflows/dev-version.yml

@@ -0,0 +1,23 @@
+# Check that PRs are made against the -dev version.
+# 
+# If this fails, push commit to update the version to -dev to main.
+
+name: Check for -dev version
+
+on:
+  pull_request:
+
+permissions: {}
+
+jobs:
+  check_dev_version:
+    name: Check that current version ends with -dev
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+
+      - name: Run version-checking script
+        run: scripts/check-dev-version.py

.github/workflows/jsonrpc.yml

@@ -25,7 +25,7 @@ jobs:
         with:
           node-version: 18.x
       - name: Add Rust cache
-        uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5
+        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4
       - name: npm install
         working-directory: deltachat-jsonrpc/typescript
         run: npm install

.github/workflows/publish-deltachat-rpc-client-pypi.yml

@@ -47,4 +47,4 @@ jobs:
           name: python-package-distributions
           path: dist/
       - name: Publish deltachat-rpc-client to PyPI
-        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
+        uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b

.github/workflows/upload-docs.yml

@@ -1,16 +1,18 @@
-name: Build & deploy documentation on rs.delta.chat, c.delta.chat, and py.delta.chat
+name: Build & deploy documentation on rs.delta.chat, c.delta.chat, py.delta.chat and cffi.delta.chat
 
 on:
   push:
     branches:
       - main
-      - build_jsonrpc_docs_ci
 
 permissions: {}
 
 jobs:
   build-rs:
     runs-on: ubuntu-latest
+    environment:
+      name: rs.delta.chat
+      url: https://rs.delta.chat/
 
     steps:
       - uses: actions/checkout@v6
@@ -23,12 +25,15 @@ jobs:
       - name: Upload to rs.delta.chat
         run: |
           mkdir -p "$HOME/.ssh"
-          echo "${{ secrets.KEY }}" > "$HOME/.ssh/key"
+          echo "${{ secrets.RS_DOCS_SSH_KEY }}" > "$HOME/.ssh/key"
           chmod 600 "$HOME/.ssh/key"
-          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/target/doc "${{ secrets.USERNAME }}@rs.delta.chat:/var/www/html/rs/"
+          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/target/doc "${{ secrets.RS_DOCS_SSH_USER }}@rs.delta.chat:/var/www/html/rs.delta.chat/"
 
   build-python:
     runs-on: ubuntu-latest
+    environment:
+      name: py.delta.chat
+      url: https://py.delta.chat/
 
     steps:
       - uses: actions/checkout@v6
@@ -42,12 +47,15 @@ jobs:
       - name: Upload to py.delta.chat
         run: |
           mkdir -p "$HOME/.ssh"
-          echo "${{ secrets.CODESPEAK_KEY }}" > "$HOME/.ssh/key"
+          echo "${{ secrets.PY_DOCS_SSH_KEY }}" > "$HOME/.ssh/key"
           chmod 600 "$HOME/.ssh/key"
-          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/result/html/ "delta@py.delta.chat:/home/delta/build/master"
+          rsync -avzh --delete -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/result/html/ "${{ secrets.PY_DOCS_SSH_USER }}@py.delta.chat:/var/www/html/py.delta.chat"
 
   build-c:
     runs-on: ubuntu-latest
+    environment:
+      name: c.delta.chat
+      url: https://c.delta.chat/
 
     steps:
       - uses: actions/checkout@v6
@@ -61,12 +69,16 @@ jobs:
       - name: Upload to c.delta.chat
         run: |
           mkdir -p "$HOME/.ssh"
-          echo "${{ secrets.CODESPEAK_KEY }}" > "$HOME/.ssh/key"
+          echo "${{ secrets.C_DOCS_SSH_KEY }}" > "$HOME/.ssh/key"
           chmod 600 "$HOME/.ssh/key"
-          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/result/html/ "delta@c.delta.chat:/home/delta/build-c/master"
+          rsync -avzh --delete -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/result/html/ "${{ secrets.C_DOCS_SSH_USER }}@c.delta.chat:/var/www/html/c.delta.chat"
 
   build-ts:
     runs-on: ubuntu-latest
+    environment:
+      name: js.jsonrpc.delta.chat
+      url: https://js.jsonrpc.delta.chat/
+
     defaults:
       run:
         working-directory: ./deltachat-jsonrpc/typescript
@@ -90,6 +102,27 @@ jobs:
       - name: Upload to js.jsonrpc.delta.chat
         run: |
           mkdir -p "$HOME/.ssh"
-          echo "${{ secrets.KEY }}" > "$HOME/.ssh/key"
+          echo "${{ secrets.JS_JSONRPC_DOCS_SSH_KEY }}" > "$HOME/.ssh/key"
           chmod 600 "$HOME/.ssh/key"
-          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/deltachat-jsonrpc/typescript/docs/ "${{ secrets.USERNAME }}@js.jsonrpc.delta.chat:/var/www/html/js-jsonrpc/"
+          rsync -avzh --delete -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/deltachat-jsonrpc/typescript/docs/ "${{ secrets.JS_JSONRPC_DOCS_SSH_USER }}@js.jsonrpc.delta.chat:/var/www/html/js.jsonrpc.delta.chat/"
+
+  build-cffi:
+    runs-on: ubuntu-latest
+    environment:
+      name: cffi.delta.chat
+      url: https://cffi.delta.chat/
+
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - name: Build the documentation with cargo
+        run: |
+          cargo doc --package deltachat_ffi --no-deps
+      - name: Upload to cffi.delta.chat
+        run: |
+          mkdir -p "$HOME/.ssh"
+          echo "${{ secrets.CFFI_DOCS_SSH_KEY }}" > "$HOME/.ssh/key"
+          chmod 600 "$HOME/.ssh/key"
+          rsync -avzh --delete -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/target/doc/ "${{ secrets.CFFI_DOCS_SSH_USER }}@delta.chat:/var/www/html/cffi.delta.chat/"

.github/workflows/upload-ffi-docs.yml

@@ -1,31 +0,0 @@
-# GitHub Actions workflow
-# to build `deltachat_ffi` crate documentation
-# and upload it to <https://cffi.delta.chat/>
-
-name: Build & Deploy Documentation on cffi.delta.chat
-
-on:
-  push:
-    branches:
-      - main
-
-permissions: {}
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v6
-        with:
-          show-progress: false
-          persist-credentials: false
-      - name: Build the documentation with cargo
-        run: |
-          cargo doc --package deltachat_ffi --no-deps
-      - name: Upload to cffi.delta.chat
-        run: |
-          mkdir -p "$HOME/.ssh"
-          echo "${{ secrets.KEY }}" > "$HOME/.ssh/key"
-          chmod 600 "$HOME/.ssh/key"
-          rsync -avzh -e "ssh -i $HOME/.ssh/key -o StrictHostKeyChecking=no" $GITHUB_WORKSPACE/target/doc/ "${{ secrets.USERNAME }}@delta.chat:/var/www/html/cffi/"

.github/workflows/zizmor-scan.yml

@@ -23,4 +23,4 @@ jobs:
           persist-credentials: false
 
       - name: Run zizmor
-        uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
+        uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3

CHANGELOG.md

@@ -1,16 +1,166 @@
 # Changelog
 
+## [2.49.0] - 2026-04-13
+
+### Features / Changes
+
+- Flipped Exif orientations ([#8057](https://github.com/chatmail/core/pull/8057)).
+
+### Fixes
+
+- Determine whether a message is an own message by looking at signature. multiple devices can temporarly have different sets of self addresses, and still need to properly recognize incoming versus outgoing messages. Disclaimer: some LLM tooling was initially involved but i went over everything by hand, and also addressed review comments..
+- Mark a message as delivered only after it has been fully sent out ([#8062](https://github.com/chatmail/core/pull/8062)).
+- Do not create 1:1 chat on second device when scanning a QR code.
+- Do not URL-encode proxy hostnames.
+- Assign webxdc updates from post-message to webxdc instance.
+- Let search also return hidden contacts if search value is an email address.
+- Add missing `extern "C"` to `dc_array_is_independent`.
+- Make start messages stick to the top of the chat.
+- For bots, wait with emitting IncomingMsg until the Post-Msg arrived ([#8104](https://github.com/chatmail/core/pull/8104)).
+- Trash message about group name change from non-member.
+
+### API-Changes
+
+- [**breaking**] remove `dc_msg_force_plaintext`.
+- @deltachat/stdio-rpc-server: also export a class.
+
+### CI
+
+- Make sure `-dev` version suffix is not forgotten after release.
+
+### Documentation
+
+- Document that events are broadcasted to all event emitters.
+- Fix broken link for i-d "Common PGP/MIME Message Mangling".
+
+### Refactor
+
+- ignore ForcePlaintext in saved messages chat.
+- @deltachat/stdio-rpc-server: make `getRPCServerPath` and `startDeltaChat` synchronous.
+- @deltachat/stdio-rpc-server: remove `await` from README example.
+- less nested `remove_contact_from_chat`.
+
+### Tests
+
+- Add test for `tweak_sort_timestamp()`.
+- Test that messages are only marked as delivered after being fully sent out ([#8077](https://github.com/chatmail/core/pull/8077)).
+- Fix flaky `test_no_old_msg_is_fresh`: Wait for incoming message before sending outgoing one.
+- Use TestContextManager in `test_keep_member_list_if_possibly_nomember`.
+
+### Miscellaneous Tasks
+
+- cargo: bump chrono from 0.4.43 to 0.4.44.
+- cargo: bump tracing-subscriber from 0.3.22 to 0.3.23.
+- cargo: bump tempfile from 3.26.0 to 3.27.0.
+- cargo: bump pin-project from 1.1.10 to 1.1.11.
+- cargo: bump tokio from 1.49.0 to 1.50.0.
+- cargo: bump libc from 0.2.182 to 0.2.183.
+- cargo: bump quote from 1.0.44 to 1.0.45.
+- cargo: bump image from 0.25.9 to 0.25.10.
+- cargo: bump proptest from 1.10.0 to 1.11.0.
+- deps: bump dependabot/fetch-metadata from 2.4.0 to 3.0.0.
+- bump version to 2.49.0-dev.
+
+## [2.48.0] - 2026-03-30
+
+### Fixes
+
+- Fix reordering problems in multi-relay setups by not sorting received messages below the last seen one.
+- Always sort "Messages are end-to-end encrypted" notice to the beginning.
+- Make Message-ID of pre-messages stable across resends ([#8007](https://github.com/chatmail/core/pull/8007)).
+- Delete `imap_markseen` entries not corresponding to any `imap` rows.
+- Cleanup `imap` and `imap_sync` records without transport in housekeeping.
+- When receiving MDN, mark all preceding messages as noticed, even having same timestamp ([#7928](https://github.com/chatmail/core/pull/7928)).
+- Remove migration 108 preventing upgrades from core 1.86.0 to the latest version.
+
+### Features / Changes
+
+- Improve IMAP loop logs.
+- Add decryption error to the device message about outgoing message decryption failure.
+- Log received message sort timestamp.
+
+### Performance
+
+- Move sorting outside of SQL query in `store_seen_flags_on_imap`.
+
+### API-Changes
+
+- Add JSON-RPC API `markfresh_chat()`.
+- ffi: Correctly declare `dc_event_channel_new()` as having no params ([#7831](https://github.com/chatmail/core/pull/7831)).
+
+### Refactor
+
+- Remove `wal_checkpoint_mutex`, lock `write_mutex` before getting sql connection instead.
+- Replace async `RwLock` with sync `RwLock` for stock strings.
+- Cleanup remaining Autocrypt Setup Message processing in `mimeparser`.
+- SecureJoin: do not check for self address in forwarding protection.
+- Fix clippy warnings.
+
+### CI
+
+- Update {c,py}.delta.chat website deployments.
+- Use environments for {rs,cffi,js.jsonrpc}.delta.chat deployments.
+- Fix https://docs.zizmor.sh/audits/#bot-conditions.
+
+### Documentation
+
+- Add SQL performance tips to STYLE.md.
+
+### Tests
+
+- Remove `test_old_message_5`.
+- Do not rely on loading newest chat in `load_imf_email()`.
+- Use `load_imf_email()` more.
+- The message is sorted correctly in the chat even if it arrives late.
+
+### Miscellaneous Tasks
+
+- cargo: update rustls-webpki to 0.103.10.
+
+## [2.47.0] - 2026-03-24
+
+### Fixes
+
+- Don't fall into infinite loop if the folder is missing ([#8021](https://github.com/chatmail/core/pull/8021)).
+- Delete `available_post_msgs` row if the message is already downloaded.
+- Delete `available_post_msgs` row if there is no corresponding IMAP entry.
+- Make newlines work in chat descriptions ([#8012](https://github.com/chatmail/core/pull/8012)).
+
+### Features / Changes
+
+- use SEIPDv2 if all recipients support it.
+
+### Documentation
+
+- Add shadowsocks spec to standards.md.
+- Document Header Confidentiality Policy.
+- `deltachat_rpc_client`: make sphinx documentation display method parameters.
+- Remove `draft/aeap-mvp.md` which is superseded by key-contacts and multi-relay.
+
+### Refactor
+
+- Remove code to send messages without intended recipient fingerprint.
+
+### Tests
+
+- Make `add_or_lookup_contact_id_no_key` public.
+
+### Miscellaneous Tasks
+
+- cargo: bump sdp from 0.10.0 to 0.17.1.
+- Add RUSTSEC-2026-0049 exception to deny.toml.
+
 ## [2.46.0] - 2026-03-19
 
 ### API-Changes
 
 - [**breaking**] remove functions for sending and receiving Autocrypt Setup Message.
 - Add `list_transports_ex()` and `set_transport_unpublished()` functions.
+- Add API `dc_markfresh_chat` to mark messages as "fresh".
 
 ### Features / Changes
 
 - add `IncomingCallAccepted.from_this_device`.
-- mark messages as "fresh".
 - decode `dcaccount://` URLs and error out on empty URLs early.
 - enable anonymous OpenPGP key IDs.
 - tls: do not verify TLS certificates for hostnames starting with `_`.
@@ -7950,3 +8100,6 @@ https://github.com/chatmail/core/pulls?q=is%3Apr+is%3Aclosed
 [2.44.0]: https://github.com/chatmail/core/compare/v2.43.0..v2.44.0
 [2.45.0]: https://github.com/chatmail/core/compare/v2.44.0..v2.45.0
 [2.46.0]: https://github.com/chatmail/core/compare/v2.45.0..v2.46.0
+[2.47.0]: https://github.com/chatmail/core/compare/v2.46.0..v2.47.0
+[2.48.0]: https://github.com/chatmail/core/compare/v2.47.0..v2.48.0
+[2.49.0]: https://github.com/chatmail/core/compare/v2.48.0..v2.49.0

Cargo.lock

@@ -550,7 +550,7 @@ dependencies = [
  "bolero-kani",
  "bolero-libfuzzer",
  "cfg-if",
- "rand 0.9.2",
+ "rand 0.9.4",
 ]
 
 [[package]]
@@ -573,7 +573,7 @@ dependencies = [
  "bolero-generator",
  "lazy_static",
  "pretty-hex",
- "rand 0.9.2",
+ "rand 0.9.4",
  "rand_xoshiro",
 ]
 
@@ -827,9 +827,9 @@ dependencies = [
 
 [[package]]
 name = "chrono"
-version = "0.4.43"
+version = "0.4.44"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fac4744fb15ae8337dc853fee7fb3f4e48c0fbaa23d0afe49c447b4fab126118"
+checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0"
 dependencies = [
  "iana-time-zone",
  "num-traits",
@@ -1307,7 +1307,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat"
-version = "2.46.0"
+version = "2.50.0-dev"
 dependencies = [
  "anyhow",
  "astral-tokio-tar",
@@ -1360,8 +1360,8 @@ dependencies = [
  "proptest",
  "qrcodegen",
  "quick-xml",
- "rand 0.8.5",
- "rand 0.9.2",
+ "rand 0.8.6",
+ "rand 0.9.4",
  "ratelimit",
  "regex",
  "rusqlite",
@@ -1416,7 +1416,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-jsonrpc"
-version = "2.46.0"
+version = "2.50.0-dev"
 dependencies = [
  "anyhow",
  "async-channel 2.5.0",
@@ -1437,7 +1437,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-repl"
-version = "2.46.0"
+version = "2.50.0-dev"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -1453,7 +1453,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-rpc-server"
-version = "2.46.0"
+version = "2.50.0-dev"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -1482,7 +1482,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat_ffi"
-version = "2.46.0"
+version = "2.50.0-dev"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -1490,7 +1490,7 @@ dependencies = [
  "human-panic",
  "libc",
  "num-traits",
- "rand 0.9.2",
+ "rand 0.9.4",
  "serde_json",
  "thiserror 2.0.18",
  "tokio",
@@ -2429,7 +2429,7 @@ dependencies = [
  "idna",
  "ipnet",
  "once_cell",
- "rand 0.9.2",
+ "rand 0.9.4",
  "ring",
  "thiserror 2.0.18",
  "tinyvec",
@@ -2451,7 +2451,7 @@ dependencies = [
  "moka",
  "once_cell",
  "parking_lot",
- "rand 0.9.2",
+ "rand 0.9.4",
  "resolv-conf",
  "smallvec",
  "thiserror 2.0.18",
@@ -2852,7 +2852,7 @@ dependencies = [
  "hyper",
  "hyper-util",
  "log",
- "rand 0.9.2",
+ "rand 0.9.4",
  "tokio",
  "url",
  "xmltree",
@@ -2860,9 +2860,9 @@ dependencies = [
 
 [[package]]
 name = "image"
-version = "0.25.9"
+version = "0.25.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e6506c6c10786659413faa717ceebcb8f70731c0a60cbae39795fdf114519c1a"
+checksum = "85ab80394333c02fe689eaf900ab500fbd0c2213da414687ebf995a65d5a6104"
 dependencies = [
  "bytemuck",
  "byteorder-lite",
@@ -2981,12 +2981,12 @@ dependencies = [
  "pin-project",
  "pkarr",
  "portmapper",
- "rand 0.8.5",
+ "rand 0.8.6",
  "rcgen",
  "reqwest",
  "ring",
  "rustls",
- "rustls-webpki",
+ "rustls-webpki 0.102.8",
  "serde",
  "smallvec",
  "spki",
@@ -3056,7 +3056,7 @@ dependencies = [
  "iroh-metrics",
  "n0-future",
  "postcard",
- "rand 0.8.5",
+ "rand 0.8.6",
  "rand_core 0.6.4",
  "serde",
  "serde-error",
@@ -3119,7 +3119,7 @@ checksum = "929d5d8fa77d5c304d3ee7cae9aede31f13908bd049f9de8c7c0094ad6f7c535"
 dependencies = [
  "bytes",
  "getrandom 0.2.16",
- "rand 0.8.5",
+ "rand 0.8.6",
  "ring",
  "rustc-hash",
  "rustls",
@@ -3172,10 +3172,10 @@ dependencies = [
  "pin-project",
  "pkarr",
  "postcard",
- "rand 0.8.5",
+ "rand 0.8.6",
  "reqwest",
  "rustls",
- "rustls-webpki",
+ "rustls-webpki 0.102.8",
  "serde",
  "sha1",
  "strum 0.26.2",
@@ -3260,9 +3260,9 @@ dependencies = [
 
 [[package]]
 name = "libc"
-version = "0.2.182"
+version = "0.2.184"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6800badb6cb2082ffd7b6a67e6125bb39f18782f793520caee8cb8846be06112"
+checksum = "48f5d2a454e16a5ea0f4ced81bd44e4cfc7bd3a507b61887c99fd3538b28e4af"
 
 [[package]]
 name = "libm"
@@ -3483,9 +3483,9 @@ dependencies = [
 
 [[package]]
 name = "moxcms"
-version = "0.7.5"
+version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ddd32fa8935aeadb8a8a6b6b351e40225570a37c43de67690383d87ef170cd08"
+checksum = "bb85c154ba489f01b25c0d36ae69a87e4a1c73a72631fc6c0eb6dde34a73e44b"
 dependencies = [
  "num-traits",
  "pxfm",
@@ -3776,7 +3776,7 @@ dependencies = [
  "num-integer",
  "num-iter",
  "num-traits",
- "rand 0.8.5",
+ "rand 0.8.6",
  "serde",
  "smallvec",
  "zeroize",
@@ -3933,9 +3933,9 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
 
 [[package]]
 name = "openssl"
-version = "0.10.72"
+version = "0.10.78"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fedfea7d58a1f73118430a55da6a286e7b044961736ce96a16a17068ea25e5da"
+checksum = "f38c4372413cdaaf3cc79dd92d29d7d9f5ab09b51b10dded508fb90bb70b9222"
 dependencies = [
  "bitflags 2.11.0",
  "cfg-if",
@@ -3974,9 +3974,9 @@ dependencies = [
 
 [[package]]
 name = "openssl-sys"
-version = "0.9.107"
+version = "0.9.114"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8288979acd84749c744a9014b4382d42b8f7b2592847b5afb2ed29e5d16ede07"
+checksum = "13ce1245cd07fcc4cfdb438f7507b0c7e4f3849a69fd84d52374c66d83741bb6"
 dependencies = [
  "cc",
  "libc",
@@ -4206,7 +4206,7 @@ dependencies = [
  "p256",
  "p384",
  "p521",
- "rand 0.8.5",
+ "rand 0.8.6",
  "regex",
  "replace_with",
  "ripemd",
@@ -4235,18 +4235,18 @@ dependencies = [
 
 [[package]]
 name = "pin-project"
-version = "1.1.10"
+version = "1.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a"
+checksum = "f1749c7ed4bcaf4c3d0a3efc28538844fb29bcdd7d2b67b2be7e20ba861ff517"
 dependencies = [
  "pin-project-internal",
 ]
 
 [[package]]
 name = "pin-project-internal"
-version = "1.1.10"
+version = "1.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861"
+checksum = "d9b20ed30f105399776b9c883e68e536ef602a16ae6f596d2c473591d6ad64c6"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -4453,7 +4453,7 @@ dependencies = [
  "nested_enum_utils",
  "netwatch",
  "num_enum",
- "rand 0.8.5",
+ "rand 0.8.6",
  "serde",
  "smallvec",
  "snafu",
@@ -4615,13 +4615,13 @@ dependencies = [
 
 [[package]]
 name = "proptest"
-version = "1.10.0"
+version = "1.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "37566cb3fdacef14c0737f9546df7cfeadbfbc9fef10991038bf5015d0c80532"
+checksum = "4b45fcc2344c680f5025fe57779faef368840d0bd1f42f216291f0dc4ace4744"
 dependencies = [
  "bitflags 2.11.0",
  "num-traits",
- "rand 0.9.2",
+ "rand 0.9.4",
  "rand_chacha 0.9.0",
  "rand_xorshift",
  "regex-syntax",
@@ -4701,7 +4701,7 @@ dependencies = [
  "bytes",
  "getrandom 0.3.3",
  "lru-slab",
- "rand 0.9.2",
+ "rand 0.9.4",
  "ring",
  "rustc-hash",
  "rustls",
@@ -4729,9 +4729,9 @@ dependencies = [
 
 [[package]]
 name = "quote"
-version = "1.0.44"
+version = "1.0.45"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4"
+checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924"
 dependencies = [
  "proc-macro2",
 ]
@@ -4776,9 +4776,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.8.5"
+version = "0.8.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+checksum = "5ca0ecfa931c29007047d1bc58e623ab12e5590e8c7cc53200d5202b69266d8a"
 dependencies = [
  "libc",
  "rand_chacha 0.3.1",
@@ -4787,9 +4787,9 @@ dependencies = [
 
 [[package]]
 name = "rand"
-version = "0.9.2"
+version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1"
+checksum = "44c5af06bb1b7d3216d91932aed5265164bf384dc89cd6ba05cf59a35f5f76ea"
 dependencies = [
  "rand_chacha 0.9.0",
  "rand_core 0.9.3",
@@ -5156,15 +5156,15 @@ dependencies = [
 
 [[package]]
 name = "rustls"
-version = "0.23.23"
+version = "0.23.37"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "47796c98c480fce5406ef69d1c76378375492c3b0a0de587be0c1d9feb12f395"
+checksum = "758025cb5fccfd3bc2fd74708fd4682be41d99e5dff73c377c0646c6012c73a4"
 dependencies = [
  "log",
  "once_cell",
  "ring",
  "rustls-pki-types",
- "rustls-webpki",
+ "rustls-webpki 0.103.13",
  "subtle",
  "zeroize",
 ]
@@ -5199,6 +5199,17 @@ dependencies = [
  "untrusted",
 ]
 
+[[package]]
+name = "rustls-webpki"
+version = "0.103.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "61c429a8649f110dddef65e2a5ad240f747e85f7758a6bccc7e5777bd33f756e"
+dependencies = [
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.14"
@@ -5307,11 +5318,11 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
 
 [[package]]
 name = "sdp"
-version = "0.10.0"
+version = "0.17.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "32c374dceda16965d541c8800ce9cc4e1c14acfd661ddf7952feeedc3411e5c6"
+checksum = "22c3b0257608d7de4de4c4ea650ccc2e6e3e45e3cd80039fcdee768bcb449253"
 dependencies = [
- "rand 0.9.2",
+ "rand 0.9.4",
  "substring",
  "thiserror 1.0.69",
  "url",
@@ -5570,7 +5581,7 @@ dependencies = [
  "once_cell",
  "percent-encoding",
  "pin-project",
- "rand 0.9.2",
+ "rand 0.9.4",
  "sendfd",
  "serde",
  "serde_json",
@@ -5600,7 +5611,7 @@ dependencies = [
  "chacha20poly1305",
  "hkdf",
  "md-5",
- "rand 0.9.2",
+ "rand 0.9.4",
  "ring-compat",
  "sha1",
 ]
@@ -5832,7 +5843,7 @@ dependencies = [
  "precis-core",
  "precis-profiles",
  "quoted-string-parser",
- "rand 0.9.2",
+ "rand 0.9.4",
 ]
 
 [[package]]
@@ -5859,7 +5870,7 @@ dependencies = [
  "hex",
  "parking_lot",
  "pnet_packet",
- "rand 0.8.5",
+ "rand 0.8.6",
  "socket2 0.5.9",
  "thiserror 1.0.69",
  "tokio",
@@ -5977,9 +5988,9 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
 
 [[package]]
 name = "tempfile"
-version = "3.26.0"
+version = "3.27.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "82a72c767771b47409d2345987fda8628641887d5466101319899796367354a0"
+checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd"
 dependencies = [
  "fastrand",
  "getrandom 0.3.3",
@@ -6133,9 +6144,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.49.0"
+version = "1.50.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "72a2903cd7736441aac9df9d7688bd0ce48edccaadf181c3b90be801e81d3d86"
+checksum = "27ad5e34374e03cfffefc301becb44e9dc3c17584f414349ebe29ed26661822d"
 dependencies = [
  "bytes",
  "libc",
@@ -6171,9 +6182,9 @@ dependencies = [
 
 [[package]]
 name = "tokio-rustls"
-version = "0.26.2"
+version = "0.26.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8e727b36a1a0e8b74c376ac2211e40c2c8af09fb4013c60d910495810f008e9b"
+checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61"
 dependencies = [
  "rustls",
  "tokio",
@@ -6236,7 +6247,7 @@ dependencies = [
  "getrandom 0.3.3",
  "http 1.1.0",
  "httparse",
- "rand 0.9.2",
+ "rand 0.9.4",
  "ring",
  "rustls-pki-types",
  "simdutf8",
@@ -6392,9 +6403,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-subscriber"
-version = "0.3.22"
+version = "0.3.23"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2f30143827ddab0d256fd843b7a66d164e9f271cfa0dde49142c5ca0ca291f1e"
+checksum = "cb7f578e5945fb242538965c2d0b04418d38ec25c79d160cd279bf0731c8d319"
 dependencies = [
  "matchers",
  "nu-ansi-term",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "2.46.0"
+version = "2.50.0-dev"
 edition = "2024"
 license = "MPL-2.0"
 rust-version = "1.88"
@@ -87,7 +87,7 @@ rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
 sanitize-filename = { workspace = true }
-sdp = "0.10.0"
+sdp = "0.17.1"
 serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
@@ -181,7 +181,7 @@ harness = false
 anyhow = "1"
 async-channel = "2.5.0"
 base64 = "0.22"
-chrono = { version = "0.4.43", default-features = false }
+chrono = { version = "0.4.44", default-features = false }
 deltachat-contact-tools = { path = "deltachat-contact-tools" }
 deltachat-jsonrpc = { path = "deltachat-jsonrpc", default-features = false }
 deltachat = { path = ".", default-features = false }
@@ -198,7 +198,7 @@ rusqlite = "0.37"
 sanitize-filename = "0.6"
 serde = "1.0"
 serde_json = "1"
-tempfile = "3.25.0"
+tempfile = "3.27.0"
 thiserror = "2"
 tokio = "1"
 tokio-util = "0.7.18"

STYLE.md

@@ -68,6 +68,12 @@ keyword doesn't help here.
 Consider adding context to `anyhow` errors for SQL statements using `.context()` so that it's
 possible to understand from logs which statement failed. See [Errors](#errors) for more info.
 
+When changing complex SQL queries, test them on a new database with `EXPLAIN QUERY PLAN`
+to make sure that indexes are used and large tables are not going to be scanned.
+Never run `ANALYZE` on the databases,
+this makes query planner unpredictable
+and may make performance significantly worse: <https://github.com/chatmail/core/issues/6585>
+
 ## Errors
 
 Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "2.46.0"
+version = "2.50.0-dev"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -364,18 +364,14 @@ uint32_t        dc_get_id                    (dc_context_t* context);
  * To get these events, you have to create an event emitter using this function
  * and call dc_get_next_event() on the emitter.
  *
+ * Events are broadcasted to all existing event emitters.
+ * Events emitted before creation of event emitter
+ * are not available to event emitter.
+ *
  * @memberof dc_context_t
  * @param context The context object as created by dc_context_new().
  * @return Returns the event emitter, NULL on errors.
  *     Must be freed using dc_event_emitter_unref() after usage.
- *
- * Note: Use only one event emitter per context.
- * The result of having multiple event emitters is unspecified.
- * Currently events are broadcasted to all existing event emitters,
- * but previous versions delivered events to only one event emitter
- * and this behavior may change again in the future.
- * Events emitted before creation of event emitter
- * may or may not be available to event emitter.
  */
 dc_event_emitter_t* dc_get_event_emitter(dc_context_t* context);
 
@@ -394,27 +390,9 @@ char*           dc_get_blobdir               (const dc_context_t* context);
 /**
  * Configure the context. The configuration is handled by key=value pairs as:
  *
- * - `addr`         = Email address to use for configuration.
- *                    If dc_configure() fails this is not the email address actually in use.
- *                    Use `configured_addr` to find out the email address actually in use.
- * - `configured_addr` = Email address actually in use.
+ * - `configured_addr` = Email address in use.
  *                    Unless for testing, do not set this value using dc_set_config().
  *                    Instead, set `addr` and call dc_configure().
- * - `mail_server`  = IMAP-server, guessed if left out
- * - `mail_user`    = IMAP-username, guessed if left out
- * - `mail_pw`      = IMAP-password (always needed)
- * - `mail_port`    = IMAP-port, guessed if left out
- * - `mail_security`= IMAP-socket, one of @ref DC_SOCKET, defaults to #DC_SOCKET_AUTO
- * - `send_server`  = SMTP-server, guessed if left out
- * - `send_user`    = SMTP-user, guessed if left out
- * - `send_pw`      = SMTP-password, guessed if left out
- * - `send_port`    = SMTP-port, guessed if left out
- * - `send_security`= SMTP-socket, one of @ref DC_SOCKET, defaults to #DC_SOCKET_AUTO
- * - `server_flags` = IMAP-/SMTP-flags as a combination of @ref DC_LP flags, guessed if left out
- * - `proxy_enabled` = Proxy enabled. Disabled by default.
- * - `proxy_url` = Proxy URL. May contain multiple URLs separated by newline, but only the first one is used.
- * - `imap_certificate_checks` = how to check IMAP certificates, one of the @ref DC_CERTCK flags, defaults to #DC_CERTCK_AUTO (0)
- * - `smtp_certificate_checks` = deprecated option, should be set to the same value as `imap_certificate_checks` but ignored by the new core
  * - `displayname`  = Own name to use when sending messages. MUAs are allowed to spread this way e.g. using CC, defaults to empty
  * - `selfstatus`   = Own status to display, e.g. in e-mail footers, defaults to empty
  * - `selfavatar`   = File containing avatar. Will immediately be copied to the 
@@ -430,14 +408,6 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    1=send a copy of outgoing messages to self (default).
  *                    Sending messages to self is needed for a proper multi-account setup,
  *                    however, on the other hand, may lead to unwanted notifications in non-delta clients.
- * - `mvbox_move`   = 1=detect chat messages,
- *                    move them to the `DeltaChat` folder,
- *                    and watch the `DeltaChat` folder for updates (default),
- *                    0=do not move chat-messages
- * - `only_fetch_mvbox` = 1=Do not fetch messages from folders other than the
- *                    `DeltaChat` folder. Messages will still be fetched from the
- *                    spam folder.
- *                    0=watch all folders normally (default)
  * - `show_emails`  = DC_SHOW_EMAILS_OFF (0)=
  *                    show direct replies to chats only,
  *                    DC_SHOW_EMAILS_ACCEPTED_CONTACTS (1)=
@@ -525,6 +495,27 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                       1 = Contacts (default, does not include contact requests),
  *                       2 = Nobody (calls never result in a notification).
  *
+ * Also, there are configs that are only needed
+ * if you want to use the deprecated dc_configure() API, such as:
+ *
+ * - `addr`         = Email address to use for configuration.
+ *                    If dc_configure() fails this is not the email address actually in use.
+ *                    Use `configured_addr` to find out the email address actually in use.
+ * - `mail_server`  = IMAP-server, guessed if left out
+ * - `mail_user`    = IMAP-username, guessed if left out
+ * - `mail_pw`      = IMAP-password (always needed)
+ * - `mail_port`    = IMAP-port, guessed if left out
+ * - `mail_security`= IMAP-socket, one of @ref DC_SOCKET, defaults to #DC_SOCKET_AUTO
+ * - `send_server`  = SMTP-server, guessed if left out
+ * - `send_user`    = SMTP-user, guessed if left out
+ * - `send_pw`      = SMTP-password, guessed if left out
+ * - `send_port`    = SMTP-port, guessed if left out
+ * - `send_security`= SMTP-socket, one of @ref DC_SOCKET, defaults to #DC_SOCKET_AUTO
+ * - `server_flags` = IMAP-/SMTP-flags as a combination of @ref DC_LP flags, guessed if left out
+ * - `proxy_enabled` = Proxy enabled. Disabled by default.
+ * - `proxy_url` = Proxy URL. May contain multiple URLs separated by newline, but only the first one is used.
+ * - `imap_certificate_checks` = how to check IMAP and SMTP certificates, one of the @ref DC_CERTCK flags, defaults to #DC_CERTCK_AUTO (0)
+
  * If you want to retrieve a value, use dc_get_config().
  *
  * @memberof dc_context_t
@@ -711,6 +702,12 @@ int              dc_get_push_state           (dc_context_t* context);
 
 /**
  * Configure a context.
+ *
+ * This way of configuring a context is deprecated,
+ * and does not allow to configure multiple transports.
+ * If you can, use the JSON-RPC API (../deltachat-jsonrpc/src/api.rs)
+ * `add_or_update_transport()`/`addOrUpdateTransport()` instead.
+ *
  * During configuration IO must not be started,
  * if needed stop IO using dc_accounts_stop_io() or dc_stop_io() first.
  * If the context is already configured,
@@ -2644,6 +2641,8 @@ dc_lot_t*       dc_check_qr                  (dc_context_t* context, const char*
  * so that the QR code is useful also without Delta Chat being installed
  * or can be passed to contacts through other channels.
  *
+ * To reset invitations, pass the link to dc_set_config_from_qr().
+ *
  * @memberof dc_context_t
  * @param context The context object.
  * @param chat_id If set to a group-chat-id,
@@ -3323,18 +3322,14 @@ void           dc_accounts_set_push_device_token (dc_accounts_t* accounts, const
  * This is similar to dc_get_event_emitter(), which, however,
  * must not be called for accounts handled by the account manager.
  *
+ * Events are broadcasted to all existing event emitters.
+ * Events emitted before creation of event emitter
+ * are not available to event emitter.
+ *
  * @memberof dc_accounts_t
  * @param accounts The account manager as created by dc_accounts_new().
  * @return Returns the event emitter, NULL on errors.
  *     Must be freed using dc_event_emitter_unref() after usage.
- *
- * Note: Use only one event emitter per account manager.
- * The result of having multiple event emitters is unspecified.
- * Currently events are broadcasted to all existing event emitters,
- * but previous versions delivered events to only one event emitter
- * and this behavior may change again in the future.
- * Events emitted before creation of event emitter
- * are not available to event emitter.
  */
 dc_event_emitter_t* dc_accounts_get_event_emitter (dc_accounts_t* accounts);
 
@@ -4250,6 +4245,8 @@ char*             dc_msg_get_webxdc_blob      (const dc_msg_t* msg, const char*
  *   true if the Webxdc should get internet access;
  *   this is the case i.e. for experimental maps integration.
  * - self_addr: address to be used for `window.webxdc.selfAddr` in JS land.
+ * - is_app_sender: Define if the local user is the one who initially shared the webxdc application in the chat.
+ * - is_broadcast: Define if the app runs in a broadcasting context.
  * - send_update_interval: Milliseconds to wait before calling `sendUpdate()` again since the last call.
  *   Should be exposed to `webxdc.sendUpdateInterval` in JS land.
  * - send_update_max_size: Maximum number of bytes accepted for a serialized update object.
@@ -4981,17 +4978,6 @@ uint32_t        dc_msg_get_original_msg_id    (const dc_msg_t* msg);
  */
 uint32_t        dc_msg_get_saved_msg_id     (const dc_msg_t* msg);
 
-
-/**
- * Force the message to be sent in plain text.
- *
- * This API is for bots, there is no need to expose it in the UI.
- *
- * @memberof dc_msg_t
- * @param msg The message object.
- */
-void            dc_msg_force_plaintext        (dc_msg_t* msg);
-
 /**
  * @class dc_contact_t
  *
@@ -5829,7 +5815,7 @@ int64_t         dc_lot_get_timestamp     (const dc_lot_t* lot);
  * These constants configure TLS certificate checks for IMAP and SMTP connections.
  *
  * These constants are set via dc_set_config()
- * using keys "imap_certificate_checks" and "smtp_certificate_checks".
+ * using key "imap_certificate_checks".
  *
  * @addtogroup DC_CERTCK
  * @{
@@ -5959,7 +5945,7 @@ char* dc_jsonrpc_blocking_call(dc_jsonrpc_instance_t* jsonrpc_instance, const ch
   * @memberof dc_event_channel_t
   * @return An event channel wrapper object (dc_event_channel_t).
   */
- dc_event_channel_t* dc_event_channel_new();
+ dc_event_channel_t* dc_event_channel_new(void);
  
  /**
   * Release/free the events channel structure.
@@ -5979,21 +5965,14 @@ void dc_event_channel_unref(dc_event_channel_t* event_channel);
  * To get these events, you have to create an event emitter using this function
  * and call dc_get_next_event() on the emitter.
  *
- * This is similar to dc_get_event_emitter(), which, however,
- * must not be called for accounts handled by the account manager.
+ * Events are broadcasted to all existing event emitters.
+ * Events emitted before creation of event emitter
+ * are not available to event emitter.
  * 
  * @memberof dc_event_channel_t
  * @param The event channel.
  * @return Returns the event emitter, NULL on errors.
  *     Must be freed using dc_event_emitter_unref() after usage.
- * 
- * Note: Use only one event emitter per account manager / event channel.
- * The result of having multiple event emitters is unspecified.
- * Currently events are broadcasted to all existing event emitters,
- * but previous versions delivered events to only one event emitter
- * and this behavior may change again in the future.
- * Events emitted before creation of event emitter
- * are not available to event emitter.
  */
 dc_event_emitter_t* dc_event_channel_get_event_emitter(dc_event_channel_t* event_channel);
 

deltachat-ffi/src/lib.rs

@@ -306,20 +306,17 @@ pub unsafe extern "C" fn dc_set_stock_translation(
     let msg = to_string_lossy(stock_msg);
     let ctx = &*context;
 
-    block_on(async move {
-        match StockMessage::from_u32(stock_id)
-            .with_context(|| format!("Invalid stock message ID {stock_id}"))
+    match StockMessage::from_u32(stock_id)
+        .with_context(|| format!("Invalid stock message ID {stock_id}"))
+        .log_err(ctx)
+    {
+        Ok(id) => ctx
+            .set_stock_translation(id, msg)
+            .context("set_stock_translation failed")
             .log_err(ctx)
-        {
-            Ok(id) => ctx
-                .set_stock_translation(id, msg)
-                .await
-                .context("set_stock_translation failed")
-                .log_err(ctx)
-                .is_ok() as libc::c_int,
-            Err(_) => 0,
-        }
-    })
+            .is_ok() as libc::c_int,
+        Err(_) => 0,
+    }
 }
 
 #[no_mangle]
@@ -2829,7 +2826,7 @@ pub unsafe extern "C" fn dc_array_search_id(
 // Returns 1 if location belongs to the track of the user,
 // 0 if location was reported independently.
 #[no_mangle]
-pub unsafe fn dc_array_is_independent(
+pub unsafe extern "C" fn dc_array_is_independent(
     array: *const dc_array_t,
     index: libc::size_t,
 ) -> libc::c_int {
@@ -4057,16 +4054,6 @@ pub unsafe extern "C" fn dc_msg_get_saved_msg_id(msg: *const dc_msg_t) -> u32 {
     })
 }
 
-#[no_mangle]
-pub unsafe extern "C" fn dc_msg_force_plaintext(msg: *mut dc_msg_t) {
-    if msg.is_null() {
-        eprintln!("ignoring careless call to dc_msg_force_plaintext()");
-        return;
-    }
-    let ffi_msg = &mut *msg;
-    ffi_msg.message.force_plaintext();
-}
-
 // dc_contact_t
 
 /// FFI struct for [dc_contact_t]

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "2.46.0"
+version = "2.50.0-dev"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 license = "MPL-2.0"

deltachat-jsonrpc/src/api.rs

@@ -11,8 +11,8 @@ use deltachat::blob::BlobObject;
 use deltachat::calls::ice_servers;
 use deltachat::chat::{
     self, add_contact_to_chat, forward_msgs, forward_msgs_2ctx, get_chat_media, get_chat_msgs,
-    get_chat_msgs_ex, marknoticed_all_chats, marknoticed_chat, remove_contact_from_chat, Chat,
-    ChatId, ChatItem, MessageListOptions,
+    get_chat_msgs_ex, markfresh_chat, marknoticed_all_chats, marknoticed_chat,
+    remove_contact_from_chat, Chat, ChatId, ChatItem, MessageListOptions,
 };
 use deltachat::chatlist::Chatlist;
 use deltachat::config::{get_all_ui_config_keys, Config};
@@ -318,6 +318,15 @@ impl CommandApi {
         Ok(())
     }
 
+    /// Requests to clear storage on all chatmail relays.
+    ///
+    /// I/O must be started for this request to take effect.
+    async fn clear_all_relay_storage(&self, account_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
+        ctx.clear_all_relay_storage().await?;
+        Ok(())
+    }
+
     /// Get top-level info for an account.
     async fn get_account_info(&self, account_id: u32) -> Result<Account> {
         let context_option = self.accounts.read().await.get_account(account_id);
@@ -473,9 +482,7 @@ impl CommandApi {
         let accounts = self.accounts.read().await;
         for (stock_id, stock_message) in strings {
             if let Some(stock_id) = StockMessage::from_u32(stock_id) {
-                accounts
-                    .set_stock_translation(stock_id, stock_message)
-                    .await?;
+                accounts.set_stock_translation(stock_id, stock_message)?;
             }
         }
         Ok(())
@@ -680,7 +687,7 @@ impl CommandApi {
         ChatId::new(chat_id).get_fresh_msg_cnt(&ctx).await
     }
 
-    /// Gets messages to be processed by the bot and returns their IDs.
+    /// (deprecated) Gets messages to be processed by the bot and returns their IDs.
     ///
     /// Only messages with database ID higher than `last_msg_id` config value
     /// are returned. After processing the messages, the bot should
@@ -688,6 +695,13 @@ impl CommandApi {
     /// or manually updating the value to avoid getting already
     /// processed messages.
     ///
+    /// Deprecated 2026-04: This returns the message's id as soon as the first part arrives,
+    /// even if it is not fully downloaded yet.
+    /// The bot needs to wait for the message to be fully downloaded.
+    /// Since this is usually not the desired behavior,
+    /// bots should instead use the #DC_EVENT_INCOMING_MSG / [`types::events::EventType::IncomingMsg`]
+    /// event for getting notified about new messages.
+    ///
     /// [`markseen_msgs`]: Self::markseen_msgs
     async fn get_next_msgs(&self, account_id: u32) -> Result<Vec<u32>> {
         let ctx = self.get_context(account_id).await?;
@@ -700,7 +714,7 @@ impl CommandApi {
         Ok(msg_ids)
     }
 
-    /// Waits for messages to be processed by the bot and returns their IDs.
+    /// (deprecated) Waits for messages to be processed by the bot and returns their IDs.
     ///
     /// This function is similar to [`get_next_msgs`],
     /// but waits for internal new message notification before returning.
@@ -711,6 +725,13 @@ impl CommandApi {
     /// To shutdown the bot, stopping I/O can be used to interrupt
     /// pending or next `wait_next_msgs` call.
     ///
+    /// Deprecated 2026-04: This returns the message's id as soon as the first part arrives,
+    /// even if it is not fully downloaded yet.
+    /// The bot needs to wait for the message to be fully downloaded.
+    /// Since this is usually not the desired behavior,
+    /// bots should instead use the #DC_EVENT_INCOMING_MSG / [`types::events::EventType::IncomingMsg`]
+    /// event for getting notified about new messages.
+    ///
     /// [`get_next_msgs`]: Self::get_next_msgs
     async fn wait_next_msgs(&self, account_id: u32) -> Result<Vec<u32>> {
         let ctx = self.get_context(account_id).await?;
@@ -862,6 +883,8 @@ impl CommandApi {
 
     /// Get QR code text that will offer a [SecureJoin](https://securejoin.delta.chat/) invitation.
     ///
+    /// To reset invitations, pass the link to `set_config_from_qr()`.
+    ///
     /// If `chat_id` is a group chat ID, SecureJoin QR code for the group is returned.
     /// If `chat_id` is unset, setup contact QR code is returned.
     async fn get_chat_securejoin_qr_code(
@@ -1251,6 +1274,15 @@ impl CommandApi {
         marknoticed_chat(&ctx, ChatId::new(chat_id)).await
     }
 
+    /// Marks the last incoming message in the chat as _fresh_.
+    ///
+    /// UI can use this to offer a "mark unread" option,
+    /// so that already noticed chats get a badge counter again.
+    async fn markfresh_chat(&self, account_id: u32, chat_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
+        markfresh_chat(&ctx, ChatId::new(chat_id)).await
+    }
+
     /// Returns the message that is immediately followed by the last seen
     /// message.
     /// From the point of view of the user this is effectively
@@ -2356,12 +2388,12 @@ impl CommandApi {
         Ok(message_id.to_u32())
     }
 
-    /// Send a reaction to message.
+    /// Sends a reaction to message.
     ///
-    /// Reaction is a string of emojis separated by spaces. Reaction to a
-    /// single message can be sent multiple times. The last reaction
-    /// received overrides all previously received reactions. It is
-    /// possible to remove all reactions by sending an empty string.
+    /// A reaction is a string that represents an emoji.
+    /// You can call this function again to change the emoji;
+    /// the last sent reaction overrides all previously sent reactions.
+    /// It is possible to remove the reaction by sending an empty string.
     async fn send_reaction(
         &self,
         account_id: u32,

deltachat-jsonrpc/src/api/types/login_param.rs

@@ -33,6 +33,12 @@ pub struct EnteredLoginParam {
     /// Imap server port.
     pub imap_port: Option<u16>,
 
+    /// IMAP server folder.
+    ///
+    /// Defaults to "INBOX" if not set.
+    /// Should not be an empty string.
+    pub imap_folder: Option<String>,
+
     /// Imap socket security.
     pub imap_security: Option<Socket>,
 
@@ -85,6 +91,7 @@ impl From<dc::EnteredLoginParam> for EnteredLoginParam {
             password: param.imap.password,
             imap_server: param.imap.server.into_option(),
             imap_port: param.imap.port.into_option(),
+            imap_folder: param.imap.folder.into_option(),
             imap_security: imap_security.into_option(),
             imap_user: param.imap.user.into_option(),
             smtp_server: param.smtp.server.into_option(),
@@ -104,14 +111,15 @@ impl TryFrom<EnteredLoginParam> for dc::EnteredLoginParam {
     fn try_from(param: EnteredLoginParam) -> Result<Self> {
         Ok(Self {
             addr: param.addr,
-            imap: dc::EnteredServerLoginParam {
+            imap: dc::EnteredImapLoginParam {
                 server: param.imap_server.unwrap_or_default(),
                 port: param.imap_port.unwrap_or_default(),
+                folder: param.imap_folder.unwrap_or_default(),
                 security: param.imap_security.unwrap_or_default().into(),
                 user: param.imap_user.unwrap_or_default(),
                 password: param.password,
             },
-            smtp: dc::EnteredServerLoginParam {
+            smtp: dc::EnteredSmtpLoginParam {
                 server: param.smtp_server.unwrap_or_default(),
                 port: param.smtp_port.unwrap_or_default(),
                 security: param.smtp_security.unwrap_or_default().into(),

deltachat-jsonrpc/src/api/types/reactions.rs

@@ -24,6 +24,8 @@ pub struct JsonrpcReaction {
 #[serde(rename = "Reactions", rename_all = "camelCase")]
 pub struct JsonrpcReactions {
     /// Map from a contact to it's reaction to message.
+    /// There is only a single reaction per contact,
+    /// but this contains a list of reactions for historical reasons.
     reactions_by_contact: BTreeMap<u32, Vec<String>>,
     /// Unique reactions and their count, sorted in descending order.
     reactions: Vec<JsonrpcReaction>,
@@ -31,27 +33,16 @@ pub struct JsonrpcReactions {
 
 impl From<Reactions> for JsonrpcReactions {
     fn from(reactions: Reactions) -> Self {
-        let mut reactions_by_contact: BTreeMap<u32, Vec<String>> = BTreeMap::new();
-
-        for contact_id in reactions.contacts() {
-            let reaction = reactions.get(contact_id);
-            if reaction.is_empty() {
-                continue;
-            }
-            let emojis: Vec<String> = reaction
-                .emojis()
-                .into_iter()
-                .map(|emoji| emoji.to_owned())
-                .collect();
-            reactions_by_contact.insert(contact_id.to_u32(), emojis.clone());
-        }
-
-        let self_reactions = reactions_by_contact.get(&ContactId::SELF.to_u32());
+        let reactions_by_contact: BTreeMap<u32, Vec<String>> = reactions
+            .iter()
+            .map(|(key, value)| (key.to_u32(), vec![value.as_str().to_string()]))
+            .collect();
+        let self_reaction = reactions_by_contact.get(&ContactId::SELF.to_u32());
 
         let mut reactions_v = Vec::new();
         for (emoji, count) in reactions.emoji_sorted_by_frequency() {
-            let is_from_self = if let Some(self_reactions) = self_reactions {
-                self_reactions.contains(&emoji)
+            let is_from_self = if let Some(self_reaction) = self_reaction {
+                self_reaction.contains(&emoji)
             } else {
                 false
             };

deltachat-jsonrpc/src/api/types/webxdc.rs

@@ -37,6 +37,10 @@ pub struct WebxdcMessageInfo {
     internet_access: bool,
     /// Address to be used for `window.webxdc.selfAddr` in JS land.
     self_addr: String,
+    /// Define if the local user is the one who initially shared the webxdc application in the chat.
+    is_app_sender: bool,
+    /// Define if the app runs in a broadcasting context.
+    is_broadcast: bool,
     /// Milliseconds to wait before calling `sendUpdate()` again since the last call.
     /// Should be exposed to `window.sendUpdateInterval` in JS land.
     send_update_interval: usize,
@@ -60,6 +64,8 @@ impl WebxdcMessageInfo {
             request_integration: _,
             internet_access,
             self_addr,
+            is_app_sender,
+            is_broadcast,
             send_update_interval,
             send_update_max_size,
         } = message.get_webxdc_info(context).await?;
@@ -72,6 +78,8 @@ impl WebxdcMessageInfo {
             source_code_url: maybe_empty_string_to_option(source_code_url),
             internet_access,
             self_addr,
+            is_app_sender,
+            is_broadcast,
             send_update_interval,
             send_update_max_size,
         })

deltachat-jsonrpc/src/lib.rs

@@ -85,7 +85,7 @@ mod tests {
             assert_eq!(result, response.to_owned());
         }
         {
-            let request = r#"{"jsonrpc":"2.0","method":"batch_set_config","id":2,"params":[1,{"addr":"","mail_user":"","mail_pw":"","mail_server":"","mail_port":"","mail_security":"","imap_certificate_checks":"","send_user":"","send_pw":"","send_server":"","send_port":"","send_security":"","smtp_certificate_checks":""}]}"#;
+            let request = r#"{"jsonrpc":"2.0","method":"batch_set_config","id":2,"params":[1,{"addr":"","mail_user":"","mail_pw":"","mail_server":"","mail_port":"","mail_security":"","imap_certificate_checks":"","send_user":"","send_pw":"","send_server":"","send_port":"","send_security":""}]}"#;
             let response = r#"{"jsonrpc":"2.0","id":2,"result":null}"#;
             session.handle_incoming(request).await;
             let result = receiver.recv().await?;

deltachat-jsonrpc/typescript/package.json

@@ -54,5 +54,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "2.46.0"
+  "version": "2.50.0-dev"
 }

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "2.46.0"
+version = "2.50.0-dev"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/chatmail/core"

deltachat-rpc-client/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat-rpc-client"
-version = "2.46.0"
+version = "2.50.0-dev"
 license = "MPL-2.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [

deltachat-rpc-client/src/deltachat_rpc_client/_utils.py

@@ -187,13 +187,9 @@ class futuremethod:  # noqa: N801
     """Decorator for async methods."""
 
     def __init__(self, func):
-        functools.update_wrapper(self, func)
         self._func = func
 
     def __get__(self, instance, owner=None):
-        if instance is None:
-            return self
-
         def future(*args):
             generator = self._func(instance, *args)
             res = next(generator)
@@ -206,6 +202,7 @@ class futuremethod:  # noqa: N801
 
             return f
 
+        @functools.wraps(self._func)
         def wrapper(*args):
             f = future(*args)
             return f()

deltachat-rpc-client/src/deltachat_rpc_client/account.py

@@ -405,7 +405,15 @@ class Account:
 
     @futuremethod
     def wait_next_messages(self) -> list[Message]:
-        """Wait for new messages and return a list of them."""
+        """(deprecated) Wait for new messages and return a list of them. Meant for bots.
+
+        Deprecated 2026-04: This returns the message's id as soon as the first part arrives,
+        even if it is not fully downloaded yet.
+        The bot needs to wait for the message to be fully downloaded.
+        Since this is usually not the desired behavior,
+        bots should instead use the `EventType.INCOMING_MSG`
+        event for getting notified about new messages.
+        """
         next_msg_ids = yield self._rpc.wait_next_msgs.future(self.id)
         return [Message(self, msg_id) for msg_id in next_msg_ids]
 

deltachat-rpc-client/src/deltachat_rpc_client/chat.py

@@ -219,6 +219,10 @@ class Chat:
         """Mark all messages in this chat as noticed."""
         self._rpc.marknoticed_chat(self.account.id, self.id)
 
+    def mark_fresh(self) -> None:
+        """Mark the last incoming message in the chat as fresh."""
+        self._rpc.markfresh_chat(self.account.id, self.id)
+
     def add_contact(self, *contact: Union[int, str, Contact, "Account"]) -> None:
         """Add contacts to this group."""
         from .account import Account

deltachat-rpc-client/src/deltachat_rpc_client/message.py

@@ -25,7 +25,14 @@ class Message:
         return self.account._rpc
 
     def send_reaction(self, *reaction: str) -> "Message":
-        """Send a reaction to this message."""
+        """
+        Sends a reaction to message.
+
+        A reaction is a string that represents an emoji.
+        You can call this function again to change the emoji;
+        the last sent reaction overrides all previously sent reactions.
+        It is possible to remove the reaction by sending an empty string.
+        """
         msg_id = self._rpc.send_reaction(self.account.id, self.id, reaction)
         return Message(self.account, msg_id)
 

deltachat-rpc-client/tests/test_folders.py

@@ -1,104 +1,26 @@
-import logging
 import re
-import time
 
-import pytest
 from imap_tools import AND, U
 
-from deltachat_rpc_client import Contact, EventType, Message
+from deltachat_rpc_client import EventType
 
 
-def test_move_works(acfactory, direct_imap):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-    ac2_direct_imap = direct_imap(ac2)
-    ac2_direct_imap.create_folder("DeltaChat")
-    ac2.set_config("mvbox_move", "1")
-    ac2.bring_online()
-
-    chat = ac1.create_chat(ac2)
-    chat.send_text("message1")
-
-    # Message is moved to the movebox
-    ac2.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
-
-    # Message is downloaded
-    msg = ac2.wait_for_incoming_msg().get_snapshot()
-    assert msg.text == "message1"
-
-
-def test_reactions_for_a_reordering_move(acfactory, direct_imap):
-    """When a batch of messages is moved from Inbox to DeltaChat folder with a single MOVE command,
-    their UIDs may be reordered (e.g. Gmail is known for that) which led to that messages were
-    processed by receive_imf in the wrong order, and, particularly, reactions were processed before
-    messages they refer to and thus dropped.
-    """
-    (ac1,) = acfactory.get_online_accounts(1)
+def test_moved_markseen(acfactory, direct_imap, log):
+    """Test that message already moved to DeltaChat folder is marked as seen."""
+    ac1 = acfactory.get_online_account()
 
     addr, password = acfactory.get_credentials()
     ac2 = acfactory.get_unconfigured_account()
     ac2.add_or_update_transport({"addr": addr, "password": password})
-    ac2_direct_imap = direct_imap(ac2)
-    ac2_direct_imap.create_folder("DeltaChat")
-    ac2.set_config("mvbox_move", "1")
-    assert ac2.is_configured()
-
     ac2.bring_online()
-    chat1 = acfactory.get_accepted_chat(ac1, ac2)
-    ac2.stop_io()
 
-    logging.info("sending message + reaction from ac1 to ac2")
-    msg1 = chat1.send_text("hi")
-    msg1.wait_until_delivered()
-    # It's is sad, but messages must differ in their INTERNALDATEs to be processed in the correct
-    # order by DC, and most (if not all) mail servers provide only seconds precision.
-    time.sleep(1.1)
-    react_str = "\N{THUMBS UP SIGN}"
-    msg1.send_reaction(react_str).wait_until_delivered()
-
-    logging.info("moving messages to ac2's DeltaChat folder in the reverse order")
-    ac2_direct_imap = direct_imap(ac2)
-    ac2_direct_imap.connect()
-    for uid in sorted([m.uid for m in ac2_direct_imap.get_all_messages()], reverse=True):
-        ac2_direct_imap.conn.move(uid, "DeltaChat")
-
-    logging.info("receiving messages by ac2")
-    ac2.start_io()
-    msg2 = Message(ac2, ac2.wait_for_reactions_changed().msg_id)
-    assert msg2.get_snapshot().text == msg1.get_snapshot().text
-    reactions = msg2.get_reactions()
-    contacts = [Contact(ac2, int(i)) for i in reactions.reactions_by_contact]
-    assert len(contacts) == 1
-    assert contacts[0].get_snapshot().address == ac1.get_config("addr")
-    assert list(reactions.reactions_by_contact.values())[0] == [react_str]
-
-
-def test_move_works_on_self_sent(acfactory, direct_imap):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-
-    # Create and enable movebox.
-    ac1_direct_imap = direct_imap(ac1)
-    ac1_direct_imap.create_folder("DeltaChat")
-    ac1.set_config("mvbox_move", "1")
-    ac1.set_config("bcc_self", "1")
-    ac1.bring_online()
-
-    chat = ac1.create_chat(ac2)
-    chat.send_text("message1")
-    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
-    chat.send_text("message2")
-    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
-    chat.send_text("message3")
-    ac1.wait_for_event(EventType.IMAP_MESSAGE_MOVED)
-
-
-def test_moved_markseen(acfactory, direct_imap):
-    """Test that message already moved to DeltaChat folder is marked as seen."""
-    ac1, ac2 = acfactory.get_online_accounts(2)
+    log.section("ac2: creating DeltaChat folder")
     ac2_direct_imap = direct_imap(ac2)
     ac2_direct_imap.create_folder("DeltaChat")
-    ac2.set_config("mvbox_move", "1")
     ac2.set_config("delete_server_after", "0")
     ac2.set_config("sync_msgs", "0")  # Do not send a sync message when accepting a contact request.
+
+    ac2.add_or_update_transport({"addr": addr, "password": password, "imapFolder": "DeltaChat"})
     ac2.bring_online()
 
     ac2.stop_io()
@@ -108,6 +30,7 @@ def test_moved_markseen(acfactory, direct_imap):
         idle2.wait_for_new_message()
 
     # Emulate moving of the message to DeltaChat folder by Sieve rule.
+    log.section("ac2: moving message into DeltaChat folder")
     ac2_direct_imap.conn.move(["*"], "DeltaChat")
     ac2_direct_imap.select_folder("DeltaChat")
     assert len(list(ac2_direct_imap.conn.fetch("*", mark_seen=False))) == 1
@@ -131,17 +54,11 @@ def test_moved_markseen(acfactory, direct_imap):
     assert len(list(ac2_direct_imap.conn.fetch(AND(seen=True, uid=U(1, "*")), mark_seen=False))) == 1
 
 
-@pytest.mark.parametrize("mvbox_move", [True, False])
-def test_markseen_message_and_mdn(acfactory, direct_imap, mvbox_move):
+def test_markseen_message_and_mdn(acfactory, direct_imap):
     ac1, ac2 = acfactory.get_online_accounts(2)
 
     for ac in ac1, ac2:
         ac.set_config("delete_server_after", "0")
-        if mvbox_move:
-            ac_direct_imap = direct_imap(ac)
-            ac_direct_imap.create_folder("DeltaChat")
-            ac.set_config("mvbox_move", "1")
-            ac.bring_online()
 
     # Do not send BCC to self, we only want to test MDN on ac1.
     ac1.set_config("bcc_self", "0")
@@ -150,10 +67,7 @@ def test_markseen_message_and_mdn(acfactory, direct_imap, mvbox_move):
     msg = ac2.wait_for_incoming_msg()
     msg.mark_seen()
 
-    if mvbox_move:
-        rex = re.compile("Marked messages [0-9]+ in folder DeltaChat as seen.")
-    else:
-        rex = re.compile("Marked messages [0-9]+ in folder INBOX as seen.")
+    rex = re.compile("Marked messages [0-9]+ in folder INBOX as seen.")
 
     for ac in ac1, ac2:
         while True:
@@ -161,12 +75,11 @@ def test_markseen_message_and_mdn(acfactory, direct_imap, mvbox_move):
             if event.kind == EventType.INFO and rex.search(event.msg):
                 break
 
-    folder = "mvbox" if mvbox_move else "inbox"
     ac1_direct_imap = direct_imap(ac1)
     ac2_direct_imap = direct_imap(ac2)
 
-    ac1_direct_imap.select_config_folder(folder)
-    ac2_direct_imap.select_config_folder(folder)
+    ac1_direct_imap.select_folder("INBOX")
+    ac2_direct_imap.select_folder("INBOX")
 
     # Check that the mdn is marked as seen
     assert len(list(ac1_direct_imap.conn.fetch(AND(seen=True), mark_seen=False))) == 1

deltachat-rpc-client/tests/test_multitransport.py

@@ -9,10 +9,6 @@ def test_add_second_address(acfactory) -> None:
     account = acfactory.new_configured_account()
     assert len(account.list_transports()) == 1
 
-    # When the first transport is created,
-    # mvbox_move and only_fetch_mvbox should be disabled.
-    assert account.get_config("mvbox_move") == "0"
-    assert account.get_config("only_fetch_mvbox") == "0"
     assert account.get_config("show_emails") == "2"
 
     qr = acfactory.get_account_qr()
@@ -32,32 +28,10 @@ def test_add_second_address(acfactory) -> None:
     account.delete_transport(second_addr)
     assert len(account.list_transports()) == 2
 
-    # Enabling mvbox_move or only_fetch_mvbox
-    # is not allowed when multi-transport is enabled.
-    for option in ["mvbox_move", "only_fetch_mvbox"]:
-        with pytest.raises(JsonRpcError):
-            account.set_config(option, "1")
-
     # show_emails does not matter for multi-relay, can be set to anything
     account.set_config("show_emails", "0")
 
 
-@pytest.mark.parametrize("key", ["mvbox_move", "only_fetch_mvbox"])
-def test_no_second_transport_with_mvbox(acfactory, key) -> None:
-    """Test that second transport cannot be configured if mvbox is used."""
-    account = acfactory.new_configured_account()
-    assert len(account.list_transports()) == 1
-
-    assert account.get_config("mvbox_move") == "0"
-    assert account.get_config("only_fetch_mvbox") == "0"
-
-    qr = acfactory.get_account_qr()
-    account.set_config(key, "1")
-
-    with pytest.raises(JsonRpcError):
-        account.add_transport_from_qr(qr)
-
-
 def test_second_transport_without_classic_emails(acfactory) -> None:
     """Test that second transport can be configured if classic emails are not fetched."""
     account = acfactory.new_configured_account()
@@ -147,44 +121,13 @@ def test_download_on_demand(acfactory) -> None:
         assert msg.get_snapshot().download_state == dstate
 
 
-@pytest.mark.parametrize("is_chatmail", ["0", "1"])
-def test_mvbox_move_first_transport(acfactory, is_chatmail) -> None:
-    """Test that mvbox_move is disabled by default even for non-chatmail accounts.
-    Disabling mvbox_move is required to be able to setup a second transport.
-    """
-    account = acfactory.get_unconfigured_account()
-
-    account.set_config("fix_is_chatmail", "1")
-    account.set_config("is_chatmail", is_chatmail)
-
-    # The default value when the setting is unset is "1".
-    # This is not changed for compatibility with old databases
-    # imported from backups.
-    assert account.get_config("mvbox_move") == "1"
-
-    qr = acfactory.get_account_qr()
-    account.add_transport_from_qr(qr)
-
-    # Once the first transport is set up,
-    # mvbox_move is disabled.
-    assert account.get_config("mvbox_move") == "0"
-    assert account.get_config("is_chatmail") == is_chatmail
-
-
 def test_reconfigure_transport(acfactory) -> None:
-    """Test that reconfiguring the transport works
-    even if settings not supported for multi-transport
-    like mvbox_move are enabled."""
+    """Test that reconfiguring the transport works."""
     account = acfactory.get_online_account()
-    account.set_config("mvbox_move", "1")
 
     [transport] = account.list_transports()
     account.add_or_update_transport(transport)
 
-    # Reconfiguring the transport should not reset
-    # the settings as if when configuring the first transport.
-    assert account.get_config("mvbox_move") == "1"
-
 
 def test_transport_synchronization(acfactory, log) -> None:
     """Test synchronization of transports between devices."""

deltachat-rpc-client/tests/test_something.py

@@ -273,6 +273,9 @@ def test_chat(acfactory) -> None:
     assert group.get_messages()
     group.get_fresh_message_count()
     group.mark_noticed()
+    assert group.get_fresh_message_count() == 0
+    group.mark_fresh()
+    assert group.get_fresh_message_count() > 0
     assert group.get_contacts()
     assert group.get_past_contacts() == []
     group.remove_contact(alice_contact_bob)
@@ -1044,6 +1047,7 @@ def test_no_old_msg_is_fresh(acfactory):
     assert ac1.create_chat(ac2).get_fresh_message_count() == 1
     assert len(list(ac1.get_fresh_messages())) == 1
 
+    ac1_clone.wait_for_incoming_msg_event()
     ac1.wait_for_event(EventType.IMAP_INBOX_IDLE)
 
     logging.info("Send a message from ac1_clone to ac2 and check that ac1 marks the first message as 'noticed'")

deltachat-rpc-client/tests/test_webxdc.py

@@ -18,6 +18,8 @@ def test_webxdc(acfactory) -> None:
         "sourceCodeUrl": None,
         "summary": None,
         "selfAddr": webxdc_info["selfAddr"],
+        "isAppSender": False,
+        "isBroadcast": False,
         "sendUpdateInterval": 1000,
         "sendUpdateMaxSize": 18874368,
     }

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "2.46.0"
+version = "2.50.0-dev"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deltachat-rpc-server/npm-package/README.md

@@ -18,7 +18,7 @@ import { startDeltaChat } from "@deltachat/stdio-rpc-server";
 import { C } from "@deltachat/jsonrpc-client";
 
 async function main() {
-    const dc = await startDeltaChat("deltachat-data");
+    const dc = startDeltaChat("deltachat-data");
     console.log(await dc.rpc.getSystemInfo());
     dc.close()
 }

deltachat-rpc-server/npm-package/index.d.ts

@@ -15,7 +15,7 @@ export interface SearchOptions {
  */
 export function getRPCServerPath(
   options?: Partial<SearchOptions>
-): Promise<string>;
+): string;
 
 
 
@@ -33,8 +33,15 @@ export interface StartOptions {
  * @param directory directory for accounts folder
  * @param options 
  */
-export function startDeltaChat(directory: string, options?: Partial<SearchOptions & StartOptions> ): Promise<DeltaChatOverJsonRpcServer>
+export function startDeltaChat(directory: string, options?: Partial<SearchOptions & StartOptions> ): DeltaChatOverJsonRpcServer
 
+export class DeltaChatOverJsonRpc extends StdioDeltaChat {
+  constructor(
+    directory: string,
+    options?: Partial<SearchOptions & StartOptions>
+  );
+  readonly pathToServerBinary: string;
+}
 
 export namespace FnTypes {
     export type getRPCServerPath = typeof getRPCServerPath

deltachat-rpc-server/npm-package/index.js

@@ -1,6 +1,6 @@
 //@ts-check
 import { spawn } from "node:child_process";
-import { stat } from "node:fs/promises";
+import { statSync } from "node:fs";
 import os from "node:os";
 import process from "node:process";
 import { ENV_VAR_NAME, PATH_EXECUTABLE_NAME } from "./src/const.js";
@@ -36,7 +36,7 @@ function findRPCServerInNodeModules() {
 }
 
 /** @type {import("./index").FnTypes.getRPCServerPath} */
-export async function getRPCServerPath(options = {}) {
+export function getRPCServerPath(options = {}) {
   const { takeVersionFromPATH, disableEnvPath } = {
     takeVersionFromPATH: false,
     disableEnvPath: false,
@@ -45,7 +45,7 @@ export async function getRPCServerPath(options = {}) {
   // 1. check if it is set as env var
   if (process.env[ENV_VAR_NAME] && !disableEnvPath) {
     try {
-      if (!(await stat(process.env[ENV_VAR_NAME])).isFile()) {
+      if (!statSync(process.env[ENV_VAR_NAME]).isFile()) {
         throw new Error(
           `expected ${ENV_VAR_NAME} to point to the deltachat-rpc-server executable`
         );
@@ -68,41 +68,49 @@ export async function getRPCServerPath(options = {}) {
 import { StdioDeltaChat } from "@deltachat/jsonrpc-client";
 
 /** @type {import("./index").FnTypes.startDeltaChat} */
-export async function startDeltaChat(directory, options = {}) {
-  const pathToServerBinary = await getRPCServerPath(options);
-  const server = spawn(pathToServerBinary, {
-    env: {
-      RUST_LOG: process.env.RUST_LOG,
-      DC_ACCOUNTS_PATH: directory,
-    },
-    stdio: ["pipe", "pipe", options.muteStdErr ? "ignore" : "inherit"],
-  });
-
-  server.on("error", (err) => {
-    throw new Error(FAILED_TO_START_SERVER_EXECUTABLE(pathToServerBinary, err));
-  });
-  let shouldClose = false;
-
-  server.on("exit", () => {
-    if (shouldClose) {
-      return;
-    }
-    throw new Error("Server quit");
-  });
-
-  /** @type {import('./index').DeltaChatOverJsonRpcServer} */
-  //@ts-expect-error
-  const dc = new StdioDeltaChat(server.stdin, server.stdout, true);
-
-  dc.close = () => {
-    shouldClose = true;
-    if (!server.kill()) {
-      console.log("server termination failed");
-    }
-  };
-
-  //@ts-expect-error
-  dc.pathToServerBinary = pathToServerBinary;
-
-  return dc;
+export function startDeltaChat(directory, options = {}) {
+  return new DeltaChatOverJsonRpc(directory, options);
+}
+
+export class DeltaChatOverJsonRpc extends StdioDeltaChat {
+  /**
+   *
+   * @param {string} directory
+   * @param {Partial<import("./index").SearchOptions & import("./index").StartOptions>} options
+   */
+  constructor(directory, options = {}) {
+    const pathToServerBinary = getRPCServerPath(options);
+    const server = spawn(pathToServerBinary, {
+      env: {
+        RUST_LOG: process.env.RUST_LOG,
+        DC_ACCOUNTS_PATH: directory,
+      },
+      stdio: ["pipe", "pipe", options.muteStdErr ? "ignore" : "inherit"],
+    });
+
+    server.on("error", (err) => {
+      throw new Error(
+        FAILED_TO_START_SERVER_EXECUTABLE(pathToServerBinary, err)
+      );
+    });
+    let shouldClose = false;
+
+    server.on("exit", () => {
+      if (shouldClose) {
+        return;
+      }
+      throw new Error("Server quit");
+    });
+
+    super(server.stdin, server.stdout, true);
+
+    this.close = () => {
+      shouldClose = true;
+      if (!server.kill()) {
+        console.log("server termination failed");
+      }
+    };
+
+    this.pathToServerBinary = pathToServerBinary;
+  }
 }

deltachat-rpc-server/npm-package/package.json

@@ -15,5 +15,5 @@
   },
   "type": "module",
   "types": "index.d.ts",
-  "version": "2.46.0"
+  "version": "2.50.0-dev"
 }

deny.toml

@@ -17,6 +17,23 @@ ignore = [
     # It is a transitive dependency of iroh 0.35.0,
     # this should be fixed by upgrading to iroh 1.0 once it is released.
     "RUSTSEC-2025-0134",
+
+    # rustls-webpki v0.102.8
+    # We cannot upgrade to >=0.103.10 because
+    # it is a transitive dependency of iroh 0.35.0
+    # which depends on ^0.102.
+    # <https://rustsec.org/advisories/RUSTSEC-2026-0049>
+    # <https://rustsec.org/advisories/RUSTSEC-2026-0098>
+    # <https://rustsec.org/advisories/RUSTSEC-2026-0099>
+    "RUSTSEC-2026-0049",
+    "RUSTSEC-2026-0098",
+    "RUSTSEC-2026-0099",
+
+    # Panic in CRL signature checks.
+    # We do not check CRL and cannot update rustls-webpki 0.102.8 
+    # which is a dependency of iroh 0.35.0.
+    # <https://rustsec.org/advisories/RUSTSEC-2026-0104>
+    "RUSTSEC-2026-0104"
 ]
 
 [bans]
@@ -42,6 +59,7 @@ skip = [
      { name = "rand_core", version = "0.6.4" },
      { name = "rand", version = "0.8.5" },
      { name = "rustix", version = "0.38.44" },
+     { name = "rustls-webpki", version = "0.102.8" },
      { name = "serdect", version = "0.2.0" },
      { name = "socket2", version = "0.5.9" },
      { name = "spin", version = "0.9.8" },

draft/aeap-mvp.md

@@ -1,127 +0,0 @@
-AEAP MVP
-========
-
-Changes to the UIs
-------------------
-
-- The secondary self addresses (see below) are shown in the UI, but not editable.
-
-- When the user changed the email address in the configure screen, show a dialog to the user, either directly explaining things or with a link to the FAQ (see "Other" below)
-
-Changes in the core
--------------------
-
-- [x] We have one primary self address and any number of secondary self addresses. `is_self_addr()` checks all of them.
-
-- [x] If the user does a reconfigure and changes the email address, the previous address is added as a secondary self address.
-
-  - don't forget to deduplicate secondary self addresses in case the user switches back and forth between addresses).
-
-  - The key stays the same.
-
-- [x] No changes for 1:1 chats, there simply is a new one. (This works since, contrary to group messages, messages sent to a 1:1 chat are not assigned to the group chat but always to the 1:1 chat with the sender. So it's not a problem that the new messages might be put into the old chat if they are a reply to a message there.)
-
-- [ ] When sending a message: If any of the secondary self addrs is in the chat's member list, remove it locally (because we just transitioned away from it). We add a log message for this (alternatively, a system message in the chat would be more visible).
-
-- [x] ([#3385](https://github.com/deltachat/deltachat-core-rust/pull/3385)) When receiving a message: If the key exists, but belongs to another address (we may want to benchmark this)
-  AND there is a `Chat-Version` header\
-  AND the message is signed correctly
-  AND the From address is (also) in the encrypted (and therefore signed) headers <sup>[[1]](#myfootnote1)</sup>\
-  AND the message timestamp is newer than the contact's `lastseen` (to prevent changing the address back when messages arrive out of order) (this condition is not that important since we will have eventual consistency even without it):
-
-  Replace the contact in _all_ groups, possibly deduplicate the members list, and add a system message to all of these chats.
-  
-  - Note that we can't simply compare the keys byte-by-byte, since the UID may have changed, or the sender may have rotated the key and signed the new key with the old one.
-
-<a name="myfootnote1">[1]</a>: Without this check, an attacker could replay a message from Alice to Bob. Then Bob's device would do an AEAP transition from Alice's to the attacker's address, allowing for easier phishing.
-
-<details>
-<summary>More details about this</summary>
-Suppose Alice sends a message to Evil (or to a group with both Evil and Bob). Evil then forwards the message to Bob, changing the From and To headers (and if necessary Message-Id) and replacing `addr=alice@example.org;` in the autocrypt header with `addr=evil@example.org;`.
-
-Then Bob's device sees that there is a message which is signed by Alice's key and comes from Evil's address and would do the AEAP transition, i.e. replace Alice with Evil in all groups and show a message "Alice changed their address from alice@example.org to evil@example.org". Disadvantages for Evil are that Bob's message will be shown on Alice's device, possibly creating confusion/suspicion, and that the usual "Setup changed for..." message will be shown the next time Evil sends a message (because Evil doesn't know Alice's private key).
-
-Possible mitigations:
-- if we make the AEAP device message sth. like "Automatically removed alice@example.org and added evil@example.org", then this will create more suspicion, making the phishing harder (we didn't talk about what what the wording should be at all yet).
-- Add something similar to replay protection to our Autocrypt implementation. This could be done e.g. by adding a second `From` header to the protected headers. If it's present, the receiver then requires it to be the same as the outer `From`, and if it's not present, we don't do AEAP --> **That's what we implemented**
-
-Note that usually a mail is signed by a key that has a UID matching the from address.
-
-  That's not mandatory for Autocrypt (and in fact, we just keep the old UID when changing the self address, so with AEAP the UID will actually be different than the from address sometimes)
-
-  https://autocrypt.org/level1.html#openpgp-based-key-data says:
-  > The content of the user id packet is only decorative
-
-</details>
-
-### Notes:
-  
-- We treat protected and non-protected chats the same
-- We leave the aeap transition statement away since it seems not to be needed, makes things harder on the sending side, wastes some network traffic, and is worse for privacy (since more people know what old addresses you had).
-- As soon as we encrypt read receipts, sending a read receipt will be enough to tell a lot of people that you transitioned
-- AEAP will make the problem of inconsistent group state worse, both because it doesn't work if the message is unencrypted (even if the design allowed it, it would be problematic security-wise) and because some chat partners may have gotten the transition and some not. We should do something against this at some point in the future, like asking the user whether they want to add/remove the members to restore consistent group state.
-
-#### Downsides of this design:
-- Inconsistent group state: Suppose Alice does an AEAP transition and sends a 1:1 message to Bob, so Bob rewrites Alice's contact. Alice, Bob and Charlie are together in a group. Before Alice writes to this group, Bob and Charlie will have different membership lists, and Bob will send messages to Alice's new address, while Charlie will send them to her old address.
-
-#### Upsides:
-- With this approach, it's easy to switch to a model where the info about the transition is encoded in the PGP key. Since the key is gossiped, the information about the transition will spread virally.
-- Faster transition: If you send a message to e.g. "Delta Chat Dev", all members of the "sub-group" "delta android" will know of your transition.
-
-### Alternatives and old discussions/plans:
-
-- Change the contact instead of rewriting the group member lists. This seems to call for more trouble since we will end up with multiple contacts having the same email address.
-
-- If needed, we could add a header a) indicating that the sender did an address transition or b) listing all the secondary (old) addresses.  For now, there is no big enough benefit to warrant introducing another header and its processing on the receiver side (including all the necessary checks and handling of error cases). Instead, we only check for the `Chat-Version` header to prevent accidental transitions when an MUA user sends a message from another email address with the same key.
-
-- The condition for a transition temporarily was:
-
-  > When receiving a message: If we are going to assign a message to a chat, but the sender is not a member of this chat\
-  > AND the signing key is the same as the direct (non-gossiped) key of one of the chat members\
-  > AND ...
-
-  However, this would mean that in 1:1 messages can't trigger a transition, since we don't assign private messages to the parent chat, but always to the 1:1 chat with the sender.
-  
-<details>
-<summary>Some previous state of the discussion, which temporarily lived in an issue description</summary>
-Summarizing the discussions from https://github.com/deltachat/deltachat-core-rust/pull/2896, mostly quoting @hpk42:
-
-1. (DONE) At the time of configure we push the current primary to become a secondary. 
-
-2. When a message is sent out to a chat, and the message is encrypted, and we have secondary addresses, then we 
-  a) add a protected "AEAP-Replacement" header that contains all secondary addresses 
-  b) if any of the secondary addresses is in the chat's member list, we remove it and leave a system message that we did so
-3. When an encrypted message with a replacement header is received, replace the e-mail address of all secondary contacts (if they exist) with the new primary and drop a sysmessage in all chats the secondary is member off.  This might (in edge cases) result in chats that have two or more contacts with the same e-mail address.  We might ignore this for a first release and just log a warning.  Let's maybe not get hung up on this case before everything else works. 
-
-Notes: 
-- for now we will send out aeap replacement headers forever, there is no termination condition other than lack of secondary addresses.  I think that's fine for now.  Later on we might introduce options to remove secondary addresses but i wouldn't do this for a first release/PR. 
-- the design is resilient against changing e-mail providers from A to B to C and then back to A, with partially updated chats and diverging views from recipients/contacts on this transition.  In the end, you will have a primary and some secondaries, and when you start sending out messages everybody will eventually synchronize when they receive the current state of primaries/secondaries. 
-- of course on incoming message for need to check for each stated secondary address in the replacement header that it uses the same signature as the signature we verified as valid with the incoming message  **-->  Also we have to somehow make sure that the signing key was not just gossiped from some random other person in some group.**
-- there are no extra flags/columns in the database needed (i hope) 
-
-#### Downsides of the chosen approach:
-- Inconsistent group state: Suppose Alice does an AEAP transition and sends a 1:1 message to Bob, so Bob rewrites Alice's contact. Alice, Bob and Charlie are together in a group. Before Alice writes to this group, Bob and Charlie will have different membership lists, and Bob will send messages to Alice's new address, while Charlie will send them to her old address.
-- There will be multiple contacts with the same address in the database. We will have to do something against this at some point.
-
-The most obvious alternative would be to create a new contact with the new address and replace the old contact in the groups.
-
-#### Upsides:
-- With this approach, it's easier to switch to a model where the info about the transition is encoded in the PGP key. Since the key is gossiped, the information about the transition will spread virally.
-- (Also, less important: Slightly faster transition: If you send a message to e.g. "Delta Chat Dev", all members of the "sub-group" "delta android" will know of your transition.)
-- It's easier to implement (if too many problems turn up, we can still switch to another approach and didn't waste that much development time.)
-
-[full messages](https://github.com/deltachat/deltachat-core-rust/pull/2896#discussion_r852002161)
-  
-_end of the previous state of the discussion_  
-
-</details>
-  
-Other
------
-
-- The user is responsible that messages to the old address arrive at the new address, for example by configuring the old provider to forward all emails to the new one.
-
-Notes during implementing
-========================
-
-- As far as I understand the code, unencrypted messages are unsigned. So, the transition only works if both sides have the other side's key.

python/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat"
-version = "2.46.0"
+version = "2.50.0-dev"
 license = "MPL-2.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"

python/src/deltachat/message.py

@@ -254,10 +254,6 @@ class Message:
         """Quote setter."""
         lib.dc_msg_set_quote(self._dc_msg, quoted_message._dc_msg)
 
-    def force_plaintext(self) -> None:
-        """Force the message to be sent in plain text."""
-        lib.dc_msg_force_plaintext(self._dc_msg)
-
     @property
     def error(self) -> Optional[str]:
         """Error message."""

python/src/deltachat/testplugin.py

@@ -433,7 +433,6 @@ class ACFactory:
         if self.pytestconfig.getoption("--strict-tls"):
             # Enable strict certificate checks for online accounts
             configdict["imap_certificate_checks"] = str(const.DC_CERTCK_STRICT)
-            configdict["smtp_certificate_checks"] = str(const.DC_CERTCK_STRICT)
 
         assert "addr" in configdict and "mail_pw" in configdict
         return configdict
@@ -505,7 +504,6 @@ class ACFactory:
                 "addr": cloned_from.get_config("addr"),
                 "mail_pw": cloned_from.get_config("mail_pw"),
                 "imap_certificate_checks": cloned_from.get_config("imap_certificate_checks"),
-                "smtp_certificate_checks": cloned_from.get_config("smtp_certificate_checks"),
             }
         configdict.update(kwargs)
         ac = self._get_cached_account(addr=configdict["addr"]) if cache else None
@@ -522,7 +520,6 @@ class ACFactory:
         ac = self.get_unconfigured_account()
         assert "addr" in configdict and "mail_pw" in configdict, configdict
         configdict.setdefault("bcc_self", False)
-        configdict.setdefault("mvbox_move", False)
         configdict.setdefault("sync_msgs", False)
         configdict.setdefault("delete_server_after", 0)
         ac.update_config(configdict)

python/tests/test_0_complex_or_slow.py

@@ -288,6 +288,7 @@ def test_use_new_verified_group_after_going_online(acfactory, data, tmp_path, lp
     assert open(contact.get_profile_image(), "rb").read() == open(avatar_path, "rb").read()
 
     lp.sec("ac2_offl: sending message")
+    chat2.accept()
     msg_out = chat2.send_text("hello")
 
     lp.sec("ac1: receiving message")

python/tests/test_3_offline.py

@@ -52,19 +52,19 @@ class TestOfflineAccountBasic:
 
     def test_set_config_int_conversion(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()
-        ac1.set_config("mvbox_move", False)
-        assert ac1.get_config("mvbox_move") == "0"
-        ac1.set_config("mvbox_move", True)
-        assert ac1.get_config("mvbox_move") == "1"
-        ac1.set_config("mvbox_move", 0)
-        assert ac1.get_config("mvbox_move") == "0"
-        ac1.set_config("mvbox_move", 1)
-        assert ac1.get_config("mvbox_move") == "1"
+        ac1.set_config("bcc_self", False)
+        assert ac1.get_config("bcc_self") == "0"
+        ac1.set_config("bcc_self", True)
+        assert ac1.get_config("bcc_self") == "1"
+        ac1.set_config("bcc_self", 0)
+        assert ac1.get_config("bcc_self") == "0"
+        ac1.set_config("bcc_self", 1)
+        assert ac1.get_config("bcc_self") == "1"
 
     def test_update_config(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()
-        ac1.update_config({"mvbox_move": False})
-        assert ac1.get_config("mvbox_move") == "0"
+        ac1.update_config({"bcc_self": True})
+        assert ac1.get_config("bcc_self") == "1"
 
     def test_has_bccself(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()

release-date.in

@@ -1 +1 @@
-2026-03-19
+2026-04-13

scripts/README.md

@@ -48,19 +48,3 @@ the build machine (ask your friendly sysadmin on #deltachat Libera Chat) to type
 
 This will **rsync** your current checkout to the remote build machine 
 (no need to commit before) and then run either rust or python tests. 
-
-# coredeps Dockerfile
-
-`coredeps/Dockerfile` specifies an image that contains all 
-of Delta Chat's core dependencies. It is used to
-build python wheels (binary packages for Python).
-
-You can build the docker images yourself locally
-to avoid the relatively large download:
- 
-    cd scripts  # where all CI things are 
-    docker build -t deltachat/coredeps coredeps
-
-Additionally, you can install qemu and build arm64 docker image on x86\_64 machine:
-    apt-get install qemu binfmt-support qemu-user-static
-    docker build -t deltachat/coredeps-arm64 --build-arg BASEIMAGE=quay.io/pypa/manylinux2014_aarch64 coredeps

scripts/check-dev-version.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python3
+#
+# Script to check that current version ends with -dev.
+# Meant to be run in CI to check that PRs are made against the -dev version.
+# If the version is not -dev, it was forgotten to be updated
+# after making a release.
+
+from pathlib import Path
+import tomllib
+import sys
+
+
+def main():
+    with Path("Cargo.toml").open("rb") as fp:
+        cargo_toml = tomllib.load(fp)
+    version = cargo_toml["package"]["version"]
+    if not version.endswith("-dev"):
+        print(f"Current version {version} does not end with -dev", file=sys.stderr)
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

scripts/concourse/README.md

@@ -1,26 +0,0 @@
-# Concourse CI pipeline
-
-`docs_wheels.yml` is a pipeline for [Concourse CI](https://concourse-ci.org/)
-that builds C documentation, Python documentation, Python wheels for `x86_64`
-and `aarch64` and Python source packages, and uploads them.
-
-To setup the pipeline run
-```
-fly -t <your-target> set-pipeline -c docs_wheels.yml -p docs_wheels -l secret.yml
-```
-where `secret.yml` contains the following secrets:
-```
-c.delta.chat:
-  private_key: |
-    -----BEGIN OPENSSH PRIVATE KEY-----
-    ...
-    -----END OPENSSH PRIVATE KEY-----
-devpi:
-  login: dc
-  password: ...
-```
-
-Secrets can be read from the password manager:
-```
-fly -t b1 set-pipeline -c docs_wheels.yml -p docs_wheels -l <(pass show delta/b1.delta.chat/secret.yml)
-```

scripts/concourse/docs_wheels.yml

@@ -1,305 +0,0 @@
-resources:
-  - name: deltachat-core-rust
-    type: git
-    icon: github
-    source:
-      branch: main
-      uri: https://github.com/chatmail/core.git
-
-  - name: deltachat-core-rust-release
-    type: git
-    icon: github
-    source:
-      branch: main
-      uri: https://github.com/chatmail/core.git
-      tag_filter: "v*"
-
-jobs:
-  - name: python-x86_64
-    plan:
-      - get: deltachat-core-rust
-      - get: deltachat-core-rust-release
-        trigger: true
-
-      # Build manylinux image with additional dependencies
-      - task: build-coredeps
-        privileged: true
-        config:
-          inputs:
-            # Building the latest, not tagged coredeps
-            - name: deltachat-core-rust
-          image_resource:
-            source:
-              repository: concourse/oci-build-task
-            type: registry-image
-          outputs:
-            - name: coredeps-image
-              path: image
-          params:
-            CONTEXT: deltachat-core-rust/scripts/coredeps
-            UNPACK_ROOTFS: "true"
-            BUILD_ARG_BASEIMAGE: quay.io/pypa/manylinux2014_x86_64
-          platform: linux
-          caches:
-            - path: cache
-          run:
-            path: build
-
-      # Use built image to build python wheels
-      - task: build-wheels
-        image: coredeps-image
-        config:
-          inputs:
-            - name: deltachat-core-rust-release
-              path: .
-          outputs:
-            # Binary wheels
-            - name: py-wheels
-              path: ./python/.docker-tox/wheelhouse/
-          platform: linux
-          run:
-            path: bash
-            args:
-              - -exc
-              - |
-                scripts/run_all.sh
-
-      # Upload x86_64 wheels and source packages
-      - task: upload-wheels
-        config:
-          inputs:
-            - name: py-wheels
-          image_resource:
-            type: registry-image
-            source:
-              repository: debian
-          platform: linux
-          run:
-            path: sh
-            args:
-              - -ec
-              - |
-                apt-get update -y
-                apt-get install -y --no-install-recommends python3-pip python3-setuptools python3-venv
-                python3 -m venv env
-                env/bin/pip install --upgrade pip
-                env/bin/pip install devpi
-                env/bin/devpi use https://m.devpi.net/dc/master
-                env/bin/devpi login ((devpi.login)) --password ((devpi.password))
-                env/bin/devpi upload py-wheels/*manylinux201*
-
-  - name: python-aarch64
-    plan:
-      - get: deltachat-core-rust
-      - get: deltachat-core-rust-release
-        trigger: true
-
-      # Build manylinux image with additional dependencies
-      - task: build-coredeps
-        privileged: true
-        config:
-          inputs:
-            # Building the latest, not tagged coredeps
-            - name: deltachat-core-rust
-          image_resource:
-            source:
-              repository: concourse/oci-build-task
-            type: registry-image
-          outputs:
-            - name: coredeps-image
-              path: image
-          params:
-            CONTEXT: deltachat-core-rust/scripts/coredeps
-            UNPACK_ROOTFS: "true"
-            BUILD_ARG_BASEIMAGE: quay.io/pypa/manylinux2014_aarch64
-          platform: linux
-          caches:
-            - path: cache
-          run:
-            path: build
-
-      # Use built image to build python wheels
-      - task: build-wheels
-        image: coredeps-image
-        config:
-          inputs:
-            - name: deltachat-core-rust-release
-              path: .
-          outputs:
-            - name: py-wheels
-              path: ./python/.docker-tox/wheelhouse/
-          platform: linux
-          run:
-            path: bash
-            args:
-              - -exc
-              - |
-                scripts/run_all.sh
-
-      # Upload aarch64 wheels
-      - task: upload-wheels
-        config:
-          inputs:
-            - name: py-wheels
-          image_resource:
-            type: registry-image
-            source:
-              repository: debian
-          platform: linux
-          run:
-            path: sh
-            args:
-              - -ec
-              - |
-                apt-get update -y
-                apt-get install -y --no-install-recommends python3-pip python3-setuptools python3-venv
-                python3 -m venv env
-                env/bin/pip install --upgrade pip
-                env/bin/pip install devpi
-                env/bin/devpi use https://m.devpi.net/dc/master
-                env/bin/devpi login ((devpi.login)) --password ((devpi.password))
-                env/bin/devpi upload py-wheels/*manylinux201*
-
-  - name: python-musl-x86_64
-    plan:
-      - get: deltachat-core-rust
-      - get: deltachat-core-rust-release
-        trigger: true
-
-      # Build manylinux image with additional dependencies
-      - task: build-coredeps
-        privileged: true
-        config:
-          inputs:
-            # Building the latest, not tagged coredeps
-            - name: deltachat-core-rust
-          image_resource:
-            source:
-              repository: concourse/oci-build-task
-            type: registry-image
-          outputs:
-            - name: coredeps-image
-              path: image
-          params:
-            CONTEXT: deltachat-core-rust/scripts/coredeps
-            UNPACK_ROOTFS: "true"
-            BUILD_ARG_BASEIMAGE: quay.io/pypa/musllinux_1_1_x86_64
-          platform: linux
-          caches:
-            - path: cache
-          run:
-            path: build
-
-      # Use built image to build python wheels
-      - task: build-wheels
-        image: coredeps-image
-        config:
-          inputs:
-            - name: deltachat-core-rust-release
-              path: .
-          outputs:
-            - name: py-wheels
-              path: ./python/.docker-tox/wheelhouse/
-          platform: linux
-          run:
-            path: bash
-            args:
-              - -exc
-              - |
-                scripts/run_all.sh
-
-      # Upload musl x86_64 wheels
-      - task: upload-wheels
-        config:
-          inputs:
-            - name: py-wheels
-          image_resource:
-            type: registry-image
-            source:
-              repository: debian
-          platform: linux
-          run:
-            path: sh
-            args:
-              - -ec
-              - |
-                apt-get update -y
-                apt-get install -y --no-install-recommends python3-pip python3-setuptools python3-venv
-                python3 -m venv env
-                env/bin/pip install --upgrade pip
-                env/bin/pip install devpi
-                env/bin/devpi use https://m.devpi.net/dc/master
-                env/bin/devpi login ((devpi.login)) --password ((devpi.password))
-                env/bin/devpi upload py-wheels/*musllinux_1_1_x86_64*
-
-  - name: python-musl-aarch64
-    plan:
-      - get: deltachat-core-rust
-      - get: deltachat-core-rust-release
-        trigger: true
-
-      # Build manylinux image with additional dependencies
-      - task: build-coredeps
-        privileged: true
-        config:
-          inputs:
-            # Building the latest, not tagged coredeps
-            - name: deltachat-core-rust
-          image_resource:
-            source:
-              repository: concourse/oci-build-task
-            type: registry-image
-          outputs:
-            - name: coredeps-image
-              path: image
-          params:
-            CONTEXT: deltachat-core-rust/scripts/coredeps
-            UNPACK_ROOTFS: "true"
-            BUILD_ARG_BASEIMAGE: quay.io/pypa/musllinux_1_1_aarch64
-          platform: linux
-          caches:
-            - path: cache
-          run:
-            path: build
-
-      # Use built image to build python wheels
-      - task: build-wheels
-        image: coredeps-image
-        config:
-          inputs:
-            - name: deltachat-core-rust-release
-              path: .
-          outputs:
-            - name: py-wheels
-              path: ./python/.docker-tox/wheelhouse/
-          platform: linux
-          run:
-            path: bash
-            args:
-              - -exc
-              - |
-                scripts/run_all.sh
-
-      # Upload musl aarch64 wheels
-      - task: upload-wheels
-        config:
-          inputs:
-            - name: py-wheels
-          image_resource:
-            type: registry-image
-            source:
-              repository: debian
-          platform: linux
-          run:
-            path: sh
-            args:
-              - -ec
-              - |
-                apt-get update -y
-                apt-get install -y --no-install-recommends python3-pip python3-setuptools python3-venv
-                python3 -m venv env
-                env/bin/pip install --upgrade pip
-                env/bin/pip install devpi
-                env/bin/devpi use https://m.devpi.net/dc/master
-                env/bin/devpi login ((devpi.login)) --password ((devpi.password))
-                env/bin/devpi upload py-wheels/*musllinux_1_1_aarch64*

scripts/coredeps/Dockerfile

@@ -1,9 +0,0 @@
-ARG BASEIMAGE=quay.io/pypa/manylinux2014_x86_64
-#ARG BASEIMAGE=quay.io/pypa/musllinux_1_1_x86_64
-#ARG BASEIMAGE=quay.io/pypa/manylinux2014_aarch64
-
-FROM $BASEIMAGE
-RUN pipx install tox
-COPY install-rust.sh /scripts/
-RUN /scripts/install-rust.sh
-RUN if command -v yum; then yum install -y perl-IPC-Cmd; fi

scripts/coredeps/install-rust.sh

@@ -1,20 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-# Install Rust
-#
-# Path from https://forge.rust-lang.org/infra/other-installation-methods.html
-#
-# Avoid using rustup here as it depends on reading /proc/self/exe and
-# has problems running under QEMU.
-RUST_VERSION=1.94.0
-
-ARCH="$(uname -m)"
-test -f "/lib/libc.musl-$ARCH.so.1" && LIBC=musl || LIBC=gnu
-
-curl "https://static.rust-lang.org/dist/rust-${RUST_VERSION}-$ARCH-unknown-linux-$LIBC.tar.gz" | tar xz
-cd "rust-${RUST_VERSION}-$ARCH-unknown-linux-$LIBC"
-./install.sh --prefix=/usr --components=rustc,cargo,"rust-std-$ARCH-unknown-linux-$LIBC"
-rustc --version
-cd ..
-rm -fr "rust-${RUST_VERSION}-$ARCH-unknown-linux-$LIBC"

scripts/update-provider-database.sh

@@ -6,7 +6,7 @@ set -euo pipefail
 export TZ=UTC
 
 # Provider database revision.
-REV=996c4bc82be5a7404f70b185ff062da33bfa98d9
+REV=ad097ee40579c884e7757de2d3bb0a51f481a32a
 
 CORE_ROOT="$PWD"
 TMP="$(mktemp -d)"

spec.md

@@ -39,9 +39,24 @@ Messages SHOULD be encrypted by the
 [Autocrypt](https://autocrypt.org/level1.html) standard;
 `prefer-encrypt=mutual` MAY be set by default.
 
-Meta data (at least the subject and all chat-headers) SHOULD be encrypted
-by the [Protected Headers](https://tools.ietf.org/id/draft-autocrypt-lamps-protected-headers-02.html) standard.
-
+Meta data SHOULD be encrypted
+by the [Header Protection](https://www.rfc-editor.org/rfc/rfc9788.html) standard
+with the following [Header Confidentiality Policy](https://www.rfc-editor.org/rfc/rfc9788.html#name-header-confidentiality-poli):
+```
+hcp_chat(name, val_in) → val_out:
+    if lower(name) is 'from':
+        assert that val_in is an RFC 5322 mailbox
+        return the RFC 5322 addr-spec part of val_in
+    else if lower(name) is 'to':
+        return '"hidden-recipients": ;'
+    else if lower(name) is 'date':
+        return the UTC form of a random date within the last 7 days
+    else if lower(name) is 'subject':
+        return '[...]'
+    else if lower(name) is in ['message-id', 'chat-is-post-message']:
+        return val_in
+    return null
+```
 
 # Outgoing messages
 

src/accounts.rs

@@ -1249,13 +1249,11 @@ mod tests {
         let account1 = accounts.get_account(1).context("failed to get account 1")?;
         let account2 = accounts.get_account(2).context("failed to get account 2")?;
 
-        assert_eq!(stock_str::no_messages(&account1).await, "No messages.");
-        assert_eq!(stock_str::no_messages(&account2).await, "No messages.");
-        account1
-            .set_stock_translation(StockMessage::NoMessages, "foobar".to_string())
-            .await?;
-        assert_eq!(stock_str::no_messages(&account1).await, "foobar");
-        assert_eq!(stock_str::no_messages(&account2).await, "foobar");
+        assert_eq!(stock_str::no_messages(&account1), "No messages.");
+        assert_eq!(stock_str::no_messages(&account2), "No messages.");
+        account1.set_stock_translation(StockMessage::NoMessages, "foobar".to_string())?;
+        assert_eq!(stock_str::no_messages(&account1), "foobar");
+        assert_eq!(stock_str::no_messages(&account2), "foobar");
 
         Ok(())
     }

src/blob.rs

@@ -10,8 +10,8 @@ use anyhow::{Context as _, Result, ensure, format_err};
 use base64::Engine as _;
 use futures::StreamExt;
 use image::ImageReader;
-use image::codecs::jpeg::JpegEncoder;
 use image::{DynamicImage, GenericImage, GenericImageView, ImageFormat, Pixel, Rgba};
+use image::{codecs::jpeg::JpegEncoder, metadata::Orientation};
 use num_traits::FromPrimitive;
 use tokio::{fs, task};
 use tokio_stream::wrappers::ReadDirStream;
@@ -362,7 +362,10 @@ impl<'a> BlobObject<'a> {
                 return Ok(name);
             }
             let mut img = imgreader.decode().context("image decode failure")?;
-            let orientation = exif.as_ref().map(|exif| exif_orientation(exif, context));
+            let orientation = exif
+                .as_ref()
+                .map(|exif| exif_orientation(exif, context))
+                .unwrap_or(Orientation::NoTransforms);
             let mut encoded = Vec::new();
 
             if *vt == Viewtype::Sticker {
@@ -381,13 +384,7 @@ impl<'a> BlobObject<'a> {
                     return Ok(name);
                 }
             }
-
-            img = match orientation {
-                Some(90) => img.rotate90(),
-                Some(180) => img.rotate180(),
-                Some(270) => img.rotate270(),
-                _ => img,
-            };
+            img.apply_orientation(orientation);
 
             // max_wh is the maximum image width and height, i.e. the resolution-limit.
             // target_wh target-resolution for resizing the image.
@@ -468,7 +465,7 @@ impl<'a> BlobObject<'a> {
                             ));
                         }
 
-                        target_wh = target_wh * 2 / 3;
+                        target_wh = target_wh * 7 / 8;
                     } else {
                         info!(
                             context,
@@ -551,18 +548,17 @@ fn image_metadata(file: &std::fs::File) -> Result<(u64, Option<exif::Exif>)> {
     Ok((len, exif))
 }
 
-fn exif_orientation(exif: &exif::Exif, context: &Context) -> i32 {
-    if let Some(orientation) = exif.get_field(exif::Tag::Orientation, exif::In::PRIMARY) {
-        // possible orientation values are described at http://sylvana.net/jpegcrop/exif_orientation.html
-        // we only use rotation, in practise, flipping is not used.
-        match orientation.value.get_uint(0) {
-            Some(3) => return 180,
-            Some(6) => return 90,
-            Some(8) => return 270,
-            other => warn!(context, "Exif orientation value ignored: {other:?}."),
-        }
+fn exif_orientation(exif: &exif::Exif, context: &Context) -> Orientation {
+    if let Some(orientation) = exif.get_field(exif::Tag::Orientation, exif::In::PRIMARY)
+        && let Some(val) = orientation.value.get_uint(0)
+        && let Ok(val) = TryInto::<u8>::try_into(val)
+    {
+        return Orientation::from_exif(val).unwrap_or({
+            warn!(context, "Exif orientation value ignored: {val:?}.");
+            Orientation::NoTransforms
+        });
     }
-    0
+    Orientation::NoTransforms
 }
 
 /// All files in the blobdir.

src/blob/blob_tests.rs

@@ -305,7 +305,7 @@ async fn test_recode_image_2() {
         has_exif: true,
         original_width: 2000,
         original_height: 1800,
-        orientation: 270,
+        orientation: Some(Orientation::Rotate270),
         compressed_width: 1800,
         compressed_height: 2000,
         ..Default::default()
@@ -336,6 +336,28 @@ async fn test_recode_image_2() {
     assert_correct_rotation(&img_rotated);
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_recode_image_vflipped() {
+    let bytes = include_bytes!("../../test-data/image/rectangle200x180-vflipped.jpg");
+    let img_rotated = SendImageCheckMediaquality {
+        viewtype: Viewtype::Image,
+        media_quality_config: "0",
+        bytes,
+        extension: "jpg",
+        has_exif: true,
+        original_width: 200,
+        original_height: 180,
+        orientation: Some(Orientation::FlipVertical),
+        compressed_width: 200,
+        compressed_height: 180,
+        ..Default::default()
+    }
+    .test()
+    .await
+    .unwrap();
+    assert_correct_rotation(&img_rotated);
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_recode_image_bad_exif() {
     // `exiftool` reports for this file "Bad offset for IFD0 XResolution", still Exif must be
@@ -530,7 +552,7 @@ struct SendImageCheckMediaquality<'a> {
     pub(crate) has_exif: bool,
     pub(crate) original_width: u32,
     pub(crate) original_height: u32,
-    pub(crate) orientation: i32,
+    pub(crate) orientation: Option<Orientation>,
     pub(crate) res_viewtype: Option<Viewtype>,
     pub(crate) compressed_width: u32,
     pub(crate) compressed_height: u32,
@@ -546,7 +568,7 @@ impl SendImageCheckMediaquality<'_> {
         let has_exif = self.has_exif;
         let original_width = self.original_width;
         let original_height = self.original_height;
-        let orientation = self.orientation;
+        let orientation = self.orientation.unwrap_or(Orientation::NoTransforms);
         let res_viewtype = self.res_viewtype.unwrap_or(Viewtype::Image);
         let compressed_width = self.compressed_width;
         let compressed_height = self.compressed_height;

src/calls.rs

@@ -104,13 +104,11 @@ impl CallInfo {
         };
 
         if self.is_incoming() {
-            let incoming_call_str =
-                stock_str::incoming_call(context, self.has_video_initially()).await;
+            let incoming_call_str = stock_str::incoming_call(context, self.has_video_initially());
             self.update_text(context, &format!("{incoming_call_str}\n{duration}"))
                 .await?;
         } else {
-            let outgoing_call_str =
-                stock_str::outgoing_call(context, self.has_video_initially()).await;
+            let outgoing_call_str = stock_str::outgoing_call(context, self.has_video_initially());
             self.update_text(context, &format!("{outgoing_call_str}\n{duration}"))
                 .await?;
         }
@@ -207,7 +205,7 @@ impl Context {
         );
         ensure!(!chat.is_self_talk(), "Cannot call self");
 
-        let outgoing_call_str = stock_str::outgoing_call(self, has_video_initially).await;
+        let outgoing_call_str = stock_str::outgoing_call(self, has_video_initially);
         let mut call = Message {
             viewtype: Viewtype::Call,
             text: outgoing_call_str,
@@ -286,11 +284,11 @@ impl Context {
             if call.is_incoming() {
                 call.mark_as_ended(self).await?;
                 markseen_msgs(self, vec![call_id]).await?;
-                let declined_call_str = stock_str::declined_call(self).await;
+                let declined_call_str = stock_str::declined_call(self);
                 call.update_text(self, &declined_call_str).await?;
             } else {
                 call.mark_as_canceled(self).await?;
-                let canceled_call_str = stock_str::canceled_call(self).await;
+                let canceled_call_str = stock_str::canceled_call(self);
                 call.update_text(self, &canceled_call_str).await?;
             }
         } else {
@@ -333,11 +331,11 @@ impl Context {
         if !call.is_accepted() && !call.is_ended() {
             if call.is_incoming() {
                 call.mark_as_canceled(&context).await?;
-                let missed_call_str = stock_str::missed_call(&context).await;
+                let missed_call_str = stock_str::missed_call(&context);
                 call.update_text(&context, &missed_call_str).await?;
             } else {
                 call.mark_as_ended(&context).await?;
-                let canceled_call_str = stock_str::canceled_call(&context).await;
+                let canceled_call_str = stock_str::canceled_call(&context);
                 call.update_text(&context, &canceled_call_str).await?;
             }
             context.emit_msgs_changed(call.msg.chat_id, call_id);
@@ -363,12 +361,12 @@ impl Context {
 
             if call.is_incoming() {
                 if call.is_stale() {
-                    let missed_call_str = stock_str::missed_call(self).await;
+                    let missed_call_str = stock_str::missed_call(self);
                     call.update_text(self, &missed_call_str).await?;
                     self.emit_incoming_msg(call.msg.chat_id, call_id); // notify missed call
                 } else {
                     let incoming_call_str =
-                        stock_str::incoming_call(self, call.has_video_initially()).await;
+                        stock_str::incoming_call(self, call.has_video_initially());
                     call.update_text(self, &incoming_call_str).await?;
                     self.emit_msgs_changed(call.msg.chat_id, call_id); // ringing calls are not additionally notified
                     let can_call_me = match who_can_call_me(self).await? {
@@ -409,8 +407,7 @@ impl Context {
                     ));
                 }
             } else {
-                let outgoing_call_str =
-                    stock_str::outgoing_call(self, call.has_video_initially()).await;
+                let outgoing_call_str = stock_str::outgoing_call(self, call.has_video_initially());
                 call.update_text(self, &outgoing_call_str).await?;
                 self.emit_msgs_changed(call.msg.chat_id, call_id);
             }
@@ -462,22 +459,22 @@ impl Context {
                         if call.is_incoming() {
                             if from_id == ContactId::SELF {
                                 call.mark_as_ended(self).await?;
-                                let declined_call_str = stock_str::declined_call(self).await;
+                                let declined_call_str = stock_str::declined_call(self);
                                 call.update_text(self, &declined_call_str).await?;
                             } else {
                                 call.mark_as_canceled(self).await?;
-                                let missed_call_str = stock_str::missed_call(self).await;
+                                let missed_call_str = stock_str::missed_call(self);
                                 call.update_text(self, &missed_call_str).await?;
                             }
                         } else {
                             // outgoing
                             if from_id == ContactId::SELF {
                                 call.mark_as_canceled(self).await?;
-                                let canceled_call_str = stock_str::canceled_call(self).await;
+                                let canceled_call_str = stock_str::canceled_call(self);
                                 call.update_text(self, &canceled_call_str).await?;
                             } else {
                                 call.mark_as_ended(self).await?;
-                                let declined_call_str = stock_str::declined_call(self).await;
+                                let declined_call_str = stock_str::declined_call(self);
                                 call.update_text(self, &declined_call_str).await?;
                             }
                         }

src/chat.rs

@@ -1,7 +1,7 @@
 //! # Chat module.
 
 use std::cmp;
-use std::collections::{BTreeSet, HashMap, HashSet};
+use std::collections::{BTreeSet, HashMap};
 use std::fmt;
 use std::io::Cursor;
 use std::marker::Sync;
@@ -23,8 +23,9 @@ use crate::chatlist_events;
 use crate::color::str_to_color;
 use crate::config::Config;
 use crate::constants::{
-    Blocked, Chattype, DC_CHAT_ID_ALLDONE_HINT, DC_CHAT_ID_ARCHIVED_LINK, DC_CHAT_ID_LAST_SPECIAL,
-    DC_CHAT_ID_TRASH, DC_RESEND_USER_AVATAR_DAYS, EDITED_PREFIX, TIMESTAMP_SENT_TOLERANCE,
+    self, Blocked, Chattype, DC_CHAT_ID_ALLDONE_HINT, DC_CHAT_ID_ARCHIVED_LINK,
+    DC_CHAT_ID_LAST_SPECIAL, DC_CHAT_ID_TRASH, DC_RESEND_USER_AVATAR_DAYS, EDITED_PREFIX,
+    TIMESTAMP_SENT_TOLERANCE,
 };
 use crate::contact::{self, Contact, ContactId, Origin};
 use crate::context::Context;
@@ -34,7 +35,7 @@ use crate::download::{
 };
 use crate::ephemeral::{Timer as EphemeralTimer, start_chat_ephemeral_timers};
 use crate::events::EventType;
-use crate::key::self_fingerprint;
+use crate::key::{Fingerprint, self_fingerprint};
 use crate::location;
 use crate::log::{LogExt, warn};
 use crate::logged_debug_assert;
@@ -476,13 +477,18 @@ impl ChatId {
 
     /// Adds message "Messages are end-to-end encrypted".
     pub(crate) async fn add_e2ee_notice(self, context: &Context, timestamp: i64) -> Result<()> {
-        let text = stock_str::messages_e2ee_info_msg(context).await;
+        let text = stock_str::messages_e2ee_info_msg(context);
+
+        // Sort this notice to the very beginning of the chat.
+        // We don't want any message to appear before this notice
+        // which is normally added when encrypted chat is created.
+        let sort_timestamp = 0;
         add_info_msg_with_cmd(
             context,
             self,
             &text,
             SystemMessage::ChatE2ee,
-            Some(timestamp),
+            Some(sort_timestamp),
             timestamp,
             None,
             None,
@@ -492,6 +498,27 @@ impl ChatId {
         Ok(())
     }
 
+    /// Adds info message to the beginning of the chat.
+    ///
+    /// Used for messages such as
+    /// "Others will only see this group after you sent a first message."
+    pub(crate) async fn add_start_info_message(self, context: &Context, text: &str) -> Result<()> {
+        let sort_timestamp = 0;
+        add_info_msg_with_cmd(
+            context,
+            self,
+            text,
+            SystemMessage::Unknown,
+            Some(sort_timestamp),
+            time(),
+            None,
+            None,
+            None,
+        )
+        .await?;
+        Ok(())
+    }
+
     /// Archives or unarchives a chat.
     pub async fn set_visibility(self, context: &Context, visibility: ChatVisibility) -> Result<()> {
         self.set_visibility_ex(context, Sync, visibility).await
@@ -669,7 +696,7 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
         }
 
         if chat.is_self_talk() {
-            let mut msg = Message::new_text(stock_str::self_deleted_msg_body(context).await);
+            let mut msg = Message::new_text(stock_str::self_deleted_msg_body(context));
             add_device_msg(context, None, Some(&mut msg)).await?;
         }
         chatlist_events::emit_chatlist_changed(context);
@@ -925,6 +952,17 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
             .unwrap_or(0))
     }
 
+    /// Returns timestamp of us joining the chat if we are the member of the chat.
+    pub(crate) async fn join_timestamp(self, context: &Context) -> Result<Option<i64>> {
+        context
+            .sql
+            .query_get_value(
+                "SELECT add_timestamp FROM chats_contacts WHERE chat_id=? AND contact_id=?",
+                (self, ContactId::SELF),
+            )
+            .await
+    }
+
     /// Returns timestamp of the latest message in the chat,
     /// including hidden messages or a draft if there is one.
     pub(crate) async fn get_timestamp(self, context: &Context) -> Result<Option<i64>> {
@@ -1151,14 +1189,13 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
     /// prefer plaintext emails.
     ///
     /// To get more verbose summary for a contact, including its key fingerprint, use [`Contact::get_encrinfo`].
-    #[expect(clippy::arithmetic_side_effects)]
     pub async fn get_encryption_info(self, context: &Context) -> Result<String> {
         let chat = Chat::load_from_db(context, self).await?;
         if !chat.is_encrypted(context).await? {
-            return Ok(stock_str::encr_none(context).await);
+            return Ok(stock_str::encr_none(context));
         }
 
-        let mut ret = stock_str::messages_are_e2ee(context).await + "\n";
+        let mut ret = stock_str::messages_are_e2ee(context) + "\n";
 
         for &contact_id in get_chat_contacts(context, self)
             .await?
@@ -1212,15 +1249,11 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
     /// corresponding event in case of a system message (usually the current system time).
     /// `always_sort_to_bottom` makes this adjust the returned timestamp up so that the message goes
     /// to the chat bottom.
-    /// `received` -- whether the message is received. Otherwise being sent.
-    /// `incoming` -- whether the message is incoming.
     pub(crate) async fn calc_sort_timestamp(
         self,
         context: &Context,
         message_timestamp: i64,
         always_sort_to_bottom: bool,
-        received: bool,
-        incoming: bool,
     ) -> Result<i64> {
         let mut sort_timestamp = cmp::min(message_timestamp, smeared_time(context));
 
@@ -1240,38 +1273,6 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
                     (self, MessageState::OutDraft),
                 )
                 .await?
-        } else if received {
-            // Received messages shouldn't mingle with just sent ones and appear somewhere in the
-            // middle of the chat, so we go after the newest non fresh message.
-            //
-            // But if a received outgoing message is older than some seen message, better sort the
-            // received message purely by timestamp. We could place it just before that seen
-            // message, but anyway the user may not notice it.
-            //
-            // NB: Received outgoing messages may break sorting of fresh incoming ones, but this
-            // shouldn't happen frequently. Seen incoming messages don't really break sorting of
-            // fresh ones, they rather mean that older incoming messages are actually seen as well.
-            context
-                .sql
-                .query_row_optional(
-                    "SELECT MAX(timestamp), MAX(IIF(state=?,timestamp_sent,0))
-                     FROM msgs
-                     WHERE chat_id=? AND hidden=0 AND state>?
-                     HAVING COUNT(*) > 0",
-                    (MessageState::InSeen, self, MessageState::InFresh),
-                    |row| {
-                        let ts: i64 = row.get(0)?;
-                        let ts_sent_seen: i64 = row.get(1)?;
-                        Ok((ts, ts_sent_seen))
-                    },
-                )
-                .await?
-                .and_then(|(ts, ts_sent_seen)| {
-                    match incoming || ts_sent_seen <= message_timestamp {
-                        true => Some(ts),
-                        false => None,
-                    }
-                })
         } else {
             None
         };
@@ -1282,7 +1283,16 @@ SELECT id, rfc724_mid, pre_rfc724_mid, timestamp, ?, 1 FROM msgs WHERE chat_id=?
             sort_timestamp = last_msg_time;
         }
 
-        Ok(sort_timestamp)
+        if let Some(join_timestamp) = self.join_timestamp(context).await? {
+            // If we are the member of the chat, don't add messages
+            // before the timestamp of us joining it.
+            // This is needed to avoid sorting "Member added"
+            // or automatically sent bot welcome messages
+            // above SecureJoin system messages.
+            Ok(std::cmp::max(sort_timestamp, join_timestamp))
+        } else {
+            Ok(sort_timestamp)
+        }
     }
 }
 
@@ -1392,7 +1402,7 @@ impl Chat {
             .context(format!("Failed loading chat {chat_id} from database"))?;
 
         if chat.id.is_archived_link() {
-            chat.name = stock_str::archived_chats(context).await;
+            chat.name = stock_str::archived_chats(context);
         } else {
             if chat.typ == Chattype::Single && chat.name.is_empty() {
                 // chat.name is set to contact.display_name on changes,
@@ -1416,9 +1426,9 @@ impl Chat {
                 chat.name = chat_name;
             }
             if chat.param.exists(Param::Selftalk) {
-                chat.name = stock_str::saved_messages(context).await;
+                chat.name = stock_str::saved_messages(context);
             } else if chat.param.exists(Param::Devicetalk) {
-                chat.name = stock_str::device_messages(context).await;
+                chat.name = stock_str::device_messages(context);
             }
         }
 
@@ -1742,7 +1752,6 @@ impl Chat {
     ///
     /// If `update_msg_id` is set, that record is reused;
     /// if `update_msg_id` is None, a new record is created.
-    #[expect(clippy::arithmetic_side_effects)]
     async fn prepare_msg_raw(
         &mut self,
         context: &Context,
@@ -2306,15 +2315,10 @@ pub(crate) async fn update_special_chat_names(context: &Context) -> Result<()> {
     update_special_chat_name(
         context,
         ContactId::DEVICE,
-        stock_str::device_messages(context).await,
-    )
-    .await?;
-    update_special_chat_name(
-        context,
-        ContactId::SELF,
-        stock_str::saved_messages(context).await,
+        stock_str::device_messages(context),
     )
     .await?;
+    update_special_chat_name(context, ContactId::SELF, stock_str::saved_messages(context)).await?;
     Ok(())
 }
 
@@ -2623,7 +2627,7 @@ pub async fn send_msg(context: &Context, chat_id: ChatId, msg: &mut Message) ->
     if msg.state != MessageState::Undefined && msg.state != MessageState::OutPreparing {
         msg.param.remove(Param::GuaranteeE2ee);
         msg.param.remove(Param::ForcePlaintext);
-        msg.update_param(context).await?;
+        // create_send_msg_jobs() will update `param` in the db.
     }
 
     // protect all system messages against RTLO attacks
@@ -2728,7 +2732,19 @@ async fn prepare_send_msg(
         None
     };
 
-    // ... then change the MessageState in the message object
+    if matches!(
+        msg.state,
+        MessageState::Undefined | MessageState::OutPreparing
+    )
+        // Legacy SecureJoin "v*-request" messages are unencrypted.
+        && msg.param.get_cmd() != SystemMessage::SecurejoinMessage
+        && chat.is_encrypted(context).await?
+    {
+        msg.param.set_int(Param::GuaranteeE2ee, 1);
+        if !msg.id.is_unset() {
+            msg.update_param(context).await?;
+        }
+    }
     msg.state = MessageState::OutPending;
 
     msg.timestamp_sort = create_smeared_timestamp(context);
@@ -2774,15 +2790,13 @@ async fn render_mime_message_and_pre_message(
 
         let mut mimefactory_post_msg = mimefactory.clone();
         mimefactory_post_msg.set_as_post_message();
-        let rendered_msg = mimefactory_post_msg
-            .render(context)
+        let rendered_msg = Box::pin(mimefactory_post_msg.render(context))
             .await
             .context("Failed to render post-message")?;
 
         let mut mimefactory_pre_msg = mimefactory;
         mimefactory_pre_msg.set_as_pre_message_for(&rendered_msg);
-        let rendered_pre_msg = mimefactory_pre_msg
-            .render(context)
+        let rendered_pre_msg = Box::pin(mimefactory_pre_msg.render(context))
             .await
             .context("pre-message failed to render")?;
 
@@ -2797,7 +2811,7 @@ async fn render_mime_message_and_pre_message(
 
         Ok((Some(rendered_pre_msg), rendered_msg))
     } else {
-        Ok((None, mimefactory.render(context).await?))
+        Ok((None, Box::pin(mimefactory.render(context)).await?))
     }
 }
 
@@ -2926,11 +2940,26 @@ pub(crate) async fn create_send_msg_jobs(context: &Context, msg: &mut Message) -
         msg.param.remove(Param::GuaranteeE2ee);
     }
     msg.subject.clone_from(&rendered_msg.subject);
+    // Sort the message to the bottom. Employ `msgs_index7` to compute `timestamp`.
     context
         .sql
         .execute(
-            "UPDATE msgs SET pre_rfc724_mid=?, subject=?, param=? WHERE id=?",
+            "
+UPDATE msgs SET
+    timestamp=(
+        SELECT MAX(timestamp) FROM msgs INDEXED BY msgs_index7 WHERE
+            -- From `InFresh` to `OutMdnRcvd` inclusive except `OutDraft`.
+            state IN(10,13,16,18,20,24,26,28) AND
+            hidden IN(0,1) AND
+            chat_id=? AND
+            id<=?
+    ),
+    pre_rfc724_mid=?, subject=?, param=?
+WHERE id=?
+            ",
             (
+                msg.chat_id,
+                msg.id,
                 &msg.pre_rfc724_mid,
                 &msg.subject,
                 msg.param.to_string(),
@@ -2995,7 +3024,6 @@ pub async fn send_text_msg(
 }
 
 /// Sends chat members a request to edit the given message's text.
-#[expect(clippy::arithmetic_side_effects)]
 pub async fn send_edit_request(context: &Context, msg_id: MsgId, new_text: String) -> Result<()> {
     let mut original_msg = Message::load_from_db(context, msg_id).await?;
     ensure!(
@@ -3068,7 +3096,7 @@ async fn donation_request_maybe(context: &Context) -> Result<()> {
     let ts = if ts == 0 || msg_cnt.await? < 100 {
         now.saturating_add(secs_between_checks)
     } else {
-        let mut msg = Message::new_text(stock_str::donation_request(context).await);
+        let mut msg = Message::new_text(stock_str::donation_request(context));
         add_device_msg(context, None, Some(&mut msg)).await?;
         i64::MAX
     };
@@ -3100,7 +3128,8 @@ pub async fn get_chat_msgs(context: &Context, chat_id: ChatId) -> Result<Vec<Cha
     .await
 }
 
-/// Returns messages belonging to the chat according to the given options.
+/// Returns messages belonging to the chat according to the given options,
+/// sorted by oldest message first.
 #[expect(clippy::arithmetic_side_effects)]
 pub async fn get_chat_msgs_ex(
     context: &Context,
@@ -3111,6 +3140,7 @@ pub async fn get_chat_msgs_ex(
         info_only,
         add_daymarker,
     } = options;
+    // TODO: Remove `info_only` parameter; it's not used by anything
     let process_row = if info_only {
         |row: &rusqlite::Row| {
             // is_info logic taken from Message.is_info()
@@ -3622,12 +3652,12 @@ pub(crate) async fn create_group_ex(
     {
         let text = if !grpid.is_empty() {
             // Add "Others will only see this group after you sent a first message." message.
-            stock_str::new_group_send_first_message(context).await
+            stock_str::new_group_send_first_message(context)
         } else {
             // Add "Messages in this chat use classic email and are not encrypted." message.
-            stock_str::chat_unencrypted_explanation(context).await
+            stock_str::chat_unencrypted_explanation(context)
         };
-        add_info_msg(context, chat_id, &text).await?;
+        chat_id.add_start_info_message(context, &text).await?;
     }
     if let (true, true) = (sync.into(), !grpid.is_empty()) {
         let id = SyncId::Grpid(grpid);
@@ -3758,7 +3788,7 @@ pub(crate) async fn update_chat_contacts_table(
     context: &Context,
     timestamp: i64,
     id: ChatId,
-    contacts: &HashSet<ContactId>,
+    contacts: &BTreeSet<ContactId>,
 ) -> Result<()> {
     context
         .sql
@@ -3984,9 +4014,47 @@ pub(crate) async fn add_contact_to_chat_ex(
     if sync.into() {
         chat.sync_contacts(context).await.log_err(context).ok();
     }
+    if chat.typ == Chattype::OutBroadcast {
+        resend_last_msgs(context, chat.id, &contact)
+            .await
+            .log_err(context)
+            .ok();
+    }
     Ok(true)
 }
 
+async fn resend_last_msgs(context: &Context, chat_id: ChatId, to_contact: &Contact) -> Result<()> {
+    let msgs: Vec<MsgId> = context
+        .sql
+        .query_map_vec(
+            "
+SELECT id
+FROM msgs
+WHERE chat_id=?
+    AND hidden=0
+    AND NOT ( -- Exclude info and system messages
+        param GLOB '*\nS=*' OR param GLOB 'S=*'
+        OR from_id=?
+        OR to_id=?
+    )
+    AND type!=?
+ORDER BY timestamp DESC, id DESC LIMIT ?",
+            (
+                chat_id,
+                ContactId::INFO,
+                ContactId::INFO,
+                Viewtype::Webxdc,
+                constants::N_MSGS_TO_NEW_BROADCAST_MEMBER,
+            ),
+            |row: &rusqlite::Row| Ok(row.get::<_, MsgId>(0)?),
+        )
+        .await?
+        .into_iter()
+        .rev()
+        .collect();
+    resend_msgs_ex(context, &msgs, to_contact.fingerprint()).await
+}
+
 /// Returns true if an avatar should be attached in the given chat.
 ///
 /// This function does not check if the avatar is set.
@@ -4126,61 +4194,56 @@ pub async fn remove_contact_from_chat(
         delete_broadcast_secret(context, chat_id).await?;
     }
 
-    if matches!(
-        chat.typ,
-        Chattype::Group | Chattype::OutBroadcast | Chattype::InBroadcast
-    ) {
-        if !chat.is_self_in_chat(context).await? {
-            let err_msg = format!(
-                "Cannot remove contact {contact_id} from chat {chat_id}: self not in group."
-            );
-            context.emit_event(EventType::ErrorSelfNotInGroup(err_msg.clone()));
-            bail!("{err_msg}");
-        } else {
-            let mut sync = Nosync;
+    ensure!(
+        matches!(
+            chat.typ,
+            Chattype::Group | Chattype::OutBroadcast | Chattype::InBroadcast
+        ),
+        "Cannot remove members from non-group chats."
+    );
 
-            if chat.is_promoted() && chat.typ != Chattype::OutBroadcast {
-                remove_from_chat_contacts_table(context, chat_id, contact_id).await?;
-            } else {
-                remove_from_chat_contacts_table_without_trace(context, chat_id, contact_id).await?;
-            }
+    if !chat.is_self_in_chat(context).await? {
+        let err_msg =
+            format!("Cannot remove contact {contact_id} from chat {chat_id}: self not in group.");
+        context.emit_event(EventType::ErrorSelfNotInGroup(err_msg.clone()));
+        bail!("{err_msg}");
+    }
 
-            // We do not return an error if the contact does not exist in the database.
-            // This allows to delete dangling references to deleted contacts
-            // in case of the database becoming inconsistent due to a bug.
-            if let Some(contact) = Contact::get_by_id_optional(context, contact_id).await? {
-                if chat.is_promoted() {
-                    let addr = contact.get_addr();
-                    let fingerprint = contact.fingerprint().map(|f| f.hex());
+    let mut sync = Nosync;
 
-                    let res = send_member_removal_msg(
-                        context,
-                        &chat,
-                        contact_id,
-                        addr,
-                        fingerprint.as_deref(),
-                    )
+    if chat.is_promoted() && chat.typ != Chattype::OutBroadcast {
+        remove_from_chat_contacts_table(context, chat_id, contact_id).await?;
+    } else {
+        remove_from_chat_contacts_table_without_trace(context, chat_id, contact_id).await?;
+    }
+
+    // We do not return an error if the contact does not exist in the database.
+    // This allows to delete dangling references to deleted contacts
+    // in case of the database becoming inconsistent due to a bug.
+    if let Some(contact) = Contact::get_by_id_optional(context, contact_id).await? {
+        if chat.is_promoted() {
+            let addr = contact.get_addr();
+            let fingerprint = contact.fingerprint().map(|f| f.hex());
+
+            let res =
+                send_member_removal_msg(context, &chat, contact_id, addr, fingerprint.as_deref())
                     .await;
 
-                    if contact_id == ContactId::SELF {
-                        res?;
-                    } else if let Err(e) = res {
-                        warn!(
-                            context,
-                            "remove_contact_from_chat({chat_id}, {contact_id}): send_msg() failed: {e:#}."
-                        );
-                    }
-                } else {
-                    sync = Sync;
-                }
-            }
-            context.emit_event(EventType::ChatModified(chat_id));
-            if sync.into() {
-                chat.sync_contacts(context).await.log_err(context).ok();
+            if contact_id == ContactId::SELF {
+                res?;
+            } else if let Err(e) = res {
+                warn!(
+                    context,
+                    "remove_contact_from_chat({chat_id}, {contact_id}): send_msg() failed: {e:#}."
+                );
             }
+        } else {
+            sync = Sync;
         }
-    } else {
-        bail!("Cannot remove members from non-group chats.");
+    }
+    context.emit_event(EventType::ChatModified(chat_id));
+    if sync.into() {
+        chat.sync_contacts(context).await.log_err(context).ok();
     }
 
     Ok(())
@@ -4197,7 +4260,7 @@ async fn send_member_removal_msg(
 
     if contact_id == ContactId::SELF {
         if chat.typ == Chattype::InBroadcast {
-            msg.text = stock_str::msg_you_left_broadcast(context).await;
+            msg.text = stock_str::msg_you_left_broadcast(context);
         } else {
             msg.text = stock_str::msg_group_left_local(context, ContactId::SELF).await;
         }
@@ -4358,7 +4421,7 @@ async fn rename_ex(
             {
                 msg.viewtype = Viewtype::Text;
                 msg.text = if chat.typ == Chattype::OutBroadcast {
-                    stock_str::msg_broadcast_name_changed(context, &chat.name, &new_name).await
+                    stock_str::msg_broadcast_name_changed(context, &chat.name, &new_name)
                 } else {
                     stock_str::msg_grp_name(context, &chat.name, &new_name, ContactId::SELF).await
                 };
@@ -4423,7 +4486,7 @@ pub async fn set_chat_profile_image(
         chat.param.remove(Param::ProfileImage);
         msg.param.remove(Param::Arg);
         msg.text = if chat.typ == Chattype::OutBroadcast {
-            stock_str::msg_broadcast_img_changed(context).await
+            stock_str::msg_broadcast_img_changed(context)
         } else {
             stock_str::msg_grp_img_deleted(context, ContactId::SELF).await
         };
@@ -4437,7 +4500,7 @@ pub async fn set_chat_profile_image(
         chat.param.set(Param::ProfileImage, image_blob.as_name());
         msg.param.set(Param::Arg, image_blob.as_name());
         msg.text = if chat.typ == Chattype::OutBroadcast {
-            stock_str::msg_broadcast_img_changed(context).await
+            stock_str::msg_broadcast_img_changed(context)
         } else {
             stock_str::msg_grp_img_changed(context, ContactId::SELF).await
         };
@@ -4589,7 +4652,6 @@ pub async fn save_msgs(context: &Context, msg_ids: &[MsgId]) -> Result<()> {
 /// the copy contains a reference to the original message
 /// as well as to the original chat in case the original message gets deleted.
 /// Returns data needed to add a `SaveMessage` sync item.
-#[expect(clippy::arithmetic_side_effects)]
 pub(crate) async fn save_copy_in_self_talk(
     context: &Context,
     src_msg_id: MsgId,
@@ -4656,10 +4718,26 @@ pub(crate) async fn save_copy_in_self_talk(
     Ok(msg.rfc724_mid)
 }
 
-/// Resends given messages with the same Message-ID.
+/// Resends given messages to members of the corresponding chats.
 ///
 /// This is primarily intended to make existing webxdcs available to new chat members.
 pub async fn resend_msgs(context: &Context, msg_ids: &[MsgId]) -> Result<()> {
+    resend_msgs_ex(context, msg_ids, None).await
+}
+
+/// Resends given messages to a contact with fingerprint `to_fingerprint` or, if it's `None`, to
+/// members of the corresponding chats.
+///
+/// NB: Actually `to_fingerprint` is only passed for `OutBroadcast` chats when a new member is
+/// added. Regarding webxdcs: It is not trivial to resend only the own status updates,
+/// and it is not trivial to resend them only to the newly-joined member,
+/// so that for now, [`resend_last_msgs`] does not automatically resend webxdcs at all.
+pub(crate) async fn resend_msgs_ex(
+    context: &Context,
+    msg_ids: &[MsgId],
+    to_fingerprint: Option<Fingerprint>,
+) -> Result<()> {
+    let to_fingerprint = to_fingerprint.map(|f| f.hex());
     let mut msgs: Vec<Message> = Vec::new();
     for msg_id in msg_ids {
         let msg = Message::load_from_db(context, *msg_id).await?;
@@ -4678,10 +4756,17 @@ pub async fn resend_msgs(context: &Context, msg_ids: &[MsgId]) -> Result<()> {
             | MessageState::OutFailed
             | MessageState::OutDelivered
             | MessageState::OutMdnRcvd => {
-                message::update_msg_state(context, msg.id, MessageState::OutPending).await?
+                // Broadcast owners shouldn't see spinners on messages being auto-re-sent to new
+                // subscribers (otherwise big channel owners will see spinners most of the time).
+                if to_fingerprint.is_none() {
+                    message::update_msg_state(context, msg.id, MessageState::OutPending).await?;
+                }
             }
             msg_state => bail!("Unexpected message state {msg_state}"),
         }
+        if let Some(to_fingerprint) = &to_fingerprint {
+            msg.param.set(Param::Arg4, to_fingerprint.clone());
+        }
         if create_send_msg_jobs(context, &mut msg).await?.is_empty() {
             continue;
         }
@@ -4693,7 +4778,8 @@ pub async fn resend_msgs(context: &Context, msg_ids: &[MsgId]) -> Result<()> {
             chat_id: msg.chat_id,
             msg_id: msg.id,
         });
-        // note(treefit): only matters if it is the last message in chat (but probably to expensive to check, debounce also solves it)
+        // The event only matters if the message is last in the chat.
+        // But it's probably too expensive check, and UIs anyways need to debounce.
         chatlist_events::emit_chatlist_item_changed(context, msg.chat_id);
 
         if msg.viewtype == Viewtype::Webxdc {
@@ -4943,15 +5029,8 @@ pub(crate) async fn add_info_msg_with_cmd(
         ts
     } else {
         let sort_to_bottom = true;
-        let (received, incoming) = (false, false);
         chat_id
-            .calc_sort_timestamp(
-                context,
-                smeared_time(context),
-                sort_to_bottom,
-                received,
-                incoming,
-            )
+            .calc_sort_timestamp(context, smeared_time(context), sort_to_bottom)
             .await?
     };
 
@@ -5029,7 +5108,7 @@ async fn set_contacts_by_addrs(context: &Context, id: ChatId, addrs: &[String])
         chat.typ == Chattype::OutBroadcast,
         "{id} is not a broadcast list",
     );
-    let mut contacts = HashSet::new();
+    let mut contacts = BTreeSet::new();
     for addr in addrs {
         let contact_addr = ContactAddress::new(addr)?;
         let contact = Contact::add_or_lookup(context, "", &contact_addr, Origin::Hidden)
@@ -5037,7 +5116,7 @@ async fn set_contacts_by_addrs(context: &Context, id: ChatId, addrs: &[String])
             .0;
         contacts.insert(contact);
     }
-    let contacts_old = HashSet::<ContactId>::from_iter(get_chat_contacts(context, id).await?);
+    let contacts_old = BTreeSet::<ContactId>::from_iter(get_chat_contacts(context, id).await?);
     if contacts == contacts_old {
         return Ok(());
     }

src/chat/chat_tests.rs

@@ -3,11 +3,11 @@ use std::sync::Arc;
 use super::*;
 use crate::Event;
 use crate::chatlist::get_archived_cnt;
-use crate::constants::{DC_GCL_ARCHIVED_ONLY, DC_GCL_NO_SPECIALS};
+use crate::constants::{DC_GCL_ARCHIVED_ONLY, DC_GCL_NO_SPECIALS, N_MSGS_TO_NEW_BROADCAST_MEMBER};
 use crate::ephemeral::Timer;
 use crate::headerdef::HeaderDef;
 use crate::imex::{ImexMode, has_backup, imex};
-use crate::message::{MessengerMessage, delete_msgs};
+use crate::message::{Message, MessengerMessage, delete_msgs};
 use crate::mimeparser::{self, MimeMessage};
 use crate::receive_imf::receive_imf;
 use crate::securejoin::{get_securejoin_qr, join_securejoin};
@@ -806,7 +806,7 @@ async fn test_self_talk() -> Result<()> {
     assert!(chat.visibility == ChatVisibility::Normal);
     assert!(!chat.is_device_talk());
     assert!(chat.can_send(&t).await?);
-    assert_eq!(chat.name, stock_str::saved_messages(&t).await);
+    assert_eq!(chat.name, stock_str::saved_messages(&t));
     assert!(chat.get_profile_image(&t).await?.is_some());
 
     let msg_id = send_text_msg(&t, chat.id, "foo self".to_string()).await?;
@@ -911,7 +911,7 @@ async fn test_add_device_msg_labelled() -> Result<()> {
     assert!(!chat.can_send(&t).await?);
     assert!(chat.why_cant_send(&t).await? == Some(CantSendReason::DeviceChat));
 
-    assert_eq!(chat.name, stock_str::device_messages(&t).await);
+    assert_eq!(chat.name, stock_str::device_messages(&t));
     let device_msg_icon = chat.get_profile_image(&t).await?.unwrap();
     assert_eq!(
         device_msg_icon.metadata()?.len(),
@@ -2692,6 +2692,49 @@ async fn test_resend_own_message() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_resend_doesnt_resort_msg() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let alice_grp = create_group(alice, "").await?;
+    let sent1 = alice.send_text(alice_grp, "hi").await;
+    let sent1_ts = Message::load_from_db(alice, sent1.sender_msg_id)
+        .await?
+        .timestamp_sort;
+
+    SystemTime::shift(Duration::from_secs(60));
+    add_contact_to_chat(alice, alice_grp, alice.add_or_lookup_contact_id(bob).await).await?;
+    let sent2 = alice
+        .send_text(
+            alice_grp,
+            "Let's test resending, there are very few tests on it",
+        )
+        .await;
+    let resent_msg_id = sent1.sender_msg_id;
+    resend_msgs(alice, &[resent_msg_id]).await?;
+    assert_eq!(
+        resent_msg_id.get_state(alice).await?,
+        MessageState::OutPending
+    );
+    alice.pop_sent_msg().await;
+    assert_eq!(
+        resent_msg_id.get_state(alice).await?,
+        MessageState::OutDelivered
+    );
+    assert_eq!(
+        Message::load_from_db(alice, sent1.sender_msg_id)
+            .await?
+            .timestamp_sort,
+        sent1_ts
+    );
+    assert_eq!(
+        alice.get_last_msg_id_in(alice_grp).await,
+        sent2.sender_msg_id
+    );
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_resend_foreign_message_fails() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -2792,7 +2835,7 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&vc_pubkey).await;
-        assert!(parsed_by_bob.decrypting_failed);
+        assert!(parsed_by_bob.decryption_error.is_some());
 
         charlie.recv_msg_trash(&vc_pubkey).await;
     }
@@ -2805,6 +2848,15 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
             "alice@example.org charlie@example.net"
         );
 
+        // Check additionally that subscribers don't send "Chat-Group-Name*" headers.
+        let parsed = alice.parse_msg(&request_with_auth).await;
+        assert!(parsed.get_header(HeaderDef::ChatGroupName).is_none());
+        assert!(
+            parsed
+                .get_header(HeaderDef::ChatGroupNameTimestamp)
+                .is_none()
+        );
+
         alice.recv_msg_trash(&request_with_auth).await;
     }
 
@@ -2821,7 +2873,7 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&member_added).await;
-        assert!(parsed_by_bob.decrypting_failed);
+        assert!(parsed_by_bob.decryption_error.is_some());
 
         let rcvd = charlie.recv_msg(&member_added).await;
         assert_eq!(rcvd.param.get_cmd(), SystemMessage::MemberAddedToGroup);
@@ -2836,7 +2888,7 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&hi_msg).await;
-        assert_eq!(parsed_by_bob.decrypting_failed, false);
+        assert!(parsed_by_bob.decryption_error.is_none());
     }
 
     tcm.section("Alice removes Charlie. Bob must not see it.");
@@ -2853,7 +2905,7 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&member_removed).await;
-        assert!(parsed_by_bob.decrypting_failed);
+        assert!(parsed_by_bob.decryption_error.is_some());
 
         let rcvd = charlie.recv_msg(&member_removed).await;
         assert_eq!(rcvd.param.get_cmd(), SystemMessage::MemberRemovedFromGroup);
@@ -2947,6 +2999,56 @@ async fn test_broadcast_change_name() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_broadcast_resend_to_new_member() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let fiona = &tcm.fiona().await;
+
+    let alice_bc_id = create_broadcast(alice, "Channel".to_string()).await?;
+    let qr = get_securejoin_qr(alice, Some(alice_bc_id)).await.unwrap();
+
+    tcm.exec_securejoin_qr(bob, alice, &qr).await;
+    let mut alice_msg_ids = Vec::new();
+    for i in 0..(N_MSGS_TO_NEW_BROADCAST_MEMBER + 1) {
+        alice_msg_ids.push(
+            alice
+                .send_text(alice_bc_id, &i.to_string())
+                .await
+                .sender_msg_id,
+        );
+    }
+    let fiona_bc_id = tcm.exec_securejoin_qr(fiona, alice, &qr).await;
+    for msg_id in alice_msg_ids {
+        assert_eq!(msg_id.get_state(alice).await?, MessageState::OutDelivered);
+    }
+    for i in 0..N_MSGS_TO_NEW_BROADCAST_MEMBER {
+        let rev_order = false;
+        let resent_msg = alice
+            .pop_sent_msg_ex(rev_order, Duration::ZERO)
+            .await
+            .unwrap();
+        let fiona_msg = fiona.recv_msg(&resent_msg).await;
+        assert_eq!(fiona_msg.chat_id, fiona_bc_id);
+        assert_eq!(fiona_msg.text, (i + 1).to_string());
+        assert!(resent_msg.recipients.contains("fiona@example.net"));
+        assert!(!resent_msg.recipients.contains("bob@"));
+        // The message is undecryptable for Bob, he mustn't be able to know yet that somebody joined
+        // the broadcast even if he is a postman in this land. E.g. Fiona may leave after fetching
+        // the news, Bob won't know about that.
+        assert!(
+            MimeMessage::from_bytes(bob, resent_msg.payload().as_bytes())
+                .await?
+                .decryption_error
+                .is_some()
+        );
+        bob.recv_msg_trash(&resent_msg).await;
+    }
+    assert!(alice.pop_sent_msg_opt(Duration::ZERO).await.is_none());
+    Ok(())
+}
+
 /// - Alice has multiple devices
 /// - Alice creates a broadcast and sends a message into it
 /// - Alice's second device sees the broadcast
@@ -3335,7 +3437,12 @@ async fn test_chat_description(
         initial_description
     );
 
-    for description in ["This is a cool chat", "", "ä ẟ 😂"] {
+    for description in [
+        &"This<>is 'a' \"cool\" chat:/\\|?*".repeat(50),
+        "multiple\nline\n\nbreaks\n\n\r\n.",
+        "",
+        "ä ẟ 😂",
+    ] {
         tcm.section(&format!(
             "Alice sets the chat description to '{description}'"
         ));
@@ -3763,14 +3870,7 @@ async fn test_leave_broadcast_multidevice() -> Result<()> {
     // The contact should be marked as verified.
     check_direct_chat_is_hidden_and_contact_is_verified(alice, bob0).await;
     check_direct_chat_is_hidden_and_contact_is_verified(bob0, alice).await;
-
-    // TODO: There is a known bug in `observe_securejoin_on_other_device()`:
-    // When Bob joins a group or broadcast with his first device,
-    // then a chat with Alice will pop up on his second device.
-    // When it's fixed, the 2 following lines can be replaced with
-    // `check_direct_chat_is_hidden_and_contact_is_verified(bob1, alice).await;`
-    let bob1_alice_contact = bob1.add_or_lookup_contact_no_key(alice).await;
-    assert!(bob1_alice_contact.is_verified(bob1).await.unwrap());
+    check_direct_chat_is_hidden_and_contact_is_verified(bob1, alice).await;
 
     tcm.section("Alice sends first message to broadcast.");
     let sent_msg = alice.send_text(alice_chat_id, "Hello!").await;
@@ -3792,7 +3892,7 @@ async fn test_leave_broadcast_multidevice() -> Result<()> {
     assert_eq!(rcvd.chat_id, bob1_hello.chat_id);
     assert!(rcvd.is_info());
     assert_eq!(rcvd.get_info_type(), SystemMessage::MemberRemovedFromGroup);
-    assert_eq!(rcvd.text, stock_str::msg_you_left_broadcast(bob1).await);
+    assert_eq!(rcvd.text, stock_str::msg_you_left_broadcast(bob1));
 
     Ok(())
 }
@@ -5029,6 +5129,31 @@ async fn test_do_not_overwrite_draft() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_outgoing_msg_after_another_from_future() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let t = &tcm.alice().await;
+    let chat_id = t.get_self_chat().await.id;
+
+    // Simulate sending a message with clock set to the future.
+    SystemTime::shift(Duration::from_secs(3600));
+    let msg_id = send_text_msg(t, chat_id, "test".to_string()).await?;
+    SystemTime::shift_back(Duration::from_secs(3600));
+
+    let timestamp_sent: i64 = t
+        .sql
+        .query_get_value("SELECT timestamp_sent FROM msgs WHERE id=?", (msg_id,))
+        .await?
+        .unwrap();
+    // Let's have a check here that locally sent messages have zero `timestamp_sent`, it can be a
+    // useful invariant.
+    assert_eq!(timestamp_sent, 0);
+
+    let msg_id = send_text_msg(t, chat_id, "Fixed my clock".to_string()).await?;
+    assert_eq!(t.get_last_msg_in(chat_id).await.id, msg_id);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_info_contact_id() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -6107,3 +6232,118 @@ async fn test_leftgrps() -> Result<()> {
 
     Ok(())
 }
+
+/// Tests that if the message arrives late,
+/// it can still be sorted above the last seen message.
+///
+/// Versions 2.47 and below always sorted incoming messages
+/// after the last seen message, but with
+/// the introduction of multi-relay it is possible
+/// that some messages arrive only to some relays
+/// and are fetched after the already arrived seen message.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_late_message_above_seen() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let charlie = &tcm.charlie().await;
+
+    let alice_chat_id = alice
+        .create_group_with_members("Group", &[bob, charlie])
+        .await;
+    let alice_sent = alice.send_text(alice_chat_id, "Hello everyone!").await;
+    let bob_chat_id = bob.recv_msg(&alice_sent).await.chat_id;
+    bob_chat_id.accept(bob).await?;
+    let charlie_chat_id = charlie.recv_msg(&alice_sent).await.chat_id;
+    charlie_chat_id.accept(charlie).await?;
+
+    // Bob sends a message, but the message is delayed.
+    let bob_sent = bob.send_text(bob_chat_id, "Hello from Bob!").await;
+    SystemTime::shift(Duration::from_secs(1000));
+
+    let charlie_sent = charlie
+        .send_text(charlie_chat_id, "Hello from Charlie!")
+        .await;
+
+    // Alice immediately receives a message from Charlie and reads it.
+    let alice_received_from_charlie = alice.recv_msg(&charlie_sent).await;
+    assert_eq!(
+        alice_received_from_charlie.get_text(),
+        "Hello from Charlie!"
+    );
+    message::markseen_msgs(alice, vec![alice_received_from_charlie.id]).await?;
+
+    // Bob message arrives later, it should be above the message from Charlie.
+    let alice_received_from_bob = alice.recv_msg(&bob_sent).await;
+    assert_eq!(alice_received_from_bob.get_text(), "Hello from Bob!");
+
+    // The last message in the chat is still from Charlie.
+    let last_msg = alice.get_last_msg_in(alice_chat_id).await;
+    assert_eq!(last_msg.get_text(), "Hello from Charlie!");
+
+    Ok(())
+}
+
+/// Tests that start message for unpromoted groups sticks to the top of the chat.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_unpromoted_group_start_message() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    // Start messages are disabled for test context by default,
+    // but this test is specifically about start messages.
+    alice.set_config(Config::SkipStartMessages, None).await?;
+
+    // Shift the clock forward, so we can rewind it back later.
+    SystemTime::shift(Duration::from_secs(3600));
+
+    // Alice creates unpromoted group with Bob.
+    let chat_id = create_group(alice, "Group").await?;
+    let bob_id = alice.add_or_lookup_contact_id(bob).await;
+    add_contact_to_chat(alice, chat_id, bob_id).await?;
+
+    let [
+        ChatItem::Message {
+            msg_id: e2ee_msg_id,
+        },
+        ChatItem::Message {
+            msg_id: info_msg_id,
+        },
+    ] = get_chat_msgs(alice, chat_id).await?[..]
+    else {
+        panic!("Expected two messages in the chat");
+    };
+    let msg = Message::load_from_db(alice, e2ee_msg_id).await?;
+    assert_eq!(msg.text, "Messages are end-to-end encrypted.");
+    let msg = Message::load_from_db(alice, info_msg_id).await?;
+    assert_eq!(
+        msg.text,
+        "Others will only see this group after you sent a first message."
+    );
+
+    // Alice rewinds the clock.
+    SystemTime::shift_back(Duration::from_secs(3600));
+
+    let text_msg_id = send_text_msg(alice, chat_id, "Hello".to_string()).await?;
+
+    let [
+        ChatItem::Message {
+            msg_id: e2ee_msg_id2,
+        },
+        ChatItem::Message {
+            msg_id: info_msg_id2,
+        },
+        ChatItem::Message {
+            msg_id: text_msg_id2,
+        },
+    ] = get_chat_msgs(alice, chat_id).await?[..]
+    else {
+        panic!("Expected three messages in the chat");
+    };
+    assert_eq!(e2ee_msg_id2, e2ee_msg_id);
+    assert_eq!(info_msg_id2, info_msg_id);
+    assert_eq!(text_msg_id2, text_msg_id);
+
+    Ok(())
+}

src/chatlist.rs

@@ -142,7 +142,7 @@ impl Chatlist {
                    AND c.blocked!=1
                    AND c.id IN(SELECT chat_id FROM chats_contacts WHERE contact_id=?2 AND add_timestamp >= remove_timestamp)
                  GROUP BY c.id
-                 ORDER BY c.archived=?3 DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                 ORDER BY c.archived=?3 DESC, IFNULL(NULLIF(m.timestamp,0),c.created_timestamp) DESC, m.id DESC;",
                 (MessageState::OutDraft, query_contact_id, ChatVisibility::Pinned),
                 process_row,
             ).await?
@@ -168,7 +168,7 @@ impl Chatlist {
                    AND c.blocked!=1
                    AND c.archived=1
                  GROUP BY c.id
-                 ORDER BY IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                 ORDER BY IFNULL(NULLIF(m.timestamp,0),c.created_timestamp) DESC, m.id DESC;",
                     (MessageState::OutDraft,),
                     process_row,
                 )
@@ -204,7 +204,7 @@ impl Chatlist {
                    AND IFNULL(c.name_normalized,c.name) LIKE ?3
                    AND (NOT ?4 OR EXISTS (SELECT 1 FROM msgs m WHERE m.chat_id = c.id AND m.state == ?5 AND hidden=0))
                  GROUP BY c.id
-                 ORDER BY IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                 ORDER BY IFNULL(NULLIF(m.timestamp,0),c.created_timestamp) DESC, m.id DESC;",
                     (MessageState::OutDraft, skip_id, str_like_cmd, only_unread, MessageState::InFresh),
                     process_row,
                 )
@@ -253,7 +253,7 @@ impl Chatlist {
                        AND NOT c.archived=?
                        AND (c.type!=? OR c.id IN(SELECT chat_id FROM chats_contacts WHERE contact_id=? AND add_timestamp >= remove_timestamp))
                      GROUP BY c.id
-                     ORDER BY c.id=? DESC, c.archived=? DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                     ORDER BY c.id=? DESC, c.archived=? DESC, IFNULL(NULLIF(m.timestamp,0),c.created_timestamp) DESC, m.id DESC;",
                     (
                         MessageState::OutDraft, skip_id, ChatVisibility::Archived,
                         Chattype::Group, ContactId::SELF,
@@ -279,7 +279,7 @@ impl Chatlist {
                        AND (c.blocked=0 OR c.blocked=2)
                        AND NOT c.archived=?
                      GROUP BY c.id
-                     ORDER BY c.id=0 DESC, c.archived=? DESC, IFNULL(m.timestamp,c.created_timestamp) DESC, m.id DESC;",
+                     ORDER BY c.id=0 DESC, c.archived=? DESC, IFNULL(NULLIF(m.timestamp,0),c.created_timestamp) DESC, m.id DESC;",
                     (MessageState::OutDraft, skip_id, ChatVisibility::Archived, ChatVisibility::Pinned),
                     process_row,
                 ).await?
@@ -417,7 +417,7 @@ impl Chatlist {
             Summary::new_with_reaction_details(context, &lastmsg, chat, lastcontact.as_ref()).await
         } else {
             Ok(Summary {
-                text: stock_str::no_messages(context).await,
+                text: stock_str::no_messages(context),
                 ..Default::default()
             })
         }
@@ -648,7 +648,6 @@ mod tests {
         assert_eq!(chats.len(), 0);
 
         t.set_stock_translation(StockMessage::SavedMessages, "test-1234-save".to_string())
-            .await
             .unwrap();
         let chats = Chatlist::try_load(&t, 0, Some("t-1234-s"), None)
             .await
@@ -656,7 +655,6 @@ mod tests {
         assert_eq!(chats.len(), 1);
 
         t.set_stock_translation(StockMessage::DeviceMessages, "test-5678-babbel".to_string())
-            .await
             .unwrap();
         let chats = Chatlist::try_load(&t, 0, Some("t-5678-b"), None)
             .await

src/config.rs

@@ -42,50 +42,85 @@ use crate::{constants, stats};
 )]
 #[strum(serialize_all = "snake_case")]
 pub enum Config {
+    /// Deprecated(2026-04).
+    /// Use ConfiguredAddr, [`crate::login_param::EnteredLoginParam`],
+    /// or add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Email address, used in the `From:` field.
     Addr,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// IMAP server hostname.
     MailServer,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// IMAP server username.
     MailUser,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// IMAP server password.
     MailPw,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// IMAP server port.
     MailPort,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// IMAP server security (e.g. TLS, STARTTLS).
     MailSecurity,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// How to check TLS certificates.
     ///
     /// "IMAP" in the name is for compatibility,
     /// this actually applies to both IMAP and SMTP connections.
     ImapCertificateChecks,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// SMTP server hostname.
     SendServer,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// SMTP server username.
     SendUser,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// SMTP server password.
     SendPw,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// SMTP server port.
     SendPort,
 
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// SMTP server security (e.g. TLS, STARTTLS).
     SendSecurity,
 
-    /// Deprecated option for backwards compatibility.
+    /// Deprecated(2026-04).
+    /// Use EnteredLoginParam and add_transport{from_qr}()/list_transports() instead.
     ///
-    /// Certificate checks for SMTP are actually controlled by `imap_certificate_checks` config.
-    SmtpCertificateChecks,
-
     /// Whether to use OAuth 2.
     ///
     /// Historically contained other bitflags, which are now deprecated.
@@ -155,18 +190,6 @@ pub enum Config {
     #[strum(props(default = "1"))]
     MdnsEnabled,
 
-    /// True if chat messages should be moved to a separate folder. Auto-sent messages like sync
-    /// ones are moved there anyway.
-    #[strum(props(default = "1"))]
-    MvboxMove,
-
-    /// Watch for new messages in the "Mvbox" (aka DeltaChat folder) only.
-    ///
-    /// This will not entirely disable other folders, e.g. the spam folder will also still
-    /// be watched for new messages.
-    #[strum(props(default = "0"))]
-    OnlyFetchMvbox,
-
     /// Whether to show classic emails or only chat messages.
     #[strum(props(default = "2"))] // also change ShowEmails.default() on changes
     ShowEmails,
@@ -197,32 +220,47 @@ pub enum Config {
     /// The primary email address.
     ConfiguredAddr,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// List of configured IMAP servers as a JSON array.
     ConfiguredImapServers,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured IMAP server hostname.
     ///
     /// This is replaced by `configured_imap_servers` for new configurations.
     ConfiguredMailServer,
 
-    /// Configured IMAP server port.
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
     ///
-    /// This is replaced by `configured_imap_servers` for new configurations.
+    /// Configured IMAP server port.
     ConfiguredMailPort,
 
-    /// Configured IMAP server security (e.g. TLS, STARTTLS).
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
     ///
-    /// This is replaced by `configured_imap_servers` for new configurations.
+    /// Configured IMAP server security (e.g. TLS, STARTTLS).
     ConfiguredMailSecurity,
 
-    /// Configured IMAP server username.
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
     ///
-    /// This is set if user has configured username manually.
+    /// Configured IMAP server username.
     ConfiguredMailUser,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured IMAP server password.
     ConfiguredMailPw,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured TLS certificate checks.
     /// This option is saved on successful configuration
     /// and should not be modified manually.
@@ -231,52 +269,68 @@ pub enum Config {
     /// but has "IMAP" in the name for backwards compatibility.
     ConfiguredImapCertificateChecks,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// List of configured SMTP servers as a JSON array.
     ConfiguredSmtpServers,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured SMTP server hostname.
     ///
     /// This is replaced by `configured_smtp_servers` for new configurations.
     ConfiguredSendServer,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured SMTP server port.
     ///
     /// This is replaced by `configured_smtp_servers` for new configurations.
     ConfiguredSendPort,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured SMTP server security (e.g. TLS, STARTTLS).
     ///
     /// This is replaced by `configured_smtp_servers` for new configurations.
     ConfiguredSendSecurity,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured SMTP server username.
     ///
     /// This is set if user has configured username manually.
     ConfiguredSendUser,
 
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
+    ///
     /// Configured SMTP server password.
     ConfiguredSendPw,
 
-    /// Deprecated, stored for backwards compatibility.
+    /// Deprecated(2026-04).
+    /// Use ConfiguredLoginParam and add_transport{from_qr}()/list_transports() instead.
     ///
-    /// ConfiguredImapCertificateChecks is actually used.
-    ConfiguredSmtpCertificateChecks,
-
     /// Whether OAuth 2 is used with configured provider.
     ConfiguredServerFlags,
 
     /// Configured folder for incoming messages.
     ConfiguredInboxFolder,
 
-    /// Configured folder for chat messages.
-    ConfiguredMvboxFolder,
-
     /// Unix timestamp of the last successful configuration.
     ConfiguredTimestamp,
 
     /// ID of the configured provider from the provider database.
     ConfiguredProvider,
 
+    /// Deprecated(2026-04).
+    /// Use [`Context::is_configured()`] instead.
+    ///
     /// True if account is configured.
     Configured,
 
@@ -467,7 +521,6 @@ impl Config {
             self,
             Self::Displayname
                 | Self::MdnsEnabled
-                | Self::MvboxMove
                 | Self::ShowEmails
                 | Self::Selfavatar
                 | Self::Selfstatus,
@@ -476,10 +529,7 @@ impl Config {
 
     /// Whether the config option needs an IO scheduler restart to take effect.
     pub(crate) fn needs_io_restart(&self) -> bool {
-        matches!(
-            self,
-            Config::MvboxMove | Config::OnlyFetchMvbox | Config::ConfiguredAddr
-        )
+        matches!(self, Config::ConfiguredAddr)
     }
 }
 
@@ -594,13 +644,6 @@ impl Context {
             .is_some_and(|x| x != 0))
     }
 
-    /// Returns true if movebox ("DeltaChat" folder) should be watched.
-    pub(crate) async fn should_watch_mvbox(&self) -> Result<bool> {
-        Ok(self.get_config_bool(Config::MvboxMove).await?
-            || self.get_config_bool(Config::OnlyFetchMvbox).await?
-            || !self.get_config_bool(Config::IsChatmail).await?)
-    }
-
     /// Returns true if sync messages should be sent.
     pub(crate) async fn should_send_sync_msgs(&self) -> Result<bool> {
         Ok(self.get_config_bool(Config::SyncMsgs).await?
@@ -682,8 +725,6 @@ impl Context {
             | Config::ProxyEnabled
             | Config::BccSelf
             | Config::MdnsEnabled
-            | Config::MvboxMove
-            | Config::OnlyFetchMvbox
             | Config::Configured
             | Config::Bot
             | Config::NotifyAboutWrongPw
@@ -706,11 +747,6 @@ impl Context {
     pub async fn set_config(&self, key: Config, value: Option<&str>) -> Result<()> {
         Self::check_config(key, value)?;
 
-        let n_transports = self.count_transports().await?;
-        if n_transports > 1 && matches!(key, Config::MvboxMove | Config::OnlyFetchMvbox) {
-            bail!("Cannot reconfigure {key} when multiple transports are configured");
-        }
-
         let _pause = match key.needs_io_restart() {
             true => self.scheduler.pause(self).await?,
             _ => Default::default(),
@@ -789,12 +825,6 @@ impl Context {
                     .set_raw_config(key.as_ref(), value.map(|s| s.to_lowercase()).as_deref())
                     .await?;
             }
-            Config::MvboxMove => {
-                self.sql.set_raw_config(key.as_ref(), value).await?;
-                self.sql
-                    .set_raw_config(constants::DC_FOLDERS_CONFIGURED_KEY, None)
-                    .await?;
-            }
             Config::ConfiguredAddr => {
                 let Some(addr) = value else {
                     bail!("Cannot unset configured_addr");

src/config/config_tests.rs

@@ -196,11 +196,11 @@ async fn test_sync() -> Result<()> {
     sync(&alice0, &alice1).await;
     assert_eq!(alice1.get_config_bool(Config::MdnsEnabled).await?, false);
 
-    for key in [Config::ShowEmails, Config::MvboxMove] {
-        let val = alice0.get_config_bool(key).await?;
-        alice0.set_config_bool(key, !val).await?;
+    {
+        let val = alice0.get_config_bool(Config::ShowEmails).await?;
+        alice0.set_config_bool(Config::ShowEmails, !val).await?;
         sync(&alice0, &alice1).await;
-        assert_eq!(alice1.get_config_bool(key).await?, !val);
+        assert_eq!(alice1.get_config_bool(Config::ShowEmails).await?, !val);
     }
 
     // `Config::SyncMsgs` mustn't be synced.
@@ -246,8 +246,7 @@ async fn test_sync() -> Result<()> {
         alice1
             .get_config(Config::Selfavatar)
             .await?
-            .filter(|path| path.ends_with(".png"))
-            .is_some()
+            .is_some_and(|path| path.ends_with(".png"))
     );
     alice0.set_config(Config::Selfavatar, None).await?;
     sync(&alice0, &alice1).await;
@@ -305,16 +304,14 @@ async fn test_no_sync_on_self_sent_msg() -> Result<()> {
         alice1
             .get_config(Config::Selfavatar)
             .await?
-            .filter(|path| path.ends_with(".jpg"))
-            .is_some()
+            .is_some_and(|path| path.ends_with(".jpg"))
     );
     sync(alice1, alice0).await;
     assert!(
         alice0
             .get_config(Config::Selfavatar)
             .await?
-            .filter(|path| path.ends_with(".jpg"))
-            .is_some()
+            .is_some_and(|path| path.ends_with(".jpg"))
     );
 
     Ok(())

src/configure.rs

@@ -76,7 +76,7 @@ impl Context {
     /// Deprecated since 2025-02; use `add_transport_from_qr()`
     /// or `add_or_update_transport()` instead.
     pub async fn configure(&self) -> Result<()> {
-        let mut param = EnteredLoginParam::load(self).await?;
+        let mut param = EnteredLoginParam::load_legacy(self).await?;
 
         self.add_transport_inner(&mut param).await
     }
@@ -146,11 +146,11 @@ impl Context {
         if let Err(err) = res.as_ref() {
             // We are using Anyhow's .context() and to show the
             // inner error, too, we need the {:#}:
-            let error_msg = stock_str::configuration_failed(self, &format!("{err:#}")).await;
+            let error_msg = stock_str::configuration_failed(self, &format!("{err:#}"));
             progress!(self, 0, Some(error_msg.clone()));
             bail!(error_msg);
         } else {
-            param.save(self).await?;
+            param.save_legacy(self).await?;
             progress!(self, 1000);
         }
 
@@ -243,11 +243,6 @@ impl Context {
                         Ok((id, add_timestamp))
                     },
                 )?;
-                transaction.execute("DELETE FROM imap WHERE transport_id=?", (transport_id,))?;
-                transaction.execute(
-                    "DELETE FROM imap_sync WHERE transport_id=?",
-                    (transport_id,),
-                )?;
 
                 // Removal timestamp should not be lower than addition timestamp
                 // to be accepted by other devices when synced.
@@ -266,6 +261,7 @@ impl Context {
             .await?;
         send_sync_transports(self).await?;
         self.quota.write().await.remove(&removed_transport_id);
+        self.restart_io_if_running().await;
 
         Ok(())
     }
@@ -320,31 +316,16 @@ impl Context {
                     (&param.addr,),
                 )
                 .await?
-        {
-            // Should be checked before `MvboxMove` because the latter makes no sense in presense of
-            // `OnlyFetchMvbox` and even grayed out in the UIs in this case.
-            if self.get_config(Config::OnlyFetchMvbox).await?.as_deref() != Some("0") {
-                bail!(
-                    "To use additional relays, disable the legacy option \"Settings / Advanced / Only Fetch from DeltaChat Folder\"."
-                );
-            }
-            if self.get_config(Config::MvboxMove).await?.as_deref() != Some("0") {
-                bail!(
-                    "To use additional relays, disable the legacy option \"Settings / Advanced / Move automatically to DeltaChat Folder\"."
-                );
-            }
-
-            if self
+            && self
                 .sql
                 .count("SELECT COUNT(*) FROM transports", ())
                 .await?
                 >= MAX_TRANSPORT_RELAYS
-            {
-                bail!(
-                    "You have reached the maximum number of relays ({}).",
-                    MAX_TRANSPORT_RELAYS
-                )
-            }
+        {
+            bail!(
+                "You have reached the maximum number of relays ({}).",
+                MAX_TRANSPORT_RELAYS
+            )
         }
 
         let provider = match configure(self, param).await {
@@ -557,6 +538,7 @@ async fn get_configured_param(
             .collect(),
         imap_user: param.imap.user.clone(),
         imap_password: param.imap.password.clone(),
+        imap_folder: Some(param.imap.folder.clone()).filter(|folder| !folder.is_empty()),
         smtp: servers
             .iter()
             .filter_map(|params| {
@@ -637,10 +619,7 @@ async fn configure(ctx: &Context, param: &EnteredLoginParam) -> Result<Option<&'
     let imap_session = match imap.connect(ctx, configuring).await {
         Ok(imap_session) => imap_session,
         Err(err) => {
-            bail!(
-                "{}",
-                nicer_configuration_error(ctx, format!("{err:#}")).await
-            );
+            bail!("{}", nicer_configuration_error(ctx, format!("{err:#}")));
         }
     };
 
@@ -652,10 +631,6 @@ async fn configure(ctx: &Context, param: &EnteredLoginParam) -> Result<Option<&'
     progress!(ctx, 900);
 
     let is_configured = ctx.is_configured().await?;
-    if !is_configured {
-        ctx.sql.set_raw_config("mvbox_move", Some("0")).await?;
-        ctx.sql.set_raw_config("only_fetch_mvbox", None).await?;
-    }
     if !ctx.get_config_bool(Config::FixIsChatmail).await? {
         if imap_session.is_chatmail() {
             ctx.sql.set_raw_config("is_chatmail", Some("1")).await?;
@@ -781,7 +756,7 @@ async fn get_autoconfig(
     None
 }
 
-async fn nicer_configuration_error(context: &Context, e: String) -> String {
+fn nicer_configuration_error(context: &Context, e: String) -> String {
     if e.to_lowercase().contains("could not resolve")
         || e.to_lowercase().contains("connection attempts")
         || e.to_lowercase()
@@ -790,7 +765,7 @@ async fn nicer_configuration_error(context: &Context, e: String) -> String {
         || e.to_lowercase()
             .contains("failed to lookup address information")
     {
-        return stock_str::error_no_network(context).await;
+        return stock_str::error_no_network(context);
     }
 
     e
@@ -819,7 +794,7 @@ pub enum Error {
 mod tests {
     use super::*;
     use crate::config::Config;
-    use crate::login_param::EnteredServerLoginParam;
+    use crate::login_param::EnteredImapLoginParam;
     use crate::test_utils::TestContext;
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -838,7 +813,7 @@ mod tests {
         let entered_param = EnteredLoginParam {
             addr: "alice@example.org".to_string(),
 
-            imap: EnteredServerLoginParam {
+            imap: EnteredImapLoginParam {
                 user: "alice@example.net".to_string(),
                 password: "foobar".to_string(),
                 ..Default::default()

src/constants.rs

@@ -199,7 +199,7 @@ pub const WORSE_IMAGE_BYTES: usize = 130_000;
 // max. width/height and bytes of an avatar
 pub(crate) const BALANCED_AVATAR_SIZE: u32 = 512;
 pub(crate) const BALANCED_AVATAR_BYTES: usize = 60_000;
-pub(crate) const WORSE_AVATAR_SIZE: u32 = 128;
+pub(crate) const WORSE_AVATAR_SIZE: u32 = 256;
 pub(crate) const WORSE_AVATAR_BYTES: usize = 20_000; // this also fits to Outlook servers don't allowing headers larger than 32k.
 
 // max. width/height of images scaled down because of being too huge
@@ -210,11 +210,6 @@ pub const WORSE_IMAGE_SIZE: u32 = 640;
 /// usage by UIs.
 pub const MAX_RCVD_IMAGE_PIXELS: u32 = 50_000_000;
 
-// Key for the folder configuration version (see below).
-pub(crate) const DC_FOLDERS_CONFIGURED_KEY: &str = "folders_configured";
-// this value can be increased if the folder configuration is changed and must be redone on next program start
-pub(crate) const DC_FOLDERS_CONFIGURED_VERSION: i32 = 5;
-
 // If more recipients are needed in SMTP's `RCPT TO:` header, the recipient list is split into
 // chunks. This does not affect MIME's `To:` header. Can be overwritten by setting
 // `max_smtp_rcpt_to` in the provider db.
@@ -249,6 +244,9 @@ Here is what to do:
 
 If you have any questions, please send an email to delta@merlinux.eu or ask at https://support.delta.chat/."#;
 
+/// How many recent messages should be re-sent to a new broadcast member.
+pub(crate) const N_MSGS_TO_NEW_BROADCAST_MEMBER: usize = 10;
+
 #[cfg(test)]
 mod tests {
     use num_traits::FromPrimitive;

src/contact.rs

@@ -688,7 +688,7 @@ impl Contact {
             .await?
         {
             if contact_id == ContactId::SELF {
-                contact.name = stock_str::self_msg(context).await;
+                contact.name = stock_str::self_msg(context);
                 contact.authname = context
                     .get_config(Config::Displayname)
                     .await?
@@ -705,9 +705,9 @@ impl Contact {
                     .await?
                     .unwrap_or_default();
             } else if contact_id == ContactId::DEVICE {
-                contact.name = stock_str::device_messages(context).await;
+                contact.name = stock_str::device_messages(context);
                 contact.addr = ContactId::DEVICE_ADDR.to_string();
-                contact.status = stock_str::device_messages_hint(context).await;
+                contact.status = stock_str::device_messages_hint(context);
             }
             Ok(Some(contact))
         } else {
@@ -1182,7 +1182,9 @@ VALUES (?, ?, ?, ?, ?, ?)
         let mut ret = Vec::new();
         let flag_add_self = (listflags & constants::DC_GCL_ADD_SELF) != 0;
         let flag_address = (listflags & constants::DC_GCL_ADDRESS) != 0;
-        let minimal_origin = if context.get_config_bool(Config::Bot).await? {
+        let minimal_origin = if context.get_config_bool(Config::Bot).await?
+            || query.is_some_and(may_be_valid_addr)
+        {
             Origin::Unknown
         } else {
             Origin::IncomingReplyTo
@@ -1240,7 +1242,7 @@ ORDER BY c.origin>=? DESC, c.last_seen DESC, c.id DESC
 
                 if self_addr.contains(query)
                     || self_name.contains(query)
-                    || self_name2.await.contains(query)
+                    || self_name2.contains(query)
                 {
                     add_self = true;
                 }
@@ -1392,17 +1394,17 @@ WHERE addr=?
             .unwrap_or_default();
 
         let Some(fingerprint_other) = contact.fingerprint() else {
-            return Ok(stock_str::encr_none(context).await);
+            return Ok(stock_str::encr_none(context));
         };
         let fingerprint_other = fingerprint_other.to_string();
 
         let stock_message = if contact.public_key(context).await?.is_some() {
-            stock_str::messages_are_e2ee(context).await
+            stock_str::messages_are_e2ee(context)
         } else {
-            stock_str::encr_none(context).await
+            stock_str::encr_none(context)
         };
 
-        let finger_prints = stock_str::finger_prints(context).await;
+        let finger_prints = stock_str::finger_prints(context);
         let mut ret = format!("{stock_message}\n{finger_prints}:");
 
         let fingerprint_self = load_self_public_key(context)
@@ -1412,7 +1414,7 @@ WHERE addr=?
         if addr < contact.addr {
             cat_fingerprint(
                 &mut ret,
-                &stock_str::self_msg(context).await,
+                &stock_str::self_msg(context),
                 &addr,
                 &fingerprint_self,
             );
@@ -1431,7 +1433,7 @@ WHERE addr=?
             );
             cat_fingerprint(
                 &mut ret,
-                &stock_str::self_msg(context).await,
+                &stock_str::self_msg(context),
                 &addr,
                 &fingerprint_self,
             );
@@ -2066,7 +2068,6 @@ pub(crate) async fn mark_contact_id_as_verified(
     Ok(())
 }
 
-#[expect(clippy::arithmetic_side_effects)]
 fn cat_fingerprint(ret: &mut String, name: &str, addr: &str, fingerprint: &str) {
     *ret += &format!("\n\n{name} ({addr}):\n{fingerprint}");
 }

src/contact/contact_tests.rs

@@ -4,6 +4,7 @@ use super::*;
 use crate::chat::{Chat, get_chat_contacts, send_text_msg};
 use crate::chatlist::Chatlist;
 use crate::receive_imf::receive_imf;
+use crate::securejoin::get_securejoin_qr;
 use crate::test_utils::{self, TestContext, TestContextManager, TimeShiftFalsePositiveNote, sync};
 
 #[test]
@@ -154,6 +155,50 @@ async fn test_get_contacts() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_search_contacts_from_group() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let fiona = &tcm.fiona().await;
+
+    let alice_chat_id = chat::create_group(alice, "").await?;
+    let qr = get_securejoin_qr(alice, Some(alice_chat_id)).await?;
+    let bob_chat_id = tcm.exec_securejoin_qr(bob, alice, &qr).await;
+    tcm.exec_securejoin_qr(fiona, alice, &qr).await;
+
+    // Workaround for "member added" for fiona not sent to bob.
+    let gossip_period = alice.get_config_int(Config::GossipPeriod).await?;
+    SystemTime::shift(Duration::from_secs(gossip_period.try_into()?));
+    send_text_msg(alice, alice_chat_id, "hello".to_string()).await?;
+    let sent_msg = alice.pop_sent_msg().await;
+    bob.recv_msg(&sent_msg).await;
+    fiona.recv_msg(&sent_msg).await;
+
+    let contacts = Contact::get_all(bob, 0, None).await?;
+    let bob_alice_id = bob.add_or_lookup_contact_id(alice).await;
+    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts[0], bob_alice_id);
+
+    let contacts = Contact::get_all(fiona, 0, None).await?;
+    let fiona_alice_id = fiona.add_or_lookup_contact_id(alice).await;
+    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts[0], fiona_alice_id);
+
+    // Sending to the group adds new members to the contact list.
+    send_text_msg(bob, bob_chat_id, "hello".to_string()).await?;
+    fiona.recv_msg(&bob.pop_sent_msg().await).await;
+    let contacts = Contact::get_all(bob, 0, None).await?;
+    let bob_fiona_id = bob.add_or_lookup_contact_id(fiona).await;
+    assert_eq!(contacts.len(), 2);
+    assert_eq!(contacts[0], bob_alice_id);
+    assert_eq!(contacts[1], bob_fiona_id);
+    let contacts = Contact::get_all(fiona, 0, None).await?;
+    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts[0], fiona_alice_id);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_is_self_addr() -> Result<()> {
     let t = TestContext::new().await;
@@ -282,7 +327,7 @@ async fn test_add_or_lookup() {
 
     // check SELF
     let contact = Contact::get_by_id(&t, ContactId::SELF).await.unwrap();
-    assert_eq!(contact.get_name(), stock_str::self_msg(&t).await);
+    assert_eq!(contact.get_name(), stock_str::self_msg(&t));
     assert_eq!(contact.get_addr(), "alice@example.org");
     assert!(!contact.is_blocked());
 }
@@ -420,12 +465,16 @@ async fn test_delete() -> Result<()> {
     Contact::delete(&alice, contact_id).await?;
     let contact = Contact::get_by_id(&alice, contact_id).await?;
     assert_eq!(contact.origin, Origin::Hidden);
+
+    // Hidden contacts are found when searching by email address
     assert_eq!(
         Contact::get_all(&alice, 0, Some("bob@example.net"))
             .await?
             .len(),
-        0
+        1
     );
+    // Hidden contacts are not found by a non-address query
+    assert_eq!(Contact::get_all(&alice, 0, Some("bob")).await?.len(), 0);
 
     // Delete chat.
     chat.get_id().delete(&alice).await?;
@@ -483,7 +532,7 @@ async fn test_delete_and_recreate_contact() -> Result<()> {
         Contact::get_all(&t, 0, Some("bob@example.net"))
             .await?
             .len(),
-        0
+        1
     );
 
     let contact_id3 = t.add_or_lookup_contact_id(&bob).await;

src/context.rs

@@ -20,16 +20,16 @@ use crate::constants::{self, DC_BACKGROUND_FETCH_QUOTA_CHECK_RATELIMIT, DC_VERSI
 use crate::contact::{Contact, ContactId};
 use crate::debug_logging::DebugLogging;
 use crate::events::{Event, EventEmitter, EventType, Events};
-use crate::imap::{FolderMeaning, Imap, ServerMetadata};
+use crate::imap::{Imap, ServerMetadata};
 use crate::key::self_fingerprint;
 use crate::log::warn;
 use crate::logged_debug_assert;
 use crate::message::{self, MessageState, MsgId};
-use crate::net::tls::TlsSessionStore;
+use crate::net::tls::{SpkiHashStore, TlsSessionStore};
 use crate::peer_channels::Iroh;
 use crate::push::PushSubscriber;
 use crate::quota::QuotaInfo;
-use crate::scheduler::{ConnectivityStore, SchedulerState, convert_folder_meaning};
+use crate::scheduler::{ConnectivityStore, SchedulerState};
 use crate::sql::Sql;
 use crate::stock_str::StockStrings;
 use crate::timesmearing::SmearedTimestamp;
@@ -308,6 +308,13 @@ pub struct InnerContext {
     /// TLS session resumption cache.
     pub(crate) tls_session_store: TlsSessionStore,
 
+    /// Store for TLS SPKI hashes.
+    ///
+    /// Used to remember public keys
+    /// of TLS certificates to accept them
+    /// even after they expire.
+    pub(crate) spki_hash_store: SpkiHashStore,
+
     /// Iroh for realtime peer channels.
     pub(crate) iroh: Arc<RwLock<Option<Iroh>>>,
 
@@ -511,6 +518,7 @@ impl Context {
             push_subscriber,
             push_subscribed: AtomicBool::new(false),
             tls_session_store: TlsSessionStore::new(),
+            spki_hash_store: SpkiHashStore::new(),
             iroh: Arc::new(RwLock::new(None)),
             self_fingerprint: OnceLock::new(),
             self_public_key: Mutex::new(None),
@@ -560,6 +568,15 @@ impl Context {
         }
     }
 
+    /// Requests deletion of all messages from chatmail relays.
+    ///
+    /// Non-chatmail relays are excluded
+    /// to avoid accidentally deleting emails
+    /// from shared inboxes.
+    pub async fn clear_all_relay_storage(&self) -> Result<()> {
+        self.scheduler.clear_all_relay_storage().await
+    }
+
     /// Restarts the IO scheduler if it was running before
     /// when it is not running this is an no-op
     pub async fn restart_io_if_running(&self) {
@@ -623,17 +640,10 @@ impl Context {
             let mut session = connection.prepare(self).await?;
 
             // Fetch IMAP folders.
-            // Inbox is fetched before Mvbox because fetching from Inbox
-            // may result in moving some messages to Mvbox.
-            for folder_meaning in [FolderMeaning::Inbox, FolderMeaning::Mvbox] {
-                if let Some((_folder_config, watch_folder)) =
-                    convert_folder_meaning(self, folder_meaning).await?
-                {
-                    connection
-                        .fetch_move_delete(self, &mut session, &watch_folder, folder_meaning)
-                        .await?;
-                }
-            }
+            let folder = connection.folder.clone();
+            connection
+                .fetch_move_delete(self, &mut session, &folder)
+                .await?;
 
             // Update quota (to send warning if full) - but only check it once in a while.
             // note: For now this only checks quota of primary transport,
@@ -644,7 +654,7 @@ impl Context {
                     DC_BACKGROUND_FETCH_QUOTA_CHECK_RATELIMIT,
                 )
                 .await
-                && let Err(err) = self.update_recent_quota(&mut session).await
+                && let Err(err) = self.update_recent_quota(&mut session, &folder).await
             {
                 warn!(self, "Failed to update quota: {err:#}.");
             }
@@ -884,23 +894,6 @@ impl Context {
             Err(err) => format!("<key failure: {err}>"),
         };
 
-        let mvbox_move = self.get_config_int(Config::MvboxMove).await?;
-        let only_fetch_mvbox = self.get_config_int(Config::OnlyFetchMvbox).await?;
-        let folders_configured = self
-            .sql
-            .get_raw_config_int(constants::DC_FOLDERS_CONFIGURED_KEY)
-            .await?
-            .unwrap_or_default();
-
-        let configured_inbox_folder = self
-            .get_config(Config::ConfiguredInboxFolder)
-            .await?
-            .unwrap_or_else(|| "<unset>".to_string());
-        let configured_mvbox_folder = self
-            .get_config(Config::ConfiguredMvboxFolder)
-            .await?
-            .unwrap_or_else(|| "<unset>".to_string());
-
         let mut res = get_info();
 
         // insert values
@@ -976,14 +969,6 @@ impl Context {
                 .await?
                 .to_string(),
         );
-        res.insert("mvbox_move", mvbox_move.to_string());
-        res.insert("only_fetch_mvbox", only_fetch_mvbox.to_string());
-        res.insert(
-            constants::DC_FOLDERS_CONFIGURED_KEY,
-            folders_configured.to_string(),
-        );
-        res.insert("configured_inbox_folder", configured_inbox_folder);
-        res.insert("configured_mvbox_folder", configured_mvbox_folder);
         res.insert("mdns_enabled", mdns_enabled.to_string());
         res.insert("bcc_self", bcc_self.to_string());
         res.insert("sync_msgs", sync_msgs.to_string());
@@ -1142,10 +1127,17 @@ ORDER BY m.timestamp DESC,m.id DESC",
         Ok(list)
     }
 
-    /// Returns a list of messages with database ID higher than requested.
+    /// (deprecated) Returns a list of messages with database ID higher than requested.
     ///
     /// Blocked contacts and chats are excluded,
     /// but self-sent messages and contact requests are included in the results.
+    ///
+    /// Deprecated 2026-04: This returns the message's id as soon as the first part arrives,
+    /// even if it is not fully downloaded yet.
+    /// The bot needs to wait for the message to be fully downloaded.
+    /// Since this is usually not the desired behavior,
+    /// bots should instead use the [`EventType::IncomingMsg`]
+    /// event for getting notified about new messages.
     pub async fn get_next_msgs(&self) -> Result<Vec<MsgId>> {
         let last_msg_id = match self.get_config(Config::LastMsgId).await? {
             Some(s) => MsgId::new(s.parse()?),
@@ -1194,7 +1186,7 @@ ORDER BY m.timestamp DESC,m.id DESC",
         Ok(list)
     }
 
-    /// Returns a list of messages with database ID higher than last marked as seen.
+    /// (deprecated) Returns a list of messages with database ID higher than last marked as seen.
     ///
     /// This function is supposed to be used by bot to request messages
     /// that are not processed yet.
@@ -1204,6 +1196,13 @@ ORDER BY m.timestamp DESC,m.id DESC",
     /// shortly after notification or notification is manually triggered
     /// to interrupt waiting.
     /// Notification may be manually triggered by calling [`Self::stop_io`].
+    ///
+    /// Deprecated 2026-04: This returns the message's id as soon as the first part arrives,
+    /// even if it is not fully downloaded yet.
+    /// The bot needs to wait for the message to be fully downloaded.
+    /// Since this is usually not the desired behavior,
+    /// bots should instead use the #DC_EVENT_INCOMING_MSG / [`EventType::IncomingMsg`]
+    /// event for getting notified about new messages.
     pub async fn wait_next_msgs(&self) -> Result<Vec<MsgId>> {
         self.new_msgs_notify.notified().await;
         let list = self.get_next_msgs().await?;
@@ -1283,12 +1282,6 @@ ORDER BY m.timestamp DESC,m.id DESC",
         Ok(list)
     }
 
-    /// Returns true if given folder name is the name of the "DeltaChat" folder.
-    pub async fn is_mvbox(&self, folder_name: &str) -> Result<bool> {
-        let mvbox = self.get_config(Config::ConfiguredMvboxFolder).await?;
-        Ok(mvbox.as_deref() == Some(folder_name))
-    }
-
     pub(crate) fn derive_blobdir(dbfile: &Path) -> PathBuf {
         let mut blob_fname = OsString::new();
         blob_fname.push(dbfile.file_name().unwrap_or_default());

src/context/context_tests.rs

@@ -284,7 +284,6 @@ async fn test_get_info_completeness() {
         "send_security",
         "server_flags",
         "skip_start_messages",
-        "smtp_certificate_checks",
         "proxy_url",      // May contain passwords, don't leak it to the logs.
         "socks5_enabled", // SOCKS5 options are deprecated.
         "socks5_host",

src/dehtml.rs

@@ -266,15 +266,11 @@ fn dehtml_endtag_cb(event: &BytesEnd, dehtml: &mut Dehtml) {
                 }
             }
         }
-        "b" | "strong" => {
-            if dehtml.get_add_text() != AddText::No {
-                *dehtml.get_buf() += "*";
-            }
+        "b" | "strong" if dehtml.get_add_text() != AddText::No => {
+            *dehtml.get_buf() += "*";
         }
-        "i" | "em" => {
-            if dehtml.get_add_text() != AddText::No {
-                *dehtml.get_buf() += "_";
-            }
+        "i" | "em" if dehtml.get_add_text() != AddText::No => {
+            *dehtml.get_buf() += "_";
         }
         "blockquote" => pop_tag(&mut dehtml.blockquotes_since_blockquote),
         _ => {}
@@ -341,15 +337,11 @@ fn dehtml_starttag_cb<B: std::io::BufRead>(
                 }
             }
         }
-        "b" | "strong" => {
-            if dehtml.get_add_text() != AddText::No {
-                *dehtml.get_buf() += "*";
-            }
+        "b" | "strong" if dehtml.get_add_text() != AddText::No => {
+            *dehtml.get_buf() += "*";
         }
-        "i" | "em" => {
-            if dehtml.get_add_text() != AddText::No {
-                *dehtml.get_buf() += "_";
-            }
+        "i" | "em" if dehtml.get_add_text() != AddText::No => {
+            *dehtml.get_buf() += "_";
         }
         "blockquote" => dehtml.blockquotes_since_blockquote += 1,
         _ => {}

src/download.rs

@@ -165,6 +165,7 @@ pub(crate) async fn download_msg(
 
     let Some((server_uid, server_folder, msg_transport_id)) = row else {
         // No IMAP record found, we don't know the UID and folder.
+        delete_from_available_post_msgs(context, &rfc724_mid).await?;
         return Err(anyhow!(
             "IMAP location for {rfc724_mid:?} post-message is unknown"
         ));
@@ -172,9 +173,7 @@ pub(crate) async fn download_msg(
     if msg_transport_id != transport_id {
         return Ok(None);
     }
-    session
-        .fetch_single_msg(context, &server_folder, server_uid, rfc724_mid)
-        .await?;
+    Box::pin(session.fetch_single_msg(context, &server_folder, server_uid, rfc724_mid)).await?;
     Ok(Some(()))
 }
 
@@ -203,8 +202,11 @@ impl Session {
         let mut uid_message_ids: BTreeMap<u32, String> = BTreeMap::new();
         uid_message_ids.insert(uid, rfc724_mid);
         let (sender, receiver) = async_channel::unbounded();
-        self.fetch_many_msgs(context, folder, vec![uid], &uid_message_ids, sender)
-            .await?;
+        {
+            let _fetch_msgs_lock_guard = context.fetch_msgs_mutex.lock().await;
+            self.fetch_many_msgs(context, folder, vec![uid], &uid_message_ids, sender)
+                .await?;
+        }
         if receiver.recv().await.is_err() {
             bail!("Failed to fetch UID {uid}");
         }
@@ -326,22 +328,25 @@ pub(crate) async fn download_known_post_messages_without_pre_message(
         })
         .await?;
     for rfc724_mid in &rfc724_mids {
-        if !msg_is_downloaded_for(context, rfc724_mid).await? {
-            // Download the Post-Message unconditionally,
-            // because the Pre-Message got lost.
-            // The message may be in the wrong order,
-            // but at least we have it at all.
-            let res = download_msg(context, rfc724_mid.clone(), session).await;
-            if let Ok(Some(())) = res {
-                delete_from_available_post_msgs(context, rfc724_mid).await?;
-            }
-            if let Err(err) = res {
-                warn!(
-                    context,
-                    "download_known_post_messages_without_pre_message: Failed to download message rfc724_mid={rfc724_mid}: {:#}.",
-                    err
-                );
-            }
+        if msg_is_downloaded_for(context, rfc724_mid).await? {
+            delete_from_available_post_msgs(context, rfc724_mid).await?;
+            continue;
+        }
+
+        // Download the Post-Message unconditionally,
+        // because the Pre-Message got lost.
+        // The message may be in the wrong order,
+        // but at least we have it at all.
+        let res = download_msg(context, rfc724_mid.clone(), session).await;
+        if let Ok(Some(())) = res {
+            delete_from_available_post_msgs(context, rfc724_mid).await?;
+        }
+        if let Err(err) = res {
+            warn!(
+                context,
+                "download_known_post_messages_without_pre_message: Failed to download message rfc724_mid={rfc724_mid}: {:#}.",
+                err
+            );
         }
     }
     Ok(())

src/events/chatlist_events.rs

@@ -89,13 +89,9 @@ mod test_chatlist_events {
             .get_matching(|evt| match evt {
                 EventType::ChatlistItemChanged {
                     chat_id: Some(ev_chat_id),
-                } => {
-                    if ev_chat_id == &chat_id {
-                        first_event_is_item.store(true, Ordering::Relaxed);
-                        true
-                    } else {
-                        false
-                    }
+                } if ev_chat_id == &chat_id => {
+                    first_event_is_item.store(true, Ordering::Relaxed);
+                    true
                 }
                 EventType::ChatlistChanged => true,
                 _ => false,

src/headerdef.rs

@@ -125,7 +125,6 @@ pub enum HeaderDef {
     /// [Autocrypt](https://autocrypt.org/) header.
     Autocrypt,
     AutocryptGossip,
-    AutocryptSetupMessage,
     SecureJoin,
 
     /// Deprecated header containing Group-ID in `vg-request-with-auth` message.

src/html.rs

@@ -86,8 +86,7 @@ impl HtmlMsgParser {
     /// Function takes a raw mime-message string,
     /// searches for the main-text part
     /// and returns that as parser.html
-    #[expect(clippy::arithmetic_side_effects)]
-    pub async fn from_bytes<'a>(
+    pub fn from_bytes<'a>(
         context: &Context,
         rawmime: &'a [u8],
     ) -> Result<(Self, mailparse::ParsedMail<'a>)> {
@@ -99,14 +98,14 @@ impl HtmlMsgParser {
 
         let parsedmail = mailparse::parse_mail(rawmime).context("Failed to parse mail")?;
 
-        parser.collect_texts_recursive(context, &parsedmail).await?;
+        parser.collect_texts_recursive(context, &parsedmail)?;
 
         if parser.html.is_empty() {
             if let Some(plain) = &parser.plain {
                 parser.html = plain.to_html();
             }
         } else {
-            parser.cid_to_data_recursive(context, &parsedmail).await?;
+            parser.cid_to_data_recursive(context, &parsedmail)?;
         }
         parser.html += &mem::take(&mut parser.msg_html);
         Ok((parser, parsedmail))
@@ -120,8 +119,7 @@ impl HtmlMsgParser {
     /// Usually, there is at most one plain-text and one HTML-text part,
     /// multiple plain-text parts might be used for mailinglist-footers,
     /// therefore we use the first one.
-    #[expect(clippy::arithmetic_side_effects)]
-    async fn collect_texts_recursive<'a>(
+    fn collect_texts_recursive<'a>(
         &'a mut self,
         context: &'a Context,
         mail: &'a mailparse::ParsedMail<'a>,
@@ -129,7 +127,7 @@ impl HtmlMsgParser {
         match get_mime_multipart_type(&mail.ctype) {
             MimeMultipartType::Multiple => {
                 for cur_data in &mail.subparts {
-                    Box::pin(self.collect_texts_recursive(context, cur_data)).await?
+                    self.collect_texts_recursive(context, cur_data)?
                 }
                 Ok(())
             }
@@ -138,7 +136,7 @@ impl HtmlMsgParser {
                 if raw.is_empty() {
                     return Ok(());
                 }
-                let (parser, mail) = Box::pin(HtmlMsgParser::from_bytes(context, &raw)).await?;
+                let (parser, mail) = HtmlMsgParser::from_bytes(context, &raw)?;
                 if !parser.html.is_empty() {
                     let mut text = "\r\n\r\n".to_string();
                     for h in mail.headers {
@@ -201,7 +199,7 @@ impl HtmlMsgParser {
 
     /// Replace cid:-protocol by the data:-protocol where appropriate.
     /// This allows the final html-file to be self-contained.
-    async fn cid_to_data_recursive<'a>(
+    fn cid_to_data_recursive<'a>(
         &'a mut self,
         context: &'a Context,
         mail: &'a mailparse::ParsedMail<'a>,
@@ -209,7 +207,7 @@ impl HtmlMsgParser {
         match get_mime_multipart_type(&mail.ctype) {
             MimeMultipartType::Multiple => {
                 for cur_data in &mail.subparts {
-                    Box::pin(self.cid_to_data_recursive(context, cur_data)).await?;
+                    self.cid_to_data_recursive(context, cur_data)?;
                 }
                 Ok(())
             }
@@ -271,7 +269,7 @@ impl MsgId {
 
         let rawmime = rawmime?;
         if !rawmime.is_empty() {
-            match HtmlMsgParser::from_bytes(context, &rawmime).await {
+            match HtmlMsgParser::from_bytes(context, &rawmime) {
                 Err(err) => {
                     warn!(context, "get_html: parser error: {:#}", err);
                     Ok(None)
@@ -300,7 +298,7 @@ mod tests {
     async fn test_htmlparse_plain_unspecified() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_plain_unspecified.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert_eq!(
             parser.html,
             r#"<!DOCTYPE html>
@@ -318,7 +316,7 @@ This message does not have Content-Type nor Subject.<br/>
     async fn test_htmlparse_plain_iso88591() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_plain_iso88591.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert_eq!(
             parser.html,
             r#"<!DOCTYPE html>
@@ -336,7 +334,7 @@ message with a non-UTF-8 encoding: äöüßÄÖÜ<br/>
     async fn test_htmlparse_plain_flowed() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_plain_flowed.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert!(parser.plain.unwrap().flowed);
         assert_eq!(
             parser.html,
@@ -358,7 +356,7 @@ and will be wrapped as usual.<br/>
     async fn test_htmlparse_alt_plain() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_alt_plain.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert_eq!(
             parser.html,
             r#"<!DOCTYPE html>
@@ -378,7 +376,7 @@ test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x
     async fn test_htmlparse_html() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_html.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
 
         // on windows, `\r\n` linends are returned from mimeparser,
         // however, rust multiline-strings use just `\n`;
@@ -396,7 +394,7 @@ test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x
     async fn test_htmlparse_alt_html() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_alt_html.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert_eq!(
             parser.html.replace('\r', ""), // see comment in test_htmlparse_html()
             r##"<html>
@@ -410,7 +408,7 @@ test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x
     async fn test_htmlparse_alt_plain_html() {
         let t = TestContext::new().await;
         let raw = include_bytes!("../test-data/message/text_alt_plain_html.eml");
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert_eq!(
             parser.html.replace('\r', ""), // see comment in test_htmlparse_html()
             r##"<html>
@@ -434,7 +432,7 @@ test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x
         assert!(test.find("data:").is_none());
 
         // parsing converts cid: to data:
-        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).await.unwrap();
+        let (parser, _) = HtmlMsgParser::from_bytes(&t.ctx, raw).unwrap();
         assert!(parser.html.contains("<html>"));
         assert!(!parser.html.contains("Content-Id:"));
         assert!(parser.html.contains("data:image/jpeg;base64,/9j/4AAQ"));

src/imap.rs

@@ -27,13 +27,14 @@ use crate::calls::{
 use crate::chat::{self, ChatId, ChatIdBlocked, add_device_msg};
 use crate::chatlist_events;
 use crate::config::Config;
-use crate::constants::{self, Blocked, DC_VERSION_STR};
+use crate::constants::{Blocked, DC_VERSION_STR};
 use crate::contact::ContactId;
 use crate::context::Context;
+use crate::ensure_and_debug_assert;
 use crate::events::EventType;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::log::{LogExt, warn};
-use crate::message::{self, Message, MessageState, MessengerMessage, MsgId};
+use crate::message::{self, Message, MessageState, MsgId};
 use crate::mimeparser;
 use crate::net::proxy::ProxyConfig;
 use crate::net::session::SessionStream;
@@ -91,6 +92,9 @@ pub(crate) struct Imap {
 
     oauth2: bool,
 
+    /// Watched folder.
+    pub(crate) folder: String,
+
     authentication_failed_once: bool,
 
     pub(crate) connectivity: ConnectivityStore,
@@ -162,7 +166,6 @@ pub enum FolderMeaning {
     /// Spam folder.
     Spam,
     Inbox,
-    Mvbox,
     Trash,
 
     /// Virtual folders.
@@ -174,19 +177,6 @@ pub enum FolderMeaning {
     Virtual,
 }
 
-impl FolderMeaning {
-    pub fn to_config(self) -> Option<Config> {
-        match self {
-            FolderMeaning::Unknown => None,
-            FolderMeaning::Spam => None,
-            FolderMeaning::Inbox => Some(Config::ConfiguredInboxFolder),
-            FolderMeaning::Mvbox => Some(Config::ConfiguredMvboxFolder),
-            FolderMeaning::Trash => None,
-            FolderMeaning::Virtual => None,
-        }
-    }
-}
-
 struct UidGrouper<T: Iterator<Item = (i64, u32, String)>> {
     inner: Peekable<T>,
 }
@@ -263,6 +253,11 @@ impl Imap {
         let addr = &param.addr;
         let strict_tls = param.strict_tls(proxy_config.is_some());
         let oauth2 = param.oauth2;
+        let folder = param
+            .imap_folder
+            .clone()
+            .unwrap_or_else(|| "INBOX".to_string());
+        ensure_and_debug_assert!(!folder.is_empty(), "Watched folder name cannot be empty");
         let (resync_request_sender, resync_request_receiver) = async_channel::bounded(1);
         Ok(Imap {
             transport_id,
@@ -273,6 +268,7 @@ impl Imap {
             proxy_config,
             strict_tls,
             oauth2,
+            folder,
             authentication_failed_once: false,
             connectivity: Default::default(),
             conn_last_try: UNIX_EPOCH,
@@ -296,6 +292,11 @@ impl Imap {
         Ok(imap)
     }
 
+    /// Returns transport ID of the IMAP client.
+    pub fn transport_id(&self) -> u32 {
+        self.transport_id
+    }
+
     /// Connects to IMAP server and returns a new IMAP session.
     ///
     /// Calling this function is not enough to perform IMAP operations. Use [`Imap::prepare`]
@@ -437,7 +438,7 @@ impl Imap {
 
                 Err(err) => {
                     let imap_user = lp.user.to_owned();
-                    let message = stock_str::cannot_login(context, &imap_user).await;
+                    let message = stock_str::cannot_login(context, &imap_user);
 
                     warn!(context, "IMAP failed to login: {err:#}.");
                     first_error.get_or_insert(format_err!("{message} ({err:#})"));
@@ -485,22 +486,14 @@ impl Imap {
     /// that folders are created and IMAP capabilities are determined.
     pub(crate) async fn prepare(&mut self, context: &Context) -> Result<Session> {
         let configuring = false;
-        let mut session = match self.connect(context, configuring).await {
+        let session = match self.connect(context, configuring).await {
             Ok(session) => session,
             Err(err) => {
-                self.connectivity.set_err(context, &err);
+                self.connectivity.set_err(context, format!("{err:#}"));
                 return Err(err);
             }
         };
 
-        let folders_configured = context
-            .sql
-            .get_raw_config_int(constants::DC_FOLDERS_CONFIGURED_KEY)
-            .await?;
-        if folders_configured.unwrap_or_default() < constants::DC_FOLDERS_CONFIGURED_VERSION {
-            self.configure_folders(context, &mut session).await?;
-        }
-
         Ok(session)
     }
 
@@ -513,15 +506,15 @@ impl Imap {
         context: &Context,
         session: &mut Session,
         watch_folder: &str,
-        folder_meaning: FolderMeaning,
     ) -> Result<()> {
+        ensure_and_debug_assert!(!watch_folder.is_empty(), "Watched folder cannot be empty");
         if !context.sql.is_open().await {
             // probably shutdown
             bail!("IMAP operation attempted while it is torn down");
         }
 
         let msgs_fetched = self
-            .fetch_new_messages(context, session, watch_folder, folder_meaning)
+            .fetch_new_messages(context, session, watch_folder)
             .await
             .context("fetch_new_messages")?;
         if msgs_fetched && context.get_config_delete_device_after().await?.is_some() {
@@ -549,33 +542,33 @@ impl Imap {
         context: &Context,
         session: &mut Session,
         folder: &str,
-        folder_meaning: FolderMeaning,
     ) -> Result<bool> {
-        if should_ignore_folder(context, folder, folder_meaning).await? {
-            info!(context, "Not fetching from {folder:?}.");
-            session.new_mail = false;
-            return Ok(false);
-        }
+        let transport_id = session.transport_id();
 
         let folder_exists = session
             .select_with_uidvalidity(context, folder)
             .await
             .with_context(|| format!("Failed to select folder {folder:?}"))?;
+
+        if !session.new_mail {
+            info!(
+                context,
+                "Transport {transport_id}: No new emails in folder {folder:?}."
+            );
+            return Ok(false);
+        }
+        // Make sure not to return before setting new_mail to false
+        // Otherwise, we will skip IDLE and go into an infinite loop
+        session.new_mail = false;
+
         if !folder_exists {
             return Ok(false);
         }
 
-        if !session.new_mail {
-            info!(context, "No new emails in folder {folder:?}.");
-            return Ok(false);
-        }
-        session.new_mail = false;
-
         let mut read_cnt = 0;
         loop {
-            let (n, fetch_more) = self
-                .fetch_new_msg_batch(context, session, folder, folder_meaning)
-                .await?;
+            let (n, fetch_more) =
+                Box::pin(self.fetch_new_msg_batch(context, session, folder)).await?;
             read_cnt += n;
             if !fetch_more {
                 return Ok(read_cnt > 0);
@@ -590,7 +583,6 @@ impl Imap {
         context: &Context,
         session: &mut Session,
         folder: &str,
-        folder_meaning: FolderMeaning,
     ) -> Result<(usize, bool)> {
         let transport_id = self.transport_id;
         let uid_validity = get_uidvalidity(context, transport_id, folder).await?;
@@ -660,13 +652,7 @@ impl Imap {
                 info!(context, "Deleting locally deleted message {message_id}.");
             }
 
-            let _target;
-            let target = if delete {
-                ""
-            } else {
-                _target = target_folder(context, folder, folder_meaning, &headers).await?;
-                &_target
-            };
+            let target = if delete { "" } else { folder };
 
             context
                 .sql
@@ -694,18 +680,9 @@ impl Imap {
             // message, move it to the movebox and then download the second message before
             // downloading the first one, if downloading from inbox before moving is allowed.
             if folder == target
-                // Never download messages directly from the spam folder.
-                // If the sender is known, the message will be moved to the Inbox or Mvbox
-                // and then we download the message from there.
-                // Also see `spam_target_folder_cfg()`.
-                && folder_meaning != FolderMeaning::Spam
-                && prefetch_should_download(
-                    context,
-                    &headers,
-                    &message_id,
-                    fetch_response.flags(),
-                )
-                .await.context("prefetch_should_download")?
+                && prefetch_should_download(context, &headers, &message_id, fetch_response.flags())
+                    .await
+                    .context("prefetch_should_download")?
             {
                 if headers
                     .get_header_value(HeaderDef::ChatIsPostMessage)
@@ -714,10 +691,19 @@ impl Imap {
                     info!(context, "{message_id:?} is a post-message.");
                     available_post_msgs.push(message_id.clone());
 
-                    if download_limit.is_none_or(|download_limit| size <= download_limit) {
-                        download_later.push(message_id.clone());
+                    let is_bot = context.get_config_bool(Config::Bot).await?;
+                    if is_bot && download_limit.is_none_or(|download_limit| size <= download_limit)
+                    {
+                        uids_fetch.push(uid);
+                        uid_message_ids.insert(uid, message_id);
+                    } else {
+                        if download_limit.is_none_or(|download_limit| size <= download_limit) {
+                            // Download later after all the small messages are downloaded,
+                            // so that large messages don't delay receiving small messages
+                            download_later.push(message_id.clone());
+                        }
+                        largest_uid_skipped = Some(uid);
                     }
-                    largest_uid_skipped = Some(uid);
                 } else {
                     info!(context, "{message_id:?} is not a post-message.");
                     if download_limit.is_none_or(|download_limit| size <= download_limit) {
@@ -959,6 +945,29 @@ impl Session {
         Ok(())
     }
 
+    /// Deletes all messages from IMAP folder.
+    pub(crate) async fn delete_all_messages(
+        &mut self,
+        context: &Context,
+        folder: &str,
+    ) -> Result<()> {
+        let transport_id = self.transport_id();
+
+        if self.select_with_uidvalidity(context, folder).await? {
+            self.add_flag_finalized_with_set("1:*", "\\Deleted").await?;
+            self.selected_folder_needs_expunge = true;
+            context
+                .sql
+                .execute(
+                    "DELETE FROM imap WHERE transport_id=? AND folder=?",
+                    (transport_id, folder),
+                )
+                .await?;
+        }
+
+        Ok(())
+    }
+
     /// Moves batch of messages identified by their UID from the currently
     /// selected folder to the target folder.
     async fn move_message_batch(
@@ -1087,15 +1096,22 @@ impl Session {
             return Ok(());
         }
 
+        context
+            .sql
+            .execute(
+                "DELETE FROM imap_markseen WHERE id NOT IN (SELECT imap.id FROM imap)",
+                (),
+            )
+            .await?;
+
         let transport_id = self.transport_id();
-        let rows = context
+        let mut rows = context
             .sql
             .query_map_vec(
                 "SELECT imap.id, uid, folder FROM imap, imap_markseen
                  WHERE imap.id = imap_markseen.id
                  AND imap.transport_id=?
-                 AND target = folder
-                 ORDER BY folder, uid",
+                 AND target = folder",
                 (transport_id,),
                 |row| {
                     let rowid: i64 = row.get(0)?;
@@ -1106,6 +1122,16 @@ impl Session {
             )
             .await?;
 
+        // Number of SQL results is expected to be low as
+        // we usually don't have many messages to mark on IMAP at once.
+        // We are sorting outside of SQL to avoid SQLite constructing a query plan
+        // that scans the whole `imap` table. Scanning `imap_markseen` is fine
+        // as it should not have many items.
+        // If you change the SQL query, test it with `EXPLAIN QUERY PLAN`.
+        rows.sort_unstable_by(|(_rowid1, uid1, folder1), (_rowid2, uid2, folder2)| {
+            (folder1, uid1).cmp(&(folder2, uid2))
+        });
+
         for (folder, rowid_set, uid_set) in UidGrouper::from(rows) {
             let folder_exists = match self.select_with_uidvalidity(context, &folder).await {
                 Err(err) => {
@@ -1237,6 +1263,7 @@ impl Session {
             // have been modified while our request was in progress.
             // We may or may not have these new flags as a part of the response,
             // so better skip next IDLE and do another round of flag synchronization.
+            info!(context, "Got unsolicited fetch, will skip idle");
             self.new_mail = true;
         }
 
@@ -1562,11 +1589,18 @@ impl Session {
             return Ok(());
         }
 
+        let transport_id = self.transport_id();
+
         let Some(device_token) = context.push_subscriber.device_token().await else {
             return Ok(());
         };
 
         if self.can_metadata() && self.can_push() {
+            info!(
+                context,
+                "Transport {transport_id}: Subscribing for push notifications."
+            );
+
             let old_encrypted_device_token =
                 context.get_config(Config::EncryptedDeviceToken).await?;
 
@@ -1621,13 +1655,8 @@ impl Session {
             // Store new encrypted device token on the server
             // even if it is the same as the old one.
             if let Some(encrypted_device_token) = new_encrypted_device_token {
-                let folder = context
-                    .get_config(Config::ConfiguredInboxFolder)
-                    .await?
-                    .context("INBOX is not configured")?;
-
                 self.run_command_and_check_ok(&format_setmetadata(
-                    &folder,
+                    "INBOX",
                     &encrypted_device_token,
                 ))
                 .await
@@ -1672,117 +1701,6 @@ impl Session {
         }
         Ok(())
     }
-
-    /// Attempts to configure mvbox.
-    ///
-    /// Tries to find any folder examining `folders` in the order they go.
-    /// This method does not use LIST command to ensure that
-    /// configuration works even if mailbox lookup is forbidden via Access Control List (see
-    /// <https://datatracker.ietf.org/doc/html/rfc4314>).
-    ///
-    /// Returns first found folder name.
-    async fn configure_mvbox<'a>(
-        &mut self,
-        context: &Context,
-        folders: &[&'a str],
-    ) -> Result<Option<&'a str>> {
-        // Close currently selected folder if needed.
-        // We are going to select folders using low-level EXAMINE operations below.
-        self.maybe_close_folder(context).await?;
-
-        for folder in folders {
-            info!(context, "Looking for MVBOX-folder \"{}\"...", &folder);
-            let res = self.examine(&folder).await;
-            if res.is_ok() {
-                info!(
-                    context,
-                    "MVBOX-folder {:?} successfully selected, using it.", &folder
-                );
-                self.close().await?;
-                // Before moving emails to the mvbox we need to remember its UIDVALIDITY, otherwise
-                // emails moved before that wouldn't be fetched but considered "old" instead.
-                let folder_exists = self.select_with_uidvalidity(context, folder).await?;
-                ensure!(folder_exists, "No MVBOX folder {:?}??", &folder);
-                return Ok(Some(folder));
-            }
-        }
-
-        Ok(None)
-    }
-}
-
-impl Imap {
-    pub(crate) async fn configure_folders(
-        &mut self,
-        context: &Context,
-        session: &mut Session,
-    ) -> Result<()> {
-        let mut folders = session
-            .list(Some(""), Some("*"))
-            .await
-            .context("list_folders failed")?;
-        let mut delimiter = ".".to_string();
-        let mut delimiter_is_default = true;
-        let mut folder_configs = BTreeMap::new();
-
-        while let Some(folder) = folders.try_next().await? {
-            info!(context, "Scanning folder: {:?}", folder);
-
-            // Update the delimiter iff there is a different one, but only once.
-            if let Some(d) = folder.delimiter()
-                && delimiter_is_default
-                && !d.is_empty()
-                && delimiter != d
-            {
-                delimiter = d.to_string();
-                delimiter_is_default = false;
-            }
-
-            let folder_meaning = get_folder_meaning_by_attrs(folder.attributes());
-            let folder_name_meaning = get_folder_meaning_by_name(folder.name());
-            if let Some(config) = folder_meaning.to_config() {
-                // Always takes precedence
-                folder_configs.insert(config, folder.name().to_string());
-            } else if let Some(config) = folder_name_meaning.to_config() {
-                // only set if none has been already set
-                folder_configs
-                    .entry(config)
-                    .or_insert_with(|| folder.name().to_string());
-            }
-        }
-        drop(folders);
-
-        info!(context, "Using \"{}\" as folder-delimiter.", delimiter);
-
-        let fallback_folder = format!("INBOX{delimiter}DeltaChat");
-        let mvbox_folder = session
-            .configure_mvbox(context, &["DeltaChat", &fallback_folder])
-            .await
-            .context("failed to configure mvbox")?;
-
-        context
-            .set_config_internal(Config::ConfiguredInboxFolder, Some("INBOX"))
-            .await?;
-        if let Some(mvbox_folder) = mvbox_folder {
-            info!(context, "Setting MVBOX FOLDER TO {}", &mvbox_folder);
-            context
-                .set_config_internal(Config::ConfiguredMvboxFolder, Some(mvbox_folder))
-                .await?;
-        }
-        for (config, name) in folder_configs {
-            context.set_config_internal(config, Some(&name)).await?;
-        }
-        context
-            .sql
-            .set_raw_config_int(
-                constants::DC_FOLDERS_CONFIGURED_KEY,
-                constants::DC_FOLDERS_CONFIGURED_VERSION,
-            )
-            .await?;
-
-        info!(context, "FINISHED configuring IMAP-folders.");
-        Ok(())
-    }
 }
 
 impl Session {
@@ -1916,15 +1834,7 @@ async fn spam_target_folder_cfg(
         return Ok(None);
     }
 
-    if needs_move_to_mvbox(context, headers).await?
-        // If OnlyFetchMvbox is set, we don't want to move the message to
-        // the inbox where we wouldn't fetch it again:
-        || context.get_config_bool(Config::OnlyFetchMvbox).await?
-    {
-        Ok(Some(Config::ConfiguredMvboxFolder))
-    } else {
-        Ok(Some(Config::ConfiguredInboxFolder))
-    }
+    Ok(Some(Config::ConfiguredInboxFolder))
 }
 
 /// Returns `ConfiguredInboxFolder` or `ConfiguredMvboxFolder` if
@@ -1935,16 +1845,12 @@ pub async fn target_folder_cfg(
     folder_meaning: FolderMeaning,
     headers: &[mailparse::MailHeader<'_>],
 ) -> Result<Option<Config>> {
-    if context.is_mvbox(folder).await? {
+    if folder == "DeltaChat" {
         return Ok(None);
     }
 
     if folder_meaning == FolderMeaning::Spam {
         spam_target_folder_cfg(context, headers).await
-    } else if folder_meaning == FolderMeaning::Inbox
-        && needs_move_to_mvbox(context, headers).await?
-    {
-        Ok(Some(Config::ConfiguredMvboxFolder))
     } else {
         Ok(None)
     }
@@ -1965,27 +1871,6 @@ pub async fn target_folder(
     }
 }
 
-async fn needs_move_to_mvbox(
-    context: &Context,
-    headers: &[mailparse::MailHeader<'_>],
-) -> Result<bool> {
-    let has_chat_version = headers.get_header_value(HeaderDef::ChatVersion).is_some();
-    if !context.get_config_bool(Config::MvboxMove).await? {
-        return Ok(false);
-    }
-
-    if has_chat_version {
-        Ok(true)
-    } else if let Some(parent) = get_prefetch_parent_message(context, headers).await? {
-        match parent.is_dc_message {
-            MessengerMessage::No => Ok(false),
-            MessengerMessage::Yes | MessengerMessage::Reply => Ok(true),
-        }
-    } else {
-        Ok(false)
-    }
-}
-
 /// Try to get the folder meaning by the name of the folder only used if the server does not support XLIST.
 // TODO: lots languages missing - maybe there is a list somewhere on other MUAs?
 // however, if we fail to find out the sent-folder,
@@ -2316,21 +2201,6 @@ async fn get_modseq(context: &Context, transport_id: u32, folder: &str) -> Resul
         .unwrap_or(0))
 }
 
-/// Whether to ignore fetching messages from a folder.
-///
-/// This caters for the [`Config::OnlyFetchMvbox`] setting which means mails from folders
-/// not explicitly watched should not be fetched.
-async fn should_ignore_folder(
-    context: &Context,
-    folder: &str,
-    folder_meaning: FolderMeaning,
-) -> Result<bool> {
-    if !context.get_config_bool(Config::OnlyFetchMvbox).await? {
-        return Ok(false);
-    }
-    Ok(!(context.is_mvbox(folder).await? || folder_meaning == FolderMeaning::Spam))
-}
-
 /// Builds a list of sequence/uid sets. The returned sets have each no more than around 1000
 /// characters because according to <https://tools.ietf.org/html/rfc2683#section-3.2.1.5>
 /// command lines should not be much more than 1000 chars (servers should allow at least 8000 chars)
@@ -2390,23 +2260,5 @@ impl std::fmt::Display for UidRange {
     }
 }
 
-pub(crate) async fn get_watched_folder_configs(context: &Context) -> Result<Vec<Config>> {
-    let mut res = vec![Config::ConfiguredInboxFolder];
-    if context.should_watch_mvbox().await? {
-        res.push(Config::ConfiguredMvboxFolder);
-    }
-    Ok(res)
-}
-
-pub(crate) async fn get_watched_folders(context: &Context) -> Result<Vec<String>> {
-    let mut res = Vec::new();
-    for folder_config in get_watched_folder_configs(context).await? {
-        if let Some(folder) = context.get_config(folder_config).await? {
-            res.push(folder);
-        }
-    }
-    Ok(res)
-}
-
 #[cfg(test)]
 mod imap_tests;

src/imap/client.rs

@@ -220,6 +220,8 @@ impl Client {
             alpn(addr.port()),
             logging_stream,
             &context.tls_session_store,
+            &context.spki_hash_store,
+            &context.sql,
         )
         .await?;
         let buffered_stream = BufWriter::new(tls_stream);
@@ -282,6 +284,8 @@ impl Client {
             "",
             tcp_stream,
             &context.tls_session_store,
+            &context.spki_hash_store,
+            &context.sql,
         )
         .await
         .context("STARTTLS upgrade failed")?;
@@ -310,6 +314,8 @@ impl Client {
             alpn(port),
             proxy_stream,
             &context.tls_session_store,
+            &context.spki_hash_store,
+            &context.sql,
         )
         .await?;
         let buffered_stream = BufWriter::new(tls_stream);
@@ -373,6 +379,8 @@ impl Client {
             "",
             proxy_stream,
             &context.tls_session_store,
+            &context.spki_hash_store,
+            &context.sql,
         )
         .await
         .context("STARTTLS upgrade failed")?;

src/imap/idle.rs

@@ -27,6 +27,8 @@ impl Session {
         idle_interrupt_receiver: Receiver<()>,
         folder: &str,
     ) -> Result<Self> {
+        let transport_id = self.transport_id();
+
         self.select_with_uidvalidity(context, folder).await?;
 
         if self.drain_unsolicited_responses(context)? {
@@ -36,13 +38,16 @@ impl Session {
         if self.new_mail {
             info!(
                 context,
-                "Skipping IDLE in {folder:?} because there may be new mail."
+                "Transport {transport_id}: Skipping IDLE in {folder:?} because there may be new mail."
             );
             return Ok(self);
         }
 
         if let Ok(()) = idle_interrupt_receiver.try_recv() {
-            info!(context, "Skip IDLE in {folder:?} because we got interrupt.");
+            info!(
+                context,
+                "Transport {transport_id}: Skip IDLE in {folder:?} because we got interrupt."
+            );
             return Ok(self);
         }
 
@@ -61,7 +66,7 @@ impl Session {
 
         info!(
             context,
-            "IDLE entering wait-on-remote state in folder {folder:?}."
+            "Transport {transport_id}: IDLE entering wait-on-remote state in folder {folder:?}."
         );
 
         // Spawn a task to relay interrupts from `idle_interrupt_receiver`
@@ -115,11 +120,7 @@ impl Session {
 
 impl Imap {
     /// Idle using polling.
-    pub(crate) async fn fake_idle(
-        &mut self,
-        context: &Context,
-        watch_folder: String,
-    ) -> Result<()> {
+    pub(crate) async fn fake_idle(&mut self, context: &Context, watch_folder: &str) -> Result<()> {
         let fake_idle_start_time = tools::Time::now();
 
         info!(context, "IMAP-fake-IDLEing folder={:?}", watch_folder);

src/imap/imap_tests.rs

@@ -100,23 +100,16 @@ fn test_build_sequence_sets() {
 
 async fn check_target_folder_combination(
     folder: &str,
-    mvbox_move: bool,
     chat_msg: bool,
     expected_destination: &str,
     accepted_chat: bool,
     outgoing: bool,
 ) -> Result<()> {
     println!(
-        "Testing: For folder {folder}, mvbox_move {mvbox_move}, chat_msg {chat_msg}, accepted {accepted_chat}, outgoing {outgoing}"
+        "Testing: For folder {folder}, chat_msg {chat_msg}, accepted {accepted_chat}, outgoing {outgoing}"
     );
 
     let t = TestContext::new_alice().await;
-    t.ctx
-        .set_config(Config::ConfiguredMvboxFolder, Some("DeltaChat"))
-        .await?;
-    t.ctx
-        .set_config(Config::MvboxMove, Some(if mvbox_move { "1" } else { "0" }))
-        .await?;
 
     if accepted_chat {
         let contact_id = Contact::create(&t.ctx, "", "bob@example.net").await?;
@@ -161,64 +154,42 @@ async fn check_target_folder_combination(
     assert_eq!(
         expected,
         actual.as_deref(),
-        "For folder {folder}, mvbox_move {mvbox_move}, chat_msg {chat_msg}, accepted {accepted_chat}, outgoing {outgoing}: expected {expected:?}, got {actual:?}"
+        "For folder {folder}, chat_msg {chat_msg}, accepted {accepted_chat}, outgoing {outgoing}: expected {expected:?}, got {actual:?}"
     );
     Ok(())
 }
 
 // chat_msg means that the message was sent by Delta Chat
-// The tuples are (folder, mvbox_move, chat_msg, expected_destination)
-const COMBINATIONS_ACCEPTED_CHAT: &[(&str, bool, bool, &str)] = &[
-    ("INBOX", false, false, "INBOX"),
-    ("INBOX", false, true, "INBOX"),
-    ("INBOX", true, false, "INBOX"),
-    ("INBOX", true, true, "DeltaChat"),
-    ("Spam", false, false, "INBOX"), // Move classical emails in accepted chats from Spam to Inbox, not 100% sure on this, we could also just never move non-chat-msgs
-    ("Spam", false, true, "INBOX"),
-    ("Spam", true, false, "INBOX"), // Move classical emails in accepted chats from Spam to Inbox, not 100% sure on this, we could also just never move non-chat-msgs
-    ("Spam", true, true, "DeltaChat"),
+// The tuples are (folder, chat_msg, expected_destination)
+const COMBINATIONS_ACCEPTED_CHAT: &[(&str, bool, &str)] = &[
+    ("INBOX", false, "INBOX"),
+    ("INBOX", true, "INBOX"),
+    ("Spam", false, "INBOX"), // Move classical emails in accepted chats from Spam to Inbox, not 100% sure on this, we could also just never move non-chat-msgs
+    ("Spam", true, "INBOX"),
 ];
 
 // These are the same as above, but non-chat messages in Spam stay in Spam
-const COMBINATIONS_REQUEST: &[(&str, bool, bool, &str)] = &[
-    ("INBOX", false, false, "INBOX"),
-    ("INBOX", false, true, "INBOX"),
-    ("INBOX", true, false, "INBOX"),
-    ("INBOX", true, true, "DeltaChat"),
-    ("Spam", false, false, "Spam"),
-    ("Spam", false, true, "INBOX"),
-    ("Spam", true, false, "Spam"),
-    ("Spam", true, true, "DeltaChat"),
+const COMBINATIONS_REQUEST: &[(&str, bool, &str)] = &[
+    ("INBOX", false, "INBOX"),
+    ("INBOX", true, "INBOX"),
+    ("Spam", false, "Spam"),
+    ("Spam", true, "INBOX"),
 ];
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_target_folder_incoming_accepted() -> Result<()> {
-    for (folder, mvbox_move, chat_msg, expected_destination) in COMBINATIONS_ACCEPTED_CHAT {
-        check_target_folder_combination(
-            folder,
-            *mvbox_move,
-            *chat_msg,
-            expected_destination,
-            true,
-            false,
-        )
-        .await?;
+    for (folder, chat_msg, expected_destination) in COMBINATIONS_ACCEPTED_CHAT {
+        check_target_folder_combination(folder, *chat_msg, expected_destination, true, false)
+            .await?;
     }
     Ok(())
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_target_folder_incoming_request() -> Result<()> {
-    for (folder, mvbox_move, chat_msg, expected_destination) in COMBINATIONS_REQUEST {
-        check_target_folder_combination(
-            folder,
-            *mvbox_move,
-            *chat_msg,
-            expected_destination,
-            false,
-            false,
-        )
-        .await?;
+    for (folder, chat_msg, expected_destination) in COMBINATIONS_REQUEST {
+        check_target_folder_combination(folder, *chat_msg, expected_destination, false, false)
+            .await?;
     }
     Ok(())
 }
@@ -226,16 +197,9 @@ async fn test_target_folder_incoming_request() -> Result<()> {
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_target_folder_outgoing() -> Result<()> {
     // Test outgoing emails
-    for (folder, mvbox_move, chat_msg, expected_destination) in COMBINATIONS_ACCEPTED_CHAT {
-        check_target_folder_combination(
-            folder,
-            *mvbox_move,
-            *chat_msg,
-            expected_destination,
-            true,
-            true,
-        )
-        .await?;
+    for (folder, chat_msg, expected_destination) in COMBINATIONS_ACCEPTED_CHAT {
+        check_target_folder_combination(folder, *chat_msg, expected_destination, true, true)
+            .await?;
     }
     Ok(())
 }

src/imap/select_folder.rs

@@ -71,13 +71,18 @@ impl ImapSession {
             self.select(folder).await
         };
 
+        let transport_id = self.transport_id();
+
         // <https://tools.ietf.org/html/rfc3501#section-6.3.1>
         // says that if the server reports select failure we are in
         // authenticated (not-select) state.
 
         match res {
             Ok(mailbox) => {
-                info!(context, "Selected folder {folder:?}.");
+                info!(
+                    context,
+                    "Transport {transport_id}: Selected folder {folder:?}."
+                );
                 self.selected_folder = Some(folder.to_string());
                 self.selected_mailbox = Some(mailbox);
                 Ok(NewlySelected::Yes)

src/imap/session.rs

@@ -16,7 +16,7 @@ use crate::net::session::SessionStream;
 /// - Autocrypt-Setup-Message to check if a message is an autocrypt setup message,
 ///   not necessarily sent by Delta Chat.
 /// - Chat-Is-Post-Message to skip it in background fetch or when it is > `DownloadLimit`.
-const PREFETCH_FLAGS: &str = "(UID INTERNALDATE RFC822.SIZE BODY.PEEK[HEADER.FIELDS (\
+const PREFETCH_FLAGS: &str = "(UID RFC822.SIZE BODY.PEEK[HEADER.FIELDS (\
                               MESSAGE-ID \
                               DATE \
                               X-MICROSOFT-ORIGINAL-MESSAGE-ID \
@@ -124,7 +124,7 @@ impl Session {
     }
 
     /// Prefetch `n_uids` messages starting from `uid_next`. Returns a list of fetch results in the
-    /// order of ascending delivery time to the server (INTERNALDATE).
+    /// order of ascending UIDs.
     #[expect(clippy::arithmetic_side_effects)]
     pub(crate) async fn prefetch(
         &mut self,
@@ -142,10 +142,10 @@ impl Session {
         let mut msgs = BTreeMap::new();
         while let Some(msg) = list.try_next().await? {
             if let Some(msg_uid) = msg.uid {
-                msgs.insert((msg.internal_date(), msg_uid), msg);
+                msgs.insert(msg_uid, msg);
             }
         }
 
-        Ok(msgs.into_iter().map(|((_, uid), msg)| (uid, msg)).collect())
+        Ok(Vec::from_iter(msgs))
     }
 }

src/imex.rs

@@ -1137,4 +1137,16 @@ mod tests {
 
         Ok(())
     }
+
+    /// Tests importing a backup from Delta Chat 1.30.3 for Android (core v1.86.0).
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_import_ancient_backup() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let context = &tcm.unconfigured().await;
+
+        let backup_path = Path::new("test-data/core-1.86.0-backup.tar");
+        imex(context, ImexMode::ImportBackup, backup_path, None).await?;
+
+        Ok(())
+    }
 }

src/imex/transfer.rs

@@ -208,7 +208,7 @@ impl BackupProvider {
         info!(context, "Received backup reception acknowledgement.");
         context.emit_event(EventType::ImexProgress(1000));
 
-        let mut msg = Message::new_text(backup_transfer_msg_body(&context).await);
+        let mut msg = Message::new_text(backup_transfer_msg_body(&context));
         add_device_msg(&context, None, Some(&mut msg)).await?;
 
         Ok(())

src/lib.rs

@@ -17,6 +17,7 @@
     clippy::cloned_instead_of_copied,
     clippy::manual_is_variant_and
 )]
+#![cfg_attr(not(test), warn(clippy::large_futures))]
 #![cfg_attr(not(test), warn(clippy::arithmetic_side_effects))]
 #![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
 #![cfg_attr(not(test), forbid(clippy::string_slice))]

src/location.rs

@@ -288,13 +288,13 @@ pub async fn send_locations_to_chat(
         )
         .await?;
     if 0 != seconds && !is_sending_locations_before {
-        let mut msg = Message::new_text(stock_str::msg_location_enabled(context).await);
+        let mut msg = Message::new_text(stock_str::msg_location_enabled(context));
         msg.param.set_cmd(SystemMessage::LocationStreamingEnabled);
         chat::send_msg(context, chat_id, &mut msg)
             .await
             .unwrap_or_default();
     } else if 0 == seconds && is_sending_locations_before {
-        let stock_str = stock_str::msg_location_disabled(context).await;
+        let stock_str = stock_str::msg_location_disabled(context);
         chat::add_info_msg(context, chat_id, &stock_str).await?;
     }
     context.emit_event(EventType::ChatModified(chat_id));
@@ -852,7 +852,7 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
                 .await
                 .context("failed to disable location streaming")?;
 
-            let stock_str = stock_str::msg_location_disabled(context).await;
+            let stock_str = stock_str::msg_location_disabled(context);
             chat::add_info_msg(context, chat_id, &stock_str).await?;
             context.emit_event(EventType::ChatModified(chat_id));
             chatlist_events::emit_chatlist_item_changed(context, chat_id);

src/login_param.rs

@@ -56,9 +56,37 @@ pub enum EnteredCertificateChecks {
     AcceptInvalidCertificates2 = 3,
 }
 
-/// Login parameters for a single server, either IMAP or SMTP
+/// Login parameters for a single IMAP server.
 #[derive(Debug, Default, Clone, PartialEq, Eq, Serialize, Deserialize)]
-pub struct EnteredServerLoginParam {
+pub struct EnteredImapLoginParam {
+    /// Server hostname or IP address.
+    pub server: String,
+
+    /// Server port.
+    ///
+    /// 0 if not specified.
+    pub port: u16,
+
+    /// Folder to watch.
+    ///
+    /// If empty, user has not entered anything and it shuold expand to "INBOX" later.
+    pub folder: String,
+
+    /// Socket security.
+    pub security: Socket,
+
+    /// Username.
+    ///
+    /// Empty string if not specified.
+    pub user: String,
+
+    /// Password.
+    pub password: String,
+}
+
+/// Login parameters for a single SMTP server.
+#[derive(Debug, Default, Clone, PartialEq, Eq, Serialize, Deserialize)]
+pub struct EnteredSmtpLoginParam {
     /// Server hostname or IP address.
     pub server: String,
 
@@ -96,10 +124,10 @@ pub struct EnteredLoginParam {
     pub addr: String,
 
     /// IMAP settings.
-    pub imap: EnteredServerLoginParam,
+    pub imap: EnteredImapLoginParam,
 
     /// SMTP settings.
-    pub smtp: EnteredServerLoginParam,
+    pub smtp: EnteredSmtpLoginParam,
 
     /// TLS options: whether to allow invalid certificates and/or
     /// invalid hostnames
@@ -110,8 +138,11 @@ pub struct EnteredLoginParam {
 }
 
 impl EnteredLoginParam {
-    /// Loads entered account settings.
-    pub(crate) async fn load(context: &Context) -> Result<Self> {
+    /// Loads entered account settings
+    /// that were set by the deprecated `configured_*` configs.
+    ///
+    /// This is only needed by tests and clients using the old CFFI API.
+    pub(crate) async fn load_legacy(context: &Context) -> Result<Self> {
         let addr = context
             .get_config(Config::Addr)
             .await?
@@ -127,6 +158,10 @@ impl EnteredLoginParam {
             .get_config_parsed::<u16>(Config::MailPort)
             .await?
             .unwrap_or_default();
+
+        // There is no way to set custom folder with this legacy API.
+        let mail_folder = String::new();
+
         let mail_security = context
             .get_config_parsed::<i32>(Config::MailSecurity)
             .await?
@@ -144,7 +179,7 @@ impl EnteredLoginParam {
         // The setting is named `imap_certificate_checks`
         // for backwards compatibility,
         // but now it is a global setting applied to all protocols,
-        // while `smtp_certificate_checks` is ignored.
+        // while `smtp_certificate_checks` has been removed.
         let certificate_checks = if let Some(certificate_checks) = context
             .get_config_parsed::<i32>(Config::ImapCertificateChecks)
             .await?
@@ -185,14 +220,15 @@ impl EnteredLoginParam {
 
         Ok(EnteredLoginParam {
             addr,
-            imap: EnteredServerLoginParam {
+            imap: EnteredImapLoginParam {
                 server: mail_server,
                 port: mail_port,
+                folder: mail_folder,
                 security: mail_security,
                 user: mail_user,
                 password: mail_pw,
             },
-            smtp: EnteredServerLoginParam {
+            smtp: EnteredSmtpLoginParam {
                 server: send_server,
                 port: send_port,
                 security: send_security,
@@ -206,7 +242,10 @@ impl EnteredLoginParam {
 
     /// Saves entered account settings,
     /// so that they can be prefilled if the user wants to configure the server again.
-    pub(crate) async fn save(&self, context: &Context) -> Result<()> {
+    ///
+    /// This is needed in case a UI is not yet updated, and still uses `get_config("mail_pw")` etc.
+    /// in order to prefill the entered account settings.
+    pub(crate) async fn save_legacy(&self, context: &Context) -> Result<()> {
         context.set_config(Config::Addr, Some(&self.addr)).await?;
 
         context
@@ -329,7 +368,7 @@ mod tests {
             .await?;
         t.set_config(Config::MailPw, Some("foobarbaz")).await?;
 
-        let param = EnteredLoginParam::load(t).await?;
+        let param = EnteredLoginParam::load_legacy(t).await?;
         assert_eq!(param.addr, "alice@example.org");
         assert_eq!(
             param.certificate_checks,
@@ -338,13 +377,13 @@ mod tests {
 
         t.set_config(Config::ImapCertificateChecks, Some("1"))
             .await?;
-        let param = EnteredLoginParam::load(t).await?;
+        let param = EnteredLoginParam::load_legacy(t).await?;
         assert_eq!(param.certificate_checks, EnteredCertificateChecks::Strict);
 
         // Fail to load invalid settings, but do not panic.
         t.set_config(Config::ImapCertificateChecks, Some("999"))
             .await?;
-        assert!(EnteredLoginParam::load(t).await.is_err());
+        assert!(EnteredLoginParam::load_legacy(t).await.is_err());
 
         Ok(())
     }
@@ -354,14 +393,15 @@ mod tests {
         let t = TestContext::new().await;
         let param = EnteredLoginParam {
             addr: "alice@example.org".to_string(),
-            imap: EnteredServerLoginParam {
+            imap: EnteredImapLoginParam {
                 server: "".to_string(),
                 port: 0,
+                folder: "".to_string(),
                 security: Socket::Starttls,
                 user: "".to_string(),
                 password: "foobar".to_string(),
             },
-            smtp: EnteredServerLoginParam {
+            smtp: EnteredSmtpLoginParam {
                 server: "".to_string(),
                 port: 2947,
                 security: Socket::default(),
@@ -371,7 +411,7 @@ mod tests {
             certificate_checks: Default::default(),
             oauth2: false,
         };
-        param.save(&t).await?;
+        param.save_legacy(&t).await?;
         assert_eq!(
             t.get_config(Config::Addr).await?.unwrap(),
             "alice@example.org"
@@ -380,7 +420,7 @@ mod tests {
         assert_eq!(t.get_config(Config::SendPw).await?, None);
         assert_eq!(t.get_config_int(Config::SendPort).await?, 2947);
 
-        assert_eq!(EnteredLoginParam::load(&t).await?, param);
+        assert_eq!(EnteredLoginParam::load_legacy(&t).await?, param);
 
         Ok(())
     }

src/message.rs

@@ -1,7 +1,6 @@
 //! # Messages and their identifiers.
 
 use std::collections::BTreeSet;
-use std::collections::HashSet;
 use std::path::{Path, PathBuf};
 use std::str;
 
@@ -200,7 +199,6 @@ SELECT ?1, rfc724_mid, pre_rfc724_mid, timestamp, ?, ? FROM msgs WHERE id=?1
     }
 
     /// Returns detailed message information in a multi-line text form.
-    #[expect(clippy::arithmetic_side_effects)]
     pub async fn get_info(self, context: &Context) -> Result<String> {
         let msg = Message::load_from_db(context, self).await?;
 
@@ -598,7 +596,7 @@ impl Message {
 
         if let Some(msg) = &mut msg {
             msg.additional_text =
-                Self::get_additional_text(context, msg.download_state, &msg.param).await?;
+                Self::get_additional_text(context, msg.download_state, &msg.param)?;
         }
 
         Ok(msg)
@@ -607,7 +605,7 @@ impl Message {
     /// Returns additional text which is appended to the message's text field
     /// when it is loaded from the database.
     /// Currently this is used to add infomation to pre-messages of what the download will be and how large it is
-    async fn get_additional_text(
+    fn get_additional_text(
         context: &Context,
         download_state: DownloadState,
         param: &Params,
@@ -630,7 +628,7 @@ impl Message {
             return match viewtype {
                 Viewtype::File => Ok(format!(" [{file_name} – {file_size}]")),
                 _ => {
-                    let translated_viewtype = viewtype.to_locale_string(context).await;
+                    let translated_viewtype = viewtype.to_locale_string(context);
                     Ok(format!(" [{translated_viewtype} – {file_size}]"))
                 }
             };
@@ -815,14 +813,17 @@ impl Message {
 
     /// Returns the timestamp of the message for sorting.
     pub fn get_sort_timestamp(&self) -> i64 {
-        self.timestamp_sort
+        if self.timestamp_sort != 0 {
+            self.timestamp_sort
+        } else {
+            self.timestamp_sent
+        }
     }
 
     /// Returns the text of the message.
     ///
     /// Currently this includes `additional_text`, but this may change in future, when the UIs show
     /// the necessary info themselves.
-    #[expect(clippy::arithmetic_side_effects)]
     pub fn get_text(&self) -> String {
         self.text.clone() + &self.additional_text
     }
@@ -1315,7 +1316,7 @@ impl Message {
     }
 
     /// Force the message to be sent in plain text.
-    pub fn force_plaintext(&mut self) {
+    pub(crate) fn force_plaintext(&mut self) {
         self.param.set_int(Param::ForcePlaintext, 1);
     }
 
@@ -1389,6 +1390,8 @@ pub enum MessageState {
     /// For files which need time to be prepared before they can be
     /// sent, the message enters this state before
     /// OutPending.
+    ///
+    /// Deprecated 2024-12-07.
     OutPreparing = 18,
 
     /// Message saved as draft.
@@ -1689,7 +1692,7 @@ pub(crate) async fn delete_msg_locally(context: &Context, msg: &Message) -> Resu
 pub(crate) async fn delete_msgs_locally_done(
     context: &Context,
     msg_ids: &[MsgId],
-    modified_chat_ids: HashSet<ChatId>,
+    modified_chat_ids: BTreeSet<ChatId>,
 ) -> Result<()> {
     for modified_chat_id in modified_chat_ids {
         context.emit_msgs_changed_without_msg_id(modified_chat_id);
@@ -1719,7 +1722,7 @@ pub async fn delete_msgs_ex(
     msg_ids: &[MsgId],
     delete_for_all: bool,
 ) -> Result<()> {
-    let mut modified_chat_ids = HashSet::new();
+    let mut modified_chat_ids = BTreeSet::new();
     let mut deleted_rfc724_mid = Vec::new();
     let mut res = Ok(());
 

src/mimefactory.rs

@@ -32,7 +32,7 @@ use crate::message::{Message, MsgId, Viewtype};
 use crate::mimeparser::{SystemMessage, is_hidden};
 use crate::param::Param;
 use crate::peer_channels::{create_iroh_header, get_iroh_topic_for_msg};
-use crate::pgp::{SeipdVersion, addresses_from_public_key};
+use crate::pgp::{SeipdVersion, addresses_from_public_key, pubkey_supports_seipdv2};
 use crate::simplify::escape_message_footer_marks;
 use crate::stock_str;
 use crate::tools::{
@@ -194,6 +194,7 @@ fn new_address_with_name(name: &str, address: String) -> Address<'static> {
 }
 
 impl MimeFactory {
+    /// Returns `MimeFactory` for rendering `msg`.
     #[expect(clippy::arithmetic_side_effects)]
     pub async fn from_msg(context: &Context, msg: Message) -> Result<MimeFactory> {
         let now = time();
@@ -232,11 +233,7 @@ impl MimeFactory {
         if chat.is_self_talk() {
             to.push((from_displayname.to_string(), from_addr.to_string()));
 
-            encryption_pubkeys = if msg.param.get_bool(Param::ForcePlaintext).unwrap_or(false) {
-                None
-            } else {
-                Some(Vec::new())
-            };
+            encryption_pubkeys = Some(Vec::new());
         } else if chat.is_mailing_list() {
             let list_post = chat
                 .param
@@ -467,18 +464,21 @@ impl MimeFactory {
                 .into_iter()
                 .filter(|id| *id != ContactId::SELF)
                 .collect();
-            if recipient_ids.len() == 1
-                && !matches!(
-                    msg.param.get_cmd(),
-                    SystemMessage::MemberRemovedFromGroup | SystemMessage::SecurejoinMessage
-                )
-                && !matches!(chat.typ, Chattype::OutBroadcast | Chattype::InBroadcast)
+            if !matches!(
+                msg.param.get_cmd(),
+                SystemMessage::MemberRemovedFromGroup | SystemMessage::SecurejoinMessage
+            ) && !matches!(chat.typ, Chattype::OutBroadcast | Chattype::InBroadcast)
             {
+                let origin = match recipient_ids.len() {
+                    1 => Origin::OutgoingTo,
+                    // Use the same origin as ChatId::accept_ex() does for groups.
+                    _ => Origin::IncomingTo,
+                };
                 info!(
                     context,
-                    "Scale up origin of {} recipients to OutgoingTo.", chat.id
+                    "Scale up origin of {} recipients to {origin:?}.", chat.id
                 );
-                ContactId::scaleup_origin(context, &recipient_ids, Origin::OutgoingTo).await?;
+                ContactId::scaleup_origin(context, &recipient_ids, origin).await?;
             }
 
             if !msg.is_system_message()
@@ -732,7 +732,7 @@ impl MimeFactory {
                     Some(name) => name,
                     None => context.get_config(Config::Addr).await?.unwrap_or_default(),
                 };
-                stock_str::subject_for_new_contact(context, self_name).await
+                stock_str::subject_for_new_contact(context, self_name)
             }
             Loaded::Mdn { .. } => "Receipt Notification".to_string(), // untranslated to no reveal sender's language
         };
@@ -852,7 +852,13 @@ impl MimeFactory {
 
         let rfc724_mid = match &self.loaded {
             Loaded::Message { msg, .. } => match &self.pre_message_mode {
-                PreMessageMode::Pre { .. } => create_outgoing_rfc724_mid(),
+                PreMessageMode::Pre { .. } => {
+                    if msg.pre_rfc724_mid.is_empty() {
+                        create_outgoing_rfc724_mid()
+                    } else {
+                        msg.pre_rfc724_mid.clone()
+                    }
+                }
                 _ => msg.rfc724_mid.clone(),
             },
             Loaded::Mdn { .. } => create_outgoing_rfc724_mid(),
@@ -1176,14 +1182,13 @@ impl MimeFactory {
             } else {
                 // Asymmetric encryption
 
-                let seipd_version = if encryption_pubkeys.is_empty() {
-                    // If message is sent only to self,
-                    // use v2 SEIPD.
+                // Use SEIPDv2 if all recipients support it.
+                let seipd_version = if encryption_pubkeys
+                    .iter()
+                    .all(|(_addr, pubkey)| pubkey_supports_seipdv2(pubkey))
+                {
                     SeipdVersion::V2
                 } else {
-                    // If message is sent to others,
-                    // they may not support v2 SEIPD yet,
-                    // so use v1 SEIPD.
                     SeipdVersion::V1
                 };
 
@@ -1390,10 +1395,7 @@ impl MimeFactory {
             }
         }
 
-        if chat.typ == Chattype::Group
-            || chat.typ == Chattype::OutBroadcast
-            || chat.typ == Chattype::InBroadcast
-        {
+        if chat.typ == Chattype::Group || chat.typ == Chattype::OutBroadcast {
             headers.push((
                 "Chat-Group-Name",
                 mail_builder::headers::text::Text::new(chat.name.to_string()).into(),
@@ -1404,7 +1406,11 @@ impl MimeFactory {
                     mail_builder::headers::text::Text::new(ts.to_string()).into(),
                 ));
             }
-
+        }
+        if chat.typ == Chattype::Group
+            || chat.typ == Chattype::OutBroadcast
+            || chat.typ == Chattype::InBroadcast
+        {
             match command {
                 SystemMessage::MemberRemovedFromGroup => {
                     let email_to_remove = msg.param.get(Param::Arg).unwrap_or_default();
@@ -1525,7 +1531,7 @@ impl MimeFactory {
                 let description = chat::get_chat_description(context, chat.id).await?;
                 headers.push((
                     "Chat-Group-Description",
-                    mail_builder::headers::text::Text::new(description.clone()).into(),
+                    mail_builder::headers::raw::Raw::new(b_encode(&description)).into(),
                 ));
                 if let Some(ts) = chat.param.get_i64(Param::GroupDescriptionTimestamp) {
                     headers.push((
@@ -1883,7 +1889,6 @@ impl MimeFactory {
     }
 
     /// Render an MDN
-    #[expect(clippy::arithmetic_side_effects)]
     fn render_mdn(&mut self) -> Result<MimePart<'static>> {
         // RFC 6522, this also requires the `report-type` parameter which is equal
         // to the MIME subtype of the second body part of the multipart/report
@@ -2222,18 +2227,18 @@ fn should_encrypt_symmetrically(msg: &Message, chat: &Chat) -> bool {
 /// rather than all recipients.
 /// This function returns the fingerprint of the recipient the message should be sent to.
 fn must_have_only_one_recipient<'a>(msg: &'a Message, chat: &Chat) -> Option<Result<&'a str>> {
-    if chat.typ == Chattype::OutBroadcast
-        && matches!(
-            msg.param.get_cmd(),
-            SystemMessage::MemberRemovedFromGroup | SystemMessage::MemberAddedToGroup
-        )
-    {
-        let Some(fp) = msg.param.get(Param::Arg4) else {
-            return Some(Err(format_err!("Missing removed/added member")));
-        };
-        return Some(Ok(fp));
+    if chat.typ != Chattype::OutBroadcast {
+        None
+    } else if let Some(fp) = msg.param.get(Param::Arg4) {
+        Some(Ok(fp))
+    } else if matches!(
+        msg.param.get_cmd(),
+        SystemMessage::MemberRemovedFromGroup | SystemMessage::MemberAddedToGroup
+    ) {
+        Some(Err(format_err!("Missing removed/added member")))
+    } else {
+        None
     }
-    None
 }
 
 async fn build_body_file(context: &Context, msg: &Message) -> Result<MimePart<'static>> {

src/mimefactory/mimefactory_tests.rs

@@ -1,6 +1,9 @@
 use deltachat_contact_tools::ContactAddress;
 use mail_builder::headers::Header;
 use mailparse::{MailHeaderMap, addrparse_header};
+use pgp::armor;
+use pgp::packet::{Packet, PacketParser};
+use std::io::BufReader;
 use std::str;
 use std::time::Duration;
 
@@ -11,7 +14,7 @@ use crate::chat::{
 };
 use crate::chatlist::Chatlist;
 use crate::constants;
-use crate::contact::Origin;
+use crate::contact::{Origin, import_vcard};
 use crate::headerdef::HeaderDef;
 use crate::message;
 use crate::mimeparser::MimeMessage;
@@ -877,3 +880,85 @@ async fn test_no_empty_to_header() -> Result<()> {
 
     Ok(())
 }
+
+/// Parses ASCII-armored message and checks that it only has PKESK and SEIPD packets.
+///
+/// Panics if SEIPD packets are not of expected version.
+fn assert_seipd_version(payload: &str, version: usize) {
+    let cursor = Cursor::new(payload);
+    let dearmor = armor::Dearmor::new(cursor);
+    let packet_parser = PacketParser::new(BufReader::new(dearmor));
+    for packet in packet_parser {
+        match packet.unwrap() {
+            Packet::PublicKeyEncryptedSessionKey(_pkesk) => {}
+            Packet::SymEncryptedProtectedData(seipd) => {
+                assert_eq!(seipd.version(), version);
+            }
+            packet => {
+                panic!("Unexpected packet {:?}", packet);
+            }
+        }
+    }
+}
+
+/// Tests that messages between two test accounts use SEIPDv2 and not SEIPDv1.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_use_seipdv2() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    let alice_chat_id = alice.create_chat_id(bob).await;
+    let sent = alice.send_text(alice_chat_id, "Hello!").await;
+    assert_seipd_version(&sent.payload, 2);
+
+    Ok(())
+}
+
+/// Tests that messages to keys that don't advertise SEIPDv2 support
+/// are sent using SEIPDv1.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_fallback_to_seipdv1() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let charlie = &tcm.charlie().await;
+
+    // vCard of Alice with no SEIPDv2 feature advertised in the key.
+    let alice_vcard = "BEGIN:VCARD
+VERSION:4.0
+EMAIL:alice@example.org
+FN:Alice
+KEY:data:application/pgp-keys;base64,mDMEXlh13RYJKwYBBAHaRw8BAQdAzfVIAleCXMJrq8VeLlEVof6ITCviMktKjmcBKAu4m5C0GUFsaWNlIDxhbGljZUBleGFtcGxlLm9yZz6IkAQTFggAOBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGSwj2Gp7ZRDE3oA/i4MCyDMTsjWqDZoQwX/A/GoTO2/V0wKPhjJJy/8m2pMAPkBjOnGOtx2SZpQvJGTa9h804RY6iDrRuI8A/8tEEXAA7g4BF5Ydd0SCisGAQQBl1UBBQEBB0AG7cjWy2SFAU8KnltlubVW67rFiyfp01JrRe6Xqy22HQMBCAeIeAQYFggAIBYhBC5vossjtTLXKGNLWGSwj2Gp7ZRDBQJeWHXdAhsMAAoJEGSwj2Gp7ZRDLo8BAObE8GnsGVwKzNqCvHeWgJsqhjS3C6gvSlV3tEm9XmF6AQDXucIyVfoBwoyMh2h6cSn/ATn5QJb35pgo+ivp3jsMAg==
+REV:20250412T195751Z
+END:VCARD";
+    let contact_ids = import_vcard(bob, alice_vcard).await.unwrap();
+    let alice_contact_id = contact_ids[0];
+    let chat_id = ChatId::create_for_contact(bob, alice_contact_id)
+        .await
+        .unwrap();
+
+    // Bob sends a message to Alice with SEIPDv1 packet.
+    let sent = bob.send_text(chat_id, "Hello!").await;
+    assert_seipd_version(&sent.payload, 1);
+
+    // Bob creates a group with Alice and Charlie.
+    // Sending a message there should also use SEIPDv1
+    // because for Bob it looks like Alice does not support SEIPDv2.
+    let charlie_contact_id = bob.add_or_lookup_contact_id(charlie).await;
+    let group_id = create_group(bob, "groupname").await.unwrap();
+    chat::add_contact_to_chat(bob, group_id, alice_contact_id).await?;
+    chat::add_contact_to_chat(bob, group_id, charlie_contact_id).await?;
+
+    let sent = bob.send_text(group_id, "Hello!").await;
+    assert_seipd_version(&sent.payload, 1);
+
+    // Bob gets a new key of Alice via new vCard
+    // and learns that Alice supports SEIPDv2.
+    assert_eq!(bob.add_or_lookup_contact_id(alice).await, alice_contact_id);
+
+    let sent = bob.send_text(group_id, "Hello again with SEIPDv2!").await;
+    assert_seipd_version(&sent.payload, 2);
+
+    Ok(())
+}

src/mimeparser.rs

@@ -86,7 +86,9 @@ pub(crate) struct MimeMessage {
     /// messages to this address to post them to the list.
     pub list_post: Option<String>,
     pub chat_disposition_notification_to: Option<SingleInfo>,
-    pub decrypting_failed: bool,
+
+    /// Decryption error if decryption of the message has failed.
+    pub decryption_error: Option<String>,
 
     /// Valid signature fingerprint if a message is an
     /// Autocrypt encrypted and signed message and corresponding intended recipient fingerprints
@@ -262,14 +264,11 @@ pub enum SystemMessage {
     GroupDescriptionChanged = 70,
 }
 
-const MIME_AC_SETUP_FILE: &str = "application/autocrypt-setup";
-
 impl MimeMessage {
     /// Parse a mime message.
     ///
     /// This method has some side-effects,
     /// such as saving blobs and saving found public keys to the database.
-    #[expect(clippy::arithmetic_side_effects)]
     pub(crate) async fn from_bytes(context: &Context, body: &[u8]) -> Result<Self> {
         let mail = mailparse::parse_mail(body)?;
 
@@ -373,7 +372,7 @@ impl MimeMessage {
         hop_info += "\n\n";
         hop_info += &dkim_results.to_string();
 
-        let incoming = !context.is_self_addr(&from.addr).await?;
+        let from_is_not_self_addr = !context.is_self_addr(&from.addr).await?;
 
         let mut aheader_values = mail.headers.get_all_values(HeaderDef::Autocrypt.into());
 
@@ -438,7 +437,7 @@ impl MimeMessage {
         };
 
         let mut autocrypt_header = None;
-        if incoming {
+        if from_is_not_self_addr {
             // See `get_all_addresses_from_header()` for why we take the last valid header.
             for val in aheader_values.iter().rev() {
                 autocrypt_header = match Aheader::from_str(val) {
@@ -469,7 +468,7 @@ impl MimeMessage {
             None
         };
 
-        let mut public_keyring = if incoming {
+        let mut public_keyring = if from_is_not_self_addr {
             if let Some(autocrypt_header) = autocrypt_header {
                 vec![autocrypt_header.public_key]
             } else {
@@ -654,6 +653,15 @@ impl MimeMessage {
             .into_iter()
             .last()
             .map(|(fp, recipient_fps)| (fp, recipient_fps.into_iter().collect::<HashSet<_>>()));
+
+        let incoming = if let Some((ref sig_fp, _)) = signature {
+            sig_fp.hex() != key::self_fingerprint(context).await?
+        } else {
+            // rare case of getting a cleartext message
+            // so we determine 'incoming' flag by From-address
+            from_is_not_self_addr
+        };
+
         let mut parser = MimeMessage {
             parts: Vec::new(),
             headers,
@@ -666,7 +674,7 @@ impl MimeMessage {
             from,
             incoming,
             chat_disposition_notification_to,
-            decrypting_failed: mail.is_err(),
+            decryption_error: mail.err().map(|err| format!("{err:#}")),
 
             // only non-empty if it was a valid autocrypt message
             signature,
@@ -745,20 +753,8 @@ impl MimeMessage {
     }
 
     /// Parses system messages.
-    fn parse_system_message_headers(&mut self, context: &Context) {
-        if self.get_header(HeaderDef::AutocryptSetupMessage).is_some() && !self.incoming {
-            self.parts.retain(|part| {
-                part.mimetype
-                    .as_ref()
-                    .is_none_or(|mimetype| mimetype.as_ref() == MIME_AC_SETUP_FILE)
-            });
-
-            if self.parts.len() == 1 {
-                self.is_system_message = SystemMessage::AutocryptSetupMessage;
-            } else {
-                warn!(context, "could not determine ASM mime-part");
-            }
-        } else if let Some(value) = self.get_header(HeaderDef::ChatContent) {
+    fn parse_system_message_headers(&mut self) {
+        if let Some(value) = self.get_header(HeaderDef::ChatContent) {
             if value == "location-streaming-enabled" {
                 self.is_system_message = SystemMessage::LocationStreamingEnabled;
             } else if value == "ephemeral-timer-changed" {
@@ -908,7 +904,7 @@ impl MimeMessage {
     }
 
     async fn parse_headers(&mut self, context: &Context) -> Result<()> {
-        self.parse_system_message_headers(context);
+        self.parse_system_message_headers();
         self.parse_avatar_headers(context)?;
         self.parse_videochat_headers();
         if self.delivery_report.is_none() {
@@ -919,7 +915,7 @@ impl MimeMessage {
             && let Some(ref subject) = self.get_subject()
         {
             let mut prepend_subject = true;
-            if !self.decrypting_failed {
+            if self.decryption_error.is_none() {
                 let colon = subject.find(':');
                 if colon == Some(2)
                     || colon == Some(3)
@@ -960,7 +956,7 @@ impl MimeMessage {
         self.parse_attachments();
 
         // See if an MDN is requested from the other side
-        if !self.decrypting_failed
+        if self.decryption_error.is_none()
             && !self.parts.is_empty()
             && let Some(ref dn_to) = self.chat_disposition_notification_to
         {
@@ -1092,7 +1088,7 @@ impl MimeMessage {
     #[cfg(test)]
     /// Returns whether the decrypted data contains the given `&str`.
     pub(crate) fn decoded_data_contains(&self, s: &str) -> bool {
-        assert!(!self.decrypting_failed);
+        assert!(self.decryption_error.is_none());
         let decoded_str = str::from_utf8(&self.decoded_data).unwrap();
         decoded_str.contains(s)
     }

src/net.rs

@@ -12,7 +12,7 @@ use tokio_io_timeout::TimeoutStream;
 
 use crate::context::Context;
 use crate::net::session::SessionStream;
-use crate::net::tls::TlsSessionStore;
+use crate::net::tls::{SpkiHashStore, TlsSessionStore};
 use crate::sql::Sql;
 use crate::tools::time;
 
@@ -130,6 +130,8 @@ pub(crate) async fn connect_tls_inner(
     strict_tls: bool,
     alpn: &str,
     tls_session_store: &TlsSessionStore,
+    spki_hash_store: &SpkiHashStore,
+    sql: &Sql,
 ) -> Result<impl SessionStream + 'static> {
     let use_sni = true;
     let tcp_stream = connect_tcp_inner(addr).await?;
@@ -141,6 +143,8 @@ pub(crate) async fn connect_tls_inner(
         alpn,
         tcp_stream,
         tls_session_store,
+        spki_hash_store,
+        sql,
     )
     .await?;
     Ok(tls_stream)

src/net/dns.rs

@@ -881,7 +881,7 @@ fn merge_with_cache(
 ) -> Vec<SocketAddr> {
     let rest = resolved_addrs.split_off(std::cmp::min(resolved_addrs.len(), 2));
 
-    for addr in cache.into_iter().chain(rest.into_iter()) {
+    for addr in cache.into_iter().chain(rest) {
         if !resolved_addrs.contains(&addr) {
             resolved_addrs.push(addr);
             if resolved_addrs.len() >= 10 {

src/net/http.rs

@@ -87,6 +87,8 @@ where
                     "",
                     proxy_stream,
                     &context.tls_session_store,
+                    &context.spki_hash_store,
+                    &context.sql,
                 )
                 .await?;
                 Box::new(tls_stream)
@@ -99,6 +101,8 @@ where
                     "",
                     tcp_stream,
                     &context.tls_session_store,
+                    &context.spki_hash_store,
+                    &context.sql,
                 )
                 .await?;
                 Box::new(tls_stream)

src/net/proxy.rs

@@ -19,7 +19,6 @@ use tokio_io_timeout::TimeoutStream;
 use url::Url;
 
 use crate::config::Config;
-use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
 use crate::context::Context;
 use crate::net::connect_tcp;
 use crate::net::session::SessionStream;
@@ -93,13 +92,12 @@ impl HttpConfig {
     }
 
     fn to_url(&self, scheme: &str) -> String {
-        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
         if let Some((user, password)) = &self.user_password {
             let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
             let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
-            format!("{scheme}://{user}:{password}@{host}:{}", self.port)
+            format!("{scheme}://{user}:{password}@{}:{}", self.host, self.port)
         } else {
-            format!("{scheme}://{host}:{}", self.port)
+            format!("{scheme}://{}:{}", self.host, self.port)
         }
     }
 }
@@ -143,13 +141,12 @@ impl Socks5Config {
     }
 
     fn to_url(&self) -> String {
-        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
         if let Some((user, password)) = &self.user_password {
             let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
             let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
-            format!("socks5://{user}:{password}@{host}:{}", self.port)
+            format!("socks5://{user}:{password}@{}:{}", self.host, self.port)
         } else {
-            format!("socks5://{host}:{}", self.port)
+            format!("socks5://{}:{}", self.host, self.port)
         }
     }
 }
@@ -174,7 +171,6 @@ pub enum ProxyConfig {
 }
 
 /// Constructs HTTP/1.1 `CONNECT` request for HTTP(S) proxy.
-#[expect(clippy::arithmetic_side_effects)]
 fn http_connect_request(host: &str, port: u16, auth: Option<(&str, &str)>) -> String {
     // According to <https://datatracker.ietf.org/doc/html/rfc7230#section-5.4>
     // clients MUST send `Host:` header in HTTP/1.1 requests,
@@ -323,7 +319,6 @@ impl ProxyConfig {
     /// config into `proxy_url` if `proxy_url` is unset or empty.
     ///
     /// Unsets `socks5_host`, `socks5_port`, `socks5_user` and `socks5_password` in any case.
-    #[expect(clippy::arithmetic_side_effects)]
     async fn migrate_socks_config(sql: &Sql) -> Result<()> {
         if sql.get_raw_config("proxy_url").await?.is_none() {
             // Load legacy SOCKS5 settings.
@@ -439,6 +434,8 @@ impl ProxyConfig {
                     "",
                     tcp_stream,
                     &context.tls_session_store,
+                    &context.spki_hash_store,
+                    &context.sql,
                 )
                 .await?;
                 let auth = if let Some((username, password)) = &https_config.user_password {
@@ -565,6 +562,20 @@ mod tests {
                 user_password: None
             })
         );
+
+        let proxy_config = ProxyConfig::from_url("socks5://my-proxy.example.org").unwrap();
+        assert_eq!(
+            proxy_config,
+            ProxyConfig::Socks5(Socks5Config {
+                host: "my-proxy.example.org".to_string(),
+                port: 1080,
+                user_password: None
+            })
+        );
+        assert_eq!(
+            proxy_config.to_url(),
+            "socks5://my-proxy.example.org:1080".to_string()
+        );
     }
 
     #[test]
@@ -598,6 +609,20 @@ mod tests {
                 user_password: None
             })
         );
+
+        let proxy_config = ProxyConfig::from_url("http://my-proxy.example.org").unwrap();
+        assert_eq!(
+            proxy_config,
+            ProxyConfig::Http(HttpConfig {
+                host: "my-proxy.example.org".to_string(),
+                port: 80,
+                user_password: None
+            })
+        );
+        assert_eq!(
+            proxy_config.to_url(),
+            "http://my-proxy.example.org:80".to_string()
+        );
     }
 
     #[test]
@@ -631,6 +656,20 @@ mod tests {
                 user_password: None
             })
         );
+
+        let proxy_config = ProxyConfig::from_url("https://my-proxy.example.org").unwrap();
+        assert_eq!(
+            proxy_config,
+            ProxyConfig::Https(HttpConfig {
+                host: "my-proxy.example.org".to_string(),
+                port: 443,
+                user_password: None
+            })
+        );
+        assert_eq!(
+            proxy_config.to_url(),
+            "https://my-proxy.example.org:443".to_string()
+        );
     }
 
     #[test]

src/net/tls.rs

@@ -6,13 +6,20 @@ use std::sync::Arc;
 use anyhow::Result;
 
 use crate::net::session::SessionStream;
+use crate::sql::Sql;
+use crate::tools::time;
 
 use tokio_rustls::rustls;
 use tokio_rustls::rustls::client::ClientSessionStore;
+use tokio_rustls::rustls::server::ParsedCertificate;
 
 mod danger;
-use danger::NoCertificateVerification;
+use danger::CustomCertificateVerifier;
 
+mod spki;
+pub use spki::SpkiHashStore;
+
+#[expect(clippy::too_many_arguments)]
 pub async fn wrap_tls<'a>(
     strict_tls: bool,
     hostname: &str,
@@ -21,10 +28,21 @@ pub async fn wrap_tls<'a>(
     alpn: &str,
     stream: impl SessionStream + 'static,
     tls_session_store: &TlsSessionStore,
+    spki_hash_store: &SpkiHashStore,
+    sql: &Sql,
 ) -> Result<impl SessionStream + 'a> {
     if strict_tls {
-        let tls_stream =
-            wrap_rustls(hostname, port, use_sni, alpn, stream, tls_session_store).await?;
+        let tls_stream = wrap_rustls(
+            hostname,
+            port,
+            use_sni,
+            alpn,
+            stream,
+            tls_session_store,
+            spki_hash_store,
+            sql,
+        )
+        .await?;
         let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
         Ok(boxed_stream)
     } else {
@@ -94,6 +112,7 @@ impl TlsSessionStore {
     }
 }
 
+#[expect(clippy::too_many_arguments)]
 pub async fn wrap_rustls<'a>(
     hostname: &str,
     port: u16,
@@ -101,9 +120,11 @@ pub async fn wrap_rustls<'a>(
     alpn: &str,
     stream: impl SessionStream + 'a,
     tls_session_store: &TlsSessionStore,
+    spki_hash_store: &SpkiHashStore,
+    sql: &Sql,
 ) -> Result<impl SessionStream + 'a> {
-    let mut root_cert_store = rustls::RootCertStore::empty();
-    root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
+    let root_cert_store =
+        rustls::RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
 
     let mut config = rustls::ClientConfig::builder()
         .with_root_certificates(root_cert_store)
@@ -127,20 +148,28 @@ pub async fn wrap_rustls<'a>(
     config.resumption = resumption;
     config.enable_sni = use_sni;
 
-    // Do not verify certificates for hostnames starting with `_`.
-    // They are used for servers with self-signed certificates, e.g. for local testing.
-    // Hostnames starting with `_` can have only self-signed TLS certificates or wildcard certificates.
-    // It is not possible to get valid non-wildcard TLS certificates because CA/Browser Forum requirements
-    // explicitly state that domains should start with a letter, digit or hyphen:
-    // https://github.com/cabforum/servercert/blob/24f38fd4765e019db8bb1a8c56bf63c7115ce0b0/docs/BR.md
-    if hostname.starts_with("_") {
-        config
-            .dangerous()
-            .set_certificate_verifier(Arc::new(NoCertificateVerification::new()));
-    }
+    config
+        .dangerous()
+        .set_certificate_verifier(Arc::new(CustomCertificateVerifier::new(
+            spki_hash_store.get_spki_hash(hostname, sql).await?,
+        )));
 
     let tls = tokio_rustls::TlsConnector::from(Arc::new(config));
     let name = tokio_rustls::rustls::pki_types::ServerName::try_from(hostname)?.to_owned();
     let tls_stream = tls.connect(name, stream).await?;
+
+    // Successfully connected.
+    // Remember SPKI hash to accept it later if certificate expires.
+    let (_io, client_connection) = tls_stream.get_ref();
+    if let Some(end_entity) = client_connection
+        .peer_certificates()
+        .and_then(|certs| certs.first())
+    {
+        let now = time();
+        let parsed_certificate = ParsedCertificate::try_from(end_entity)?;
+        let spki = parsed_certificate.subject_public_key_info();
+        spki_hash_store.save_spki(hostname, &spki, sql, now).await?;
+    }
+
     Ok(tls_stream)
 }

src/net/tls/danger.rs

@@ -1,26 +1,93 @@
-//! Dangerous TLS implementation of accepting invalid certificates for Rustls.
+//! Custom TLS verification.
+//!
+//! We want to accept expired certificates.
 
+use rustls::RootCertStore;
+use rustls::client::{verify_server_cert_signed_by_trust_anchor, verify_server_name};
 use rustls::pki_types::{CertificateDer, ServerName, UnixTime};
+use rustls::server::ParsedCertificate;
 use tokio_rustls::rustls;
 
-#[derive(Debug)]
-pub(super) struct NoCertificateVerification();
+use crate::net::tls::spki::spki_hash;
 
-impl NoCertificateVerification {
-    pub(super) fn new() -> Self {
-        Self()
+#[derive(Debug)]
+pub(super) struct CustomCertificateVerifier {
+    /// Root certificates.
+    root_cert_store: RootCertStore,
+
+    /// Expected SPKI hash as a base64 of SHA-256.
+    spki_hash: Option<String>,
+}
+
+impl CustomCertificateVerifier {
+    pub(super) fn new(spki_hash: Option<String>) -> Self {
+        let root_cert_store =
+            RootCertStore::from_iter(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
+        Self {
+            root_cert_store,
+            spki_hash,
+        }
     }
 }
 
-impl rustls::client::danger::ServerCertVerifier for NoCertificateVerification {
+impl rustls::client::danger::ServerCertVerifier for CustomCertificateVerifier {
     fn verify_server_cert(
         &self,
-        _end_entity: &CertificateDer<'_>,
-        _intermediates: &[CertificateDer<'_>],
-        _server_name: &ServerName<'_>,
+        end_entity: &CertificateDer<'_>,
+        intermediates: &[CertificateDer<'_>],
+        server_name: &ServerName<'_>,
+        // OCSP is a certificate revocation mechanism that is intentionally ignored.
+        // It is practically not used and is essentially deprecated
+        // in favor of Certificate Revocation Lists.
+        // Let's Encrypt has disabled OCSP responders in 2025:
+        // <https://letsencrypt.org/2025/08/06/ocsp-service-has-reached-end-of-life>.
+        // Theoretically checking of stapled OCSP responses could be implemented,
+        // but it is not interesting to implement it because it is not used
+        // by the servers: <https://github.com/rustls/webpki/issues/217>.
         _ocsp_response: &[u8],
-        _now: UnixTime,
+        now: UnixTime,
     ) -> Result<rustls::client::danger::ServerCertVerified, rustls::Error> {
+        let parsed_certificate = ParsedCertificate::try_from(end_entity)?;
+
+        let spki = parsed_certificate.subject_public_key_info();
+
+        let provider = rustls::crypto::ring::default_provider();
+
+        if let ServerName::DnsName(dns_name) = server_name
+            && dns_name.as_ref().starts_with("_")
+        {
+            // Do not verify certificates for hostnames starting with `_`.
+            // They are used for servers with self-signed certificates, e.g. for local testing.
+            // Hostnames starting with `_` can have only self-signed TLS certificates or wildcard certificates.
+            // It is not possible to get valid non-wildcard TLS certificates because CA/Browser Forum requirements
+            // explicitly state that domains should start with a letter, digit or hyphen:
+            // https://github.com/cabforum/servercert/blob/24f38fd4765e019db8bb1a8c56bf63c7115ce0b0/docs/BR.md
+        } else if let Some(hash) = &self.spki_hash
+            && spki_hash(&spki) == *hash
+        {
+            // Last time we successfully connected to this hostname with TLS checks,
+            // SPKI had this hash.
+            // It does not matter if certificate has now expired.
+        } else {
+            // verify_server_cert_signed_by_trust_anchor does no revocation checking:
+            // <https://docs.rs/rustls/0.23.37/rustls/client/fn.verify_server_cert_signed_by_trust_anchor.html>
+            // We don't do it either.
+            verify_server_cert_signed_by_trust_anchor(
+                &parsed_certificate,
+                &self.root_cert_store,
+                intermediates,
+                now,
+                provider.signature_verification_algorithms.all,
+            )?;
+        }
+
+        // Verify server name unconditionally.
+        //
+        // We do this even for self-signed certificates when hostname starts with `_`
+        // so we don't try to connect to captive portals
+        // and fail on MITM certificates if they are generated once
+        // and reused for all hostnames.
+        verify_server_name(&parsed_certificate, server_name)?;
         Ok(rustls::client::danger::ServerCertVerified::assertion())
     }
 

src/net/tls/spki.rs

@@ -0,0 +1,133 @@
+//! SPKI hash storage.
+//!
+//! We store hashes of Subject Public Key Info from TLS certificates
+//! after successful connection to allow connecting when
+//! server certificate expires as long as the key is not changed.
+
+use std::collections::BTreeMap;
+
+use anyhow::Result;
+use base64::Engine as _;
+use parking_lot::RwLock;
+use sha2::{Digest, Sha256};
+use tokio_rustls::rustls::pki_types::SubjectPublicKeyInfoDer;
+
+use crate::sql::Sql;
+use crate::tools::time;
+
+/// Calculates Subject Public Key Info SHA-256 hash and returns it as base64.
+///
+/// This is the same format as used in <https://www.rfc-editor.org/rfc/rfc7469>.
+/// You can calculate the same hash for any remote host with
+/// ```sh
+/// openssl s_client -connect "$HOST:993" -servername "$HOST" </dev/null 2>/dev/null |
+/// openssl x509 -pubkey -noout |
+/// openssl pkey -pubin -outform der |
+/// openssl dgst -sha256 -binary |
+/// openssl enc -base64
+/// ```
+pub fn spki_hash(spki: &SubjectPublicKeyInfoDer) -> String {
+    let spki_hash = Sha256::digest(spki);
+    base64::engine::general_purpose::STANDARD.encode(spki_hash)
+}
+
+/// Write-through cache for SPKI hashes.
+#[derive(Debug)]
+pub struct SpkiHashStore {
+    /// Map from hostnames to base64 of SHA-256 hashes.
+    pub hash_store: RwLock<BTreeMap<String, String>>,
+}
+
+impl SpkiHashStore {
+    pub fn new() -> Self {
+        Self {
+            hash_store: RwLock::new(BTreeMap::new()),
+        }
+    }
+
+    /// Returns base64 of SPKI hash if we have previously successfully connected to given hostname.
+    pub async fn get_spki_hash(&self, hostname: &str, sql: &Sql) -> Result<Option<String>> {
+        if let Some(hash) = self.hash_store.read().get(hostname).cloned() {
+            return Ok(Some(hash));
+        }
+
+        match sql
+            .query_row_optional(
+                "SELECT spki_hash FROM tls_spki WHERE host=?",
+                (hostname,),
+                |row| {
+                    let spki_hash: String = row.get(0)?;
+                    Ok(spki_hash)
+                },
+            )
+            .await?
+        {
+            Some(hash) => {
+                self.hash_store
+                    .write()
+                    .insert(hostname.to_string(), hash.clone());
+                Ok(Some(hash))
+            }
+            None => Ok(None),
+        }
+    }
+
+    /// Saves SPKI hash after successful connection.
+    pub async fn save_spki(
+        &self,
+        hostname: &str,
+        spki: &SubjectPublicKeyInfoDer<'_>,
+        sql: &Sql,
+        timestamp: i64,
+    ) -> Result<()> {
+        let hash = spki_hash(spki);
+        self.hash_store
+            .write()
+            .insert(hostname.to_string(), hash.clone());
+        sql.execute(
+            "INSERT OR REPLACE INTO tls_spki (host, spki_hash, timestamp) VALUES (?, ?, ?)",
+            (hostname, hash, timestamp),
+        )
+        .await?;
+        Ok(())
+    }
+
+    /// Removes stale entries from SPKI storage.
+    pub async fn cleanup(&self, sql: &Sql) -> Result<()> {
+        let now = time();
+        let removed_hosts = sql
+            .transaction(|transaction| {
+                let mut stmt = transaction
+                    .prepare("DELETE FROM tls_spki WHERE ? > timestamp + ? RETURNING host")?;
+                let mut res = Vec::new();
+                for row in stmt.query_map((now, 30 * 24 * 60 * 60), |row| {
+                    let host: String = row.get(0)?;
+                    Ok(host)
+                })? {
+                    res.push(row?);
+                }
+
+                // Fix timestamps that happen to be in the future
+                // if we had clock set incorrectly when the timestamp was stored.
+                // Otherwise entry may take more than 30 days to expire.
+                transaction.execute(
+                    "UPDATE tls_spki SET timestamp = ?1 WHERE timestamp > ?1",
+                    (now,),
+                )?;
+
+                Ok(res)
+            })
+            .await?;
+
+        let mut lock = self.hash_store.write();
+        for host in removed_hosts {
+            // We may accidentally remove a host that was added
+            // to the cache after SQL query but before we got
+            // the write lock on `hash_store`.
+            // It is unlikely and will only result
+            // in additional SQL query next time.
+            lock.remove(&host);
+        }
+        Ok(())
+    }
+}

src/param.rs

@@ -136,6 +136,10 @@ pub enum Param {
     /// For "MemberAddedToGroup" and "MemberRemovedFromGroup",
     /// this is the fingerprint added to / removed from the group.
     ///
+    /// For messages resent when adding a new member to a broadcast channel,
+    /// this is the fingerprint of the added member;
+    /// the message must only be sent to this one member then.
+    ///
     /// For call messages, this is the end timsetamp.
     Arg4 = b'H',
 

src/pgp.rs

@@ -128,13 +128,7 @@ pub async fn pk_encrypt(
                 hashed.push(Subpacket::critical(SubpacketData::SignatureCreationTime(
                     pgp::types::Timestamp::now(),
                 ))?);
-                // Test "elena" uses old Delta Chat.
-                let skip = private_key_for_signing.dc_fingerprint().hex()
-                    == "B86586B6DEF437D674BFAFC02A6B2EBC633B9E82";
                 for key in &public_keys_for_encryption {
-                    if skip {
-                        break;
-                    }
                     let data = SubpacketData::IntendedRecipientFingerprint(key.fingerprint());
                     let subpkt = match private_key_for_signing.version() < KeyVersion::V6 {
                         true => Subpacket::regular(data)?,
@@ -501,6 +495,35 @@ pub(crate) fn addresses_from_public_key(public_key: &SignedPublicKey) -> Option<
     None
 }
 
+/// Returns true if public key advertises SEIPDv2 feature.
+pub(crate) fn pubkey_supports_seipdv2(public_key: &SignedPublicKey) -> bool {
+    // If any Direct Key Signature or any User ID signature has SEIPDv2 feature,
+    // assume that recipient can handle SEIPDv2.
+    //
+    // Third-party User ID signatures are dropped during certificate merging.
+    // We don't check if the User ID is primary User ID.
+    // Primary User ID is preferred during merging
+    // and if some key has only non-primary User ID
+    // it is acceptable. It is anyway unlikely that SEIPDv2
+    // is advertised in a key without DKS or primary User ID.
+    public_key
+        .details
+        .direct_signatures
+        .iter()
+        .chain(
+            public_key
+                .details
+                .users
+                .iter()
+                .flat_map(|user| user.signatures.iter()),
+        )
+        .any(|signature| {
+            signature
+                .features()
+                .is_some_and(|features| features.seipd_v2())
+        })
+}
+
 #[cfg(test)]
 mod tests {
     use std::sync::LazyLock;

src/plaintext.rs

@@ -24,7 +24,6 @@ pub struct PlainText {
 impl PlainText {
     /// Convert plain text to HTML.
     /// The function handles quotes, links, fixed and floating text paragraphs.
-    #[expect(clippy::arithmetic_side_effects)]
     pub fn to_html(&self) -> String {
         static LINKIFY_MAIL_RE: LazyLock<regex::Regex> =
             LazyLock::new(|| regex::Regex::new(r"\b([\w.\-+]+@[\w.\-]+)\b").unwrap());

src/provider/data.rs

@@ -234,34 +234,6 @@ static P_BLUEWIN_CH: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-// buzon.uy.md: buzon.uy
-static P_BUZON_UY: Provider = Provider {
-    id: "buzon.uy",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "",
-    overview_page: "https://providers.delta.chat/buzon-uy",
-    server: &[
-        Server {
-            protocol: Imap,
-            socket: Starttls,
-            hostname: "mail.buzon.uy",
-            port: 143,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Starttls,
-            hostname: "mail.buzon.uy",
-            port: 587,
-            username_pattern: Email,
-        },
-    ],
-    opt: ProviderOptions::new(),
-    config_defaults: None,
-    oauth2_authorizer: None,
-};
-
 // chello.at.md: chello.at
 static P_CHELLO_AT: Provider = Provider {
     id: "chello.at",
@@ -303,48 +275,6 @@ static P_COMCAST: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-// daleth.cafe.md: daleth.cafe
-static P_DALETH_CAFE: Provider = Provider {
-    id: "daleth.cafe",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "",
-    overview_page: "https://providers.delta.chat/daleth-cafe",
-    server: &[
-        Server {
-            protocol: Imap,
-            socket: Ssl,
-            hostname: "daleth.cafe",
-            port: 993,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Ssl,
-            hostname: "daleth.cafe",
-            port: 465,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Imap,
-            socket: Starttls,
-            hostname: "daleth.cafe",
-            port: 143,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Starttls,
-            hostname: "daleth.cafe",
-            port: 587,
-            username_pattern: Email,
-        },
-    ],
-    opt: ProviderOptions::new(),
-    config_defaults: None,
-    oauth2_authorizer: None,
-};
-
 // dismail.de.md: dismail.de
 static P_DISMAIL_DE: Provider = Provider {
     id: "dismail.de",
@@ -496,22 +426,6 @@ static P_FIREMAIL_DE: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-// five.chat.md: five.chat
-static P_FIVE_CHAT: Provider = Provider {
-    id: "five.chat",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "",
-    overview_page: "https://providers.delta.chat/five-chat",
-    server: &[],
-    opt: ProviderOptions::new(),
-    config_defaults: Some(&[ConfigDefault {
-        key: Config::BccSelf,
-        value: "1",
-    }]),
-    oauth2_authorizer: None,
-};
-
 // freenet.de.md: freenet.de
 static P_FREENET_DE: Provider = Provider {
     id: "freenet.de",
@@ -629,16 +543,10 @@ static P_HERMES_RADIO: Provider = Provider {
         strict_tls: false,
         ..ProviderOptions::new()
     },
-    config_defaults: Some(&[
-        ConfigDefault {
-            key: Config::MdnsEnabled,
-            value: "0",
-        },
-        ConfigDefault {
-            key: Config::ShowEmails,
-            value: "2",
-        },
-    ]),
+    config_defaults: Some(&[ConfigDefault {
+        key: Config::MdnsEnabled,
+        value: "0",
+    }]),
     oauth2_authorizer: None,
 };
 
@@ -919,90 +827,6 @@ static P_MAILO_COM: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-// mehl.cloud.md: mehl.cloud
-static P_MEHL_CLOUD: Provider = Provider {
-    id: "mehl.cloud",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "",
-    overview_page: "https://providers.delta.chat/mehl-cloud",
-    server: &[
-        Server {
-            protocol: Imap,
-            socket: Ssl,
-            hostname: "mehl.cloud",
-            port: 443,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Ssl,
-            hostname: "mehl.cloud",
-            port: 443,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Imap,
-            socket: Ssl,
-            hostname: "mehl.cloud",
-            port: 993,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Ssl,
-            hostname: "mehl.cloud",
-            port: 465,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Imap,
-            socket: Starttls,
-            hostname: "mehl.cloud",
-            port: 143,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Starttls,
-            hostname: "mehl.cloud",
-            port: 587,
-            username_pattern: Email,
-        },
-    ],
-    opt: ProviderOptions::new(),
-    config_defaults: None,
-    oauth2_authorizer: None,
-};
-
-// mehl.store.md: mehl.store, ende.in.net, l2i.top, szh.homes, sls.post.in, ente.quest, ente.cfd, nein.jetzt
-static P_MEHL_STORE: Provider = Provider {
-    id: "mehl.store",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "This account provides 3GB storage for eMails and the possibility to access a NEXTCLOUD-instance by using the email-credits!",
-    overview_page: "https://providers.delta.chat/mehl-store",
-    server: &[
-        Server {
-            protocol: Imap,
-            socket: Ssl,
-            hostname: "mail.ende.in.net",
-            port: 993,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Starttls,
-            hostname: "mail.ende.in.net",
-            port: 587,
-            username_pattern: Email,
-        },
-    ],
-    opt: ProviderOptions::new(),
-    config_defaults: None,
-    oauth2_authorizer: None,
-};
-
 // migadu.md: migadu.com
 static P_MIGADU: Provider = Provider {
     id: "migadu",
@@ -1250,8 +1074,8 @@ static P_OUVATON_COOP: Provider = Provider {
 // posteo.md: posteo.de, posteo.af, posteo.at, posteo.be, posteo.ca, posteo.ch, posteo.cl, posteo.co, posteo.co.uk, posteo.com, posteo.com.br, posteo.cr, posteo.cz, posteo.dk, posteo.ee, posteo.es, posteo.eu, posteo.fi, posteo.gl, posteo.gr, posteo.hn, posteo.hr, posteo.hu, posteo.ie, posteo.in, posteo.is, posteo.it, posteo.jp, posteo.la, posteo.li, posteo.lt, posteo.lu, posteo.me, posteo.mx, posteo.my, posteo.net, posteo.nl, posteo.no, posteo.nz, posteo.org, posteo.pe, posteo.pl, posteo.pm, posteo.pt, posteo.ro, posteo.ru, posteo.se, posteo.sg, posteo.si, posteo.tn, posteo.uk, posteo.us
 static P_POSTEO: Provider = Provider {
     id: "posteo",
-    status: Status::Ok,
-    before_login_hint: "",
+    status: Status::Preparation,
+    before_login_hint: "You must create an app-specific password before you can log in.",
     after_login_hint: "",
     overview_page: "https://providers.delta.chat/posteo",
     server: &[
@@ -1562,51 +1386,6 @@ static P_T_ONLINE: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-// testrun.md: testrun.org
-static P_TESTRUN: Provider = Provider {
-    id: "testrun",
-    status: Status::Ok,
-    before_login_hint: "",
-    after_login_hint: "",
-    overview_page: "https://providers.delta.chat/testrun",
-    server: &[
-        Server {
-            protocol: Imap,
-            socket: Ssl,
-            hostname: "testrun.org",
-            port: 993,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Ssl,
-            hostname: "testrun.org",
-            port: 465,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Imap,
-            socket: Starttls,
-            hostname: "testrun.org",
-            port: 143,
-            username_pattern: Email,
-        },
-        Server {
-            protocol: Smtp,
-            socket: Starttls,
-            hostname: "testrun.org",
-            port: 587,
-            username_pattern: Email,
-        },
-    ],
-    opt: ProviderOptions::new(),
-    config_defaults: Some(&[ConfigDefault {
-        key: Config::BccSelf,
-        value: "1",
-    }]),
-    oauth2_authorizer: None,
-};
-
 // tiscali.it.md: tiscali.it
 static P_TISCALI_IT: Provider = Provider {
     id: "tiscali.it",
@@ -2004,7 +1783,7 @@ static P_ZOHO: Provider = Provider {
     oauth2_authorizer: None,
 };
 
-pub(crate) static PROVIDER_DATA: [(&str, &Provider); 534] = [
+pub(crate) static PROVIDER_DATA: [(&str, &Provider); 521] = [
     ("163.com", &P_163),
     ("aktivix.org", &P_AKTIVIX_ORG),
     ("aliyun.com", &P_ALIYUN),
@@ -2014,11 +1793,9 @@ pub(crate) static PROVIDER_DATA: [(&str, &Provider); 534] = [
     ("delta.blinzeln.de", &P_BLINDZELN_ORG),
     ("delta.blindzeln.org", &P_BLINDZELN_ORG),
     ("bluewin.ch", &P_BLUEWIN_CH),
-    ("buzon.uy", &P_BUZON_UY),
     ("chello.at", &P_CHELLO_AT),
     ("xfinity.com", &P_COMCAST),
     ("comcast.net", &P_COMCAST),
-    ("daleth.cafe", &P_DALETH_CAFE),
     ("dismail.de", &P_DISMAIL_DE),
     ("disroot.org", &P_DISROOT),
     ("e.email", &P_E_EMAIL),
@@ -2145,7 +1922,6 @@ pub(crate) static PROVIDER_DATA: [(&str, &Provider); 534] = [
     ("your-mail.com", &P_FASTMAIL),
     ("firemail.at", &P_FIREMAIL_DE),
     ("firemail.de", &P_FIREMAIL_DE),
-    ("five.chat", &P_FIVE_CHAT),
     ("freenet.de", &P_FREENET_DE),
     ("gmail.com", &P_GMAIL),
     ("googlemail.com", &P_GMAIL),
@@ -2368,15 +2144,6 @@ pub(crate) static PROVIDER_DATA: [(&str, &Provider); 534] = [
     ("mailbox.org", &P_MAILBOX_ORG),
     ("secure.mailbox.org", &P_MAILBOX_ORG),
     ("mailo.com", &P_MAILO_COM),
-    ("mehl.cloud", &P_MEHL_CLOUD),
-    ("mehl.store", &P_MEHL_STORE),
-    ("ende.in.net", &P_MEHL_STORE),
-    ("l2i.top", &P_MEHL_STORE),
-    ("szh.homes", &P_MEHL_STORE),
-    ("sls.post.in", &P_MEHL_STORE),
-    ("ente.quest", &P_MEHL_STORE),
-    ("ente.cfd", &P_MEHL_STORE),
-    ("nein.jetzt", &P_MEHL_STORE),
     ("migadu.com", &P_MIGADU),
     ("nauta.cu", &P_NAUTA_CU),
     ("naver.com", &P_NAVER),
@@ -2469,7 +2236,6 @@ pub(crate) static PROVIDER_DATA: [(&str, &Provider); 534] = [
     ("systemli.org", &P_SYSTEMLI_ORG),
     ("t-online.de", &P_T_ONLINE),
     ("magenta.de", &P_T_ONLINE),
-    ("testrun.org", &P_TESTRUN),
     ("tiscali.it", &P_TISCALI_IT),
     ("tutanota.com", &P_TUTANOTA),
     ("tutanota.de", &P_TUTANOTA),
@@ -2552,10 +2318,8 @@ pub(crate) static PROVIDER_IDS: LazyLock<HashMap<&'static str, &'static Provider
             ("autistici.org", &P_AUTISTICI_ORG),
             ("blindzeln.org", &P_BLINDZELN_ORG),
             ("bluewin.ch", &P_BLUEWIN_CH),
-            ("buzon.uy", &P_BUZON_UY),
             ("chello.at", &P_CHELLO_AT),
             ("comcast", &P_COMCAST),
-            ("daleth.cafe", &P_DALETH_CAFE),
             ("dismail.de", &P_DISMAIL_DE),
             ("disroot", &P_DISROOT),
             ("e.email", &P_E_EMAIL),
@@ -2563,7 +2327,6 @@ pub(crate) static PROVIDER_IDS: LazyLock<HashMap<&'static str, &'static Provider
             ("example.com", &P_EXAMPLE_COM),
             ("fastmail", &P_FASTMAIL),
             ("firemail.de", &P_FIREMAIL_DE),
-            ("five.chat", &P_FIVE_CHAT),
             ("freenet.de", &P_FREENET_DE),
             ("gmail", &P_GMAIL),
             ("gmx.net", &P_GMX_NET),
@@ -2581,8 +2344,6 @@ pub(crate) static PROVIDER_IDS: LazyLock<HashMap<&'static str, &'static Provider
             ("mail2tor", &P_MAIL2TOR),
             ("mailbox.org", &P_MAILBOX_ORG),
             ("mailo.com", &P_MAILO_COM),
-            ("mehl.cloud", &P_MEHL_CLOUD),
-            ("mehl.store", &P_MEHL_STORE),
             ("migadu", &P_MIGADU),
             ("nauta.cu", &P_NAUTA_CU),
             ("naver", &P_NAVER),
@@ -2602,7 +2363,6 @@ pub(crate) static PROVIDER_IDS: LazyLock<HashMap<&'static str, &'static Provider
             ("systemausfall.org", &P_SYSTEMAUSFALL_ORG),
             ("systemli.org", &P_SYSTEMLI_ORG),
             ("t-online", &P_T_ONLINE),
-            ("testrun", &P_TESTRUN),
             ("tiscali.it", &P_TISCALI_IT),
             ("tutanota", &P_TUTANOTA),
             ("ukr.net", &P_UKR_NET),
@@ -2622,4 +2382,4 @@ pub(crate) static PROVIDER_IDS: LazyLock<HashMap<&'static str, &'static Provider
     });
 
 pub static _PROVIDER_UPDATED: LazyLock<chrono::NaiveDate> =
-    LazyLock::new(|| chrono::NaiveDate::from_ymd_opt(2026, 1, 28).unwrap());
+    LazyLock::new(|| chrono::NaiveDate::from_ymd_opt(2026, 4, 21).unwrap());