Changelog

What we shipped.

Every release, every feature, every breaking change — in chronological order. Versioning follows SemVer.

v4.0.0 June 2026 Major The 100-Feature Release

The biggest Mailgrid release ever. 50 features drawn from the best tools in the industry — Mailchimp, Klaviyo, Brevo, ActiveCampaign, Superhuman, Litmus. 50 features nobody else has. All shipping on every plan, no enterprise paywall.

Email Marketing Suite — 50 industry features

  • A/B Testing — Test subjects, content, and send times with statistical confidence
  • Campaign Manager — Drag-and-drop campaign builder with drip sequences
  • Frequency Capping — Prevent subscriber fatigue automatically
  • RSS-to-Email — Auto-send blog updates to subscribers
  • Sign-up Form Builder — Embeddable forms with double opt-in
  • GDPR Consent Manager — Full consent lifecycle with audit trail
  • Landing Page Builder — Convert traffic without leaving Mailgrid
  • Revenue Attribution — Track email → purchase conversions
  • Engagement Scoring — Hot/warm/cold contact tiers automatically
  • DMARC Report Viewer — Visualize authentication reports
  • IP Blacklist Monitor — Real-time blacklist checks for all IPs
  • Spam Score Checker — Pre-send deliverability audit
  • Template Versioning — Git-like history for every template change
  • Sender Identity Manager — Multiple from-addresses per account
  • Bounce Rule Engine — Custom rules for bounce handling
  • Cart Abandonment — Recover lost revenue automatically
  • Lifecycle Triggers — Birthday, anniversary, inactivity automations
  • Contact Tags — Flexible tagging system with bulk operations
  • UTM Auto-Injection — Automatic UTM parameters on all links
  • Benchmark Comparison — See how you compare to your industry

AI-Powered Intelligence

  • Subject Line Predictor — AI suggests subjects with open rate scores
  • Churn Prediction — Identify at-risk subscribers before they leave
  • AI Email Translator — Translate to 50+ languages, tone preserved
  • AI Reply Drafter — One-click contextual reply suggestions
  • Unsubscribe Prevention — Detect disengagement signals early
  • Multi-Model AI — Choose Claude, GPT-4, Gemini, or Llama per task
  • AI Compliance Copilot — Pre-send GDPR/CAN-SPAM check
  • Predictive Personalization — AI fills template variables automatically
  • Smart Frequency Optimizer — ML-based send interval optimization
  • Thread Summarizer — AI condenses long email chains

Platform & Developer Features

  • Sub-account Management — Agency and reseller support
  • White-Label Dashboard — Your brand, your domain
  • Email Flows (YAML) — Define entire email journeys as code
  • Load Testing — Simulate high-volume sends before production
  • Cross-Account Template Sharing — Share templates via token
  • Email Rollback — Cancel sends within the first 5 minutes
  • Email Fingerprinting — Cryptographic tamper-proof send audit
  • Client Portal Emails — Secure view-behind-login delivery
  • Auto-Reply / Vacation — Smart responders with date scheduling
  • SLO Monitor — Error budget tracking for email reliability

Analytics & Compliance

  • Reputation Dashboard — Real-time reputation score (0–100)
  • Carbon Footprint — Track email CO2 impact
  • Error Budget (SLO) — Set and monitor delivery SLA targets
  • DMARC Visualization — Pass/fail breakdown by source IP
  • Industry Benchmarks — Compare open/click rates by vertical
  • Revenue Attribution — Email → conversion tracking
  • Engagement Heatmaps — Visual click and open patterns
  • Self-Destructing Emails — Expire after N views or N days
  • Consent Audit Trail — GDPR-ready consent history export
  • Geographic Send Map — See where emails land in real-time

Breaking changes

  • None. All v3.4 API calls continue to work unchanged. All new features are additive.
v3.4.0 June 4, 2026 Major Inbox Hosting + Webmail

Mailgrid now handles inbound email too. Full inbox hosting on your domain, a white-label webmail portal at mail.yourdomain.com, magic-link mailbox auth, and a one-click domain verification wizard backed by the Cloudflare DNS API.

Added — Inbox Hosting

  • Full inbound email hosting via SES inbound routing + Cloudflare R2 storage
  • Per-mailbox folders, threads, labels, and drafts in D1
  • Zoho Mail-comparable pricing plans — Starter, Business, and Enterprise tiers
  • R2 storage billed at $0.015/GB/month after the free 10 GB tier

Added — Webmail Portal

  • White-label webmail SPA deployed to Cloudflare Pages at mail.yourdomain.com
  • Magic-link login — no password required for mailbox users
  • Compose, reply, label, thread view, and message reader
  • mail.hyperbridge.digital live as the first production webmail domain

Added — Domain Verification Wizard

  • One-click Cloudflare DNS provisioning — SPF, DKIM, and DMARC added via API
  • Auto-verify after provisioning; green badge appears in seconds
  • Manual DNS record display for non-Cloudflare domains
  • SES account-status endpoint for unattended production-access monitoring

Fixed

  • Password reset link now correctly opens the new-password form instead of the login page (hash-router URL fix)
  • authMiddleware now accepts both JWT session tokens and API keys

Breaking changes

  • None. All v3.3 API calls continue to work unchanged.
v3.3.0 May 16, 2026 Major ZeptoMail parity

Closes the feature gap with ZeptoMail and Postmark. Adds email streams, file cache, dedicated IPs, SMTP relay, user management, and 7 new MCP tools.

Added — Email Streams

  • POST /api/streams · GET · DELETE — Create transactional / marketing / notifications profiles with their own from-address, SES configuration set, and IP pool.
  • New streamId field on POST /api/emails routes the send through the named stream's config.
  • Send path auto-stamps X-InboxOS-Stream header on outbound MIME.
  • Per-stream enabled toggle lets you pause marketing while keeping transactional live.
  • MCP tools: create_stream, list_streams.

Added — File Cache

  • POST /api/files · GET · DELETE — Upload a file once to R2; reference by fileId in many sends.
  • 25 MB max per file, 20 attachments max per email.
  • Auto content-type detection from extension (PDF, PNG, JPG, GIF, WebP, SVG, CSV, DOCX, XLSX, ZIP, ...).
  • Optional expiresAt auto-purges via the existing cron.
  • SES Raw MIME path now activates automatically whenever attachments are present (inline or by reference).
  • New multipart/mixed builder with proper multipart/alternative bodies + RFC 2045 base64 chunking.
  • MCP tools: upload_file, list_files.

Added — Dedicated IPs

  • POST /api/ips · GET · DELETE · PUT /:id/status — Register and track dedicated SES IPs per tenant.
  • 4-state warmup machine: pending → warming → active → retired with warmupPct tracker.
  • Send path auto-routes through the active IP pool's configuration set when no streamId override is set.
  • MCP tool: register_dedicated_ip.

Added — SMTP Relay

  • POST /smtp/send — HTTP-based SMTP-compatible endpoint.
  • Accepts raw RFC 822 MIME (for sidecar proxies) or a simplified envelope JSON.
  • RFC 822 header parser handles folded lines, address brackets, and basic Content-Type detection.
  • Routes through the same send() domain function — full parity with REST sends (suppression, idempotency, tracking, streams).

Added — User Access Management

  • GET /api/users · POST · DELETE /:id · PUT /:id/role · POST /:id/suspend.
  • Four roles: owner · admin · developer · viewer with owner-protection rules.
  • POST /api/users/invite — generate 7-day invite tokens.
  • POST /api/users/accept-invite — public (unauthenticated) endpoint, token-gated, marks user active.
  • MCP tools: invite_user, list_users.

Infrastructure

  • D1 migration 0004_zeptomail.sql: 5 new tables (email_streams, file_cache, users, user_invites, dedicated_ips).
  • R2 prefix layout extended: tenants/{tenant_id}/files/{file_id} alongside the existing emails prefix.
  • Terraform module infra/aws/ for one-shot AWS SES + SNS + IAM provisioning, with optional dedicated IP pool toggle.
  • One-shot bootstrap script (infra/aws/bootstrap.sh) that runs Terraform and pipes IAM credentials straight into wrangler secret put.
  • Tenant seed script (scripts/bootstrap-tenant.mjs) generates the first tenant + admin API key with the correct HMAC scheme.

API key scopes — new

  • streams:read · streams:write
  • files:read · files:write
  • users:read · users:write
  • ips:read · ips:write

Marketing site + Docs

  • New mailgrid.space apex site on Cloudflare Pages (8 pages: home, pricing, customers, changelog, contact, docs landing, privacy, terms).
  • Wiki-style documentation at /docs/ with sticky sidebar, search, right-rail table of contents, breadcrumbs, prev/next pager.
  • 29 deep documentation pages covering every concept, API endpoint, guide, and operations runbook.
  • Comprehensive feature inventory at /docs/features.

Breaking changes

  • None. All v3.2 calls continue to work unchanged. New fields (streamId, attachments) are optional.
v3.2.0 May 1, 2026 Major AI & Superhuman parity

Adds the full Superhuman-class AI layer plus follow-up rules, smart-send, and audit logs. This is when Mailgrid stopped being "just an email API" and became an agent-driven platform.

Added — AI capabilities

  • POST /api/ai/summarize — Summarize an email body. Returns both a detailed summary and a one-line TL;DR.
  • POST /api/ai/ask — Natural-language queries over tenant event data + knowledge base. E.g. "Which campaigns had the highest open rate this month?"
  • POST /api/ai/personalize — Rewrite subject + body for a specific recipient using contact metadata + tone.
  • Voice & Tone match — accept 1-3 example emails on POST /api/templates/generate for style-matched output.
  • Smart-sendcomputeSmartSendAt() returns the optimal next send time from historical open patterns.
  • AI provider chain: Workers AI (Llama 3.1 8B) primary; Anthropic Claude Haiku fallback when ANTHROPIC_API_KEY is set.

Added — Knowledge base

  • POST /api/knowledge · GET · DELETE — Store free-form context entries.
  • Auto-injected as context for ai/ask and templates/generate calls.
  • Tag-based filtering for selective injection.

Added — Labels & classification

  • POST /api/labels/rules · GET · DELETE — Define rule-based auto-labeling.
  • POST /api/labels/email/:id/auto — Run rules + AI fallback against a specific message.
  • Rules support contains and matches conditions on subject/from/body.

Added — Follow-up rules

  • POST /api/followups — Configure "if not opened/clicked within N days, send follow-up message".
  • Cron-evaluated against engagement data.
  • Stacked rules supported (3-day reminder → 7-day final).

Added — Audit logs

  • GET /api/audit-logs — Structured trail of every administrative action.
  • Records actor (API key id), action, target resource, before/after state, timestamp.
  • Filterable by actor, action, date range.

Infrastructure

  • D1 migration 0003_superhuman.sql: knowledge base, label rules, audit logs, follow-up rules tables.
  • New cron at 30 4 * * * for daily analytics rollups.
  • Workers AI binding added to wrangler.toml.

API key scopes — new

  • ai:use · knowledge:read · knowledge:write · labels:read · labels:write · audit:read
v3.1.0 Apr 18, 2026 Major Production-ready InboxOS

Multi-tenant production-grade platform with contacts, scheduling, tracking, analytics, MCP.

Added — Contacts & lists

  • POST /api/contacts · CRUD with arbitrary JSON metadata per contact.
  • Statuses: subscribed · unsubscribed · bounced · complained.
  • POST /api/lists · many-to-many contact ↔ list membership.
  • Bulk import endpoint with 10,000 entries per call.

Added — Scheduled emails

  • POST /api/emails/schedule — D1-backed, hourly cron-flushed.
  • DELETE /api/emails/schedule/:id — Cancel pending.
  • 4-state machine: pending · sent · cancelled · failed.

Added — Tracking

  • GET /t/o/:token — 1×1 open pixel with HMAC-signed token (no DB read on hit).
  • GET /t/c/:token — Click tracking with 302 redirect to destination.
  • Per-send trackOpens + trackClicks toggles on POST /api/emails.
  • Long-URL tracking table for click-through redirects on >2 KB URLs.

Added — Analytics

  • GET /api/analytics?days=30 — 30-day rollup of all event types.
  • Daily breakdown for chart-friendly time series.
  • Rates computed: delivery, open, click, bounce, complaint.

Added — Unsubscribe (RFC 8058)

  • List-Unsubscribe + List-Unsubscribe-Post headers stamped on every send.
  • Both mailto: and https:// unsubscribe paths.
  • HMAC-signed tokens — no DB lookup on one-click unsubscribe.
  • Public UI at /unsubscribe?token=....

Added — MCP server

  • POST /api/mcp — Model Context Protocol 2024-11-05 endpoint.
  • Initial 11 tools: send_email, send_batch, create_template, get_template, generate_template, verify_domain, get_domain, analyze_deliverability, get_event_log, suppress_email, unsuppress_email.
  • Shared Zod schemas across REST + MCP — single source of truth.
  • JSON-RPC 2.0 transport over HTTP POST.

Infrastructure

  • D1 migration 0002_inboxos.sql: contacts, lists, scheduled_emails, daily_analytics, tracking_links tables.
  • Hourly cron at 17 * * * * for idempotency purge + scheduled-email flush.
  • OpenAPI 3 spec generation at GET /openapi.json.
v3.0.0 Apr 1, 2026 Major Cloudflare-native rewrite

Complete rewrite. AWS Lambda → Cloudflare Workers. DynamoDB → D1. S3 → R2. AWS SDK eliminated. Bundle size dropped from 4.8 MB to 420 KB.

Migrated

  • Compute: AWS Lambda → Cloudflare Workers (cold start: 800ms → 17ms).
  • Database: DynamoDB → D1 SQLite (relational schema, pay-per-request).
  • Storage: S3 → R2 (S3-compatible, no egress fees).
  • Cache: ElastiCache Redis → KV (sub-ms reads, no cluster to manage).
  • Queues: SQS → Cloudflare Queues + DLQ.
  • Rate limit: Lambda concurrency limits → per-tenant Durable Object token bucket.
  • AI: Bedrock → Workers AI (Llama 3.1 8B), with Anthropic fallback.
  • DNS verification: AWS SDK → Cloudflare DoH (1.1.1.1).

Removed — AWS SDK

  • Replaced AWS SDK SES client with hand-written SigV4 signer (src/lib/sigv4.ts, ~150 lines).
  • Replaced AWS SDK S3 client with raw fetch() + R2 binding.
  • Bundle size: 4.8 MB → 419 KB compressed.
  • Cold-start time: down 47×.

Architecture

  • Hono v4 as HTTP router (10 KB, Worker-native).
  • Zod v3 for input validation, generating both runtime checks and TypeScript types.
  • asyncContext module for thread-local env + waitUntil passing.
  • Idempotency layer: 24-hour TTL, payload hashing, in-progress concurrency guard.
  • Per-tenant Durable Object for token bucket rate limiting.
v2.x 2025 Archive

The original AWS Lambda + DynamoDB MailBridge prototype. Single-tenant. Manual deployment. No multi-stream or AI. Available in the git history but no longer maintained — v3.0 was a complete rewrite, not an upgrade path.