Changelog

WillItInbox changelog.

Product updates for validation accuracy, bulk jobs, monitoring, DMARC, inbox placement, sandbox capture, APIs, SDKs, and launch operations.

Read docsRoadmap

June 2026 - Faster bulk validation with safe follow-ups

Standard bulk jobs now complete an initial pass quickly while slower SMTP evidence continues in the background. The first pass keeps definitive mailbox results, marks ambiguous provider responses as pending, and refreshes the latest CSV when follow-ups resolve.

  • Added bounded initial-pass telemetry for cold, mixed, and warm cache runs, including initial rate, deferred rows, stage timings, and observed concurrency.
  • Added automatic no-charge follow-ups for Standard bulk rows that time out, greylist, or return provider-blocked evidence during the initial pass.
  • Improved retry-worker resilience so one closed database connection no longer stalls an entire follow-up tick.

June 2026 - Release readiness and production evidence

The production release path now includes synthetic monitoring, tenant-isolation checks, backup and rollback rehearsal, and evidence capture for each launch gate.

  • Added public, authenticated, and daily synthetic monitoring profiles for API health, scheduler freshness, tenant-denial checks, webhook signatures, and backup evidence.
  • Added isolated row-level security canary fixtures for cross-tenant denial, project-scoped API key denial, worker context, and scheduler service context.
  • Documented deploy, backup, restore, rollback, and final evidence workflows for the production VPS release path.

June 2026 - Security, billing, and workspace hardening

Account, tenant, quota, and billing foundations were hardened for production use. The changes focused on safer credentials, one-time auth state, additive row-level security rollout, idempotent billing receipts, and workspace-aware usage.

  • Added built-in authentication tables, Google OAuth identities, one-time OAuth state, MFA helpers, API-key metadata, and key-hash pepper support.
  • Added workspace shared quota fields, archive policies, RBAC audit coverage, and tenant security context helpers for staged row-level security adoption.
  • Added billing webhook idempotency, receipt payload hashes, pay-as-you-go credit wallet support, Scale-tier quota handling, and wallet reconciliation checks.

May 2026 - Deliverability correctness upgrades

The validation and deliverability engines were tightened around conservative SMTP semantics, DMARC-family parsing, provider evidence, incident diagnosis, and user-facing result guidance.

  • Improved no-send SMTP classification so 4xx, greylisting, policy blocks, catch-all behavior, and provider uncertainty do not become false valid or false invalid results.
  • Added pending validation guidance, delayed rechecks, Verify Plus foundations, and CSV guidance columns for deliverability answer, recommended action, and next step.
  • Hardened DMARC, RUF, and TLS-RPT upload handling with safer parsing, aggregate-row normalization fixes, and clearer report classification.

May 2026 - Product surface expansion

WillItInbox grew from core deliverability tests into a broader operating console for validation, monitoring, DMARC, inbox placement, incidents, sandbox capture, API workflows, and team workspaces.

  • Added Google Postmaster provider reputation integration, domain monitoring dashboards, reputation timelines, and provider no-data states.
  • Added inbox placement diagnostics, placement schedule metadata, incident report workflows, recipient evidence, embedded reports, and retest actions.
  • Added sandbox capture projects, SMTP capture credentials, sandbox message inspection, SDK/CLI foundations, webhooks, signed delivery logs, and workspace/project controls.

Release notes

Built around workflows, not commit hashes

WillItInbox release notes group changes by what operators actually use: validation outcomes, bulk job behavior, DMARC evidence, domain monitoring, placement diagnostics, sandbox capture, API workflows, and production reliability.

  • Validation changes call out conservative behavior when evidence is inconclusive.
  • Bulk job changes distinguish initial completion from final follow-up resolution.
  • Monitoring and DMARC changes focus on evidence quality, not guaranteed inbox placement.

Current product surface

What is live today

The current product covers no-send recipient validation, bulk CSV jobs, deliverability reports, team workspaces, API keys, webhooks, domain monitoring, DMARC ingestion, inbox placement diagnostics, incident reports, sandbox capture, and SDK/CLI workflows.

Validation and bulk jobs

Classify addresses as safe, do not send, checking, or caution with CSV downloads that refresh as follow-up evidence resolves.

DMARC and monitoring

Track domain posture, DMARC aggregate uploads, TLS-RPT evidence, source attribution, alert policies, and provider reputation signals.

Developer workflows

Use API keys, signed webhooks, sandbox SMTP capture, SDK examples, and CLI workflows for integration and CI checks.

Related

FAQ