Phase 3 of the Rust migration: the Rust security bridge is now mandatory
and all TypeScript security fallback implementations have been removed.
- UnifiedEmailServer.start() throws if Rust bridge fails to start
- SpfVerifier gutted to thin wrapper (parseSpfRecord stays in TS)
- DKIMVerifier gutted to thin wrapper delegating to bridge.verifyDkim()
- IPReputationChecker delegates to bridge.checkIpReputation(), keeps LRU cache
- DmarcVerifier keeps alignment logic (works with pre-computed results)
- DKIM signing via bridge.signDkim() in all 4 locations
- Removed mailauth and ip packages from plugins.ts (~1,200 lines deleted)
- Add @git.zone/tsrust with linux_amd64/linux_arm64 cross-compilation
- Scaffold Rust workspace with 5 crates: mailer-core, mailer-smtp, mailer-security, mailer-napi, mailer-bin
- Fix all TypeScript compilation errors for upgraded dependencies (smartfile v13, mailauth v4.13, smartproxy v23)
- Replace smartfile.fs/memory with @push.rocks/smartfs throughout codebase
- Fix .ts import extensions to .js for NodeNext module resolution
- Update DKIMSignOptions usage to match mailauth v4.13 API
- Add MTA error classes with permissive signatures for legacy SMTP client
- Replace removed DcRouter/StorageManager/deliverability imports with local interfaces
