November 2023 Release Notes

Throttling notices in every inbox

Custmers will start seeing informational messages in the inbox view https://mailsac.com/inbox/{{ email address }} when there has been throttling imposed on the inbox or sender to the inbox.

Paying customers will very rarely experience throttling. In almost all cases, throttling happens because they were sending to a public inbox, not a custom domain or private address.

We only throttle incoming messages to protect the stability of our service for all of our customers. These protections have been in place for years, but were not transparent to customers.

If you are on a paid plan and you are seeing throttling messages, reach out to [email protected], we can help you configure a custom domain or private addresses. These both can be done in seconds with no need for DNS changes.

If you are on our free tier and seeing these messages, this is a nudge for you to sign up for a paid plan. We would love to have you as a customer.

Updates and Fixes For October 2023

Unified Inbox, UI Modernization Efforts, and Maintenance Notifications

We do our best to be customer-focused by listening to our customer feedback and making sure your issues are addressed.

This month, we focused on UI issues that customers reported or we noticed when we were using our service.

Improved Maintenance Notifications

During a major database upgrade in September we noticed our maintenance notification on the website wasn’t always working properly. This resulted in customers seeing an unfriendly error.

From now on, customers will see a friendlier error page or API message when we are down for maintenance. That’s typically rare – once a year on average. We deploy often. Mailsac’s architecture has several load balancers and caches, and redundancies – we avoid stop-the-world events. But sometimes that’s unavoidable, and we hope it won’t be confusing.

Unified Inbox

The navigation bar for the Unified Inbox now works properly under Safari. It should no longer be cut-off (missing pagination buttons) in other browsers while viewing a message.

Starred messages for non-owned inboxes will now appear in the Unified Inbox.

UI Modernization

As noted in previous posts, we are migrating the entire Mailsac user interface to React and Next.js. After all pages are migrated, we will give the styling a facelift.

For now the migration should look seamless – perhaps slightly faster and more solid (thank you static typing and pre-compilation).

The account details page has been converted over to Next.js.

A bug that didn’t allow a customer to remove an invoice email was fixed.

The password reset and account deletion functions were moved to their own pages.

We added many more integration tests to account management features.

Backend upgrades

On a weekly basis we patch, upgrade and improve the many backend systems of Mailsac across several environments. Typically this involves making small change to ansible, terraform, docker, code dependencies, or other infra-as-code. We often migrate portions of the 12+ year old Node.js JavaScript codebase to TypeScript or Go. If we’re luckily, we can delete unnecessary code or remove a dependency.

To run this SaaS smoothly, every day we get onto the software treadmill. We we enjoy running this service immensely, and hope you enjoy using it.

Updates and Fixes In August and September 2023

Mailsac remains committed to continuous improvement. Every day we improve the product based on customer feedback and SaaS best practices.

Here’s a summary of the latest enhancements.

  • New homepage and header navigation enhancements.
  • SAML Configuration Fix: enabled customer-supported account deletion when SAML is configured.
  • Testing: refactored and extended test coverage to payment processing.
  • Database: A series of database upgrades have been applied. This will continue through October to ensure we are leveraging the latest fixes and performance improvements.
  • Next.js: we continue overhauling the entire site using Next.js, in anticipation of a major restyle in 2024.

There are no breaking changes to any public API in these releases.

For further inquiries, please contact [email protected]

Mailsac Enhances Free Tier: Introduces One Free Private Address for Improved Privacy and Advanced Email Testing Capabilities

We’re delighted to announce a significant enhancement to our free tier plan, specifically tailored to meet the needs of Quality Assurance (QA) teams and automated testers. Effective immediately, all free Mailsac users will have access to one free private address, enabling them to maintain confidentiality during email testing and ensure privacy for sensitive testing communications.

The addition of the free private address empowers QA teams and automated testers with an extra layer of control over their email testing activities. With the free private address, they can separate and safeguard their testing correspondence, ensuring the confidentiality of valuable testing data. By seamlessly managing both public and private email addresses within a single Mailsac account, QA teams and automated testers can streamline their workflow and simplify the management of their testing environments.

“At Mailsac, we understand the critical importance of data privacy and confidentiality in the testing process. We are excited to offer QA teams and automated testers the advantage of one free private address to enhance their email testing capabilities,” stated Michael Mayer, managing executive at Mailsac. “This enhancement is a testament to our commitment to empowering professionals in the QA field with robust email solutions that prioritize privacy and security.”

In addition to the free private address, Mailsac’s free tier plan includes a comprehensive range of features designed to cater to the unique needs of QA teams and automated testers. These features include rolling message storage space, customizable email addresses, and reliable email forwarding and routing capabilities. The ability to forward emails to various testing integrations environments, via Slack, webhooks, websockets, and other Mailsac addresses, facilitates seamless communication and collaboration within a company’s testing ecosystem. Furthermore, Mailsac provides a robust REST API, enabling QA teams and automated testers to check and manage email messages with ease during their testing cycles.

To benefit from enhanced privacy, advanced email testing capabilities, and a comprehensive range of features, QA teams and automated testers can sign up for Mailsac’s free tier plan at https://mailsac.com/pricing. The inclusion of the free private address and the expanded email testing options demonstrate Mailsac’s commitment to meeting the specific requirements of QA professionals, enabling them to conduct thorough and secure email testing.

About Mailsac: Mailsac is the leading provider of secure and flexible email testing services, catering to the needs of individuals, small businesses, and organizations worldwide. With a strong emphasis on user privacy and data protection, Mailsac empowers QA teams and automated testers to conduct rigorous and secure email testing while maintaining control over their digital identities. From the free tier plan to enterprise offerings, Mailsac delivers unmatched email solutions and exceptional customer support.

For media inquiries, please contact: Michael Mayer Email: [email protected]

Unveiling Mailsac’s New API Endpoint Feature: Inbox Filter

A look at filtering email messages with the Mailsac API

Mailsac has rolled out a new API endpoint feature, dubbed “inbox filter.”

It limits email messages using the to, from, and subject fields. Say goodbye to the conventional OR logic of /api/inbox-search and embrace the power of logical AND.

The Inbox Filter Endpoint: Technical Breakdown

The /api/inbox-filter API endpoint accepts the following optional query parameters:

  1. andSubjectIncludes: Filter messages by text included in the subject line
  2. andFrom: Filter messages by text included in the FROM envelope
  3. andTo: Filter messages by text included in the TO envelope

This endpoint delivers results only when at least one query condition is specified, otherwise, expect a 400 error. The response is capped at 100 results, so adjust your query or prune your account accordingly.

JavaScript Unit Test with Mocha and Axios

To illustrate the usage of the /inbox-filter API endpoint, here’s a JavaScript unit test using Mocha and Axios:

const axios = require('axios');
const assert = require('assert');

describe('Inbox Filter API Endpoint Test', () => {
  it('should return filtered messages', async () => {
    const mailsacApiKey = 'your-api-key-here';
    const endpoint = 'https://mailsac.com/api/inbox-filter';
    const andSubjectIncludes = 'Important';
    const andFrom = '[email protected]';
    const andTo = '[email protected]';

    const response = await axios.get(endpoint, {
      headers: { 'Mailsac-Key': mailsacApiKey },
      params: { andSubjectIncludes, andFrom, andTo },
    });

    assert.strictEqual(response.status, 200);
    assert.strictEqual(Array.isArray(response.data.messages), true);
    response.data.messages.forEach((message) => {
      assert.strictEqual(message.subject.includes(andSubjectIncludes), true);
      assert.strictEqual(message.from[0].address.includes(andFrom), true);
      assert.strictEqual(message.to[0].address.includes(andTo), true);
    });
  });
});

Looking for a robust email testing solution that can simplify your workflow and improve efficiency? Look no further, friends. Mailsac offers powerful features like this new inbox filter API endpoint and many more, tailored to meet the needs of developers, testers, and businesses alike. Discover the benefits of Mailsac today and elevate your email management game. Try Mailsac for free or learn more about our plans and join our growing community of satisfied users at forum.mailsac.com.

Streamlined Mailsac Updates: Enhancing Email Testing with UI, Performance, and Security Improvements

Get ready for some boring news. At Mailsac, we release a steady stream of updates – week by week, all year long – with no fanfare. We avoid breaking changes wherever possible. Most of our customers have Mailsac integrated deeply into their CI/CD and QA processes. Breaking your build is not cool.

Here’s a recap of improvements we made over the past few months:

  • Updated UI interfaces for managing things like API keys, email addresses, and more. We’re modernizing the main website for security and ease-of-use. Stay tuned for a lot more of this.
  • Additional “Copy text” buttons and cross-browser compatibility improvements.
  • POP3 server fixes to some edge cases around Windows line endings.
  • Over 50 security updates to dependencies which are (hopefully) completely transparent to you.
  • Performance and security upgrades to our underlying servers.

Over time, SaaS services add too many features, getting clunky and slow user interfaces. At Mailsac we’re not beholden to venture capital or shareholders. Customers have our full attention. You pay us for dev and QA tools to help test email. Thus we prioritize speed and singleness of purpose to deliver you those tools. We want to be extremely helpful, yet stay out of your way.

If you’ve ever got issue with Mailsac, paying customers can contact us at [email protected]. A human being will reply pretty quickly, getting you unblocked. (For non-paying users, please ask for help at https://forum.mailsac.com )

Logout fixes, new charts, running on the software treadmill

Today’s release of Mailsac’s frontend services includes many fixes.

We tend to release weekly with no downtime and no fanfare. Occasionally we’ll post updates here.

fix: infrequent crash on logout

Most notable is a fix to a UI crash when logging out. In certain situations, you may have seen an error message, even though the logout was successful.

Prettier and more usable charts

We heard your feedback. Usage charts have been aging. Sometimes the styling makes the charts hard to read.

Some additional PostgreSQL optimizations are coming soon. We’ll continue reducing the load time on charts. Thanks for the patience!

Dependency upgrades

For better or worse, modern software stacks have huge numbers of dependencies. Staying ahead of security issues is a daily effort.

At Mailsac we use security scans, Dependabot, and npm audit to stay on top of upgrades. Hundreds of automated tests run to give us confidence that minor and patch semver updates don’t introduce breaking changes.

We subscribe to security mailing lists for our software, such as:

and more!

Removal of Google Analytics Tracking from all Mailsac websites, effective immediately

Google Analytics (GA), the ubiquitous web analytics service provided by Google, has been removed from all Mailsac properties. GA is used to see which pages people visit, how frequently users return to a website, and where they were referred from.

Despite Google Analytics being the de facto tracking service on the internet – mostly because it is entirely free – we decided it was not a good fit for our users.

Frequently, disposable email services are used as a way to avoid spam and tracking. But the free GA product by Google is actually an information gathering honeypot, extremely lucrative for them. By some estimates, GA is on 65% of the top 1 million most popular sites on the internet.

It is worth noting that Mailsac does not use Facebook analytics, nor any other 3rd party trackers. We do leverage the privacy-focused – and paid – Cloudflare Analytics, which is included with our DNS and caching service. We also track minimal usage metrics on the server side of Mailsac.com, for billing purposes.

Mailsac was created over 10 years ago with the goal of providing a reliable disposable email platform for software testers. We serve no advertisements, sell no data to 3rd parties. We rely on users to pay us for providing a good service. From the time of Mailsac’s creation – until recently – we did leverage Google Analytics as a tool to understand website load. As a “free” product, GA helped keep costs down and worked well. We have come to understand that “free” meant we effectively shared our users browsing habits with Google, for the purpose of serving ads. So we no longer do that.

Screenshot of mailsac.com on 2022-04-28 in Safari showing zero trackers

Deprecation of Outbound SMTP Service

Outbound SMTP service will no longer be supported by Mailsac.

What Does this Mean for Me?

Mail will no longer be able to sent from Mailsac addresses or custom domains using the outbound Mailsac SMTP service.

If you are sending from the REST API, compose email form, or Unified Inbox we encourage you to seek out other SMTP sending services. Mailsac has always supported direct SMTP from anywhere, without a mail relay, as well.

Reasons for the Change

Email delivery is not an easy problem at scale.

Our customers, especially quality assurance teams, are using Mailsac as a receive-only service.

The likelihood that Mailsac’s outbound messages are delivered to the intended inbox has been trending lower over time, despite increased effort.

We made the decision to focus our efforts on improving our core product – disposable inbound email for testing.

Recommended Providers of Outbound SMTP Service


Deprecation of Mail Transfer Agent on mailsac.com Top Level Domain

What is changing?

Mailsac will no longer act as a mail transfer agent using the top level domain mail server mailsac.com. That means mail sent to the mail server mailsac.com on port 25 will no longer be accepted.

This change will go into effect on October 9th 2021.

Am I affected?

Almost certainly not. This is a legacy configuration that has not been published or referenced in any communication for several years. Our logs indicate this feature has not been used as far back as logs are stored.

Customers who setup a custom domain are sent instructions to use the mail servers in.mailsac.com and alt.mailsac.com during the initial configuration of their domain.

Instructions on our website for custom domains or the free hosting option instruct customers to use in.mailsac.com and alt.mailsac.com for their MX records. This has been the case for several years.

Why is this being deprecated?

Receiving mail using a mail transfer agent on the top level domain limits our ability to further scale our highly available mail services.

How can I verify I am not affected?

The DNS verification section of the docs can walk you through the process.

For those familiar with MX records, se the command line tool dig or a web based dig tool to verify your MX records are in.mailsac.com and alt.mailsac.com. If your MX records point to mailsac.com you will need to update them to use in.mailsac.com and alt.mailsac.com

dig example

Use the dig comand dig MX <domain_name> to view the MX records for a domain. In the answer section the hostnames in.mailsac.com and alt.mailsac.com should be listed.

Web based dig

The web based dig tool can be used to verify MX records for a domain. The MX records should show in.mailsac.com and alt.mailsac.com