Unreleased Changes in The Mainline

Breaking Changes

The rfc5321_rustls_config cache has been renamed to rustls_client_config. If you have a policy that tunes this cache via kumo.set_lruttl_cache_capacity, you will need to update the cache name.

Enhanced Access Control subsystem, supported by a new Authentication, Authorization and Accounting (AAA) module exposed to lua as kumo.aaa.
The Handlebars template dialect now runs with recursive lookup for improved compatibility with other handlebars implementations.
msg:check_fix_conformance() can now detect and attempt to fix issues where the charset is invalid for parts that use transfer-encoding, by applying any charset detection options, falling back to UTF-8.
The lua HTTP Request object now supports AWS V4 signatures via a new request:aws_sign_v4 method. Thanks to @AdityaAudi! #458
The HTTP Injection API and MIME Builder API now support creating messages with AMP HTML parts. mimepart:get_simple_structure() also supports AMP HTML parts.
Improved the context shown in error messages produced by the HTTP injection API
Kumo Proxy:
- Now optionally supports configuration via a proxy policy lua script.
- Optional support for TLS and mutual TLS when using a proxy policy script, however, kumod itself doesn't currently support using TLS for SOCKS5.
- Optional support for RFC 1929 authentication
- Use kumo.start_proxy_listener function to configure a SOCKS5 proxy server
- Many thanks to @vietcgi! #459

An SPF record containing U+200B (zero width space) could cause SPF record parsing to panic and the service to crash
MIME part body extraction did not always consider the charset for text parts
Errors raised while dispatching should_enqueue_log_record were not logged to the diagnostic log.
Rebuilding (eg: for conformance fixing via msg:check_fix_conformance(), or as part of the post-HTTP injection fixup) a header like From: "something\n\tthat wraps lines" <user@example.com> would produce an invalid rendition of that header.