10.0.11 (6 Dec 2025)
[AR-519] - sort not working when loading items from treeview
[AR-3159] - zip PDF and PST large files exported to speed pdownload
[AR-3162] - failed to assign role for basic authentication
[AR-3167] - add support for X-MS-Exchange-Organization-BCC
[AR-3169] - PST items are missing in folders
[AR-3170] - PST folder view scrolling not working
[AR-3171] - websocket chat ui after login
[AR-3172] - Search box in Firefox ESR 140 does not accept “(“ and triggers search-history dropdown instead
[AR-3173] - scroll folder result's from Treeview show only the 1st screen result
[AR-3174] - PST doesn't import directly from zip
10.0.10 (26 Nov 2025)
[AR-3049] - failed load users.conf of version < 9
[AR-3161] - archiving stalling due to virtual thread use
10.0.9 (1 Nov 2025)
[AR-3150] - basic auth: users cannot see emails during email address filtering issue
[AR-3153] - IMAP Tomcat deadlock
10.0.8 (30 Oct 2025)
[AR-891] - clicking a user on the tree view loads all available results
[AR-3146] - thread exhaustion due to blocking on blob insertion
[AR-3147] - fix index and display of single part messages
[AR-3148] - improved handling of Backblaze B2 500 and 503 errors
10.0.7 (23 Oct 2025)
[AR-3124] - Wrong part is rendered in message view
[AR-3125] - Render inline images with Content-Type of application/octet-stream
[AR-3128] - better handling of Google Workspace rate limiting
[AR-3137] - improvement to ackblaze exponential backoff algorithm
[AR-3142] - NPE when get process log file and it is not exist
Improvement
[AR-3130] - process HUGE pop/imap mailboxes
10.0.6 (10 Oct 2025)
[AR-3124] - Wrong part is rendered in message view (reworked)
[AR-3125] - Render inline images with Content-Type of application/octet-stream (reworked)
[AR-3131] - Request is null in getAppID(): init ActionContext first on list web.xml
10.0.5 (4 Oct 2025)
[AR-3119] - ejected volume when mounted stays ejected
[AR-3129] - Unable to write large blobs to Backblaze B2 due to FileAlreadyExistsException status (904)
[AR-3126] - security enhancement: OWASP santization of message view
10.0.4 (3 Oct 2025)
[AR-3123] - Aspose license not initialized. PST import/export contains Aspose branding.
[AR-3124] - Wrong part is rendered in message view
[AR-3125] - Render inline images with Content-Type of application/octet-stream
[AR-3126] - security enhancement: OWASP santization of message view
[AR-3019] - PST import: database instance is not set in the current thread
[AR-3127] - Remove orphaned blobs from central queue
[AR-3122] - Timeout parsing of large and complex attachments
10.0.3 (29 Sept 2025)
[AR-3114] - ignore sync of non mime encoded exchange invites
[AR-3116] - Google get users Code:429 "Too Many Requests "
[AR-3118] - java.lang.NoSuchMethodError: 'void kotlin.io.path.PathsKt.deleteRecursively
10.0.1 (18 Sept 2025)
[AR-3111] - hang on PDF export due to Aspose parsing issue. Upgrade Aspose 25.4 (further update)
[AR-3112] - Harden AWS S3 region and endpoint resolution logic
10.0.1 (16 Sept 2025)
[AR-3111] - hang on PDF export due to Aspose parsing issue. Upgrade Aspose 25.4
10.0.0 (4 Sept 2025)
[AR-2974] Authentication overhaul — replaced the entire authentication system with Pac4j security framework for standardized, modern, and extensible security handling.
Core Changes
AR-2983 Replaced legacy security filter with pac4j filters (security and callback).
AR-2984 Integrated role and authorization mapping into pac4j profiles and authorizers.
AR-2986 Added support for AD, LDAP, Azure, and Google authentication providers through pac4j clients.
AR-2989 Migrated in-memory login handling to pac4j session and profile management.
AR-2991 Replaced legacy session management with pac4j ProfileManager.
AR-2992 Migrated custom MailArchivaPrincipal to pac4j CommonProfile.
AR-2993 Re-implemented two-factor authentication using pac4j client chaining.
AR-2994 Added multi-tenancy support to authentication flows.
AR-2995 Replaced legacy BASIC authentication
Fixes and Adjustments Post-Migration
AR-3104 Multi-tenant: fixed issue where tenant certificate imports were incorrectly stored in central config.