The Fall release of KumoMTA was only six weeks ago and was one of the largest, with more than 20 enhancements. That sounds like a lot, right? Hold my beer.
Yesterday, we dropped the 2025 Winter release with more than forty (yes, 40!) enhancements and upgrades, including some powerful tools for inter-node message transfer, which has been a request from some of our larger Gold Sponsor customers. Another highly requested change is the inclusion of time handling with nanosecond granularity, along with a special “TimeDelta” object that allows for handling of “durations” in code.
For the "Blue team" security crowd, we have added a number of enhancements to empower email security teams. If you have a process that deconstructs a message into mime_parts, you can then examine any attachments to determine the filetype and handle it appropriately. You can dig into the message DNS with new ptr_host, reverse_ip, and rbl_lookup functions. You can verify the message ARC and seal, as well as the previously released dkim_verify. But my favourite new security addition has to be the mail_auth.check function. This is like a Swiss Army Knife for message authentication, returning DKIM, SPF, SMTP_Auth, DMARC, and ARC data all in a single call. Seriously, can you get any better - or easier - than this?
local check_result = mail_auth.check(msg)
While we are on security, let's talk about the new crypto module. Thanks to @dariomaiocchi for the initial PR#395 to add AES 128/256 encrypt and decrypt functions to the project. This opens many options for handling encrypted data. Another interesting crypto addition came from the need to use AWS V4 signatures when passing data to AWS tools as an IAM user. Thanks to @AdityaAudi for PR#457 that led to adding the aws_sign_v4 function.
One of our built-in testing tools, traffic-gen, now accepts a --header flag to add arbitrary headers to generated messages when simulating traffic. This can be useful for testing queue-specific flows or measuring the latency impacts of custom header manipulation. Thanks to @cristian-porta for working with us on PR #434 to get this done.
HA Proxy fans, this one is for you. The new require_proxy_protocol enables support for the HA Proxy Protocol in the ESMTP listener, allowing it to pass through the received_from and received_via metadata from the proxy. Thanks to @Solvik and @cai-n for the work on PR #440 that enhances interoperability for HA Proxy users at the ESMTP listener.
There are so many more things to be excited over, but we will come back in future posts to discuss string wrapping, response normalizing, and template dialect selection enhancements.
If any of this made your life easier, let us know. We would love to be part of your story.
------------------------------------------------------------------
KumoMTA is the first open-source MTA designed from the ground up for the world's largest commercial senders. We are fueled by Professional Services and Sponsorship revenue.
Join the Discord | Review the Docs | Read the Blog | Grab the Code | Support the team