Merge branch 'release/v1.22.2'

Release v1.22.2
Chore: Update node dependencies / esbuild
2026-03-09 20:07:02 +00:00 · 2025-02-09 10:10:35 +13:00 · 2025-02-09 10:10:34 +13:00 · 2025-02-09 10:07:54 +13:00 · 2025-02-09 10:00:35 +13:00 · 2025-02-09 09:47:45 +13:00
35 changed files with 2125 additions and 916 deletions
--- a/.github/workflows/close-stale-issues.yml
+++ b/.github/workflows/close-stale-issues.yml
@@ -10,7 +10,7 @@ jobs:
      issues: write
      pull-requests: write
    steps:
-      - uses: actions/stale@v9.0.0
+      - uses: actions/stale@v9.1.0
        with:
          days-before-issue-stale: 7
          days-before-issue-close: 3
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,48 @@

 Notable changes to Mailpit will be documented in this file.

+## [v1.22.2]
+
+### Chore
+- Update node dependencies / esbuild
+- Update Go dependencies
+- Enable browser cache for embedded web UI assets
+- Replace http.FileServer with custom controller to correctly encode gzipped error responses for embed.FS
+
+### Fix
+- Add missing "latest" route to message attachment API endpoint ([#437](https://github.com/axllent/mailpit/issues/437))
+- Remove recursive HTML regeneration in embedded HTML view ([#434](https://github.com/axllent/mailpit/issues/434))
+
+
+## [v1.22.1]
+
+### Feature
+- Add optional query parameter for HTML message iframe embedding ([#434](https://github.com/axllent/mailpit/issues/434))
+- Add optional UI setting to skip "Delete all" & "Mark all read" confirmation dialogs([#428](https://github.com/axllent/mailpit/issues/428))
+
+### Chore
+- Update node dependencies
+- Update Go dependencies
+- Add API CORS policy to HTML preview routes ([#434](https://github.com/axllent/mailpit/issues/434))
+- Bump actions/stale from 9.0.0 to 9.1.0 ([#432](https://github.com/axllent/mailpit/issues/432))
+
+
+## [v1.22.0]
+
+### Feature
+- SMTP auto-forwarding option ([#414](https://github.com/axllent/mailpit/issues/414))
+- Option to override the From email address in SMTP relay configuration ([#414](https://github.com/axllent/mailpit/issues/414))
+- Add Chaos functionality to test integration handling of SMTP error responses ([#402](https://github.com/axllent/mailpit/issues/402), [#110](https://github.com/axllent/mailpit/issues/110), [#144](https://github.com/axllent/mailpit/issues/144) & [#268](https://github.com/axllent/mailpit/issues/268))
+
+### Chore
+- Update node dependencies
+- Update Go dependencies
+
+### Fix
+- Update command `npm run update-caniemail` save path ([#422](https://github.com/axllent/mailpit/issues/422))
+- Correct date formatting in TestMakeHeaders
+
+
 ## [v1.21.8]

 ### Chore
--- a/README.md
+++ b/README.md
@@ -46,8 +46,10 @@ including image thumbnails), including optional [HTTPS](https://mailpit.axllent.
 - Mobile and tablet HTML preview toggle in desktop mode
 - [Message tagging](https://mailpit.axllent.org/docs/usage/tagging/) including manual tagging or automated tagging using filtering and "plus addressing"
 - [SMTP relaying](https://mailpit.axllent.org/docs/configuration/smtp-relay/) (message release) - relay messages via a different SMTP server including an optional allowlist of accepted recipients
+- [SMTP forwarding](https://mailpit.axllent.org/docs/configuration/smtp-forward/) - automatically forward messages via a different SMTP server to predefined email addresses
 - Fast message [storing & processing](https://mailpit.axllent.org/docs/configuration/email-storage/) - ingesting 100-200 emails per second over SMTP depending on CPU, network speed & email size,
 easily handling tens of thousands of emails, with automatic email pruning (by default keeping the most recent 500 emails)
+- [Chaos](https://mailpit.axllent.org/docs/integration/chaos/) feature to enable configurable SMTP errors to test application resilience
 - `List-Unsubscribe` syntax validation
 - Optional [webhook](https://mailpit.axllent.org/docs/integration/webhook/) for received messages

--- a/cmd/root.go
+++ b/cmd/root.go
@@ -10,6 +10,7 @@ import (
 	"github.com/axllent/mailpit/internal/auth"
 	"github.com/axllent/mailpit/internal/logger"
 	"github.com/axllent/mailpit/internal/smtpd"
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
 	"github.com/axllent/mailpit/internal/storage"
 	"github.com/axllent/mailpit/internal/tools"
 	"github.com/axllent/mailpit/server"
@@ -122,6 +123,13 @@ func init() {
 	rootCmd.Flags().BoolVar(&config.SMTPRelayAll, "smtp-relay-all", config.SMTPRelayAll, "Auto-relay all new messages via external SMTP server (caution!)")
 	rootCmd.Flags().StringVar(&config.SMTPRelayMatching, "smtp-relay-matching", config.SMTPRelayMatching, "Auto-relay new messages to only matching recipients (regular expression)")

+	// SMTP forwarding
+	rootCmd.Flags().StringVar(&config.SMTPForwardConfigFile, "smtp-forward-config", config.SMTPForwardConfigFile, "SMTP forwarding configuration file for all messages")
+
+	// Chaos
+	rootCmd.Flags().BoolVar(&chaos.Enabled, "enable-chaos", chaos.Enabled, "Enable Chaos functionality (API / web UI)")
+	rootCmd.Flags().StringVar(&config.ChaosTriggers, "chaos-triggers", config.ChaosTriggers, "Enable Chaos & set the triggers for SMTP server")
+
 	// POP3 server
 	rootCmd.Flags().StringVar(&config.POP3Listen, "pop3", config.POP3Listen, "POP3 server bind interface and port")
 	rootCmd.Flags().StringVar(&config.POP3AuthFile, "pop3-auth-file", config.POP3AuthFile, "A password file for POP3 server authentication (enables POP3 server)")
@@ -208,7 +216,7 @@ func initConfigFromEnv() {
 	}
 	config.UIAuthFile = os.Getenv("MP_UI_AUTH_FILE")
 	if err := auth.SetUIAuth(os.Getenv("MP_UI_AUTH")); err != nil {
-		logger.Log().Errorf(err.Error())
+		logger.Log().Error(err.Error())
 	}
 	config.UITLSCert = os.Getenv("MP_UI_TLS_CERT")
 	config.UITLSKey = os.Getenv("MP_UI_TLS_KEY")
@@ -231,7 +239,7 @@ func initConfigFromEnv() {
 	}
 	config.SMTPAuthFile = os.Getenv("MP_SMTP_AUTH_FILE")
 	if err := auth.SetSMTPAuth(os.Getenv("MP_SMTP_AUTH")); err != nil {
-		logger.Log().Errorf(err.Error())
+		logger.Log().Error(err.Error())
 	}
 	if getEnabledFromEnv("MP_SMTP_AUTH_ACCEPT_ANY") {
 		config.SMTPAuthAcceptAny = true
@@ -278,16 +286,38 @@ func initConfigFromEnv() {
 	config.SMTPRelayConfig.Password = os.Getenv("MP_SMTP_RELAY_PASSWORD")
 	config.SMTPRelayConfig.Secret = os.Getenv("MP_SMTP_RELAY_SECRET")
 	config.SMTPRelayConfig.ReturnPath = os.Getenv("MP_SMTP_RELAY_RETURN_PATH")
+	config.SMTPRelayConfig.OverrideFrom = os.Getenv("MP_SMTP_RELAY_OVERRIDE_FROM")
 	config.SMTPRelayConfig.AllowedRecipients = os.Getenv("MP_SMTP_RELAY_ALLOWED_RECIPIENTS")
 	config.SMTPRelayConfig.BlockedRecipients = os.Getenv("MP_SMTP_RELAY_BLOCKED_RECIPIENTS")

+	// SMTP forwarding
+	config.SMTPForwardConfigFile = os.Getenv("MP_SMTP_FORWARD_CONFIG")
+	config.SMTPForwardConfig = config.SMTPForwardConfigStruct{}
+	config.SMTPForwardConfig.Host = os.Getenv("MP_SMTP_FORWARD_HOST")
+	if len(os.Getenv("MP_SMTP_FORWARD_PORT")) > 0 {
+		config.SMTPForwardConfig.Port, _ = strconv.Atoi(os.Getenv("MP_SMTP_FORWARD_PORT"))
+	}
+	config.SMTPForwardConfig.STARTTLS = getEnabledFromEnv("MP_SMTP_FORWARD_STARTTLS")
+	config.SMTPForwardConfig.AllowInsecure = getEnabledFromEnv("MP_SMTP_FORWARD_ALLOW_INSECURE")
+	config.SMTPForwardConfig.Auth = os.Getenv("MP_SMTP_FORWARD_AUTH")
+	config.SMTPForwardConfig.Username = os.Getenv("MP_SMTP_FORWARD_USERNAME")
+	config.SMTPForwardConfig.Password = os.Getenv("MP_SMTP_FORWARD_PASSWORD")
+	config.SMTPForwardConfig.Secret = os.Getenv("MP_SMTP_FORWARD_SECRET")
+	config.SMTPForwardConfig.ReturnPath = os.Getenv("MP_SMTP_FORWARD_RETURN_PATH")
+	config.SMTPForwardConfig.OverrideFrom = os.Getenv("MP_SMTP_FORWARD_OVERRIDE_FROM")
+	config.SMTPForwardConfig.To = os.Getenv("MP_SMTP_FORWARD_TO")
+
+	// Chaos
+	chaos.Enabled = getEnabledFromEnv("MP_ENABLE_CHAOS")
+	config.ChaosTriggers = os.Getenv("MP_CHAOS_TRIGGERS")
+
 	// POP3 server
 	if len(os.Getenv("MP_POP3_BIND_ADDR")) > 0 {
 		config.POP3Listen = os.Getenv("MP_POP3_BIND_ADDR")
 	}
 	config.POP3AuthFile = os.Getenv("MP_POP3_AUTH_FILE")
 	if err := auth.SetPOP3Auth(os.Getenv("MP_POP3_AUTH")); err != nil {
-		logger.Log().Errorf(err.Error())
+		logger.Log().Error(err.Error())
 	}
 	config.POP3TLSCert = os.Getenv("MP_POP3_TLS_CERT")
 	config.POP3TLSKey = os.Getenv("MP_POP3_TLS_KEY")
--- a/config/config.go
+++ b/config/config.go
@@ -5,19 +5,17 @@ import (
 	"errors"
 	"fmt"
 	"net"
-	"net/url"
 	"os"
 	"path"
 	"path/filepath"
 	"regexp"
-	"strconv"
 	"strings"

 	"github.com/axllent/mailpit/internal/auth"
 	"github.com/axllent/mailpit/internal/logger"
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
 	"github.com/axllent/mailpit/internal/spamassassin"
 	"github.com/axllent/mailpit/internal/tools"
-	"gopkg.in/yaml.v3"
 )

 var (
@@ -114,22 +112,12 @@ var (
 	// including x-tags & plus-addresses
 	TagsDisable string

-	// SMTPRelayConfigFile to parse a yaml file and store config of relay SMTP server
+	// SMTPRelayConfigFile to parse a yaml file and store config of the relay SMTP server
 	SMTPRelayConfigFile string

-	// SMTPRelayConfig to parse a yaml file and store config of relay SMTP server
+	// SMTPRelayConfig to parse a yaml file and store config of the the relay SMTP server
 	SMTPRelayConfig SMTPRelayConfigStruct

-	// SMTPStrictRFCHeaders will return an error if the email headers contain <CR><CR><LF> (\r\r\n)
-	// @see https://github.com/axllent/mailpit/issues/87 & https://github.com/axllent/mailpit/issues/153
-	SMTPStrictRFCHeaders bool
-
-	// SMTPAllowedRecipients if set, will only accept recipients matching this regular expression
-	SMTPAllowedRecipients string
-
-	// SMTPAllowedRecipientsRegexp is the compiled version of SMTPAllowedRecipients
-	SMTPAllowedRecipientsRegexp *regexp.Regexp
-
 	// ReleaseEnabled is whether message releases are enabled, requires a valid SMTPRelayConfigFile
 	ReleaseEnabled = false

@@ -143,6 +131,22 @@ var (
 	// SMTPRelayMatchingRegexp is the compiled version of SMTPRelayMatching
 	SMTPRelayMatchingRegexp *regexp.Regexp

+	// SMTPForwardConfigFile to parse a yaml file and store config of the forwarding SMTP server
+	SMTPForwardConfigFile string
+
+	// SMTPForwardConfig to parse a yaml file and store config of the forwarding SMTP server
+	SMTPForwardConfig SMTPForwardConfigStruct
+
+	// SMTPStrictRFCHeaders will return an error if the email headers contain <CR><CR><LF> (\r\r\n)
+	// @see https://github.com/axllent/mailpit/issues/87 & https://github.com/axllent/mailpit/issues/153
+	SMTPStrictRFCHeaders bool
+
+	// SMTPAllowedRecipients if set, will only accept recipients matching this regular expression
+	SMTPAllowedRecipients string
+
+	// SMTPAllowedRecipientsRegexp is the compiled version of SMTPAllowedRecipients
+	SMTPAllowedRecipientsRegexp *regexp.Regexp
+
 	// POP3Listen address - if set then Mailpit will start the POP3 server and listen on this address
 	POP3Listen = "[::]:1110"

@@ -176,6 +180,9 @@ var (
 	// RepoBinaryName on Github for updater
 	RepoBinaryName = "mailpit"

+	// ChaosTriggers are parsed and set in the chaos module
+	ChaosTriggers string
+
 	// DisableHTMLCheck DEPRECATED 2024/04/13 - kept here to display console warning only
 	DisableHTMLCheck = false

@@ -200,6 +207,7 @@ type SMTPRelayConfigStruct struct {
 	Password                string         `yaml:"password"`           // plain
 	Secret                  string         `yaml:"secret"`             // cram-md5
 	ReturnPath              string         `yaml:"return-path"`        // allow overriding the bounce address
+	OverrideFrom            string         `yaml:"override-from"`      // allow overriding of the from address
 	AllowedRecipients       string         `yaml:"allowed-recipients"` // regex, if set needs to match for mails to be relayed
 	AllowedRecipientsRegexp *regexp.Regexp // compiled regexp using AllowedRecipients
 	BlockedRecipients       string         `yaml:"blocked-recipients"` // regex, if set prevents relating to these addresses
@@ -209,6 +217,21 @@ type SMTPRelayConfigStruct struct {
 	RecipientAllowlist string `yaml:"recipient-allowlist"`
 }

+// SMTPForwardConfigStruct struct for parsing yaml & storing variables
+type SMTPForwardConfigStruct struct {
+	To            string `yaml:"to"`             // comma-separated list of email addresses
+	Host          string `yaml:"host"`           // SMTP host
+	Port          int    `yaml:"port"`           // SMTP port
+	STARTTLS      bool   `yaml:"starttls"`       // whether to use STARTTLS
+	AllowInsecure bool   `yaml:"allow-insecure"` // allow insecure authentication
+	Auth          string `yaml:"auth"`           // none, plain, login, cram-md5
+	Username      string `yaml:"username"`       // plain & cram-md5
+	Password      string `yaml:"password"`       // plain
+	Secret        string `yaml:"secret"`         // cram-md5
+	ReturnPath    string `yaml:"return-path"`    // allow overriding the bounce address
+	OverrideFrom  string `yaml:"override-from"`  // allow overriding of the from address
+}
+
 // VerifyConfig wil do some basic checking
 func VerifyConfig() error {
 	cssFontRestriction := "*"
@@ -344,6 +367,14 @@ func VerifyConfig() error {
 		return errors.New("[smtp] authentication requires STARTTLS or TLS encryption, run with `--smtp-auth-allow-insecure` to allow insecure authentication")
 	}

+	if err := parseChaosTriggers(); err != nil {
+		return fmt.Errorf("[chaos] %s", err.Error())
+	}
+
+	if chaos.Enabled {
+		logger.Log().Info("[chaos] is enabled")
+	}
+
 	// POP3 server
 	if POP3TLSCert != "" {
 		POP3TLSCert = filepath.Clean(POP3TLSCert)
@@ -465,6 +496,15 @@ func VerifyConfig() error {
 		logger.Log().Warnf("[relay] auto-relaying all new messages via %s:%d", SMTPRelayConfig.Host, SMTPRelayConfig.Port)
 	}

+	if err := parseForwardConfig(SMTPForwardConfigFile); err != nil {
+		return err
+	}
+
+	// separate forwarding config validation to account for environment variables
+	if err := validateForwardConfig(); err != nil {
+		return err
+	}
+
 	if DemoMode {
 		MaxMessages = 1000
 		// this deserves a warning
@@ -473,171 +513,3 @@ func VerifyConfig() error {

 	return nil
 }
-
-// Parse the --max-age value (if set)
-func parseMaxAge() error {
-	if MaxAge == "" {
-		return nil
-	}
-
-	re := regexp.MustCompile(`^\d+(h|d)$`)
-	if !re.MatchString(MaxAge) {
-		return fmt.Errorf("max-age must be either <int>h for hours or <int>d for days: %s", MaxAge)
-	}
-
-	if strings.HasSuffix(MaxAge, "h") {
-		hours, err := strconv.Atoi(strings.TrimSuffix(MaxAge, "h"))
-		if err != nil {
-			return err
-		}
-
-		MaxAgeInHours = hours
-
-		return nil
-	}
-
-	days, err := strconv.Atoi(strings.TrimSuffix(MaxAge, "d"))
-	if err != nil {
-		return err
-	}
-
-	logger.Log().Debugf("[db] auto-deleting messages older than %s", MaxAge)
-
-	MaxAgeInHours = days * 24
-	return nil
-}
-
-// Parse the SMTPRelayConfigFile (if set)
-func parseRelayConfig(c string) error {
-	if c == "" {
-		return nil
-	}
-
-	c = filepath.Clean(c)
-
-	if !isFile(c) {
-		return fmt.Errorf("[smtp] relay configuration not found or readable: %s", c)
-	}
-
-	data, err := os.ReadFile(c)
-	if err != nil {
-		return err
-	}
-
-	if err := yaml.Unmarshal(data, &SMTPRelayConfig); err != nil {
-		return err
-	}
-
-	if SMTPRelayConfig.Host == "" {
-		return errors.New("[smtp] relay host not set")
-	}
-
-	// DEPRECATED 2024/03/12
-	if SMTPRelayConfig.RecipientAllowlist != "" {
-		logger.Log().Warn("[smtp] relay 'recipient-allowlist' is deprecated, use 'allowed-recipients' instead")
-		if SMTPRelayConfig.AllowedRecipients == "" {
-			SMTPRelayConfig.AllowedRecipients = SMTPRelayConfig.RecipientAllowlist
-		}
-	}
-
-	return nil
-}
-
-// Validate the SMTPRelayConfig (if Host is set)
-func validateRelayConfig() error {
-	if SMTPRelayConfig.Host == "" {
-		return nil
-	}
-
-	if SMTPRelayConfig.Port == 0 {
-		SMTPRelayConfig.Port = 25 // default
-	}
-
-	SMTPRelayConfig.Auth = strings.ToLower(SMTPRelayConfig.Auth)
-
-	if SMTPRelayConfig.Auth == "" || SMTPRelayConfig.Auth == "none" || SMTPRelayConfig.Auth == "false" {
-		SMTPRelayConfig.Auth = "none"
-	} else if SMTPRelayConfig.Auth == "plain" {
-		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
-			return fmt.Errorf("[smtp] relay host username or password not set for PLAIN authentication")
-		}
-	} else if SMTPRelayConfig.Auth == "login" {
-		SMTPRelayConfig.Auth = "login"
-		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
-			return fmt.Errorf("[smtp] relay host username or password not set for LOGIN authentication")
-		}
-	} else if strings.HasPrefix(SMTPRelayConfig.Auth, "cram") {
-		SMTPRelayConfig.Auth = "cram-md5"
-		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Secret == "" {
-			return fmt.Errorf("[smtp] relay host username or secret not set for CRAM-MD5 authentication")
-		}
-	} else {
-		return fmt.Errorf("[smtp] relay authentication method not supported: %s", SMTPRelayConfig.Auth)
-	}
-
-	ReleaseEnabled = true
-
-	logger.Log().Infof("[smtp] enabling message relaying via %s:%d", SMTPRelayConfig.Host, SMTPRelayConfig.Port)
-
-	if SMTPRelayConfig.AllowedRecipients != "" {
-		re, err := regexp.Compile(SMTPRelayConfig.AllowedRecipients)
-		if err != nil {
-			return fmt.Errorf("[smtp] failed to compile relay recipient allowlist regexp: %s", err.Error())
-		}
-
-		SMTPRelayConfig.AllowedRecipientsRegexp = re
-		logger.Log().Infof("[smtp] relay recipient allowlist is active with the following regexp: %s", SMTPRelayConfig.AllowedRecipients)
-	}
-
-	if SMTPRelayConfig.BlockedRecipients != "" {
-		re, err := regexp.Compile(SMTPRelayConfig.BlockedRecipients)
-		if err != nil {
-			return fmt.Errorf("[smtp] failed to compile relay recipient blocklist regexp: %s", err.Error())
-		}
-
-		SMTPRelayConfig.BlockedRecipientsRegexp = re
-		logger.Log().Infof("[smtp] relay recipient blocklist is active with the following regexp: %s", SMTPRelayConfig.BlockedRecipients)
-	}
-
-	return nil
-}
-
-// IsFile returns whether a file exists and is readable
-func isFile(path string) bool {
-	f, err := os.Open(filepath.Clean(path))
-	defer f.Close()
-	return err == nil
-}
-
-// IsDir returns whether a path is a directory
-func isDir(path string) bool {
-	info, err := os.Stat(path)
-	if err != nil || os.IsNotExist(err) || !info.IsDir() {
-		return false
-	}
-
-	return true
-}
-
-func isValidURL(s string) bool {
-	u, err := url.ParseRequestURI(s)
-	if err != nil {
-		return false
-	}
-
-	return strings.HasPrefix(u.Scheme, "http")
-}
-
-// DBTenantID converts a tenant ID to a DB-friendly value if set
-func DBTenantID(s string) string {
-	s = tools.Normalize(s)
-	if s != "" {
-		re := regexp.MustCompile(`[^a-zA-Z0-9\_]`)
-		s = re.ReplaceAllString(s, "_")
-		if !strings.HasSuffix(s, "_") {
-			s = s + "_"
-		}
-	}
-
-	return s
-}
--- a/config/utils.go
+++ b/config/utils.go
@@ -0,0 +1,51 @@
+package config
+
+import (
+	"net/url"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+
+	"github.com/axllent/mailpit/internal/tools"
+)
+
+// IsFile returns whether a file exists and is readable
+func isFile(path string) bool {
+	f, err := os.Open(filepath.Clean(path))
+	defer f.Close()
+	return err == nil
+}
+
+// IsDir returns whether a path is a directory
+func isDir(path string) bool {
+	info, err := os.Stat(path)
+	if err != nil || os.IsNotExist(err) || !info.IsDir() {
+		return false
+	}
+
+	return true
+}
+
+func isValidURL(s string) bool {
+	u, err := url.ParseRequestURI(s)
+	if err != nil {
+		return false
+	}
+
+	return strings.HasPrefix(u.Scheme, "http")
+}
+
+// DBTenantID converts a tenant ID to a DB-friendly value if set
+func DBTenantID(s string) string {
+	s = tools.Normalize(s)
+	if s != "" {
+		re := regexp.MustCompile(`[^a-zA-Z0-9\_]`)
+		s = re.ReplaceAllString(s, "_")
+		if !strings.HasSuffix(s, "_") {
+			s = s + "_"
+		}
+	}
+
+	return s
+}
--- a/config/validators.go
+++ b/config/validators.go
@@ -0,0 +1,282 @@
+package config
+
+import (
+	"errors"
+	"fmt"
+	"net/mail"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strconv"
+	"strings"
+
+	"github.com/axllent/mailpit/internal/logger"
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
+	"gopkg.in/yaml.v3"
+)
+
+// Parse the --max-age value (if set)
+func parseMaxAge() error {
+	if MaxAge == "" {
+		return nil
+	}
+
+	re := regexp.MustCompile(`^\d+(h|d)$`)
+	if !re.MatchString(MaxAge) {
+		return fmt.Errorf("max-age must be either <int>h for hours or <int>d for days: %s", MaxAge)
+	}
+
+	if strings.HasSuffix(MaxAge, "h") {
+		hours, err := strconv.Atoi(strings.TrimSuffix(MaxAge, "h"))
+		if err != nil {
+			return err
+		}
+
+		MaxAgeInHours = hours
+
+		return nil
+	}
+
+	days, err := strconv.Atoi(strings.TrimSuffix(MaxAge, "d"))
+	if err != nil {
+		return err
+	}
+
+	logger.Log().Debugf("[db] auto-deleting messages older than %s", MaxAge)
+
+	MaxAgeInHours = days * 24
+	return nil
+}
+
+// Parse the SMTPRelayConfigFile (if set)
+func parseRelayConfig(c string) error {
+	if c == "" {
+		return nil
+	}
+
+	c = filepath.Clean(c)
+
+	if !isFile(c) {
+		return fmt.Errorf("[relay] configuration not found or readable: %s", c)
+	}
+
+	data, err := os.ReadFile(c)
+	if err != nil {
+		return err
+	}
+
+	if err := yaml.Unmarshal(data, &SMTPRelayConfig); err != nil {
+		return err
+	}
+
+	if SMTPRelayConfig.Host == "" {
+		return errors.New("[relay] host not set")
+	}
+
+	// DEPRECATED 2024/03/12
+	if SMTPRelayConfig.RecipientAllowlist != "" {
+		logger.Log().Warn("[relay] 'recipient-allowlist' is deprecated, use 'allowed-recipients' instead")
+		if SMTPRelayConfig.AllowedRecipients == "" {
+			SMTPRelayConfig.AllowedRecipients = SMTPRelayConfig.RecipientAllowlist
+		}
+	}
+
+	return nil
+}
+
+// Validate the SMTPRelayConfig (if Host is set)
+func validateRelayConfig() error {
+	if SMTPRelayConfig.Host == "" {
+		return nil
+	}
+
+	if SMTPRelayConfig.Port == 0 {
+		SMTPRelayConfig.Port = 25 // default
+	}
+
+	SMTPRelayConfig.Auth = strings.ToLower(SMTPRelayConfig.Auth)
+
+	if SMTPRelayConfig.Auth == "" || SMTPRelayConfig.Auth == "none" || SMTPRelayConfig.Auth == "false" {
+		SMTPRelayConfig.Auth = "none"
+	} else if SMTPRelayConfig.Auth == "plain" {
+		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
+			return fmt.Errorf("[relay] host username or password not set for PLAIN authentication")
+		}
+	} else if SMTPRelayConfig.Auth == "login" {
+		SMTPRelayConfig.Auth = "login"
+		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Password == "" {
+			return fmt.Errorf("[relay] host username or password not set for LOGIN authentication")
+		}
+	} else if strings.HasPrefix(SMTPRelayConfig.Auth, "cram") {
+		SMTPRelayConfig.Auth = "cram-md5"
+		if SMTPRelayConfig.Username == "" || SMTPRelayConfig.Secret == "" {
+			return fmt.Errorf("[relay] host username or secret not set for CRAM-MD5 authentication")
+		}
+	} else {
+		return fmt.Errorf("[relay] authentication method not supported: %s", SMTPRelayConfig.Auth)
+	}
+
+	if SMTPRelayConfig.AllowedRecipients != "" {
+		re, err := regexp.Compile(SMTPRelayConfig.AllowedRecipients)
+		if err != nil {
+			return fmt.Errorf("[relay] failed to compile recipient allowlist regexp: %s", err.Error())
+		}
+
+		SMTPRelayConfig.AllowedRecipientsRegexp = re
+		logger.Log().Infof("[relay] recipient allowlist is active with the following regexp: %s", SMTPRelayConfig.AllowedRecipients)
+	}
+
+	if SMTPRelayConfig.BlockedRecipients != "" {
+		re, err := regexp.Compile(SMTPRelayConfig.BlockedRecipients)
+		if err != nil {
+			return fmt.Errorf("[relay] failed to compile recipient blocklist regexp: %s", err.Error())
+		}
+
+		SMTPRelayConfig.BlockedRecipientsRegexp = re
+		logger.Log().Infof("[relay] recipient blocklist is active with the following regexp: %s", SMTPRelayConfig.BlockedRecipients)
+	}
+
+	if SMTPRelayConfig.OverrideFrom != "" {
+		m, err := mail.ParseAddress(SMTPRelayConfig.OverrideFrom)
+		if err != nil {
+			return fmt.Errorf("[relay] override-from is not a valid email address: %s", SMTPRelayConfig.OverrideFrom)
+		}
+
+		SMTPRelayConfig.OverrideFrom = m.Address
+	}
+
+	ReleaseEnabled = true
+
+	logger.Log().Infof("[relay] enabling message relaying via %s:%d", SMTPRelayConfig.Host, SMTPRelayConfig.Port)
+
+	return nil
+}
+
+// Parse the SMTPForwardConfigFile (if set)
+func parseForwardConfig(c string) error {
+	if c == "" {
+		return nil
+	}
+
+	c = filepath.Clean(c)
+
+	if !isFile(c) {
+		return fmt.Errorf("[forward] configuration not found or readable: %s", c)
+	}
+
+	data, err := os.ReadFile(c)
+	if err != nil {
+		return err
+	}
+
+	if err := yaml.Unmarshal(data, &SMTPForwardConfig); err != nil {
+		return err
+	}
+
+	if SMTPForwardConfig.Host == "" {
+		return errors.New("[forward] host not set")
+	}
+
+	return nil
+}
+
+// Validate the SMTPForwardConfig (if Host is set)
+func validateForwardConfig() error {
+	if SMTPForwardConfig.Host == "" {
+		return nil
+	}
+
+	if SMTPForwardConfig.Port == 0 {
+		SMTPForwardConfig.Port = 25 // default
+	}
+
+	SMTPForwardConfig.Auth = strings.ToLower(SMTPForwardConfig.Auth)
+
+	if SMTPForwardConfig.Auth == "" || SMTPForwardConfig.Auth == "none" || SMTPForwardConfig.Auth == "false" {
+		SMTPForwardConfig.Auth = "none"
+	} else if SMTPForwardConfig.Auth == "plain" {
+		if SMTPForwardConfig.Username == "" || SMTPForwardConfig.Password == "" {
+			return fmt.Errorf("[forward] host username or password not set for PLAIN authentication")
+		}
+	} else if SMTPForwardConfig.Auth == "login" {
+		SMTPForwardConfig.Auth = "login"
+		if SMTPForwardConfig.Username == "" || SMTPForwardConfig.Password == "" {
+			return fmt.Errorf("[forward] host username or password not set for LOGIN authentication")
+		}
+	} else if strings.HasPrefix(SMTPForwardConfig.Auth, "cram") {
+		SMTPForwardConfig.Auth = "cram-md5"
+		if SMTPForwardConfig.Username == "" || SMTPForwardConfig.Secret == "" {
+			return fmt.Errorf("[forward] host username or secret not set for CRAM-MD5 authentication")
+		}
+	} else {
+		return fmt.Errorf("[forward] authentication method not supported: %s", SMTPForwardConfig.Auth)
+	}
+
+	if SMTPForwardConfig.To == "" {
+		return errors.New("[forward] To addresses missing")
+	}
+
+	to := []string{}
+	addresses := strings.Split(SMTPForwardConfig.To, ",")
+	for _, a := range addresses {
+		a = strings.TrimSpace(a)
+		m, err := mail.ParseAddress(a)
+		if err != nil {
+			return fmt.Errorf("[forward] To address is not a valid email address: %s", a)
+		}
+		to = append(to, m.Address)
+	}
+
+	if len(to) == 0 {
+		return errors.New("[forward] no valid To addresses found")
+	}
+
+	// overwrite the To field with the cleaned up list
+	SMTPForwardConfig.To = strings.Join(to, ",")
+
+	if SMTPForwardConfig.OverrideFrom != "" {
+		m, err := mail.ParseAddress(SMTPForwardConfig.OverrideFrom)
+		if err != nil {
+			return fmt.Errorf("[forward] override-from is not a valid email address: %s", SMTPForwardConfig.OverrideFrom)
+		}
+
+		SMTPForwardConfig.OverrideFrom = m.Address
+	}
+
+	logger.Log().Infof("[forward] enabling message forwarding to %s via %s:%d", SMTPForwardConfig.To, SMTPForwardConfig.Host, SMTPForwardConfig.Port)
+
+	return nil
+}
+
+func parseChaosTriggers() error {
+	if ChaosTriggers == "" {
+		return nil
+	}
+
+	re := regexp.MustCompile(`^([a-zA-Z0-0]+):(\d\d\d):(\d+(\.\d)?)$`)
+
+	parts := strings.Split(ChaosTriggers, ",")
+	for _, p := range parts {
+		p = strings.TrimSpace(p)
+		if !re.MatchString(p) {
+			return fmt.Errorf("invalid argument: %s", p)
+		}
+
+		matches := re.FindAllStringSubmatch(p, 1)
+		key := matches[0][1]
+		errorCode, err := strconv.Atoi(matches[0][2])
+		if err != nil {
+			return err
+		}
+		probability, err := strconv.Atoi(matches[0][3])
+		if err != nil {
+			return err
+		}
+
+		if err := chaos.Set(key, errorCode, probability); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
--- a/go.mod
+++ b/go.mod
@@ -5,10 +5,10 @@ go 1.23
 toolchain go1.23.2

 require (
-	github.com/PuerkitoBio/goquery v1.10.0
+	github.com/PuerkitoBio/goquery v1.10.1
 	github.com/araddon/dateparse v0.0.0-20210429162001-6b43995a97de
 	github.com/axllent/semver v0.0.1
-	github.com/gomarkdown/markdown v0.0.0-20241205020045-f7e15b2f3e62
+	github.com/gomarkdown/markdown v0.0.0-20250207164621-7a1f277a159e
 	github.com/gorilla/mux v1.8.1
 	github.com/gorilla/websocket v1.5.3
 	github.com/jhillyerd/enmime v1.3.0
@@ -17,17 +17,17 @@ require (
 	github.com/leporo/sqlf v1.4.0
 	github.com/lithammer/shortuuid/v4 v4.2.0
 	github.com/mneis/go-telnet v0.0.0-20221017141824-6f643e477c62
-	github.com/rqlite/gorqlite v0.0.0-20241013203532-4385768ae85d
+	github.com/rqlite/gorqlite v0.0.0-20250128004930-114c7828b55a
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.1
-	github.com/spf13/pflag v1.0.5
+	github.com/spf13/pflag v1.0.6
 	github.com/tg123/go-htpasswd v1.2.3
-	github.com/vanng822/go-premailer v1.22.0
-	golang.org/x/net v0.33.0
-	golang.org/x/text v0.21.0
-	golang.org/x/time v0.8.0
+	github.com/vanng822/go-premailer v1.23.0
+	golang.org/x/net v0.34.0
+	golang.org/x/text v0.22.0
+	golang.org/x/time v0.10.0
 	gopkg.in/yaml.v3 v3.0.1
-	modernc.org/sqlite v1.34.3
+	modernc.org/sqlite v1.34.5
 )

 require (
@@ -38,7 +38,6 @@ require (
 	github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
-	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056 // indirect
 	github.com/kr/pretty v0.3.0 // indirect
@@ -53,15 +52,12 @@ require (
 	github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/vanng822/css v1.0.1 // indirect
-	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
-	golang.org/x/image v0.23.0 // indirect
-	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/crypto v0.33.0 // indirect
+	golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 // indirect
+	golang.org/x/image v0.24.0 // indirect
+	golang.org/x/sys v0.30.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
-	modernc.org/gc/v3 v3.0.0-20241213165251-3bc300f6d0c9 // indirect
-	modernc.org/libc v1.61.4 // indirect
-	modernc.org/mathutil v1.6.0 // indirect
-	modernc.org/memory v1.8.0 // indirect
-	modernc.org/strutil v1.2.0 // indirect
-	modernc.org/token v1.1.0 // indirect
+	modernc.org/libc v1.61.12 // indirect
+	modernc.org/mathutil v1.7.1 // indirect
+	modernc.org/memory v1.8.2 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,8 +1,8 @@
 github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 h1:IEjq88XO4PuBDcvmjQJcQGg+w+UaafSy8G5Kcb5tBhI=
 github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5/go.mod h1:exZ0C/1emQJAw5tHOaUDyY1ycttqBAPcxuzf7QbY6ec=
 github.com/PuerkitoBio/goquery v1.9.2/go.mod h1:GHPCaP0ODyyxqcNoFGYlAprUFH81NuRPd0GX3Zu2Mvk=
-github.com/PuerkitoBio/goquery v1.10.0 h1:6fiXdLuUvYs2OJSvNRqlNPoBm6YABE226xrbavY5Wv4=
-github.com/PuerkitoBio/goquery v1.10.0/go.mod h1:TjZZl68Q3eGHNBA8CWaxAN7rOU1EbDz3CWuolcO5Yu4=
+github.com/PuerkitoBio/goquery v1.10.1 h1:Y8JGYUkXWTGRB6Ars3+j3kN0xg1YqqlwvdTV8WTFQcU=
+github.com/PuerkitoBio/goquery v1.10.1/go.mod h1:IYiHrOMps66ag56LEH7QYDDupKXyo5A8qrjIx3ZtujY=
 github.com/andybalholm/cascadia v1.3.2/go.mod h1:7gtRlve5FxPPgIgX36uWBX58OdBsSS6lUvCFb+h7KvU=
 github.com/andybalholm/cascadia v1.3.3 h1:AG2YHrzJIm4BZ19iwJ/DAua6Btl3IwJX+VI4kktS1LM=
 github.com/andybalholm/cascadia v1.3.3/go.mod h1:xNd9bqTn98Ln4DwST8/nG+H0yuB8Hmgu1YHNnWw0GeA=
@@ -24,8 +24,8 @@ github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
 github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f h1:3BSP1Tbs2djlpprl7wCLuiqMaUh5SJkkzI2gDs+FgLs=
 github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f/go.mod h1:Pcatq5tYkCW2Q6yrR2VRHlbHpZ/R4/7qyL1TCF7vl14=
-github.com/gomarkdown/markdown v0.0.0-20241205020045-f7e15b2f3e62 h1:pbAFUZisjG4s6sxvRJvf2N7vhpCvx2Oxb3PmS6pDO1g=
-github.com/gomarkdown/markdown v0.0.0-20241205020045-f7e15b2f3e62/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+github.com/gomarkdown/markdown v0.0.0-20250207164621-7a1f277a159e h1:ESHlT0RVZphh4JGBz49I5R6nTdC8Qyc08vU25GQHzzQ=
+github.com/gomarkdown/markdown v0.0.0-20250207164621-7a1f277a159e/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo=
 github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw=
@@ -37,8 +37,6 @@ github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
 github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
 github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
-github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056 h1:iCHtR9CQyktQ5+f3dMVZfwD2KWJUgm7M0gdL9NGr8KA=
@@ -88,16 +86,17 @@ github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rqlite/gorqlite v0.0.0-20241013203532-4385768ae85d h1:c88ius/WcN19inn14R+X2EQCFjjAu92txgdxNNnGxDI=
-github.com/rqlite/gorqlite v0.0.0-20241013203532-4385768ae85d/go.mod h1:xF/KoXmrRyahPfo5L7Szb5cAAUl53dMWBh9cMruGEZg=
+github.com/rqlite/gorqlite v0.0.0-20250128004930-114c7828b55a h1:9O8zgGrMBuTsnA3yyFd+JWhFSflQwzSUEB4AMnFHKhU=
+github.com/rqlite/gorqlite v0.0.0-20250128004930-114c7828b55a/go.mod h1:xF/KoXmrRyahPfo5L7Szb5cAAUl53dMWBh9cMruGEZg=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/scylladb/termtables v0.0.0-20191203121021-c4c0b6d42ff4/go.mod h1:C1a7PQSMz9NShzorzCiG2fk9+xuCgLkPeCvMHYR2OWg=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
 github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
-github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
+github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf h1:pvbZ0lM0XWPBqUKqFU8cmavspvIl9nulOYwdy6IFRRo=
 github.com/ssor/bom v0.0.0-20170718123548-6386211fdfcf/go.mod h1:RJID2RhlZKId02nZ62WenDCkgHFerpIOmW0iT7GKmXM=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -109,8 +108,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/tg123/go-htpasswd v1.2.3 h1:ALR6ZBIc2m9u70m+eAWUFt5p43ISbIvAvRFYzZPTOY8=
 github.com/tg123/go-htpasswd v1.2.3/go.mod h1:FcIrK0J+6zptgVwK1JDlqyajW/1B4PtuJ/FLWl7nx8A=
 github.com/unrolled/render v1.7.0/go.mod h1:LwQSeDhjml8NLjIO9GJO1/1qpFJxtfVIpzxXKjfVkoI=
@@ -118,8 +117,8 @@ github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6Kllzaw
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/vanng822/css v1.0.1 h1:10yiXc4e8NI8ldU6mSrWmSWMuyWgPr9DZ63RSlsgDw8=
 github.com/vanng822/css v1.0.1/go.mod h1:tcnB1voG49QhCrwq1W0w5hhGasvOg+VQp9i9H1rCM1w=
-github.com/vanng822/go-premailer v1.22.0 h1:5gG92q3nG3BwcfUUDzrSDbYDbpwYC/lri4nba+vhdJQ=
-github.com/vanng822/go-premailer v1.22.0/go.mod h1:K7DxRBW6AxdZUTqmW9jU6041CtfAWiP9uSXm2WmMB1k=
+github.com/vanng822/go-premailer v1.23.0 h1:vZp2wuz1jb4q/DurUV18VGjXWtTFYZHwTCw2EAWKO74=
+github.com/vanng822/go-premailer v1.23.0/go.mod h1:0+z0UJ6ZGQatzkWlaQNl50M7fLz5f6FcP8V2p0oie88=
 github.com/vanng822/r2router v0.0.0-20150523112421-1023140a4f30/go.mod h1:1BVq8p2jVr55Ost2PkZWDrG86PiJ/0lxqcXoAcGxvWU=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -128,13 +127,14 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
-golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
-golang.org/x/image v0.23.0 h1:HseQ7c2OpPKTPVzNjG5fwJsOTCiiwS4QdsYi5XU6H68=
-golang.org/x/image v0.23.0/go.mod h1:wJJBTdLfCCf3tiHa1fNxpZmUI4mmoZvwMCPP0ddoNKY=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
+golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
+golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 h1:qNgPs5exUA+G0C96DrPwNrvLSj7GT/9D+3WMWUcUg34=
+golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU=
+golang.org/x/image v0.24.0 h1:AN7zRgVsbvmTfNyqIbbOraYL8mSwcKncEj8ofjgzcMQ=
+golang.org/x/image v0.24.0/go.mod h1:4b/ITuLfqYq1hqZcjofwctIhi7sZh2WaCjvsBNjjya8=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
@@ -152,18 +152,18 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
-golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
 golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
 golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
+golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -180,9 +180,10 @@ golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -193,8 +194,8 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
-golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
 golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
+golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -203,19 +204,19 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
-golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
+golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/time v0.10.0 h1:3usCWA8tQn0L8+hFJQNgzpWbd89begxN66o1Ojdn5L4=
+golang.org/x/time v0.10.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8=
-golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw=
+golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
+golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -225,29 +226,27 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-modernc.org/cc/v4 v4.23.1 h1:WqJoPL3x4cUufQVHkXpXX7ThFJ1C4ik80i2eXEXbhD8=
-modernc.org/cc/v4 v4.23.1/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
-modernc.org/ccgo/v4 v4.23.1 h1:N49a7JiWGWV7lkPE4yYcvjkBGZQi93/JabRYjdWmJXc=
-modernc.org/ccgo/v4 v4.23.1/go.mod h1:JoIUegEIfutvoWV/BBfDFpPpfR2nc3U0jKucGcbmwDU=
+modernc.org/cc/v4 v4.24.4 h1:TFkx1s6dCkQpd6dKurBNmpo+G8Zl4Sq/ztJ+2+DEsh0=
+modernc.org/cc/v4 v4.24.4/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
+modernc.org/ccgo/v4 v4.23.16 h1:Z2N+kk38b7SfySC1ZkpGLN2vthNJP1+ZzGZIlH7uBxo=
+modernc.org/ccgo/v4 v4.23.16/go.mod h1:nNma8goMTY7aQZQNTyN9AIoJfxav4nvTnvKThAeMDdo=
 modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
 modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
-modernc.org/gc/v2 v2.5.0 h1:bJ9ChznK1L1mUtAQtxi0wi5AtAs5jQuw4PrPHO5pb6M=
-modernc.org/gc/v2 v2.5.0/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
-modernc.org/gc/v3 v3.0.0-20241213165251-3bc300f6d0c9 h1:ovz6yUKX71igz2yvk4NpiCL5fvdjZAI+DhuDEGx1xyU=
-modernc.org/gc/v3 v3.0.0-20241213165251-3bc300f6d0c9/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
-modernc.org/libc v1.61.4 h1:wVyqEx6tlltte9lPTjq0kDAdtdM9c4JH8rU6M1ZVawA=
-modernc.org/libc v1.61.4/go.mod h1:VfXVuM/Shh5XsMNrh3C6OkfL78G3loa4ZC/Ljv9k7xc=
-modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
-modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
-modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
-modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU=
-modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
-modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
-modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
-modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
-modernc.org/sqlite v1.34.3 h1:494MIwJKBLd0tErBYkRar2HvEpy04Bl0ykPEm4XLhbo=
-modernc.org/sqlite v1.34.3/go.mod h1:dnR723UrTtjKpoHCAMN0Q/gZ9MT4r+iRvIBb9umWFkU=
-modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
-modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
+modernc.org/gc/v2 v2.6.3 h1:aJVhcqAte49LF+mGveZ5KPlsp4tdGdAOT4sipJXADjw=
+modernc.org/gc/v2 v2.6.3/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
+modernc.org/libc v1.61.12 h1:Fsnh0A7XLXylYNwIOJmKux9PhnfrIvMaMnjuyJ1t/f4=
+modernc.org/libc v1.61.12/go.mod h1:8F/uJWL/3nNil0Lgt1Dpz+GgkApWh04N3el3hxJcA6E=
+modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
+modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
+modernc.org/memory v1.8.2 h1:cL9L4bcoAObu4NkxOlKWBWtNHIsnnACGF/TbqQ6sbcI=
+modernc.org/memory v1.8.2/go.mod h1:ZbjSvMO5NQ1A2i3bWeDiVMxIorXwdClKE/0SZ+BMotU=
+modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
+modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
+modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
+modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
+modernc.org/sqlite v1.34.5 h1:Bb6SR13/fjp15jt70CL4f18JIN7p7dnMExd+UFnF15g=
+modernc.org/sqlite v1.34.5/go.mod h1:YLuNmX9NKs8wRNK2ko1LW1NGYcc9FkBO69JOt1AR9JE=
+modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
+modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
 modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
--- a/internal/smtpd/chaos/chaos.go
+++ b/internal/smtpd/chaos/chaos.go
@@ -0,0 +1,121 @@
+// Package chaos is used to simulate Chaos engineering (random failures) in the SMTPD server.
+// See https://en.wikipedia.org/wiki/Chaos_engineering
+// See https://mailpit.axllent.org/docs/integration/chaos/
+package chaos
+
+import (
+	"crypto/rand"
+	"fmt"
+	"math/big"
+	"strings"
+
+	"github.com/axllent/mailpit/internal/logger"
+)
+
+var (
+	// Enabled is a flag to enable or disable support for chaos
+	Enabled = false
+
+	// Config is the global Chaos configuration
+	Config = Triggers{
+		Sender:         Trigger{ErrorCode: 451, Probability: 0},
+		Recipient:      Trigger{ErrorCode: 451, Probability: 0},
+		Authentication: Trigger{ErrorCode: 535, Probability: 0},
+	}
+)
+
+// Triggers for the Chaos configuration
+//
+// swagger:model Triggers
+type Triggers struct {
+	// Sender trigger to fail on From, Sender
+	Sender Trigger
+	// Recipient trigger to fail on To, Cc, Bcc
+	Recipient Trigger
+	// Authentication trigger to fail while authenticating (auth must be configured)
+	Authentication Trigger
+}
+
+// Trigger for Chaos
+type Trigger struct {
+	// SMTP error code to return. The value must range from 400 to 599.
+	// required: true
+	// example: 451
+	ErrorCode int
+
+	// Probability (chance) of triggering the error. The value must range from 0 to 100.
+	// required: true
+	// example: 5
+	Probability int
+}
+
+// SetFromStruct will set a whole map of chaos configurations (ie: API)
+func SetFromStruct(c Triggers) error {
+	if c.Sender.ErrorCode == 0 {
+		c.Sender.ErrorCode = 451 // default
+	}
+
+	if c.Recipient.ErrorCode == 0 {
+		c.Recipient.ErrorCode = 451 // default
+	}
+
+	if c.Authentication.ErrorCode == 0 {
+		c.Authentication.ErrorCode = 535 // default
+	}
+
+	if err := Set("Sender", c.Sender.ErrorCode, c.Sender.Probability); err != nil {
+		return err
+	}
+	if err := Set("Recipient", c.Recipient.ErrorCode, c.Recipient.Probability); err != nil {
+		return err
+	}
+	if err := Set("Authentication", c.Authentication.ErrorCode, c.Authentication.Probability); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Set will set the chaos configuration for the given key (CLI & setMap())
+func Set(key string, errorCode int, probability int) error {
+	Enabled = true
+	if errorCode < 400 || errorCode > 599 {
+		return fmt.Errorf("error code must be between 400 and 599")
+	}
+
+	if probability > 100 || probability < 0 {
+		return fmt.Errorf("probability must be between 0 and 100")
+	}
+
+	key = strings.ToLower(key)
+
+	switch key {
+	case "sender":
+		Config.Sender = Trigger{ErrorCode: errorCode, Probability: probability}
+		logger.Log().Infof("[chaos] Sender to return %d error with %d%% probability", errorCode, probability)
+	case "recipient", "recipients":
+		Config.Recipient = Trigger{ErrorCode: errorCode, Probability: probability}
+		logger.Log().Infof("[chaos] Recipient to return %d error with %d%% probability", errorCode, probability)
+	case "auth", "authentication":
+		Config.Authentication = Trigger{ErrorCode: errorCode, Probability: probability}
+		logger.Log().Infof("[chaos] Authentication to return %d error with %d%% probability", errorCode, probability)
+	default:
+		return fmt.Errorf("unknown key %s", key)
+	}
+
+	return nil
+}
+
+// Trigger will return whether the Chaos rule is triggered based on the configuration
+// and a randomly-generated percentage value.
+func (c Trigger) Trigger() (bool, int) {
+	if !Enabled || c.Probability == 0 {
+		return false, 0
+	}
+
+	nBig, _ := rand.Int(rand.Reader, big.NewInt(100))
+
+	// rand.IntN(100) will return 0-99, whereas probability is 1-100,
+	// so value must be less than (not <=) to the probability to trigger
+	return int(nBig.Int64()) < c.Probability, c.ErrorCode
+}
--- a/internal/smtpd/forward.go
+++ b/internal/smtpd/forward.go
@@ -0,0 +1,111 @@
+package smtpd
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/smtp"
+	"strings"
+
+	"github.com/axllent/mailpit/config"
+	"github.com/axllent/mailpit/internal/logger"
+	"github.com/axllent/mailpit/internal/tools"
+)
+
+// Wrapper to forward messages if configured
+func autoForwardMessage(from string, data *[]byte) {
+	if config.SMTPForwardConfig.Host == "" {
+		return
+	}
+
+	if err := forward(from, *data); err != nil {
+		logger.Log().Errorf("[forward] error: %s", err.Error())
+	} else {
+		logger.Log().Debugf("[forward] message from %s to %s via %s:%d",
+			from, config.SMTPForwardConfig.To, config.SMTPForwardConfig.Host, config.SMTPForwardConfig.Port)
+	}
+}
+
+// Forward will connect to a pre-configured SMTP server and send a message to one or more recipients.
+func forward(from string, msg []byte) error {
+	addr := fmt.Sprintf("%s:%d", config.SMTPForwardConfig.Host, config.SMTPForwardConfig.Port)
+
+	c, err := smtp.Dial(addr)
+	if err != nil {
+		return fmt.Errorf("error connecting to %s: %s", addr, err.Error())
+	}
+
+	defer c.Close()
+
+	if config.SMTPForwardConfig.STARTTLS {
+		conf := &tls.Config{ServerName: config.SMTPForwardConfig.Host} // #nosec
+
+		conf.InsecureSkipVerify = config.SMTPForwardConfig.AllowInsecure
+
+		if err = c.StartTLS(conf); err != nil {
+			return fmt.Errorf("error creating StartTLS config: %s", err.Error())
+		}
+	}
+
+	auth := forwardAuthFromConfig()
+
+	if auth != nil {
+		if err = c.Auth(auth); err != nil {
+			return fmt.Errorf("error response to AUTH command: %s", err.Error())
+		}
+	}
+
+	if config.SMTPForwardConfig.OverrideFrom != "" {
+		msg, err = tools.OverrideFromHeader(msg, config.SMTPForwardConfig.OverrideFrom)
+		if err != nil {
+			return fmt.Errorf("error overriding From header: %s", err.Error())
+		}
+
+		from = config.SMTPForwardConfig.OverrideFrom
+	}
+
+	if err = c.Mail(from); err != nil {
+		return fmt.Errorf("error response to MAIL command: %s", err.Error())
+	}
+
+	to := strings.Split(config.SMTPForwardConfig.To, ",")
+
+	for _, addr := range to {
+		if err = c.Rcpt(addr); err != nil {
+			logger.Log().Warnf("error response to RCPT command for %s: %s", addr, err.Error())
+		}
+	}
+
+	w, err := c.Data()
+	if err != nil {
+		return fmt.Errorf("error response to DATA command: %s", err.Error())
+	}
+
+	if _, err := w.Write(msg); err != nil {
+		return fmt.Errorf("error sending message: %s", err.Error())
+	}
+
+	if err := w.Close(); err != nil {
+		return fmt.Errorf("error closing connection: %s", err.Error())
+	}
+
+	return c.Quit()
+}
+
+// Return the SMTP forwarding authentication based on config
+func forwardAuthFromConfig() smtp.Auth {
+	var a smtp.Auth
+
+	if config.SMTPForwardConfig.Auth == "plain" {
+		a = smtp.PlainAuth("", config.SMTPForwardConfig.Username, config.SMTPForwardConfig.Password, config.SMTPForwardConfig.Host)
+	}
+
+	if config.SMTPForwardConfig.Auth == "login" {
+		a = LoginAuth(config.SMTPForwardConfig.Username, config.SMTPForwardConfig.Password)
+	}
+
+	if config.SMTPForwardConfig.Auth == "cram-md5" {
+		a = smtp.CRAMMD5Auth(config.SMTPForwardConfig.Username, config.SMTPForwardConfig.Secret)
+	}
+
+	return a
+}
--- a/internal/smtpd/main.go
+++ b/internal/smtpd/main.go
@@ -87,6 +87,9 @@ func SaveToDatabase(origin net.Addr, from string, to []string, data []byte) (str
 	// if enabled, this may conditionally relay the email through to the preconfigured smtp server
 	autoRelayMessage(from, to, &data)

+	// if enabled, this will forward a copy to preconfigured addresses
+	autoForwardMessage(from, &data)
+
 	// build array of all addresses in the header to compare to the []to array
 	emails, hasBccHeader := scanAddressesInHeader(msg.Header)

--- a/internal/smtpd/relay.go
+++ b/internal/smtpd/relay.go
@@ -9,14 +9,16 @@ import (

 	"github.com/axllent/mailpit/config"
 	"github.com/axllent/mailpit/internal/logger"
+	"github.com/axllent/mailpit/internal/tools"
 )

+// Wrapper to auto relay messages if configured
 func autoRelayMessage(from string, to []string, data *[]byte) {
 	if config.SMTPRelayConfig.BlockedRecipientsRegexp != nil {
 		filteredTo := []string{}
 		for _, address := range to {
 			if config.SMTPRelayConfig.BlockedRecipientsRegexp.MatchString(address) {
-				logger.Log().Debugf("[smtp] ignoring auto-relay to %s: found in blocklist", address)
+				logger.Log().Debugf("[relay] ignoring auto-relay to %s: found in blocklist", address)
 				continue
 			}

@@ -31,9 +33,9 @@ func autoRelayMessage(from string, to []string, data *[]byte) {

 	if config.SMTPRelayAll {
 		if err := Relay(from, to, *data); err != nil {
-			logger.Log().Errorf("[smtp] error relaying message: %s", err.Error())
+			logger.Log().Errorf("[relay] error: %s", err.Error())
 		} else {
-			logger.Log().Debugf("[smtp] auto-relay message to %s from %s via %s:%d",
+			logger.Log().Debugf("[relay] sent message to %s from %s via %s:%d",
 				strings.Join(to, ", "), from, config.SMTPRelayConfig.Host, config.SMTPRelayConfig.Port)
 		}
 	} else if config.SMTPRelayMatchingRegexp != nil {
@@ -49,9 +51,9 @@ func autoRelayMessage(from string, to []string, data *[]byte) {
 		}

 		if err := Relay(from, filtered, *data); err != nil {
-			logger.Log().Errorf("[smtp] error relaying message: %s", err.Error())
+			logger.Log().Errorf("[relay] error: %s", err.Error())
 		} else {
-			logger.Log().Debugf("[smtp] auto-relay message to %s from %s via %s:%d",
+			logger.Log().Debugf("[relay] auto-relay message to %s from %s via %s:%d",
 				strings.Join(filtered, ", "), from, config.SMTPRelayConfig.Host, config.SMTPRelayConfig.Port)
 		}
 	}
@@ -86,6 +88,15 @@ func Relay(from string, to []string, msg []byte) error {
 		}
 	}

+	if config.SMTPRelayConfig.OverrideFrom != "" {
+		msg, err = tools.OverrideFromHeader(msg, config.SMTPRelayConfig.OverrideFrom)
+		if err != nil {
+			return fmt.Errorf("error overriding From header: %s", err.Error())
+		}
+
+		from = config.SMTPRelayConfig.OverrideFrom
+	}
+
 	if err = c.Mail(from); err != nil {
 		return fmt.Errorf("error response to MAIL command: %s", err.Error())
 	}
--- a/internal/smtpd/smtpd.go
+++ b/internal/smtpd/smtpd.go
@@ -1,7 +1,7 @@
 // Package smtpd implements a basic SMTP server.
 //
 // This is a modified version of https://github.com/mhale/smtpd to
-// add optional support for unix sockets.
+// add support for unix sockets and Mailpit Chaos.
 package smtpd

 import (
@@ -22,6 +22,8 @@ import (
 	"sync"
 	"sync/atomic"
 	"time"
+
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
 )

 var (
@@ -390,7 +392,7 @@ loop:
 			buffer.Reset()
 		case "EHLO":
 			s.remoteName = args
-			s.writef(s.makeEHLOResponse())
+			s.writef("%s", s.makeEHLOResponse())

 			// RFC 2821 section 4.1.4 specifies that EHLO has the same effect as RSET.
 			from = ""
@@ -411,6 +413,12 @@ loop:
 			if match == nil {
 				s.writef("501 5.5.4 Syntax error in parameters or arguments (invalid FROM parameter)")
 			} else {
+				// Mailpit Chaos
+				if fail, code := chaos.Config.Sender.Trigger(); fail {
+					s.writef("%d Chaos sender error", code)
+					break
+				}
+
 				// Validate the SIZE parameter if one was sent.
 				if len(match[2]) > 0 { // A parameter is present
 					sizeMatch := mailFromSizeRE.FindStringSubmatch(match[3])
@@ -426,7 +434,7 @@ loop:
 							s.writef("501 5.5.4 Syntax error in parameters or arguments (invalid SIZE parameter)")
 						} else if s.srv.MaxSize > 0 && size > s.srv.MaxSize { // SIZE above maximum size, if set
 							err = maxSizeExceeded(s.srv.MaxSize)
-							s.writef(err.Error())
+							s.writef("%s", err.Error())
 						} else { // SIZE ok
 							from = match[1]
 							gotFrom = true
@@ -439,6 +447,7 @@ loop:
 					s.writef("250 2.1.0 Ok")
 				}
 			}
+
 			to = nil
 			buffer.Reset()
 		case "RCPT":
@@ -459,10 +468,17 @@ loop:
 			if match == nil {
 				s.writef("501 5.5.4 Syntax error in parameters or arguments (invalid TO parameter)")
 			} else {
+				// Mailpit Chaos
+				if fail, code := chaos.Config.Recipient.Trigger(); fail {
+					s.writef("%d Chaos recipient error", code)
+					break
+				}
+
 				// RFC 5321 specifies support for minimum of 100 recipients is required.
 				if s.srv.MaxRecipients == 0 {
 					s.srv.MaxRecipients = 100
 				}
+
 				if len(to) == s.srv.MaxRecipients {
 					s.writef("452 4.5.3 Too many recipients")
 				} else {
@@ -507,7 +523,7 @@ loop:
 					}
 					break loop
 				case maxSizeExceededError:
-					s.writef(err.Error())
+					s.writef("%s", err.Error())
 					continue
 				default:
 					s.writef("451 4.3.0 Requested action aborted: local error in processing")
@@ -526,7 +542,7 @@ loop:
 				if err != nil {
 					checkErrFormat := regexp.MustCompile(`^([2-5][0-9]{2})[\s\-](.+)$`)
 					if checkErrFormat.MatchString(err.Error()) {
-						s.writef(err.Error())
+						s.writef("%s", err.Error())
 					} else {
 						s.writef("451 4.3.5 Unable to process mail")
 					}
@@ -538,7 +554,7 @@ loop:
 				if err != nil {
 					checkErrFormat := regexp.MustCompile(`^([2-5][0-9]{2})[\s\-](.+)$`)
 					if checkErrFormat.MatchString(err.Error()) {
-						s.writef(err.Error())
+						s.writef("%s", err.Error())
 					} else {
 						s.writef("451 4.3.5 Unable to process mail")
 					}
@@ -546,7 +562,7 @@ loop:
 				}

 				if msgID != "" {
-					s.writef("250 2.0.0 Ok: queued as " + msgID)
+					s.writef("250 2.0.0 Ok: queued as %s", msgID)
 				} else {
 					s.writef("250 2.0.0 Ok: queued")
 				}
@@ -685,6 +701,12 @@ loop:
 				break
 			}

+			// Mailpit Chaos
+			if fail, code := chaos.Config.Authentication.Trigger(); fail {
+				s.writef("%d Chaos authentication error", code)
+				break
+			}
+
 			// RFC 4954 also specifies that ESMTP code 5.5.4 ("Invalid command arguments") should be returned
 			// when attempting to use an unsupported authentication type.
 			// Many servers return 5.7.4 ("Security features not supported") instead.
@@ -703,7 +725,7 @@ loop:
 					break loop
 				}

-				s.writef(err.Error())
+				s.writef("%s", err.Error())
 				break
 			}

@@ -726,7 +748,7 @@ func (s *session) writef(format string, args ...interface{}) {
 	}

 	line := fmt.Sprintf(format, args...)
-	fmt.Fprintf(s.bw, line+"\r\n")
+	fmt.Fprintf(s.bw, "%s\r\n", line)
 	_ = s.bw.Flush()

 	if Debug {
@@ -869,7 +891,7 @@ func (s *session) handleAuthLogin(arg string) (bool, error) {
 	var err error

 	if arg == "" {
-		s.writef("334 " + base64.StdEncoding.EncodeToString([]byte("Username:")))
+		s.writef("334 %s", base64.StdEncoding.EncodeToString([]byte("Username:")))
 		arg, err = s.readLine()
 		if err != nil {
 			return false, err
@@ -881,7 +903,7 @@ func (s *session) handleAuthLogin(arg string) (bool, error) {
 		return false, errors.New("501 5.5.2 Syntax error (unable to decode)")
 	}

-	s.writef("334 " + base64.StdEncoding.EncodeToString([]byte("Password:")))
+	s.writef("334 %s", base64.StdEncoding.EncodeToString([]byte("Password:")))
 	line, err := s.readLine()
 	if err != nil {
 		return false, err
@@ -929,7 +951,7 @@ func (s *session) handleAuthPlain(arg string) (bool, error) {
 func (s *session) handleAuthCramMD5() (bool, error) {
 	shared := "<" + strconv.Itoa(os.Getpid()) + "." + strconv.Itoa(time.Now().Nanosecond()) + "@" + s.srv.Hostname + ">"

-	s.writef("334 " + base64.StdEncoding.EncodeToString([]byte(shared)))
+	s.writef("334 %s", base64.StdEncoding.EncodeToString([]byte(shared)))

 	data, err := s.readLine()
 	if err != nil {
--- a/internal/smtpd/smtpd_test.go
+++ b/internal/smtpd/smtpd_test.go
@@ -535,7 +535,7 @@ func TestCmdSTARTTLSRequired(t *testing.T) {
 }

 func TestMakeHeaders(t *testing.T) {
-	now := time.Now().Format("Mon, _2 Jan 2006 15:04:05 -0700 (MST)")
+	now := time.Now().Format("Mon, 2 Jan 2006 15:04:05 -0700 (MST)")
 	valid := "Received: from clientName (clientHost [clientIP])\r\n" +
 		"        by serverName (smtpd) with SMTP\r\n" +
 		"        for <recipient@example.com>; " +
--- a/internal/tools/headers.go
+++ b/internal/tools/headers.go
@@ -6,6 +6,7 @@ import (
 	"bytes"
 	"net/mail"
 	"regexp"
+	"strings"

 	"github.com/axllent/mailpit/internal/logger"
 )
@@ -48,7 +49,7 @@ func RemoveMessageHeaders(msg []byte, headers []string) ([]byte, error) {
 			}

 			if len(hdr) > 0 {
-				logger.Log().Debugf("[release] removed %s header", hdr)
+				logger.Log().Debugf("[relay] removed %s header", hdr)
 				msg = bytes.Replace(msg, hdr, []byte(""), 1)
 			}
 		}
@@ -90,10 +91,70 @@ func UpdateMessageHeader(msg []byte, header, value string) ([]byte, error) {
 		}

 		if len(hdr) > 0 {
-			logger.Log().Debugf("[release] replaced %s header", hdr)
+			logger.Log().Debugf("[relay] replaced %s header", hdr)
 			msg = bytes.Replace(msg, hdr, []byte(header+": "+value+"\r\n"), 1)
 		}
 	}

 	return msg, nil
 }
+
+// OverrideFromHeader scans a message for the From header and replaces it with a different email address.
+func OverrideFromHeader(msg []byte, address string) ([]byte, error) {
+	reader := bytes.NewReader(msg)
+	m, err := mail.ReadMessage(reader)
+	if err != nil {
+		return nil, err
+	}
+
+	if m.Header.Get("From") != "" {
+		reBlank := regexp.MustCompile(`^\s+`)
+		reHdr := regexp.MustCompile(`(?i)^` + regexp.QuoteMeta("From:"))
+
+		scanner := bufio.NewScanner(bytes.NewReader(msg))
+		found := false
+		hdr := []byte("")
+		for scanner.Scan() {
+			line := scanner.Bytes()
+			if !found && reHdr.Match(line) {
+				// add the first line starting with <header>:
+				hdr = append(hdr, line...)
+				hdr = append(hdr, []byte("\r\n")...)
+				found = true
+			} else if found && reBlank.Match(line) {
+				// add any following lines starting with a whitespace (tab or space)
+				hdr = append(hdr, line...)
+				hdr = append(hdr, []byte("\r\n")...)
+			} else if found {
+				// stop scanning, we have the full <header>
+				break
+			}
+		}
+
+		if len(hdr) > 0 {
+			originalFrom := strings.TrimRight(string(hdr[5:]), "\r\n")
+
+			from, err := mail.ParseAddress(originalFrom)
+			if err != nil {
+				// error parsing the from address, so just replace the whole line
+				msg = bytes.Replace(msg, hdr, []byte("From: "+address+"\r\n"), 1)
+			} else {
+				originalFrom = from.Address
+				// replace the from email, but keep the original name
+				from.Address = address
+				msg = bytes.Replace(msg, hdr, []byte("From: "+from.String()+"\r\n"), 1)
+			}
+
+			// insert the original From header as X-Original-From
+			msg = append([]byte("X-Original-From: "+originalFrom+"\r\n"), msg...)
+
+			logger.Log().Debugf("[relay] Replaced From email address with %s", address)
+		}
+	} else {
+		// no From header, so add one
+		msg = append([]byte("From: "+address+"\r\n"), msg...)
+		logger.Log().Debugf("[relay] Added From email: %s", address)
+	}
+
+	return msg, nil
+}
--- a/internal/tools/html.go
+++ b/internal/tools/html.go
@@ -17,3 +17,34 @@ func GetHTMLAttributeVal(e *html.Node, key string) (string, error) {

 	return "", fmt.Errorf("%s not found", key)
 }
+
+// SetHTMLAttributeVal sets an attribute on a node.
+func SetHTMLAttributeVal(n *html.Node, key, val string) {
+	for i := range n.Attr {
+		a := &n.Attr[i]
+		if a.Key == key {
+			a.Val = val
+			return
+		}
+	}
+	n.Attr = append(n.Attr, html.Attribute{
+		Key: key,
+		Val: val,
+	})
+}
+
+// WalkHTML traverses the entire HTML tree and calls fn on each node.
+func WalkHTML(n *html.Node, fn func(*html.Node)) {
+	if n == nil {
+		return
+	}
+
+	fn(n)
+
+	// Each node has a pointer to its first child and next sibling. To traverse
+	// all children of a node, we need to start from its first child and then
+	// traverse the next sibling until nil.
+	for c := n.FirstChild; c != nil; c = c.NextSibling {
+		WalkHTML(c, fn)
+	}
+}
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -6,7 +6,7 @@
    "build": "MINIFY=true node esbuild.config.mjs",
    "watch": "WATCH=true node esbuild.config.mjs",
    "package": "MINIFY=true node esbuild.config.mjs",
-    "update-caniemail": "wget -O utils/html-check/caniemail-data.json https://www.caniemail.com/api/data.json"
+    "update-caniemail": "wget -O internal/htmlcheck/caniemail-data.json https://www.caniemail.com/api/data.json"
  },
  "dependencies": {
    "axios": "^1.2.1",
@@ -31,7 +31,7 @@
    "@types/bootstrap": "^5.2.7",
    "@types/tinycon": "^0.6.3",
    "@vue/compiler-sfc": "^3.2.37",
-    "esbuild": "^0.24.0",
+    "esbuild": "^0.25.0",
    "esbuild-plugin-vue-next": "^0.1.4",
    "esbuild-sass-plugin": "^3.0.0"
  }
--- a/server/apiv1/application.go
+++ b/server/apiv1/application.go
@@ -6,6 +6,7 @@ import (
 	"net/http"

 	"github.com/axllent/mailpit/config"
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
 	"github.com/axllent/mailpit/internal/stats"
 )

@@ -59,6 +60,8 @@ type webUIConfiguration struct {
 		AllowedRecipients string
 		// Block relaying to these recipients (regex)
 		BlockedRecipients string
+		// Overrides the "From" address for all relayed messages
+		OverrideFrom string
 		// DEPRECATED 2024/03/12
 		// swagger:ignore
 		RecipientAllowlist string
@@ -67,6 +70,9 @@ type webUIConfiguration struct {
 	// Whether SpamAssassin is enabled
 	SpamAssassin bool

+	// Whether Chaos support is enabled at runtime
+	ChaosEnabled bool
+
 	// Whether messages with duplicate IDs are ignored
 	DuplicatesIgnored bool
 }
@@ -107,11 +113,13 @@ func WebUIConfig(w http.ResponseWriter, _ *http.Request) {
 		conf.MessageRelay.ReturnPath = config.SMTPRelayConfig.ReturnPath
 		conf.MessageRelay.AllowedRecipients = config.SMTPRelayConfig.AllowedRecipients
 		conf.MessageRelay.BlockedRecipients = config.SMTPRelayConfig.BlockedRecipients
+		conf.MessageRelay.OverrideFrom = config.SMTPRelayConfig.OverrideFrom
 		// DEPRECATED 2024/03/12
 		conf.MessageRelay.RecipientAllowlist = config.SMTPRelayConfig.AllowedRecipients
 	}

 	conf.SpamAssassin = config.EnableSpamAssassin != ""
+	conf.ChaosEnabled = chaos.Enabled
 	conf.DuplicatesIgnored = config.IgnoreDuplicateIDs

 	w.Header().Add("Content-Type", "application/json")
--- a/server/apiv1/chaos.go
+++ b/server/apiv1/chaos.go
@@ -0,0 +1,112 @@
+package apiv1
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/axllent/mailpit/internal/smtpd/chaos"
+)
+
+// ChaosTriggers is the Chaos configuration
+//
+// swagger:model Triggers
+type ChaosTriggers chaos.Triggers
+
+// Response for the Chaos triggers configuration
+// swagger:response ChaosResponse
+type chaosResponse struct {
+	// The current Chaos triggers
+	//
+	// in: body
+	Body ChaosTriggers
+}
+
+// GetChaos returns the current Chaos triggers
+func GetChaos(w http.ResponseWriter, _ *http.Request) {
+	// swagger:route GET /api/v1/chaos testing getChaos
+	//
+	// # Get Chaos triggers
+	//
+	// Returns the current Chaos triggers configuration.
+	// This API route will return an error if Chaos is not enabled at runtime.
+	//
+	//	Produces:
+	//	  - application/json
+	//
+	//	Schemes: http, https
+	//
+	//	Responses:
+	//	  200: ChaosResponse
+	//	  400: ErrorResponse
+
+	if !chaos.Enabled {
+		httpError(w, "Chaos is not enabled")
+		return
+	}
+
+	conf := chaos.Config
+
+	w.Header().Add("Content-Type", "application/json")
+	if err := json.NewEncoder(w).Encode(conf); err != nil {
+		httpError(w, err.Error())
+	}
+}
+
+// swagger:parameters setChaosParams
+type setChaosParams struct {
+	// in: body
+	Body ChaosTriggers
+}
+
+// SetChaos sets the Chaos configuration.
+func SetChaos(w http.ResponseWriter, r *http.Request) {
+	// swagger:route PUT /api/v1/chaos testing setChaosParams
+	//
+	// # Set Chaos triggers
+	//
+	// Set the Chaos triggers configuration and return the updated values.
+	// This API route will return an error if Chaos is not enabled at runtime.
+	//
+	// If any triggers are omitted from the request, then those are reset to their
+	// default values with a 0% probability (ie: disabled).
+	// Setting a blank `{}` will reset all triggers to their default values.
+	//
+	//	Consumes:
+	//	  - application/json
+	//
+	//	Produces:
+	//	  - application/json
+	//
+	//	Schemes: http, https
+	//
+	//	Responses:
+	//	  200: ChaosResponse
+	//	  400: ErrorResponse
+
+	if !chaos.Enabled {
+		httpError(w, "Chaos is not enabled")
+		return
+	}
+
+	data := chaos.Triggers{}
+
+	decoder := json.NewDecoder(r.Body)
+
+	err := decoder.Decode(&data)
+	if err != nil {
+		httpError(w, err.Error())
+		return
+	}
+
+	if err := chaos.SetFromStruct(data); err != nil {
+		httpError(w, err.Error())
+		return
+	}
+
+	conf := chaos.Config
+
+	w.Header().Add("Content-Type", "application/json")
+	if err := json.NewEncoder(w).Encode(conf); err != nil {
+		httpError(w, err.Error())
+	}
+}
--- a/server/apiv1/message.go
+++ b/server/apiv1/message.go
@@ -174,6 +174,16 @@ func DownloadAttachment(w http.ResponseWriter, r *http.Request) {
 	id := vars["id"]
 	partID := vars["partID"]

+	if id == "latest" {
+		var err error
+		id, err = storage.LatestID(r)
+		if err != nil {
+			w.WriteHeader(404)
+			fmt.Fprint(w, err.Error())
+			return
+		}
+	}
+
 	a, err := storage.GetAttachmentPart(id, partID)
 	if err != nil {
 		fourOFour(w)
--- a/server/apiv1/other.go
+++ b/server/apiv1/other.go
@@ -30,7 +30,7 @@ type HTMLCheckResponse = htmlcheck.Response

 // HTMLCheck returns a summary of the HTML client support
 func HTMLCheck(w http.ResponseWriter, r *http.Request) {
-	// swagger:route GET /api/v1/message/{ID}/html-check Other HTMLCheckParams
+	// swagger:route GET /api/v1/message/{ID}/html-check other HTMLCheckParams
 	//
 	// # HTML check
 	//
@@ -114,7 +114,7 @@ type LinkCheckResponse = linkcheck.Response

 // LinkCheck returns a summary of links in the email
 func LinkCheck(w http.ResponseWriter, r *http.Request) {
-	// swagger:route GET /api/v1/message/{ID}/link-check Other LinkCheckParams
+	// swagger:route GET /api/v1/message/{ID}/link-check other LinkCheckParams
 	//
 	// # Link check
 	//
@@ -184,7 +184,7 @@ type SpamAssassinResponse = spamassassin.Result

 // SpamAssassinCheck returns a summary of SpamAssassin results (if enabled)
 func SpamAssassinCheck(w http.ResponseWriter, r *http.Request) {
-	// swagger:route GET /api/v1/message/{ID}/sa-check Other SpamAssassinCheckParams
+	// swagger:route GET /api/v1/message/{ID}/sa-check other SpamAssassinCheckParams
 	//
 	// # SpamAssassin check
 	//
--- a/server/apiv1/testing.go
+++ b/server/apiv1/testing.go
@@ -1,14 +1,19 @@
 package apiv1

 import (
+	"bytes"
 	"fmt"
 	"net/http"
 	"regexp"
 	"strings"

 	"github.com/axllent/mailpit/config"
+	"github.com/axllent/mailpit/internal/logger"
 	"github.com/axllent/mailpit/internal/storage"
+	"github.com/axllent/mailpit/internal/tools"
 	"github.com/gorilla/mux"
+	"golang.org/x/net/html"
+	"golang.org/x/net/html/atom"
 )

 // swagger:parameters GetMessageHTMLParams
@@ -18,6 +23,17 @@ type getMessageHTMLParams struct {
 	// in: path
 	// required: true
 	ID string
+
+	// If this is route is to be embedded in an iframe, set embed to `1` in the URL to add `target="_blank"` and `rel="noreferrer noopener"` to all links.
+	//
+	// In addition, a small script will be added to the end of the document to post (postMessage()) the height of the document back to the parent window for optional iframe height resizing.
+	//
+	// Note that this will also *transform* the message into a full HTML document (if it isn't already), so this option is useful for viewing but not programmatic testing.
+	//
+	// in: query
+	// required: false
+	// type: string
+	Embed string `json:"embed"`
 }

 // GetMessageHTML (method: GET) returns a rendered version of a message's HTML part
@@ -68,9 +84,43 @@ func GetMessageHTML(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	html := linkInlineImages(msg)
+	htmlStr := linkInlineImages(msg)
+
+	// If embed=1 is set, then we will add target="_blank" and rel="noreferrer noopener" to all links
+	if r.URL.Query().Get("embed") == "1" {
+		doc, err := html.Parse(strings.NewReader(htmlStr))
+		if err != nil {
+			logger.Log().Error(err.Error())
+		} else {
+			// Walk the entire HTML tree.
+			tools.WalkHTML(doc, func(n *html.Node) {
+				if n.Type == html.ElementNode && n.DataAtom == atom.A {
+					// Set attributes on all anchors with external links.
+					tools.SetHTMLAttributeVal(n, "target", "_blank")
+					tools.SetHTMLAttributeVal(n, "rel", "noreferrer noopener")
+				}
+			})
+
+			b := bytes.Buffer{}
+			_ = html.Render(&b, doc)
+			htmlStr = b.String()
+
+			nonce := r.Header.Get("mp-nonce")
+
+			js := `<script nonce="` + nonce + `">
+				if (typeof window.parent == "object") {
+					window.addEventListener('load', function () {
+						window.parent.postMessage({ messageHeight: document.body.scrollHeight}, "*")
+					})
+				}
+			</script>`
+
+			htmlStr = strings.ReplaceAll(htmlStr, "</body>", js+"</body>")
+		}
+	}
+
 	w.Header().Add("Content-Type", "text/html; charset=utf-8")
-	_, _ = w.Write([]byte(html))
+	_, _ = w.Write([]byte(htmlStr))
 }

 // swagger:parameters GetMessageTextParams
--- a/server/embed.go
+++ b/server/embed.go
@@ -0,0 +1,79 @@
+package server
+
+import (
+	"embed"
+	"net/http"
+	"path"
+	"strings"
+
+	"github.com/axllent/mailpit/config"
+)
+
+var (
+	//go:embed ui
+	distFS embed.FS
+)
+
+// EmbedController is a simple controller to return a file from the embedded filesystem.
+//
+// This controller is replaces Go's default http.FileServer which, as of Go v1.23, removes
+// the Content-Encoding header from error responses, breaking pages such as 404's while
+// using gzip compression middleware.
+func embedController(w http.ResponseWriter, r *http.Request) {
+	p := r.URL.Path
+
+	if strings.HasSuffix(p, "/") {
+		p = p + "index.html"
+	}
+
+	p = strings.TrimLeft(p, config.Webroot) // server webroot config
+	p = path.Join("ui", p)                  // add go:embed path to path prefix
+
+	b, err := distFS.ReadFile(p)
+	if err != nil {
+		http.Error(w, "File not found", http.StatusNotFound)
+		return
+	}
+
+	// ensure any HTML files have the correct nonce
+	if strings.HasSuffix(p, ".html") {
+		nonce := r.Header.Get("mp-nonce")
+		b = []byte(strings.ReplaceAll(string(b), "%%NONCE%%", nonce))
+	}
+
+	// allow browser cache except for ?dev queries and HTML files
+	if r.URL.RawQuery != "dev" && !strings.HasSuffix(p, ".html") {
+		w.Header().Set("Cache-Control", "max-age=31536000, public, immutable")
+	}
+
+	w.Header().Set("Content-Type", contentType(p))
+	_, _ = w.Write(b)
+}
+
+// ContentType supports only a few content types, limited to this application's needs.
+func contentType(p string) string {
+	switch {
+	case strings.HasSuffix(p, ".html"):
+		return "text/html; charset=utf-8"
+	case strings.HasSuffix(p, ".css"):
+		return "text/css; charset=utf-8"
+	case strings.HasSuffix(p, ".js"):
+		return "application/javascript; charset=utf-8"
+	case strings.HasSuffix(p, ".json"):
+		return "application/json"
+	case strings.HasSuffix(p, ".svg"):
+		return "image/svg+xml"
+	case strings.HasSuffix(p, ".ico"):
+		return "image/x-icon"
+	case strings.HasSuffix(p, ".png"):
+		return "image/png"
+	case strings.HasSuffix(p, ".jpg"):
+		return "image/jpeg"
+	case strings.HasSuffix(p, ".gif"):
+		return "image/gif"
+	case strings.HasSuffix(p, ".woff2"):
+		return "font/woff2"
+	default:
+		return "text/plain"
+	}
+}
--- a/server/server.go
+++ b/server/server.go
@@ -4,13 +4,12 @@ package server
 import (
 	"bytes"
 	"compress/gzip"
-	"embed"
 	"fmt"
 	"io"
-	"io/fs"
 	"net"
 	"net/http"
 	"os"
+	"regexp"
 	"strings"
 	"sync/atomic"
 	"text/template"
@@ -30,11 +29,13 @@ import (
 	"github.com/lithammer/shortuuid/v4"
 )

-//go:embed ui
-var embeddedFS embed.FS
+var (
+	// AccessControlAllowOrigin CORS policy
+	AccessControlAllowOrigin string

-// AccessControlAllowOrigin CORS policy
-var AccessControlAllowOrigin string
+	// htmlPreviewRouteRe is a regexp to match the HTML preview route
+	htmlPreviewRouteRe *regexp.Regexp
+)

 // Listen will start the httpd
 func Listen() {
@@ -42,12 +43,6 @@ func Listen() {
 	isReady.Store(false)
 	stats.Track()

-	serverRoot, err := fs.Sub(embeddedFS, "ui")
-	if err != nil {
-		logger.Log().Errorf("[http] %s", err.Error())
-		os.Exit(1)
-	}
-
 	websockets.MessageHub = websockets.NewHub()

 	go websockets.MessageHub.Run()
@@ -64,12 +59,12 @@ func Listen() {
 	r.HandleFunc(config.Webroot+"proxy", middleWareFunc(handlers.ProxyHandler)).Methods("GET")

 	// virtual filesystem for /dist/ & some individual files
-	r.PathPrefix(config.Webroot + "dist/").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
-	r.PathPrefix(config.Webroot + "api/").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
-	r.Path(config.Webroot + "favicon.ico").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
-	r.Path(config.Webroot + "favicon.svg").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
-	r.Path(config.Webroot + "mailpit.svg").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
-	r.Path(config.Webroot + "notification.png").Handler(middlewareHandler(http.StripPrefix(config.Webroot, http.FileServer(http.FS(serverRoot)))))
+	r.PathPrefix(config.Webroot + "dist/").Handler(middleWareFunc(embedController))
+	r.PathPrefix(config.Webroot + "api/").Handler(middleWareFunc(embedController))
+	r.Path(config.Webroot + "favicon.ico").Handler(middleWareFunc(embedController))
+	r.Path(config.Webroot + "favicon.svg").Handler(middleWareFunc(embedController))
+	r.Path(config.Webroot + "mailpit.svg").Handler(middleWareFunc(embedController))
+	r.Path(config.Webroot + "notification.png").Handler(middleWareFunc(embedController))

 	// redirect to webroot if no trailing slash
 	if config.Webroot != "/" {
@@ -183,6 +178,10 @@ func apiRoutes() *mux.Router {
 	r.HandleFunc(config.Webroot+"api/v1/webui", middleWareFunc(apiv1.WebUIConfig)).Methods("GET")
 	r.HandleFunc(config.Webroot+"api/v1/swagger.json", middleWareFunc(swaggerBasePath)).Methods("GET")

+	// Chaos
+	r.HandleFunc(config.Webroot+"api/v1/chaos", middleWareFunc(apiv1.GetChaos)).Methods("GET")
+	r.HandleFunc(config.Webroot+"api/v1/chaos", middleWareFunc(apiv1.SetChaos)).Methods("PUT")
+
 	// web UI websocket
 	r.HandleFunc(config.Webroot+"api/events", apiWebsocket).Methods("GET")

@@ -229,7 +228,12 @@ func middleWareFunc(fn http.HandlerFunc) http.HandlerFunc {

 		w.Header().Set("Content-Security-Policy", cspHeader)

-		if AccessControlAllowOrigin != "" && strings.HasPrefix(r.RequestURI, config.Webroot+"api/") {
+		if htmlPreviewRouteRe == nil {
+			htmlPreviewRouteRe = regexp.MustCompile(`^` + regexp.QuoteMeta(config.Webroot) + `view/[a-zA-Z0-9]+\.html$`)
+		}
+
+		if AccessControlAllowOrigin != "" &&
+			(strings.HasPrefix(r.RequestURI, config.Webroot+"api/") || htmlPreviewRouteRe.MatchString(r.RequestURI)) {
 			w.Header().Set("Access-Control-Allow-Origin", AccessControlAllowOrigin)
 			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
 			w.Header().Set("Access-Control-Allow-Headers", "*")
@@ -262,44 +266,6 @@ func middleWareFunc(fn http.HandlerFunc) http.HandlerFunc {
 	}
 }

-// MiddlewareHandler http middleware adds optional basic authentication
-// and gzip compression
-func middlewareHandler(h http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Referrer-Policy", "no-referrer")
-		w.Header().Set("Content-Security-Policy", config.ContentSecurityPolicy)
-
-		if AccessControlAllowOrigin != "" && strings.HasPrefix(r.RequestURI, config.Webroot+"api/") {
-			w.Header().Set("Access-Control-Allow-Origin", AccessControlAllowOrigin)
-			w.Header().Set("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT, OPTIONS")
-			w.Header().Set("Access-Control-Allow-Headers", "*")
-		}
-
-		if auth.UICredentials != nil {
-			user, pass, ok := r.BasicAuth()
-
-			if !ok {
-				basicAuthResponse(w)
-				return
-			}
-
-			if !auth.UICredentials.Match(user, pass) {
-				basicAuthResponse(w)
-				return
-			}
-		}
-
-		if !strings.Contains(r.Header.Get("Accept-Encoding"), "gzip") {
-			h.ServeHTTP(w, r)
-			return
-		}
-		w.Header().Set("Content-Encoding", "gzip")
-		gz := gzip.NewWriter(w)
-		defer gz.Close()
-		h.ServeHTTP(gzipResponseWriter{Writer: gz, ResponseWriter: w}, r)
-	})
-}
-
 // Redirect to webroot
 func addSlashToWebroot(w http.ResponseWriter, r *http.Request) {
 	http.Redirect(w, r, config.Webroot, http.StatusFound)
@@ -313,7 +279,7 @@ func apiWebsocket(w http.ResponseWriter, r *http.Request) {

 // Wrapper to artificially inject a basePath to the swagger.json if a webroot has been specified
 func swaggerBasePath(w http.ResponseWriter, _ *http.Request) {
-	f, err := embeddedFS.ReadFile("ui/api/v1/swagger.json")
+	f, err := distFS.ReadFile("ui/api/v1/swagger.json")
 	if err != nil {
 		panic(err)
 	}
@@ -348,7 +314,7 @@ func index(w http.ResponseWriter, r *http.Request) {
 <body class="h-100">
 	<div class="container-fluid h-100 d-flex flex-column" id="app" data-webroot="{{ .Webroot }}" data-version="{{ .Version }}">
 		<noscript class="alert alert-warning position-absolute top-50 start-50 translate-middle">
-			You need a browser with JavaScript support to use Mailpit
+			You need a browser with JavaScript enabled to use Mailpit
 		</noscript>
 	</div>

@@ -379,6 +345,6 @@ func index(w http.ResponseWriter, r *http.Request) {
 		panic(err)
 	}

-	w.Header().Add("Content-Type", "text/html")
+	w.Header().Add("Content-Type", "text/html; charset=utf-8")
 	_, _ = w.Write(buff.Bytes())
 }
--- a/server/server_test.go
+++ b/server/server_test.go
@@ -37,7 +37,7 @@ func TestAPIv1Messages(t *testing.T) {

 	m, err := fetchMessages(ts.URL + "/api/v1/messages")
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	// check count of empty database
@@ -50,7 +50,7 @@ func TestAPIv1Messages(t *testing.T) {

 	m, err = fetchMessages(ts.URL + "/api/v1/messages")
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	// read first 10 messages
@@ -61,17 +61,17 @@ func TestAPIv1Messages(t *testing.T) {
 		}

 		if _, err := clientGet(ts.URL + "/api/v1/message/" + msg.ID); err != nil {
-			t.Errorf(err.Error())
+			t.Error(err.Error())
 		}

 		// get RAW
 		if _, err := clientGet(ts.URL + "/api/v1/message/" + msg.ID + "/raw"); err != nil {
-			t.Errorf(err.Error())
+			t.Error(err.Error())
 		}

 		// get headers
 		if _, err := clientGet(ts.URL + "/api/v1/message/" + msg.ID + "/headers"); err != nil {
-			t.Errorf(err.Error())
+			t.Error(err.Error())
 		}
 	}

@@ -98,7 +98,7 @@ func TestAPIv1ToggleReadStatus(t *testing.T) {

 	m, err := fetchMessages(ts.URL + "/api/v1/messages")
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	// check count of empty database
@@ -111,7 +111,7 @@ func TestAPIv1ToggleReadStatus(t *testing.T) {

 	m, err = fetchMessages(ts.URL + "/api/v1/messages")
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	// read first 10 IDs
@@ -134,11 +134,11 @@ func TestAPIv1ToggleReadStatus(t *testing.T) {
 	putData.IDs = putIDS
 	j, err := json.Marshal(putData)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	_, err = clientPut(ts.URL+"/api/v1/messages", string(j))
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	assertStatsEqual(t, ts.URL+"/api/v1/messages", 90, 100)

@@ -147,11 +147,11 @@ func TestAPIv1ToggleReadStatus(t *testing.T) {
 	putData.Read = false
 	j, err = json.Marshal(putData)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	_, err = clientPut(ts.URL+"/api/v1/messages", string(j))
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	assertStatsEqual(t, ts.URL+"/api/v1/messages", 100, 100)

@@ -160,13 +160,13 @@ func TestAPIv1ToggleReadStatus(t *testing.T) {
 	putData.IDs = []string{}
 	j, err = json.Marshal(putData)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	t.Log("Mark all read")
 	_, err = clientPut(ts.URL+"/api/v1/messages", string(j))
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	assertStatsEqual(t, ts.URL+"/api/v1/messages", 0, 100)
 }
@@ -272,14 +272,14 @@ func TestAPIv1Send(t *testing.T) {
 	resp := apiv1.SendMessageConfirmation{}

 	if err := json.Unmarshal(b, &resp); err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 		return
 	}

 	t.Logf("Fetching response for message %s", resp.ID)
 	msg, err := fetchMessage(ts.URL + "/api/v1/message/" + resp.ID)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}

 	t.Logf("Testing response for message %s", resp.ID)
@@ -307,7 +307,7 @@ func TestAPIv1Send(t *testing.T) {

 	attachmentBytes, err := clientGet(ts.URL + "/api/v1/message/" + resp.ID + "/part/" + msg.Attachments[0].PartID)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 	}
 	assertEqual(t, `This is a plain text attachment`, string(attachmentBytes), "wrong Attachment content")
 }
@@ -331,12 +331,12 @@ func assertStatsEqual(t *testing.T, uri string, unread, total int) {

 	data, err := clientGet(uri)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 		return
 	}

 	if err := json.Unmarshal(data, &m); err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 		return
 	}

@@ -352,12 +352,12 @@ func assertSearchEqual(t *testing.T, uri, query string, count int) {

 	data, err := clientGet(uri + "?query=" + url.QueryEscape(query) + "&limit=" + limit)
 	if err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 		return
 	}

 	if err := json.Unmarshal(data, &m); err != nil {
-		t.Errorf(err.Error())
+		t.Error(err.Error())
 		return
 	}

--- a/server/ui-src/App.vue
+++ b/server/ui-src/App.vue
@@ -3,7 +3,6 @@ import CommonMixins from './mixins/CommonMixins'
 import Favicon from './components/Favicon.vue'
 import Notifications from './components/Notifications.vue'
 import EditTags from './components/EditTags.vue'
-import { RouterView } from 'vue-router'
 import { mailbox } from "./stores/mailbox"

 export default {
@@ -16,7 +15,6 @@ export default {
 	},

 	beforeMount() {
-
 		// load global config
 		this.get(this.resolve('/api/v1/webui'), false, function (response) {
 			mailbox.uiConfig = response.data
--- a/server/ui-src/components/NavMailbox.vue
+++ b/server/ui-src/components/NavMailbox.vue
@@ -83,13 +83,23 @@ export default {
 			</button>

 			<template v-if="!mailbox.selected.length">
-				<button class="list-group-item list-group-item-action" data-bs-toggle="modal"
+				<button v-if="mailbox.skipConfirmations" class="list-group-item list-group-item-action"
+					:disabled="!mailbox.unread" @click="markAllRead">
+					<i class="bi bi-eye-fill me-1"></i>
+					Mark all read
+				</button>
+				<button v-else class="list-group-item list-group-item-action" data-bs-toggle="modal"
 					data-bs-target="#MarkAllReadModal" :disabled="!mailbox.unread">
 					<i class="bi bi-eye-fill me-1"></i>
 					Mark all read
 				</button>

-				<button class="list-group-item list-group-item-action" data-bs-toggle="modal"
+				<button v-if="mailbox.skipConfirmations" class="list-group-item list-group-item-action"
+					:disabled="!mailbox.total" @click="deleteAllMessages">
+					<i class="bi bi-trash-fill me-1 text-danger"></i>
+					Delete all
+				</button>
+				<button v-else class="list-group-item list-group-item-action" data-bs-toggle="modal"
 					data-bs-target="#DeleteAllModal" :disabled="!mailbox.total">
 					<i class="bi bi-trash-fill me-1 text-danger"></i>
 					Delete all
--- a/server/ui-src/components/NavSearch.vue
+++ b/server/ui-src/components/NavSearch.vue
@@ -68,7 +68,12 @@ export default {
 				</span>
 			</RouterLink>
 			<template v-if="!mailbox.selected.length">
-				<button class="list-group-item list-group-item-action" data-bs-toggle="modal"
+				<button v-if="mailbox.skipConfirmations" class="list-group-item list-group-item-action"
+					@click="deleteAllMessages" :disabled="!mailbox.count">
+					<i class="bi bi-trash-fill me-1 text-danger"></i>
+					Delete all
+				</button>
+				<button v-else class="list-group-item list-group-item-action" data-bs-toggle="modal"
 					data-bs-target="#DeleteAllModal" :disabled="!mailbox.count">
 					<i class="bi bi-trash-fill me-1 text-danger"></i>
 					Delete all
--- a/server/ui-src/components/Settings.vue
+++ b/server/ui-src/components/Settings.vue
@@ -12,6 +12,8 @@ export default {
 			mailbox,
 			theme: localStorage.getItem('theme') ? localStorage.getItem('theme') : 'auto',
 			timezones,
+			chaosConfig: false,
+			chaosUpdated: false,
 		}
 	},

@@ -23,7 +25,23 @@ export default {
 				localStorage.setItem('theme', v)
 			}
 			this.setTheme()
+		},
+
+		chaosConfig: {
+			handler() {
+				this.chaosUpdated = true
+			},
+			deep: true
+		},
+
+		'mailbox.skipConfirmations'(v) {
+			if (v) {
+				localStorage.setItem('skip-confirmations', 'true')
+			} else {
+				localStorage.removeItem('skip-confirmations')
+			}
 		}
+
 	},

 	mounted() {
@@ -31,6 +49,8 @@ export default {
 		this.$nextTick(function () {
 			Tags.init('select.tz')
 		})
+
+		mailbox.skipConfirmations = localStorage.getItem('skip-confirmations') ? true : false
 	},

 	methods: {
@@ -44,6 +64,24 @@ export default {
 				document.documentElement.setAttribute('data-bs-theme', this.theme)
 			}
 		},
+
+		loadChaos() {
+			this.get(this.resolve('/api/v1/chaos'), null, (response) => {
+				this.chaosConfig = response.data
+				this.$nextTick(() => {
+					this.chaosUpdated = false
+				})
+			})
+		},
+
+		saveChaos() {
+			this.put(this.resolve('/api/v1/chaos'), this.chaosConfig, (response) => {
+				this.chaosConfig = response.data
+				this.$nextTick(() => {
+					this.chaosUpdated = false
+				})
+			})
+		}
 	}
 }
 </script>
@@ -54,64 +92,199 @@ export default {
 		<div class="modal-dialog modal-lg">
 			<div class="modal-content">
 				<div class="modal-header">
-					<h5 class="modal-title" id="SettingsModalLabel">Mailpit UI settings</h5>
+					<h5 class="modal-title" id="SettingsModalLabel">Mailpit settings</h5>
 					<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
 				</div>
 				<div class="modal-body">
-					<div class="mb-3">
-						<label for="theme" class="form-label">Mailpit theme</label>
-						<select class="form-select" v-model="theme" id="theme">
-							<option value="auto">Auto (detect from browser)</option>
-							<option value="light">Light theme</option>
-							<option value="dark">Dark theme</option>
-						</select>
-					</div>
-					<div class="mb-3">
-						<label for="timezone" class="form-label">Timezone (for date searches)</label>
-						<select class="form-select tz" v-model="mailbox.timeZone" id="timezone" data-allow-same="true">
-							<option disabled hidden value="">Select a timezone...</option>
-							<option v-for="t in timezones" :value="t.tzCode">{{ t.label }}</option>
-						</select>
-					</div>
-					<div class="mb-3">
-						<div class="form-check form-switch">
-							<input class="form-check-input" type="checkbox" role="switch" id="tagColors"
-								v-model="mailbox.showTagColors">
-							<label class="form-check-label" for="tagColors">
-								Use auto-generated tag colors
-							</label>
+					<ul class="nav nav-tabs" id="myTab" role="tablist" v-if="mailbox.uiConfig.ChaosEnabled">
+						<li class="nav-item" role="presentation">
+							<button class="nav-link active" id="ui-tab" data-bs-toggle="tab"
+								data-bs-target="#ui-tab-pane" type="button" role="tab" aria-controls="ui-tab-pane"
+								aria-selected="true">Web UI</button>
+						</li>
+						<li class="nav-item" role="presentation">
+							<button class="nav-link" id="chaos-tab" data-bs-toggle="tab"
+								data-bs-target="#chaos-tab-pane" type="button" role="tab" aria-controls="chaos-tab-pane"
+								aria-selected="false" @click="loadChaos">Chaos</button>
+						</li>
+					</ul>
+
+					<div class="tab-content">
+						<div class="tab-pane fade show active" id="ui-tab-pane" role="tabpanel" aria-labelledby="ui-tab"
+							tabindex="0">
+							<div class="my-3">
+								<label for="theme" class="form-label">Mailpit theme</label>
+								<select class="form-select" v-model="theme" id="theme">
+									<option value="auto">Auto (detect from browser)</option>
+									<option value="light">Light theme</option>
+									<option value="dark">Dark theme</option>
+								</select>
+							</div>
+							<div class="mb-3">
+								<label for="timezone" class="form-label">Timezone (for date searches)</label>
+								<select class="form-select tz" v-model="mailbox.timeZone" id="timezone"
+									data-allow-same="true">
+									<option disabled hidden value="">Select a timezone...</option>
+									<option v-for="t in timezones" :value="t.tzCode">{{ t.label }}</option>
+								</select>
+							</div>
+							<div class="mb-3">
+								<div class="form-check form-switch">
+									<input class="form-check-input" type="checkbox" role="switch" id="tagColors"
+										v-model="mailbox.showTagColors">
+									<label class="form-check-label" for="tagColors">
+										Use auto-generated tag colors
+									</label>
+								</div>
+							</div>
+							<div class="mb-3">
+								<div class="form-check form-switch">
+									<input class="form-check-input" type="checkbox" role="switch" id="htmlCheck"
+										v-model="mailbox.showHTMLCheck">
+									<label class="form-check-label" for="htmlCheck">
+										Show HTML check message tab
+									</label>
+								</div>
+							</div>
+							<div class="mb-3">
+								<div class="form-check form-switch">
+									<input class="form-check-input" type="checkbox" role="switch" id="linkCheck"
+										v-model="mailbox.showLinkCheck">
+									<label class="form-check-label" for="linkCheck">
+										Show link check message tab
+									</label>
+								</div>
+							</div>
+							<div class="mb-3" v-if="mailbox.uiConfig.SpamAssassin">
+								<div class="form-check form-switch">
+									<input class="form-check-input" type="checkbox" role="switch" id="spamCheck"
+										v-model="mailbox.showSpamCheck">
+									<label class="form-check-label" for="spamCheck">
+										Show spam check message tab
+									</label>
+								</div>
+							</div>
+							<div class="mb-3">
+								<div class="form-check form-switch">
+									<input class="form-check-input" type="checkbox" role="switch"
+										id="skip-confirmations" v-model="mailbox.skipConfirmations">
+									<label class="form-check-label" for="skip-confirmations">
+										Skip <code>Delete all</code> &amp; <code>Mark all read</code> confirmation
+										dialogs
+									</label>
+								</div>
+							</div>
 						</div>
-					</div>
-					<div class="mb-3">
-						<div class="form-check form-switch">
-							<input class="form-check-input" type="checkbox" role="switch" id="htmlCheck"
-								v-model="mailbox.showHTMLCheck">
-							<label class="form-check-label" for="htmlCheck">
-								Show HTML check message tab
-							</label>
+
+						<div class="tab-pane fade" id="chaos-tab-pane" role="tabpanel" aria-labelledby="chaos-tab"
+							tabindex="0" v-if="mailbox.uiConfig.ChaosEnabled">
+							<p class="my-3">
+								<b>Chaos</b> allows you to set random SMTP failures and response codes at various
+								stages in a SMTP transaction to test application resilience
+								(<a href="https://mailpit.axllent.org/docs/integration/chaos/" target="_blank">
+									see documentation
+								</a>).
+							</p>
+
+							<ul>
+								<li>
+									<code>Response code</code> is the SMTP error code returned by the server if this
+									error is triggered. Error codes must range between 400 and 599.
+								</li>
+								<li>
+									<code>Error probability</code> is the % chance that the error will occur per message
+									delivery, where <code>0</code>(%) is disabled and <code>100</code>(%) wil always
+									trigger. A probability of <code>50</code> will trigger on approximately 50% of
+									messages received.
+								</li>
+							</ul>
+
+							<template v-if="chaosConfig">
+								<div class="mt-4 mb-4" :class="chaosUpdated ? 'was-validated' : ''">
+									<div class="mb-4">
+										<label>Trigger: <code>Sender</code></label>
+										<div class="form-text">
+											Trigger an error response based on the sender (From / Sender).
+										</div>
+										<div class="row mt-1">
+											<div class="col">
+												<label class="form-label">
+													Response code
+												</label>
+												<input type="number" class="form-control"
+													v-model.number="chaosConfig.Sender.ErrorCode" min="400" max="599"
+													required>
+											</div>
+											<div class="col">
+												<label class="form-label">
+													Error probability ({{ chaosConfig.Sender.Probability }}%)
+												</label>
+												<input type="range" class="form-range mt-1" min="0" max="100"
+													v-model.number="chaosConfig.Sender.Probability">
+											</div>
+										</div>
+									</div>
+
+									<div class="mb-4">
+										<label>Trigger: <code>Recipient</code></label>
+										<div class="form-text">
+											Trigger an error response based on the recipients (To, Cc, Bcc).
+										</div>
+										<div class="row mt-1">
+											<div class="col">
+												<label class="form-label">
+													Response code
+												</label>
+												<input type="number" class="form-control"
+													v-model.number="chaosConfig.Recipient.ErrorCode" min="400" max="599"
+													required>
+											</div>
+											<div class="col">
+												<label class="form-label">
+													Error probability ({{ chaosConfig.Recipient.Probability }}%)
+												</label>
+												<input type="range" class="form-range mt-1" min="0" max="100"
+													v-model.number="chaosConfig.Recipient.Probability">
+											</div>
+										</div>
+									</div>
+
+									<div class="mb-4">
+										<label>Trigger: <code>Authentication</code></label>
+										<div class="form-text">
+											Trigger an authentication error response.
+											Note that SMTP authentication must be configured too.
+										</div>
+										<div class="row mt-1">
+											<div class="col">
+												<label class="form-label">
+													Response code
+												</label>
+												<input type="number" class="form-control"
+													v-model.number="chaosConfig.Authentication.ErrorCode" min="400"
+													max="599" required>
+											</div>
+											<div class="col">
+												<label class="form-label">
+													Error probability ({{ chaosConfig.Authentication.Probability }}%)
+												</label>
+												<input type="range" class="form-range mt-1" min="0" max="100"
+													v-model.number="chaosConfig.Authentication.Probability">
+											</div>
+										</div>
+									</div>
+								</div>
+
+								<div v-if="chaosUpdated" class="mb-3 text-center">
+									<button class="btn btn-success" @click="saveChaos">Update Chaos</button>
+								</div>
+							</template>
 						</div>
+
 					</div>
-					<div class="mb-3">
-						<div class="form-check form-switch">
-							<input class="form-check-input" type="checkbox" role="switch" id="linkCheck"
-								v-model="mailbox.showLinkCheck">
-							<label class="form-check-label" for="linkCheck">
-								Show link check message tab
-							</label>
-						</div>
+					<div class="modal-footer">
+						<button type="button" class="btn btn-outline-secondary" data-bs-dismiss="modal">Close</button>
 					</div>
-					<div class="mb-3" v-if="mailbox.uiConfig.SpamAssassin">
-						<div class="form-check form-switch">
-							<input class="form-check-input" type="checkbox" role="switch" id="spamCheck"
-								v-model="mailbox.showSpamCheck">
-							<label class="form-check-label" for="spamCheck">
-								Show spam check message tab
-							</label>
-						</div>
-					</div>
-				</div>
-				<div class="modal-footer">
-					<button type="button" class="btn btn-outline-secondary" data-bs-dismiss="modal">Close</button>
 				</div>
 			</div>
 		</div>
--- a/server/ui-src/components/message/Release.vue
+++ b/server/ui-src/components/message/Release.vue
@@ -86,7 +86,10 @@ export default {
 					<div class="row">
 						<label class="col-sm-2 col-form-label text-body-secondary">From</label>
 						<div class="col-sm-10">
-							<input type="text" aria-label="From address" readonly class="form-control-plaintext"
+							<input v-if="mailbox.uiConfig.MessageRelay.OverrideFrom != ''" type="text"
+								aria-label="From address" readonly class="form-control-plaintext"
+								:value="mailbox.uiConfig.MessageRelay.OverrideFrom">
+							<input v-else type="text" aria-label="From address" readonly class="form-control-plaintext"
 								:value="message.From ? message.From.Address : ''">
 						</div>
 					</div>
@@ -122,51 +125,39 @@ export default {
 									Delete the message after release
 								</label>
 							</div>
-
 						</div>
 					</div>
-					
+
 					<h6>Notes</h6>
 					<ul>
 						<li v-if="mailbox.uiConfig.MessageRelay.AllowedRecipients != ''" class="form-text">
-							A recipient <b>allowlist</b> has been configured. Any mail address not matching the following will be rejected:
+							A recipient <b>allowlist</b> has been configured. Any mail address not matching the
+							following will be rejected:
 							<code>{{ mailbox.uiConfig.MessageRelay.AllowedRecipients }}</code>
 						</li>
 						<li v-if="mailbox.uiConfig.MessageRelay.BlockedRecipients != ''" class="form-text">
-							A recipient <b>blocklist</b> has been configured. Any mail address matching the following will be rejected:
+							A recipient <b>blocklist</b> has been configured. Any mail address matching the following
+							will be rejected:
 							<code>{{ mailbox.uiConfig.MessageRelay.BlockedRecipients }}</code>
 						</li>
 						<li class="form-text">
 							For testing purposes, a new unique <code>Message-Id</code> will be generated on send.
 						</li>
+						<li v-if="mailbox.uiConfig.MessageRelay.OverrideFrom != ''" class="form-text">
+							The <code>From</code> email address has been overridden by the relay configuration to
+							<code>{{ mailbox.uiConfig.MessageRelay.OverrideFrom }}</code>.
+						</li>
 						<li class="form-text">
 							SMTP delivery failures will bounce back to
 							<code v-if="mailbox.uiConfig.MessageRelay.ReturnPath != ''">
 								{{ mailbox.uiConfig.MessageRelay.ReturnPath }}
 							</code>
+							<code v-else-if="mailbox.uiConfig.MessageRelay.OverrideFrom != ''">
+								{{ mailbox.uiConfig.MessageRelay.OverrideFrom }}
+							</code>
 							<code v-else>{{ message.ReturnPath }}</code>.
 						</li>
 					</ul>
-
-					<!-- <div class="form-text text-center" v-if="mailbox.uiConfig.MessageRelay.AllowedRecipients != ''">
-						Note: A recipient allowlist has been configured. Any mail address not matching it will be
-						rejected.<br class="d-none d-md-inline">
-						Allowed recipients: <b>{{ mailbox.uiConfig.MessageRelay.AllowedRecipients }}</b>
-					</div>
-					<div class="form-text text-center" v-if="mailbox.uiConfig.MessageRelay.BlockedRecipients != ''">
-						Note: A recipient blocklist has been configured. Any mail address matching it will be
-						rejected.<br class="d-none d-md-inline">
-						Blocked recipients: <b>{{ mailbox.uiConfig.MessageRelay.BlockedRecipients }}</b>
-					</div>
-					<div class="form-text text-center">
-						Note: For testing purposes, a unique Message-Id will be generated on send.
-						<br class="d-none d-md-inline">
-						SMTP delivery failures will bounce back to
-						<b v-if="mailbox.uiConfig.MessageRelay.ReturnPath != ''">
-							{{ mailbox.uiConfig.MessageRelay.ReturnPath }}
-						</b>
-						<b v-else>{{ message.ReturnPath }}</b>.
-					</div> -->
 				</div>
 				<div class="modal-footer">
 					<button type="button" class="btn btn-outline-secondary" data-bs-dismiss="modal">Cancel</button>
--- a/server/ui-src/stores/mailbox.js
+++ b/server/ui-src/stores/mailbox.js
@@ -14,8 +14,9 @@ export const mailbox = reactive({
 	searching: false,				// current search, false for none
 	refresh: false, 				// to listen from MessagesMixin
 	autoPaginating: true, 			// allows temporary bypass of loadMessages() via auto-pagination
-	notificationsSupported: false,
-	notificationsEnabled: false,
+	notificationsSupported: false,	// browser supports notifications
+	notificationsEnabled: false,	// user has enabled notifications
+	skipConfirmations: false, 		// skip modal confirmations for "Delete all" & "mark all read"
 	appInfo: {},					// application information
 	uiConfig: {},					// configuration for UI
 	lastMessage: false,				// return scrolling
--- a/server/ui/api/v1/index.html
+++ b/server/ui/api/v1/index.html
@@ -8,12 +8,12 @@
 	<meta name="referrer" content="no-referrer">
 	<meta name="robots" content="noindex, nofollow, noarchive">
 	<link rel="icon" href="../../favicon.svg">
-	<script src="../../dist/docs.js"></script>
+	<script src="../../dist/docs.js" nonce="%%NONCE%%"></script>
 </head>

 <body>
 	<rapi-doc id="thedoc" spec-url="swagger.json" theme="light" layout="column" render-style="read" load-fonts="false"
-		allow-authentication="false"
+		allow-authentication="false" sort-tags="true"
 		regular-font="system-ui, -apple-system, 'Segoe UI', Roboto, 'Helvetica Neue', 'Noto Sans', 'Liberation Sans', Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji'"
 		mono-font="Courier New, Courier, System, fixed-width" font-size="large" allow-spec-url-load="false"
 		allow-spec-file-load="false" allow-server-selection="false" allow-search="false" allow-advanced-search="false"
--- a/server/ui/api/v1/swagger.json
+++ b/server/ui/api/v1/swagger.json
@@ -23,6 +23,66 @@
    "version": "v1"
  },
  "paths": {
+    "/api/v1/chaos": {
+      "get": {
+        "description": "Returns the current Chaos triggers configuration.\nThis API route will return an error if Chaos is not enabled at runtime.",
+        "produces": [
+          "application/json"
+        ],
+        "schemes": [
+          "http",
+          "https"
+        ],
+        "tags": [
+          "testing"
+        ],
+        "summary": "Get Chaos triggers",
+        "operationId": "getChaos",
+        "responses": {
+          "200": {
+            "$ref": "#/responses/ChaosResponse"
+          },
+          "400": {
+            "$ref": "#/responses/ErrorResponse"
+          }
+        }
+      },
+      "put": {
+        "description": "Set the Chaos triggers configuration and return the updated values.\nThis API route will return an error if Chaos is not enabled at runtime.\n\nIf any triggers are omitted from the request, then those are reset to their\ndefault values with a 0% probability (ie: disabled).\nSetting a blank `{}` will reset all triggers to their default values.",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "schemes": [
+          "http",
+          "https"
+        ],
+        "tags": [
+          "testing"
+        ],
+        "summary": "Set Chaos triggers",
+        "operationId": "setChaosParams",
+        "parameters": [
+          {
+            "name": "Body",
+            "in": "body",
+            "schema": {
+              "$ref": "#/definitions/Triggers"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/ChaosResponse"
+          },
+          "400": {
+            "$ref": "#/responses/ErrorResponse"
+          }
+        }
+      }
+    },
    "/api/v1/info": {
      "get": {
        "description": "Returns basic runtime information, message totals and latest release version.",
@@ -139,7 +199,7 @@
          "https"
        ],
        "tags": [
-          "Other"
+          "other"
        ],
        "summary": "HTML check",
        "operationId": "HTMLCheckParams",
@@ -179,7 +239,7 @@
          "https"
        ],
        "tags": [
-          "Other"
+          "other"
        ],
        "summary": "Link check",
        "operationId": "LinkCheckParams",
@@ -414,7 +474,7 @@
          "https"
        ],
        "tags": [
-          "Other"
+          "other"
        ],
        "summary": "SpamAssassin check",
        "operationId": "SpamAssassinCheckParams",
@@ -942,6 +1002,13 @@
            "name": "ID",
            "in": "path",
            "required": true
+          },
+          {
+            "type": "string",
+            "x-go-name": "Embed",
+            "description": "If this is route is to be embedded in an iframe, set embed to `1` in the URL to add `target=\"_blank\"` and `rel=\"noreferrer noopener\"` to all links.\n\nIn addition, a small script will be added to the end of the document to post (postMessage()) the height of the document back to the parent window for optional iframe height resizing.\n\nNote that this will also *transform* the message into a full HTML document (if it isn't already), so this option is useful for viewing but not programmatic testing.",
+            "name": "embed",
+            "in": "query"
          }
        ],
        "responses": {
@@ -1816,10 +1883,53 @@
      "x-go-name": "Result",
      "x-go-package": "github.com/axllent/mailpit/internal/spamassassin"
    },
+    "Trigger": {
+      "description": "Trigger for Chaos",
+      "type": "object",
+      "required": [
+        "ErrorCode",
+        "Probability"
+      ],
+      "properties": {
+        "ErrorCode": {
+          "description": "SMTP error code to return. The value must range from 400 to 599.",
+          "type": "integer",
+          "format": "int64",
+          "example": 451
+        },
+        "Probability": {
+          "description": "Probability (chance) of triggering the error. The value must range from 0 to 100.",
+          "type": "integer",
+          "format": "int64",
+          "example": 5
+        }
+      },
+      "x-go-package": "github.com/axllent/mailpit/internal/smtpd/chaos"
+    },
+    "Triggers": {
+      "description": "Triggers for the Chaos configuration",
+      "type": "object",
+      "properties": {
+        "Authentication": {
+          "$ref": "#/definitions/Trigger"
+        },
+        "Recipient": {
+          "$ref": "#/definitions/Trigger"
+        },
+        "Sender": {
+          "$ref": "#/definitions/Trigger"
+        }
+      },
+      "$ref": "#/definitions/Triggers"
+    },
    "WebUIConfiguration": {
      "description": "Response includes global web UI settings",
      "type": "object",
      "properties": {
+        "ChaosEnabled": {
+          "description": "Whether Chaos support is enabled at runtime",
+          "type": "boolean"
+        },
        "DuplicatesIgnored": {
          "description": "Whether messages with duplicate IDs are ignored",
          "type": "boolean"
@@ -1844,6 +1954,10 @@
              "description": "Whether message relaying (release) is enabled",
              "type": "boolean"
            },
+            "OverrideFrom": {
+              "description": "Overrides the \"From\" address for all relayed messages",
+              "type": "string"
+            },
            "ReturnPath": {
              "description": "Enforced Return-Path (if set) for relay bounces",
              "type": "string"
@@ -1885,6 +1999,12 @@
        "type": "string"
      }
    },
+    "ChaosResponse": {
+      "description": "Response for the Chaos triggers configuration",
+      "schema": {
+        "$ref": "#/definitions/Triggers"
+      }
+    },
    "ErrorResponse": {
      "description": "Server error will return with a 400 status code\nwith the error message in the body",
      "schema": {
Author	SHA1	Message	Date
Ralph Slooten	f40f95555a	Merge branch 'release/v1.22.2'	2025-02-09 10:10:35 +13:00
Ralph Slooten	a5558d97ce	Release v1.22.2	2025-02-09 10:10:34 +13:00
Ralph Slooten	50c072ef4f	Chore: Update node dependencies / esbuild	2025-02-09 10:07:54 +13:00
Ralph Slooten	561032f367	Chore: Update Go dependencies	2025-02-09 10:00:35 +13:00
Ralph Slooten	8f1b7b6ec0	Chore: Enable browser cache for embedded web UI assets	2025-02-09 09:47:45 +13:00
Ralph Slooten	be94385f38	Merge branch 'feature/embed-controller' into develop	2025-02-08 15:15:34 +13:00
Ralph Slooten	61306e1ae4	Ignore render errors	2025-02-08 15:15:25 +13:00
Ralph Slooten	dac9fcf735	Chore: Replace http.FileServer with custom controller to correctly encode gzipped error responses for embed.FS Go v1.23 removes the Content-Encoding header from error responses, breaking pages such as 404's while using gzip compression middleware.	2025-02-08 15:15:07 +13:00
Ralph Slooten	3528bc8da7	Fix: Add missing "latest" route to message attachment API endpoint (#437 )	2025-02-08 08:35:37 +13:00
Ralph Slooten	cb3300212f	Fix: Remove recursive HTML regeneration in embedded HTML view (#434 )	2025-02-07 19:39:55 +13:00
Ralph Slooten	f377414c3b	Merge tag 'v1.22.1' into develop Release v1.22.1	2025-02-06 15:09:08 +13:00
Ralph Slooten	a2db203a08	Merge branch 'release/v1.22.1'	2025-02-06 15:09:06 +13:00
Ralph Slooten	b1eb58c9c8	Release v1.22.1	2025-02-06 15:09:06 +13:00
Ralph Slooten	76b7e74049	Chore: Update node dependencies	2025-02-06 15:04:37 +13:00
Ralph Slooten	ed0caa0081	Chore: Update Go dependencies	2025-02-06 15:03:45 +13:00
Ralph Slooten	45e67b5cac	Remove swagger example to allow validation	2025-02-05 15:36:07 +13:00
Ralph Slooten	0c63c29769	Feature: Add optional query parameter for HTML message iframe embedding (#434 )	2025-02-05 15:25:15 +13:00
Ralph Slooten	f4d6dd5c39	Update test error logging formatting	2025-02-04 16:16:17 +13:00
Ralph Slooten	496bf17db7	Chore: Add API CORS policy to HTML preview routes (#434 )	2025-02-02 15:57:40 +13:00
Ralph Slooten	86b5524217	Feature: Add optional UI setting to skip "Delete all" & "Mark all read" confirmation dialogs(#428 )	2025-02-02 15:31:18 +13:00
dependabot[bot]	cba9f0043c	Chore: Bump actions/stale from 9.0.0 to 9.1.0 (#432 ) Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v9.0.0...v9.1.0) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-01 22:52:28 +13:00
Ralph Slooten	a1b08ea2bc	Fix Chaos link typo	2025-01-30 23:20:00 +13:00
Ralph Slooten	3d6d899a6d	Merge tag 'v1.22.0' into develop Release v1.22.0	2025-01-26 13:37:08 +13:00
Ralph Slooten	9687329fc1	Merge branch 'release/v1.22.0'	2025-01-26 13:37:04 +13:00
Ralph Slooten	04410ff463	Release v1.22.0	2025-01-26 13:37:03 +13:00
Ralph Slooten	a29b969e61	Reorder forwarding feature	2025-01-26 12:46:13 +13:00
Ralph Slooten	8425780ccd	Chore: Update node dependencies	2025-01-26 12:44:41 +13:00
Ralph Slooten	8331e11f7f	Chore: Update Go dependencies	2025-01-26 12:43:29 +13:00
Ralph Slooten	d7df895261	Feature: SMTP auto-forwarding option (#414 )	2025-01-26 12:39:39 +13:00
Ralph Slooten	e2fab49873	Update relay modal wording	2025-01-26 09:48:05 +13:00
Ralph Slooten	a95bc3d29f	Feature: Option to override the From email address in SMTP relay configuration (#414 )	2025-01-26 00:22:57 +13:00
Ralph Slooten	f278933bb9	Merge branch 'feature/chaos' into develop	2025-01-25 12:17:32 +13:00
Ralph Slooten	4d86297169	Feature: Add Chaos functionality to test integration handling of SMTP error responses (#402 , #110 , #144 & #268 ) Closes #405	2025-01-25 12:17:15 +13:00
Ralph Slooten	2a6ab0476b	Correct format string in EHLO response	2025-01-25 11:57:32 +13:00
Ralph Slooten	b2ffb7476d	Order swagger sections by tag name	2025-01-25 00:00:23 +13:00
Ralph Slooten	338f205234	Use consistent swagger tag casing	2025-01-24 11:55:51 +13:00
Ralph Slooten	168049faf9	Refactor write & writef arguments	2025-01-18 14:47:20 +13:00
Hazem Noor	2a1a5ae852	Fix: Update command `npm run update-caniemail` save path (#422 )	2025-01-09 10:59:01 +13:00
Ralph Slooten	e30754a167	Fix: Correct date formatting in TestMakeHeaders	2025-01-01 22:49:23 +13:00
Ralph Slooten	fd46d4076b	Merge tag 'v1.21.8' into develop Release v1.21.8	2024-12-20 16:48:13 +13:00