Official announcements from either or David Harris.

David Harris posted Nov 15 '21 at 10:13 am

Just a short note that problems with the moderator e-mail address should now be resolved - my apologies for anyone who had problems mailing the moderators prior to now.

If you encounter any further issues with moderator contact, please make a posting in the site feedback section and I'll get onto it straight away.

David Harris posted Oct 23 '21 at 8:35 am

Version 4.9 is an important major release containing numerous significant changes and fixes.

  • OpenSSL v1.1.1 V4.9 has migrated to the modern OpenSSL 1.1.1 interface and incorporates an up-to-date build of OpenSSL. This is an important improvement that will allow Mercury to provide up-to-date security for quite some time.

  • Improved alias support V4.9 now supports improved aliasing with support for hundreds of thousands of aliases, dramatic performance improvements, and the ability to edit the alias source file directly while the program is running (no more compilation of alias files using malias.exe is required). The program's Alias editor has also been overhauled, with a new incremental search feature making it far easier to locate aliases.

  • Forwarding fixes Delivery errors during autoforwarding of mail are now handled much better than in previous versions, and there is no longer the possibility of mail loops resulting from the presence of undeliverable addresses in forward files.

  • New defenses for password probe attacks A new option in MercuryS ("Enable simplified phishing protection" on the "Compliance" configuration page) allows blacklisting any address that fails a login attempt. This significantly impacts attacks where repetitive attempts are made to guess passwords through consecutive connections.

  • New ClamWall build V4.90 includes a new build of Lukas Gebauer's ClamWall distributed anti-virus plugin for Mercury. The new build includes maintenance fixes and support for 64-bit versions of the ClamAV anti-virus engine.

  • Security fix A correction has been put in place for a theoretical exploit of the STARTTLS/STLS commands, CVE-2021-33487.

  • IMAP reliability improved The reliability of the MercuryI IMAP server has been significantly improved, particularly in regard to the use of iOS devices. A long-standing problem with UIDs "going bad" during a session has been resolved, and folder hierarchy files should experience fewer problems with apparent "corruption". Note that some Thunderbird users may find they need to disable "chunking" to work with this Mercury release - this is a side-effect of the other fixes we have put in place and will be addressed in a future release.

  • Mailing Lists: improved incremental search A new "inline" incremental search has been added in the "Membership" dialog of the mailing list editor, making it far easier to locate subscribers either by address or by name.

  • Improved HS.EXE (header search utility) The HS.EXE header search facility has been significantly updated with new options to print significant headers from matched messages, and the option to show only a total match count instead of showing each actual match. Haven't used HS? It's actually really useful - give it a try!

  • Improved debugging This one is a bit technical, but bear with me: the program is now entirely produced in a single compiler (Microsoft Visual C) where previous versions have been a hybrid of multiple build environments. What I've done is retrofit quite a lot of Mercury v5 internal coding into v4.9 allowing it to be entirely built using the one compiler. This mainly means that it becomes much easier to track down bugs in the program now, and it should be markedly more reliable as a result.

  • User interface improvements This one is purely cosmetic, but the hideously ugly column title bars used in lists in the Mercury UI have been toned down to something less visually stressful. Admittedly, this won't matter to most people, but it really bugged me.

  • Extended regex syntax now works The Mercury help describes a regular expression syntax including a number of advanced features, but it turns out that many of those advanced features had not been enabled because of an oversight. In v4.90, all the regular expression syntax elements shown in the Mercury help page will work correctly as described.

  • Licensing commitment Any license purchased for v4.9 will be automatically upgraded to v5 when it becomes available.

Mercury v4.9 is available from our main site's download page,

PiS posted Sep 27 '16 at 12:35 am

<p>Please be patient, there will be disruptions to the community service for a few days, because the server farm is being moved, this week (last week of September 2016)<span style="font-size: 10pt;"> </span></p><p>This week the lease contract where all the servers are, is closing
down. JM (landlord) will tear down the house in the new year and build
apartments on that area. My company is the last to move out, which has
to be before october 1st. I've been putting this up as long as possible,
but now there is finally a fixed deadline.</p>
<p>Therefore I'm moving the servers this week. There will be disruptions
to my services from tomorrow tuesday 27th at 17:00 hours (swedish
time). The move of the servers start with some smaller servers, then
dns, that I've already begun. But the major jobs I have planned for
wednesday afternoon and night our local time.</p><p>Cheers / Peter<span style="font-size: 10pt;"> </span></p>

David Harris posted Sep 4 '15 at 5:25 am

I've released Mercury/32 v4.80 publicly, but I won't be updating the web site or other public sources other than the community until Sunday (my time). The idea is to give the loyal folk on the community a little head-start in getting the new release. Get the release file at .

As another bonus for the community... Starting with v4.80, I've been forced to increase the price of the entry-level license (1-15 users) from $75 to $95, but if you get in and place your order before I update the web pages on Sunday, you'll still only pay the old price.

Version 4.8 is probably the most heavily-tested build of Mercury we've ever brought out, and has a huge amount of version 5 technology already in place. The next stage will be an initial release of version 5 where the user interface is completely separated from the mail engine, which means you'll be able to run the UI and consoles even on systems where Mercury is running as a service that cannot normally interact with the desktop: because this part of the conversion is already largely complete, you can expect to see this initial v5 release before the end of the year.

In the (I sincerely hope) unlikely event that you encounter a problem in v4.80, please post it in the forums here and I or one of my test team will get onto it as quickly as we can.

All my very best regards to you all,

-- David --
David Harris, Author, Mercury and Pegasus Mail.


Some of you may have read about a recently-discovered vulnerability in a product called OpenSSL that is being called the "Heartbleed bug". A good summary of this problem can be read on Brian Krebs' security blog, here:

Builds of Pegasus Mail earlier than v4.7 did not use OpenSSL and are completely immune to this bug.

Pegasus Mail v4.70 uses an affected version of OpenSSL, but the problem is not serious for client implementations - only servers are seriously affected by this problem. Pegasus Mail users can continue to run the current v4.70 build of Pegasus Mail to connect to their normal e-mail servers without any practical risk of being affected by this vulnerability. That said, I have already prepared a patched version of OpenSSL that is immune to the Heartbleed bug, and will be making it available for download as soon as the test team has finished verifying that everything still works normally with it. Pegasus Mail v4.70 users should install the patched version when it becomes available as a simple matter of prudence. Pegasus Mail v4.71, which will be released in the next few weeks, will include the patched build of OpenSSL as a matter of course.

Current builds of Mercury (anything up to and including v4.70) do not use OpenSSL and are unaffected by this problem. Mercury/32 v4.8, which is in the final stages of development at present, *does* use OpenSSL, but will be released with the patched build of OpenSSL from day one.

So, the long and the short of it is that if you're a current user of Pegasus Mail or Mercury, then the Heartbleed bug is not a matter of significant concern to you.


-- David --

David Harris posted Sep 15 '12 at 12:59 am

On September 6th, Thomas Stephenson passed away in his sleep. Many of you will have encountered Thomas over the years - for over 15 years now, he has been a major driving force behind Pegasus Mail and Mercury, particularly in supporting those people who use them. Thomas was capable of handling support loads that to this day I can barely understand: having burned myself out on support years ago, it was always a source of ceaseless amazement to me that he could continue offering his help day after day without apparently ever tiring of doing so. In this role, he will be missed.

Thomas was a vocal supporter and driver of the programs. When I had my "meltdown" in 2007, Thomas was one of the key steadying voices who helped me through the bad times, and his input into the shape and form of the programs for over 15 years simply cannot be measured. In this role, he will be missed.

A few years ago, Thomas, and his wife, Donna, visited me in Dunedin, where I live. I had the privilege of spending most of a day with them, showing them around Dunedin and having lunch with them at a little restaurant by the beach. It is surprising how few of my long-term beta testers and supporters I have ever actually met in person - a fact that makes me quite sad any time I think about it, but at least I was fortunate enough to meet Thomas. In the fifteen years that I knew him, I came to regard Thomas as a real friend, and while that would have been true even if I had never had the opportunity to spend some time with him, the memories will be that much stronger and better for having done so. And it is in this role, as a friend, that he will be most missed of all.

Rest easy, and rest well, Thomas.

-- David --

PiS posted Sep 12 '12 at 12:00 am

From Facebook, Mary Stephenson Su, 9/5/12:

To the friends of Thomas R Stephenson: Tom (my dad) 
passed away last night from end stage lung cancer. He died 
peacefully in his sleep at home 2 months after his cancer 
diagnosis. He was joking up until the end.

David Harris posted Jan 3 '12 at 1:04 pm


Mail v4.63 is now available from our download pages -


Although I

intended that v4.62 would be the last v4.x version of Pegasus Mail, it became

apparent that there were numerous small problems that would be best fixed by

another interim release, rather than waiting until the first iterations of

Pegasus Mail v5. As a result, we have put together v4.63, which has over 70

small changes, bug fixes and corrections. The modifications are mostly internal,

and there are few visible external or cosmetic changes in the program. It should

be very stable, and it is our intention that it serve as the formal release

while the v5 beta process takes place over the course of 2012. A parallel

release is being made of both German and English versions, with other

translations to follow soon.

It's also

worth noting that the Pegasus Mail installer and executable files are now

digitally signed, using my name ("David Harris"). If your browser or installer

complains about them being unsigned, or tells you that they have been signed

with a signature that does not use my name, then the files are not authentic. A

small security measure, but we believe it is quite


And last,

but definitely not least: a very Happy New Year to you all!


-- David


David Harris posted Jan 3 '12 at 1:03 pm


v4.74 is now available from our download pages at -


I had

intended that v4.73 be the last in the v4.x family of Mercury versions, but at a

certain point it became clear that there needed to be another update to fix a

variety of small problems before beginning the migration to version 5. V4.74

contains over 40 small fixes, and two rather more significant corrections: a

problem where messages deleted by IMAP-based clients were not actually deleted

and reappeared on the next connection has been fixed; and an issue where a site

had more than 3 MX mail servers declared but the first three were all

unavailable (which could cause Mercury to attempt to connect to the wrong host

for delivery) has also been addressed.

It's also

worth noting that the Mercury installer and executable files are now digitally

signed, using my name ("David Harris"). If your browser or installer complains

about them being unsigned, or tells you that they have been signed with a

signature that does not use my name, then the files are not authentic. A small

security measure, but we believe it is quite worthwhile.

Finally, I

would like to wish you all a very Happy New Year for 2012!


-- David


David Harris posted Sep 6 '11 at 8:15 am

September 5th 2011: Pegasus Mail v4.62 now available for public distribution

Version 4.62 mainly concentrates on fixing late-breaking

incompatibilities in HTML rendering caused by the release version of

Microsoft's Internet Explorer 9 browser. V4.62 users should experience

reliable, high-quality HTML display using this version, with the quality

of rendering being even higher than in previous versions.

  • Updated editor  V4.62 also uses a heavily-updated version of

    the editor module we use, and has numerous changes in the way editing

    buffers are constructed, meaning it should now be able to edit and reply

    to much more complex HTML message formats than previous versions, and

    editing should be much more reliable.

  • Open link in background   You can now Ctrl+Click on any link

    in a message to open that link in your web browser without bringing the

    browser to the foreground. This allows you to open a succession of links

    then work with them when you're ready.

  • Signatures overhauled   The way signatures are handled has

    been totally overhauled, and you should now find they work considerably

    better when you insert them at compose-time.

  • Faster POP3 downloads   POP3 downloads should be significantly faster when you have chosen to leave mail on the POP3 server.

Finally, quite a few small bugs, some of them quite long-standing, have now been fixed.

We expect this to be the last release in the V4 family of Pegasus

Mail, with the next release being the first iteration of the V5 family, which we plan to release in a staggered pattern to ensure more regular updates.

I apologize to everyone for the length of time it has taken to get v4.62 out the door - many of the changes it required were quite subtle, and testing has taken a lot longer than we initially expected. I am trying hard to adjust the way development is conducted to allow more regular releases to be made, and hope you will bear with me in the meantime.


-- David --

David Harris posted Apr 1 '11 at 2:21 am

Mercury/32 v4.73 has now been released. This new version contains significant new capabilities and a number of important fixes, especially for the MercuryI IMAP server.

V4.73 is the final iteration in the series of incremental upgrades to

Mercury v4.7 that has come out since its release, and will be the last

release in the v4.x family, with development proceeding to Mercury/32 v5

from this point on. We hope to release V5 sometime in 2011.

The following changes are present in v4.73:

  • Selective SSL options  The MercuryS SMTP

    server now has options that allow you to enable SSL support on the

    primary and alternate SMTP ports selectively (so, you can have SSL

    enabled on the secondary, but not on the primary, ideal for submission

    by your remote users). There are also new Access Control permission

    settings in the MercuryS ACL editor that allow you to enable or disable

    SSL based on the IP address of the connecting client.

  • ACL range corrections  In previous

    versions of Mercury, access controls would not work correctly if the

    address range exceeded 256 addresses, and would occasionally work

    incorrectly with particular address ranges. These problems have now been


  • Duplicate message suppression  You can now

    create an empty file called MSGIDS.MER in any mailbox directory (i.e, a

    directory where a .CNM file gets created), and this signals to Mercury

    that it should suppress duplicate messages in that mailbox. Duplicate

    detection is based on a combination of sender and message-ID, and only

    the last 200 messages delivered to the mailbox are actually remembered.

  • MercuryC forced sender option  This option

    allows you to specify a single address MercuryC should use as the

    source of the mail it is sending when it is negotiating with the

    upstream "smart host". This option is quite technical, being buried in

    the depths of the SMTP transaction itself, and does not affect the

    "From" field in the message, or alter the contents of the message in any

    way, other than altering the Return-Path header that the smart host

    will write into the message. It is primarily aimed at users of services

    such as Yahoo Premium Mail, which require the SMTP "MAIL FROM" address

    to be the address of a known subscriber.

  • Extended POP3 lockout detection  MercuryP

    now locks out any account with too many login failures for five minutes

    regardless of the address from which the lockout occurred. So, once any

    system has failed logging into a POP3 account, all systems are prevented

    from attempting to login to that account for five minutes. This feature

    is primarily aimed at botnets that attempt to crack passwords by

    logging in from successive different systems and trying

    username/password combinations until they fail, and is automatic.

  • Fixes for MercuryI IMAP  MercuryI now

    saves UID lists any time they change: this should prevent UID

    synchronization problems from occurring, but may introduce small extra

    processing delays with very large folders. There have also been some

    changes in the way the IMAP SEARCH command is handled that should

    improve performance and reliability in a number of search scenarios (in

    some cases spectacularly), and MercuryI now caches FETCH data which

    should significantly improve performance and reduce load when clients

    like Apple Mail fetch messages a chunk at a time.

  • MBXMAINT updated  The mailbox maintenance

    utility MBXMAINT has been heavily updated. It now fixes a wider range of

    problems, and can also correct folders where messages contain duplicate

    message identifiers (important for more reliable IMAP operation). The

    program has been split into a commandline version, MBXMAINT.EXE and a

    user-interface version, MXBMAINT_UI.EXE. Both versions have considerably

    better reporting and output.

  • Random filename generation fixed  A very

    long-standing problem where the "random" filenames generated by Mercury

    were not very random and tended to repeat has finally been found and

    corrected. Mercury should now generate much more "random" filenames and

    the possibility of filename collisions should be dramatically lower as

    of this version.

to go to the Pegasus Mail home downloads page and retrieve v4.73.


-- David --

David Harris posted Feb 24 '11 at 12:54 pm

Pegasus Mail v4.61 is now available for public download in English, German and Italian versions: the French version will be released shortly.

Version 4.61 is an interim release

– not quite version 5, but part of the way there. We're releasing it

primarily because it incorporates some important bug fixes, but it has

some extremely worthwhile new capabilities too.

  • New HTML renderer  HTML has

    become increasingly common in e-mail, even though it is actually not

    especially well-suited to the medium and is technically challenging to

    implement there. Version 4.61 includes a new HTML renderer that uses the

    built-in power of Internet Explorer to render HTML. Developed by

    Michael in der Wiesche, this renderer has been exhaustively tested and

    secured, and we believe it meets all our very high standards for

    security. For people who really don't trust Internet Explorer, though,

    Martin Ireland's BearHTML renderer has also been improved and can be

    used instead with a single click of a button.

  • New graphics, updated interface

     Version 4.61 sports beautiful new graphics designed by Sven Henze. The

    program is also most of the way towards a redesigned user interface with

    a more "modern" 3D look. We believe the combination of Sven's graphics

    and the new look make the program very attractive in a classical way.

  • Numerous bug fixes  including,

    but not limited to the following: HTML messages with very long lines

    will now render correctly; mailto: specifiers are now removed correctly

    when adding addresses to addressbooks and lists; fixed crashes caused by

    various types of malformed message; corrected the colour selector for

    filtering rules; allowed folders to be dragged onto closed trays when

    rearranging the folder hierarchy... and many more.

  • Accent expansion in the glossary

     you can now create accented characters using the Glossary Expansion key

    (Ctrl+E in the English version). Simply type the base character

    followed by the accent you want added, then press Ctrl+E. For example,

    to create an e-acute character (é) simply type e' then press Ctrl+E. For

    a complete table of the accented characters that can be created,

    consult the full Pegasus Mail help file.

  • Confirm-reading prompts  You can

    now have Pegasus Mail prompt you for whether or not a

    confirmation-of-reading message is sent when a message contains a

    request for one (the original options for always and never sending them

    remain available as well). Make this change in the "Advanced" settings


  • Size column for drafts and queued mail  The window that displays draft messages and messages in the sending queue now includes a size column, by popular request.
  • Attachment size controls  System

    administrators wanting to control the maximum sizes of attachments sent

    with the program can now do so by running the LIMITS.EXE program

    supplied with the system. LIMITS.EXE allows you to specify both soft and

    hard limits (a "soft" limit pops up a warning but still allows the user

    to add the attachment, while a "hard" limit does not allow the

    attachment to be added). LIMITS.EXE places values in the Windows

    Registry, and system administrators may wish to remove it from the

    installation directory to a location not accessible to users.

  • Commandline and GUI versions of MBXMAINT

     The Mailbox Maintenance utility, MBXMAINT, now comes as two versions:

    MBXMAINT.EXE is a commandline utility that can be used in scripts, while

    MBXMAINT_UI is the traditional GUI version of the application. Both

    have also been slightly improved in the types of error conditions they

    can handle.

to go to the Pegasus Mail home site downloads page, where you can find the v4.61 release.


Phons posted Feb 13 '10 at 4:00 pm

Hello community,

I've loaded up a nice '20th Anniversary of Pegasus Mail'-button Gold; spread and use them on your site and in your signature.

David Harris posted Jan 23 '10 at 2:01 pm

Pegasus Mail v4.52 is now available for public download.

V4.52 is all about allowing the program to work well under Windows 7: it can now use the new Microsoft mechanisms for registering itself as a system-level mail program (meaning it can be used to launch mailto: links from your web browser), and corrects a number of minor issues in previous versions, in particular the problem with some toolbar buttons either not displaying or displaying incorrectly. There are also some internal reliability fixes to do with the way certain types of folder damage are handled.

Producing a Windows-7-capable version of the program required migrating the Pegasus Mail source code from Microsoft Visual Studio 2003 to Visual Studio 2008: we expected this process to be easy and quick, but we were wrong - Microsoft made it much more difficult than should ever have been necessary. This is the main reason it has taken us as long as it has to get this release out the door. An unfortunate side-effect of this is that Visual Studio 2008 generates applications that cannot be run under Windows 98 or ME. As a result, v4.52 no longer works on these older versions of Windows. As I've noted in the information on the main Pegasus Mail site, we will see what we can do about putting together at least a matching version of v4.52 that *can* run under Windows 98 and ME, but it's clear that we are not going to be able to support these systems for very much longer.

Pegasus Mail v4.52 can be downloaded from the main Pegasus Mail web site, at : it will be made available here on the community as soon as humanly possible.


-- David --

David Harris posted Jul 3 '09 at 2:07 am

Pegasus Mail v4.51 is now available for unrestricted public distribution - please visit for downloads and information, or check the download pages here at the community. The release version has had significant work since the public beta at the end of last year, and has some powerful new capabilities, most notably the addition of autofiltering folders.

The release of v4.51 marks the end of one of the most difficult development periods in the history of the program, and it seems appropriate that it should coincide with my attempts to ensure the long-term survival of the package: from here, development should be both easier and faster, and I do not anticipate ever again having such a long delay between releases. Your assistance is crucial to making this happen though, and if you haven't already done so, I would ask that you read the open letter at the main web site and see if you are able to help. To all of you who have already pledged your support, I offer my sincere thanks.

No version of Pegasus Mail has ever been as extensively or exhaustively tested as v4.51 - it's been a huge job, but ultimately rewarding, and my test team and I hope that you really enjoy using it.


-- David Harris --
July 3rd 2009.

David Harris posted May 26 '09 at 11:22 am

A release candidate for Mercury/32 v4.71 is now available at . We intend to make this available only at the community site for a week or so before releasing it on an unrestricted basis.

The big news in v4.71 is the ability to run as a native Windows Service: we (the test team) have been using it extensively in this mode for quite some time and it's really quite cool. There are quite a few other small new features in there, and over 200 fixes and corrections.

Feedback is welcome in the Mercury beta forum here.


-- David --

PiS posted Feb 15 '09 at 1:13 pm

Wiki On-Line
Today we welcome you to the all new pmail Wiki!

A Wiki is an on-line documentation repository, where you can contribute. The wiki supports both Pegasus Mail and Mercury MTA, and it is multilingual. Try it out at

For a while there has been a wish to be able to extend the documentation of Pegasus Mail and Mercury Mail Transport Agent, plus concentrate information from various sources into one general repository. Today we proudly invite all users to contribute into creating the definitive guide to e-mailing in general, and about how the programs work in particular. All this will during 2009 be concentrated to

In short time the knowledgebase documentation will be transferred onto the wiki, as well as the official software documentation, including help subsystems and development guides. Currently the closed beta team members concentrate in their free time on merging the documents, but this is a vast task. Pegasus Mail exists in several languages, but Mercury does not. Translation has always been a rather gigantic task. Both programs are used all over the world. therefore supports multiple languages, and you are all encouraged to pitch in and extend the documentation into your language.

Developers of daemons and extensions are most welcome to publish their how-to guides and accompanying documentation in this one place repository.

The basic idea of a wiki, is that anyone can suggest and contribute to completing the information. Seldom are the ones with deepest information equiped to write guides on how to use things, as the users themselves. At anyone can add, correct or extend the information so that it is as comprehensible and complete as can be.

For those not so familiar with wikis, you may want to look at the original site and you'll find a world of information. We have built according to the same syntax, and on the same platform - to ease the use and contribution, and it is our hope that the pmail wiki will be of benefit to you all. The wiki contains a sandbox, were you can familiarize yourself with editing and contributing.

Sub Categories
Hide topic messages
Enable infinite scrolling
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft