Phase 3 of the Rust migration: the Rust security bridge is now mandatory
and all TypeScript security fallback implementations have been removed.
- UnifiedEmailServer.start() throws if Rust bridge fails to start
- SpfVerifier gutted to thin wrapper (parseSpfRecord stays in TS)
- DKIMVerifier gutted to thin wrapper delegating to bridge.verifyDkim()
- IPReputationChecker delegates to bridge.checkIpReputation(), keeps LRU cache
- DmarcVerifier keeps alignment logic (works with pre-computed results)
- DKIM signing via bridge.signDkim() in all 4 locations
- Removed mailauth and ip packages from plugins.ts (~1,200 lines deleted)
Use addHeader() instead of non-existent setHeader() for security
result headers, and align IBounceDetection with actual Rust struct
fields (bounce_type + category only).
Rust migration Phase 1 — implements real functionality in the previously
stubbed mailer-core and mailer-security crates (38 passing tests).
mailer-core: Email/EmailAddress/Attachment types, RFC 5322 MIME builder,
email format validation with scoring, bounce detection (14 types, 40+
regex patterns), DSN status parsing, retry delay calculation.
mailer-security: DKIM signing (RSA-SHA256) and verification, SPF checking,
DMARC verification with public suffix list, DNSBL IP reputation checking
(10 default servers, parallel queries), all powered by mail-auth 0.7.
mailer-bin: Full CLI with validate/bounce/check-ip/verify-email/dkim-sign
subcommands plus --management mode for smartrust JSON-over-stdin/stdout IPC.
- Add @git.zone/tsrust with linux_amd64/linux_arm64 cross-compilation
- Scaffold Rust workspace with 5 crates: mailer-core, mailer-smtp, mailer-security, mailer-napi, mailer-bin
- Fix all TypeScript compilation errors for upgraded dependencies (smartfile v13, mailauth v4.13, smartproxy v23)
- Replace smartfile.fs/memory with @push.rocks/smartfs throughout codebase
- Fix .ts import extensions to .js for NodeNext module resolution
- Update DKIMSignOptions usage to match mailauth v4.13 API
- Add MTA error classes with permissive signatures for legacy SMTP client
- Replace removed DcRouter/StorageManager/deliverability imports with local interfaces
- Deleted tests for SenderReputationMonitor, IPWarmupManager, and related functionality.
- Removed tests for DcRouter including health status, server statistics, and configuration requests.
- Eliminated tests for protected endpoints and admin login functionality.
- Cleared out tests for socket handler integration and unit tests.
- Removed tests for StorageManager covering memory, filesystem, and custom function backends.
- Added IPReputationChecker class for checking and caching IP reputation scores.
- Introduced IReputationResult interface and ReputationThreshold enum for reputation scoring.
- Implemented DNSBL checks and IP information retrieval within the IP reputation checker.
- Created SecurityLogger class for logging security events with various log levels and event types.
- Defined ISecurityEvent interface for structured logging of security events.
- Updated index.ts to export new classes and types for security module.
feat(email): implement EmailSendJob class for robust email delivery with retry logic and MX record resolution
feat(mail): restructure mail module exports for simplified access to core and delivery functionalities
- Refactored STARTTLS implementation to use Deno's native TLS via Deno.startTls().
- Introduced ConnectionWrapper to provide a Node.js net.Socket-compatible interface for Deno.Conn and Deno.TlsConn.
- Updated TlsHandler to utilize the new STARTTLS implementation.
- Added comprehensive SMTP authentication tests for PLAIN and LOGIN mechanisms.
- Implemented rate limiting tests for SMTP server connections and commands.
- Enhanced error handling and logging throughout the STARTTLS and connection upgrade processes.
- Ported CMD-06 RSET Command tests with 8 passing tests covering transaction resets and recipient clearing.
- Ported SEC-06 IP Reputation tests with 7 passing tests validating infrastructure and legitimate traffic acceptance.
- Ported ERR-01 Syntax Error tests with 10 passing tests for handling invalid commands and syntax errors.
- Updated README files to reflect the new test statuses and coverage.
- Added detailed test cases for handling invalid sequences in ERR-02 tests.
