postal

Communication & Email

A fully featured open source mail delivery platform for incoming & outgoing e-mail

Track releases GitHub Website

Ruby Latest 3.3.7 · 10h ago Security brief →

Features

Fully featured open‑source mail server
Self‑hosted alternative to transactional email services like SendGrid, Mailgun, and Postmark
Comprehensive documentation and support resources

Recent releases

View all 3 releases →

Upgrade now

3.3.7 Security relevant 10h

RCE / SSRF Dependencies

SSRF prevention + SQL injection fix

Open

3.3.6 Security relevant 1mo

Security fixes

Sandbox rendered email HTML as extra XSS defence
Escape interpolated values in select options
Tighten return_to validation

Full changelog

3.3.6 (2026-04-28)

Bug Fixes

messages: sandbox rendered email HTML as extra XSS defence (cad2aa6)

Miscellaneous Chores

ignore node modules and yarn.lock (b611d57)

Code Refactoring

auth: tighten return_to validation (84f4e20)
helpers: escape interpolated values in select options (9243524)
tracking: remove unused src image proxy (dca7f90)

View release on GitHub

3.3.5 Security relevant 4mo

Security fixes

Fixed HTML injection vulnerability in delivery details display

Notable features

Rails 7.1 and Ruby 3.4 support

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Releases

View all →

Releases per month

Cadence 0.2 / wk

Last release 0d

Tracked 3

Security

Full profile →

Security score 3.8/10

OpenSSF —

Open CVEs 0

SECURITY.md Active maintainer

Community

GitHub stars 16,588

Forks 1,249

Open issues 83

Open PRs 35

Stars/wk velocity 0.0

HN peak 11

About

Stars

16,588

Forks

1,249

Languages

Ruby Haml SCSS

View on GitHub Homepage Documentation

Community & Support

Discord Community

Alternative to

SendGrid Mailgun Postmark

Open source alternatives

Posthorn

Similar tools

Modoboa

Maddy Mail Server

relay

Haraka

cypht