Event Feed
Stay up to date with axel.tips news, X posts, releases, status incidents, and developer articles.
v2.8.22
- test(imap): relax INITIAL_DB_SIZE assertions for cached DB connections 8f9dd220b - fix(sqlite,ansible): restore DatabaseLRUMap, remove concurrency guard, add IPv6 before6.rules b89856f3e - ch...
v2.8.21
- fix(smtp): prevent exponential delivery duplication and recipient-missing errors ef6ad0387 - fix(smtp): remove expensive getEmailDocBytes pre-save measurement, fix orphaned locks aac868e89 ...
v2.8.20
- fix: prevent stuck locked emails by adding per-task timeout and safety-net unlocks fe6f6e4c6 - Reapply "fix(dav): increase CalDAV/CardDAV timeouts and tighten WSP retry budget" 87363...
v2.8.19
- fix(dav): increase CalDAV/CardDAV timeouts and tighten WSP retry budget 76d52a9be - fix(csp): inject nonce into CSP header on error pages 5b0a2adce - docs(about): add May/June 2026 progress a...
v2.8.18
- docs(about): add May/June 2026 progress and Cure53 security audit 5cbe3c0fc - chore: sync locales 8d11d5267 - feat(docs): add security audit links alongside whitepaper references 7d935e50f ...
v2.8.17
- fix(security): harden FWD-01-002, FWD-01-006, FWD-01-010 audit findings 723516cd9 - fix(backup): preserve actionable error message for custom S3 client failures 84cab808f - fix(bson): prevent...
v2.8.16
- fix: resolve audit findings, S3 backup reliability, CalDAV dedup, APN push, and legacy TLS for IMAP/POP3 7cc7c76d3 - fix: resolve Ubuntu SSO login failure and domain redirect loop 81b777acd -...
v2.8.15
- fix(aliases): fix retention validation for empty form submissions and add API tests b00aca144 --- https://github.com/forwardemail/forwardemail.net/compare/v2.8.14...v2.8.15
v2.8.14
- fix(sieve): preserve List-* headers for discard/filter matching and add per-alias retention 0950deb60 --- https://github.com/forwardemail/forwardemail.net/compare/v2.8.13...v2.8.14
v2.8.13
- feat(api): add push token CRUD, delivery pipeline, and SSRF hardening add3da8a7 - chore: update snapshots 6a4595e96 - fix: allow publickey-credentials-get for self origin in Permissions-Polic...
v2.8.12
- fix(apn): align push payloads with Apple reference implementations and remove duplicate send a8dbf1508 - feat(ci): add gitleaks secret scanning to CI pipeline 71aca8480 - fix(imap): close wsp...
v2.8.11
- fix(docker): add native module build dependencies to builder stage e5f6506fb --- https://github.com/forwardemail/forwardemail.net/compare/v2.8.10...v2.8.11
v2.8.10
- fix(carddav): pre-warm APN Contact cert to ensure push-transports is advertised on first PROPFIND 41e7e2793 - fix: fixed graphic b3efd85f4 - fix(carddav): emit <d:status> before <d:p...
v2.8.9
- fix: revert style-src nonce — breaks Scalar API reference styles a1035e124 - fix: move style-src-attr out of helmet config into nonce middleware cc545b54c --- https://github.com/forwarde...
v2.8.8
- fix(carddav): set DAV header on 207 responses, parse PROPFIND body, return push-transports only when explicitly requested c861fa163 - fix: suppress BSON overflow alerts, harden CSP and Referrer...
v2.8.7
- fix: move SSRF test bypass from isPrivateHost to call sites cae169d56 --- https://github.com/forwardemail/forwardemail.net/compare/v2.8.6...v2.8.7
v2.8.6
- fix: expand compat TLS ciphers, fix SMTP test hang, bypass SSRF in tests db1efdfa7 - fix(carddav): advertise push-transports on principal so iOS shows Push 16eb1a0db - fix: break BSON overflo...
v2.8.5
- fix: harden Redis cache operations in koa-cash config 0c0b4e3dc - fix: guard Emails model against BSON overflow (ERR_OUT_OF_RANGE) 7d63c8202 - fix: return 204 for Chrome DevTools well-known w...
v2.8.4
- fix(security): wire up DNS rebinding SSRF protection, fix ReDoS, and remove conflicting overrides 8204abb12 - fix(carddav): prevent 15s stall per request when APN certs unavailable 57e62a7ae ...
v2.8.3
- fix(security): address 7 vulnerabilities found in comprehensive audit 674de2128 --- https://github.com/forwardemail/forwardemail.net/compare/v2.8.2...v2.8.3
v2.8.2
- fix: CalDAV sync-collection test + CSP nonce hardening ac52d3b66 - fix: prevent BSON overflow crash (ERR_OUT_OF_RANGE) when saving oversized log documents d2a09db4d - fix(api,carddav): API CR...
v2.8.1
- fix(apns): in-memory dedupe of alias.aps[] before APNs dispatch 6388ab6ed - fix(scripts): debug-apns.js use canonical Forward Email bootstrap 55ebb41b9 - fix(dav): set aps.content-available=1...
v2.8.0
- iOS APNs push for CalDAV/CardDAV/IMAP/POP3 + RFC 6638 scheduling, iMIP reply pipeline, and CalDAV sync-collection correctness f60542313 - fix(browser): replace signal-exit shim-to-empty with st...
v2.7.7
- fix: force Launchpad API requests over IPv6 068e563f9 - fix: retry ubuntu membership sync at helper and job levels ca0439639 - fix: classify Abusix Orange bounces as blocklist 9e59d9dab - c...
v2.7.6
- fix: clarify allowlist/denylist UI text for domains, subdomains, and wildcard TLDs 8aeac066c - fix: fixed ci issue 9b3057462 --- https://github.com/forwardemail/forwardemail.net/compare/...
v2.7.5
- fix: exclude banned and removed users from batch job 8ee4e1faa - fix: add duplicate-duration guard to batch job (guard 6) 93a447d8a - fix: add intentional-reset and duplicate-payment guards t...
v2.7.4
- fix: wildcard TLD denylist/allowlist matching using endsWith e7822826c - fix: fixed error handling timeout 53bb0c98f - fix(security): invalidate tokens on email change, OAuth pre-account take...
v2.7.3
- fix(caldav,carddav): unified ICS pipeline, vCard compliance, and sync fixes c96788e30 - feat(smtp): use graduated truth-source thresholds before suspending domains 14aa41cc2 - fix(deploy): mo...
v2.7.2
- fix: CardDAV duplicate prevention and sync reliability 2280f2906 - fix(ci): allow pnpm to build node-snowball for email queue tests 3210cbb17 --- https://github.com/forwardemail/forwarde...
v2.7.1
- fix: fixed ci build 15b582daf - fix(deploy): align pnpm version across pm2 deploy and ansible 0869faf35 - fix: fixed translations 820e01ea0 - fix: fixed usage 10a85ce0b - fix: remove igno...
A Decade of Impact: How Our npm Packages Hit 1 Billion Downloads and Shaped JavaScript
In the JavaScript and Node.js world, some packages are essential—downloaded millions of times daily and powering apps worldwide. Behind these tools are developers focused on open source quality. Today, we're showing how our team helps build and maintain npm packages that have become key parts of the JavaScript ecosystem.
Best Email Spam Protection Filter
Prevent spam, phishing. malware, ad-blocking, pixel trackers, and more for contact forms and mail servers.
Best Mail Server Providers
Comprehensive comparison of VPS and dedicated server providers for hosting mail servers (SMTP servers).
Best Practices for Node.js Logging
Learn more about the best practices, standards, and metadata for Node.js and JavaScript logging.
Best Security Audit Companies
Discover the best security audit companies from our curated and opinionated list of independent cybersecurity research and penetration testing companies.
Building a Privacy-First AI Support Agent with LanceDB & Ollama
Learn how we built a self-hosted AI customer support agent using LanceDB, Ollama, and Node.js. GDPR-compliant, privacy-first, and completely under our control.
Case Study: Gov/Federal Section 889 Email Compliance
Our commitment to government email compliance was recently put into practice when the US Naval Academy approached Forward Email. They required secure email forwarding services and needed documentation confirming our adherence to federal regulations, including Section 889 compliance.
Case Study: How Forward Email Powers Alumni Email Solutions for Top Universities
We've built the world's most secure, private, and flexible email forwarding service for prestigious universities and their alumni.
Case Study: How Ubuntu Powers Email Management with Forward Email's Open-Source Enterprise Solution
Discover how Canonical streamlined email management across Ubuntu, Kubuntu, Lubuntu, and Edubuntu domains using Forward Email's open-source, quantum-resistant enterprise solution with seamless SSO integration.
Case Study: How the Linux Foundation Optimizes Email Management Across 250+ Domains with Forward Email
The Linux Foundation manages over 900 open-source projects across 250+ domains, including linux.com and jQuery.com. This case study explores how they partnered with Forward Email.
Complete Email API with IMAP, CardDAV & CalDAV REST Endpoints
First complete REST API for email management. 20 endpoints for contacts, calendars, messages & folders. No IMAP complexity, simple authentication.
Custom Fonts in Emails
How to use custom fonts in emails without having to use art software.
Email Protocols & RFC Compliance: IMAP, SMTP, POP3 Comparison
Complete guide to email protocols & RFC compliance. Compare IMAP, SMTP, POP3, DKIM, SPF, DMARC, ARC standards. Learn email security, CalDAV, encryption & protocol support across providers.
Email Regex JavaScript and Node.js
Email address regex matching pattern for JavaScript and Node.js. Works in Node v14+ and browsers.
Email Testing for Browsers and iOS Simulator
Test, render, and preview emails automatically with cross-browser mail clients, tools, browsers, and the iOS Simulator.
Forward Email MCP Server - Connect AI to Your Email API
Open-source MCP server for Forward Email. 68 tools covering email, domains, aliases, contacts, calendars, and Sieve scripts. Works with Claude, ChatGPT, Cursor, and Windsurf.
How Email Forwarding Works: The Complete Guide to Forward Email's Service
Explore the technical implementations that make our service one of the most privacy-focused email forwarding solutions available.
How to Optimize Node.js Production Infrastructure: Best Practices
Node.js production deployment best practices from our battle-tested infrastructure that handles millions of requests daily.
Introducing Crypto Payments: Enhanced Privacy for Your Email Service
We now accept cryptocurrency payments through Stripe's crypto payment integration.
Introducing Our Self-Hosted Email Stack
Fully open source, self-hosted email solution that gives you complete control, transparency, and privacy.
JavaScript Contact Forms Node.js
Create and send JavaScript contact forms with Node, React, React Native, Koa, Express, Fastify, and Nodemailer SMTP.
Node.js DNS over HTTPS
How to send a DNS over HTTPS request using Node.js and JavaScript packages.
Node.js Email Templates
Send emails and HTML/CSS templates with Node.js, React, Express, Koa, Nodemailer, and JavaScript with SMTP and developer source code samples, examples, and instructions.
Node.js Job Scheduler
How to schedule jobs for Node.js and JavaScript with cron syntax and more.
Node.js Logging Service
Cabin is the best Node.js and JavaScript logging service and tool.
PayPal's 11-Year API Disaster: Missing Features & Broken Promises
How PayPal ignored 11 years of developer feedback, missing basic subscription APIs, executive turnover, and forcing workarounds. The complete timeline.
Quantum Resistant Email Service
Encrypted quantum resistant mailboxes to protect your privacy. Privacy-focused and secure email for your business and custom domains. 100% open-source software.
Reserved Email Addresses
List of 1250+ generic, admin, mailer-daemon, and no-reply usernames reserved for security concerns.
SQLite Performance Optimization: Production PRAGMA Settings
Complete SQLite optimization guide with real benchmark data. Learn Forward Email's production PRAGMA settings, ChaCha20 encryption, WAL mode tuning, and Node.js performance across versions.
Send React Emails
Send React web app emails with HTML, CSS, and JSX templates, examples, and SMTP production-ready integration.
The Email Startup Graveyard: Why Most Email Companies Fail
Comprehensive analysis of email startup failures. Why most email companies fail, burn millions in VC funding, and shut down. Learn what actually works.
The Trifecta Approach: How Forward Email Built a Bulletproof Payment System with Stripe and PayPal
Learn how our development team integrated both Stripe and PayPal using a trifecta approach that ensures 1:1 real-time accuracy across our entire system.
The Ultimate Guide to Email Privacy Protection: How Forward Email Safeguards Your Communications
We've built the world's most secure, private, and flexible email forwarding service.
URL Regex JavaScript and Node.js
URL regex matching pattern for JavaScript and Node.js. Resolves CVE-2020-7661 and works in Node v10.12.0+ and browsers.
Why Open-Source Email is the Future: Security, Privacy, and Transparency
Explore why open-source email solutions are superior to closed-source alternatives.