feat: competitive parity improvements (CC, inReplyTo, suppression, rate limits, pause, scope, CLI, SSE, domains)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: Digidai

src/cli/commands/help.ts

@@ -10,6 +10,8 @@ Commands:
   send          Send an email
   inbox         List received emails
   code          Wait for a verification code
+  thread        List and view email threads
+  webhook       Manage webhook configuration
   config        View or modify configuration
   help          Show this help message
   version       Show version
@@ -41,6 +43,14 @@ Code:
   mails code --to <address>             Wait for a verification code
   mails code --to <address> --timeout 60
 
+Thread:
+  mails thread list               List email threads
+  mails thread <id>               View thread details
+
+Webhook:
+  mails webhook list              Show current webhook configuration
+  mails webhook set <url>         Set webhook URL for current mailbox
+
 Config:
   mails config                    Show current config
   mails config set <key> <value>  Set a config value

src/cli/commands/thread.ts

@@ -0,0 +1,99 @@
+import { loadConfig } from '../../core/config.js'
+
+function getApiDetails(config: ReturnType<typeof loadConfig>) {
+  const apiUrl = process.env.MAILS_API_URL || config.worker_url || 'https://mails-worker.genedai.workers.dev'
+  const token = config.api_key || config.worker_token
+  const isV1 = !!config.api_key
+  return { apiUrl, token, isV1 }
+}
+
+export async function threadCommand(args: string[]) {
+  const config = loadConfig()
+  const { apiUrl, token, isV1 } = getApiDetails(config)
+
+  if (!token && !config.worker_url) {
+    console.error('No API key or worker URL configured. Run: mails claim <name>')
+    process.exit(1)
+  }
+
+  const headers: Record<string, string> = {}
+  if (token) headers['Authorization'] = `Bearer ${token}`
+
+  const subcommand = args[0]
+
+  if (subcommand === 'list' || !subcommand) {
+    // mails thread list — GET /api/threads
+    const path = isV1 ? '/v1/threads' : '/api/threads'
+    const url = new URL(path, apiUrl)
+    if (!isV1 && config.mailbox) url.searchParams.set('to', config.mailbox)
+
+    let res: Response
+    try {
+      res = await fetch(url.toString(), { headers })
+    } catch (err) {
+      console.error(`Cannot connect to ${apiUrl}: ${err instanceof Error ? err.message : err}`)
+      process.exit(1)
+    }
+
+    if (!res.ok) {
+      const data = await res.json().catch(() => ({})) as { error?: string }
+      console.error(`API error: ${data.error ?? `HTTP ${res.status}`}`)
+      process.exit(1)
+    }
+
+    const data = await res.json() as { threads?: Array<{ thread_id: string; subject: string; message_count: number; from_address: string; from_name: string; received_at: string }> }
+    const threads = data.threads ?? []
+
+    if (threads.length === 0) {
+      console.log('No threads found.')
+      return
+    }
+
+    for (const thread of threads) {
+      const from = thread.from_name || thread.from_address
+      console.log(`${thread.thread_id.slice(0, 8)}  [${thread.message_count}]  ${thread.received_at.slice(0, 16)}  ${from.padEnd(24).slice(0, 24)}  ${thread.subject.slice(0, 40)}`)
+    }
+    return
+  }
+
+  // mails thread <id> — GET /api/thread?id=<id>
+  const threadId = subcommand
+  const path = isV1 ? '/v1/thread' : '/api/thread'
+  const url = new URL(path, apiUrl)
+  url.searchParams.set('id', threadId)
+
+  let res: Response
+  try {
+    res = await fetch(url.toString(), { headers })
+  } catch (err) {
+    console.error(`Cannot connect to ${apiUrl}: ${err instanceof Error ? err.message : err}`)
+    process.exit(1)
+  }
+
+  if (!res.ok) {
+    const data = await res.json().catch(() => ({})) as { error?: string }
+    console.error(`API error: ${data.error ?? `HTTP ${res.status}`}`)
+    process.exit(1)
+  }
+
+  const data = await res.json() as { thread_id?: string; emails?: Array<{ id: string; from_address: string; from_name: string; subject: string; received_at: string; body_text: string }> }
+  const emails = data.emails ?? []
+
+  if (emails.length === 0) {
+    console.log('Thread not found or empty.')
+    return
+  }
+
+  console.log(`Thread: ${data.thread_id}`)
+  console.log(`Messages: ${emails.length}`)
+  console.log('---')
+
+  for (const email of emails) {
+    const from = email.from_name ? `${email.from_name} <${email.from_address}>` : email.from_address
+    console.log(`  From: ${from}`)
+    console.log(`  Date: ${email.received_at}`)
+    console.log(`  Subject: ${email.subject}`)
+    console.log(`  ${(email.body_text || '').slice(0, 200)}`)
+    console.log('  ---')
+  }
+}

src/cli/commands/webhook.ts

@@ -0,0 +1,90 @@
+import { loadConfig } from '../../core/config.js'
+
+function getApiDetails(config: ReturnType<typeof loadConfig>) {
+  const apiUrl = process.env.MAILS_API_URL || config.worker_url || 'https://mails-worker.genedai.workers.dev'
+  const token = config.api_key || config.worker_token
+  const isV1 = !!config.api_key
+  return { apiUrl, token, isV1 }
+}
+
+export async function webhookCommand(args: string[]) {
+  const config = loadConfig()
+  const { apiUrl, token, isV1 } = getApiDetails(config)
+
+  if (!token && !config.worker_url) {
+    console.error('No API key or worker URL configured. Run: mails claim <name>')
+    process.exit(1)
+  }
+
+  const headers: Record<string, string> = { 'Content-Type': 'application/json' }
+  if (token) headers['Authorization'] = `Bearer ${token}`
+
+  const subcommand = args[0]
+
+  if (subcommand === 'list' || !subcommand) {
+    // mails webhook list — GET /api/mailbox to see webhook_url
+    const path = isV1 ? '/v1/mailbox' : '/api/mailbox'
+    const url = new URL(path, apiUrl)
+
+    let res: Response
+    try {
+      res = await fetch(url.toString(), { headers })
+    } catch (err) {
+      console.error(`Cannot connect to ${apiUrl}: ${err instanceof Error ? err.message : err}`)
+      process.exit(1)
+    }
+
+    if (!res.ok) {
+      const data = await res.json().catch(() => ({})) as { error?: string }
+      console.error(`API error: ${data.error ?? `HTTP ${res.status}`}`)
+      process.exit(1)
+    }
+
+    const data = await res.json() as { mailbox?: string; webhook_url?: string | null; status?: string }
+    console.log(`Mailbox: ${data.mailbox ?? 'unknown'}`)
+    console.log(`Webhook: ${data.webhook_url ?? '(none)'}`)
+    console.log(`Status:  ${data.status ?? 'active'}`)
+    return
+  }
+
+  if (subcommand === 'set') {
+    const webhookUrl = args[1]
+    if (!webhookUrl) {
+      console.error('Usage: mails webhook set <url>')
+      process.exit(1)
+    }
+
+    // Update webhook URL via the mailbox endpoint
+    // We need a way to set webhook_url — use a generic PATCH approach
+    // For now, directly update via the API
+    const path = isV1 ? '/v1/mailbox' : '/api/mailbox'
+    const url = new URL(path, apiUrl)
+
+    let res: Response
+    try {
+      res = await fetch(url.toString(), {
+        method: 'PATCH',
+        headers,
+        body: JSON.stringify({ webhook_url: webhookUrl }),
+      })
+    } catch (err) {
+      console.error(`Cannot connect to ${apiUrl}: ${err instanceof Error ? err.message : err}`)
+      process.exit(1)
+    }
+
+    if (!res.ok) {
+      const data = await res.json().catch(() => ({})) as { error?: string }
+      console.error(`API error: ${data.error ?? `HTTP ${res.status}`}`)
+      process.exit(1)
+    }
+
+    console.log(`Webhook URL set to: ${webhookUrl}`)
+    return
+  }
+
+  console.error(`Unknown webhook subcommand: ${subcommand}`)
+  console.error('Usage:')
+  console.error('  mails webhook list       List configured webhooks')
+  console.error('  mails webhook set <url>  Set webhook URL')
+  process.exit(1)
+}

src/cli/index.ts

@@ -8,6 +8,8 @@ import { doctorCommand } from './commands/doctor.js'
 import { demoCommand } from './commands/demo.js'
 import { statsCommand } from './commands/stats.js'
 import { helpCommand } from './commands/help.js'
+import { threadCommand } from './commands/thread.js'
+import { webhookCommand } from './commands/webhook.js'
 
 const args = process.argv.slice(2)
 const command = args[0]
@@ -38,6 +40,12 @@ async function main() {
     case 'stats':
       await statsCommand()
       break
+    case 'thread':
+      await threadCommand(args.slice(1))
+      break
+    case 'webhook':
+      await webhookCommand(args.slice(1))
+      break
     case 'help':
     case '--help':
     case '-h':

test/unit/claim-auto.test.ts

@@ -0,0 +1,94 @@
+import { describe, test, expect } from 'bun:test'
+import { handleClaimAuto, RESERVED_NAMES } from '../../worker/src/handlers/claim'
+
+function mockDB(existingMailboxes: string[] = []) {
+  return {
+    prepare: (sql: string) => ({
+      bind: (...args: unknown[]) => ({
+        first: async () => {
+          if (sql.includes('SELECT mailbox FROM auth_tokens WHERE mailbox')) {
+            const mb = args[0] as string
+            return existingMailboxes.includes(mb) ? { mailbox: mb } : null
+          }
+          return null
+        },
+        run: async () => ({ meta: { changes: 1 } }),
+      }),
+    }),
+  } as unknown as D1Database
+}
+
+function mockEnv(db = mockDB()) {
+  return { DB: db } as any
+}
+
+function makeRequest(body: Record<string, unknown>) {
+  return new Request('http://localhost/v1/claim/auto', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body),
+  })
+}
+
+describe('Headless Claim (POST /v1/claim/auto)', () => {
+  test('creates mailbox successfully', async () => {
+    const auth = { mailbox: 'existing@mails0.com', scope: 'full' as const }
+    const res = await handleClaimAuto(makeRequest({ name: 'newagent' }), mockEnv(), auth)
+
+    expect(res.status).toBe(201)
+    const data = await res.json() as { mailbox: string; api_key: string }
+    expect(data.mailbox).toBe('newagent@mails0.com')
+    expect(data.api_key).toMatch(/^mk_/)
+  })
+
+  test('rejects missing name', async () => {
+    const auth = { mailbox: 'a@mails0.com', scope: 'full' as const }
+    const res = await handleClaimAuto(makeRequest({}), mockEnv(), auth)
+    expect(res.status).toBe(400)
+  })
+
+  test('rejects reserved names', async () => {
+    const auth = { mailbox: 'a@mails0.com', scope: 'full' as const }
+    const res = await handleClaimAuto(makeRequest({ name: 'admin' }), mockEnv(), auth)
+    expect(res.status).toBe(400)
+    const data = await res.json() as { error: string }
+    expect(data.error).toContain('reserved')
+  })
+
+  test('rejects invalid name format', async () => {
+    const auth = { mailbox: 'a@mails0.com', scope: 'full' as const }
+
+    const res2 = await handleClaimAuto(makeRequest({ name: 'has spaces' }), mockEnv(), auth)
+    expect(res2.status).toBe(400)
+
+    const res3 = await handleClaimAuto(makeRequest({ name: '-start-dash' }), mockEnv(), auth)
+    expect(res3.status).toBe(400)
+
+    const res4 = await handleClaimAuto(makeRequest({ name: 'a'.repeat(50) }), mockEnv(), auth)
+    expect(res4.status).toBe(400)
+  })
+
+  test('rejects duplicate mailbox', async () => {
+    const auth = { mailbox: 'a@mails0.com', scope: 'full' as const }
+    const db = mockDB(['taken@mails0.com'])
+    const res = await handleClaimAuto(makeRequest({ name: 'taken' }), mockEnv(db), auth)
+    expect(res.status).toBe(409)
+  })
+
+  test('rejects non-POST method', async () => {
+    const auth = { mailbox: 'a@mails0.com', scope: 'full' as const }
+    const req = new Request('http://localhost/v1/claim/auto', { method: 'GET' })
+    const res = await handleClaimAuto(req, mockEnv(), auth)
+    expect(res.status).toBe(405)
+  })
+
+  test('RESERVED_NAMES includes common system names', () => {
+    expect(RESERVED_NAMES.has('admin')).toBe(true)
+    expect(RESERVED_NAMES.has('postmaster')).toBe(true)
+    expect(RESERVED_NAMES.has('abuse')).toBe(true)
+    expect(RESERVED_NAMES.has('support')).toBe(true)
+    expect(RESERVED_NAMES.has('noreply')).toBe(true)
+    expect(RESERVED_NAMES.has('test')).toBe(true)
+    expect(RESERVED_NAMES.has('api')).toBe(true)
+  })
+})

test/unit/cli-thread-webhook.test.ts

@@ -0,0 +1,35 @@
+import { describe, test, expect } from 'bun:test'
+import { readFileSync } from 'fs'
+import { join } from 'path'
+
+describe('CLI thread and webhook commands', () => {
+  test('thread command module exports threadCommand', async () => {
+    const mod = await import('../../src/cli/commands/thread')
+    expect(typeof mod.threadCommand).toBe('function')
+  })
+
+  test('webhook command module exports webhookCommand', async () => {
+    const mod = await import('../../src/cli/commands/webhook')
+    expect(typeof mod.webhookCommand).toBe('function')
+  })
+
+  test('cli index imports thread and webhook commands', () => {
+    const indexPath = join(import.meta.dir, '..', '..', 'src', 'cli', 'index.ts')
+    const content = readFileSync(indexPath, 'utf-8')
+
+    expect(content).toContain("import { threadCommand }")
+    expect(content).toContain("import { webhookCommand }")
+    expect(content).toContain("case 'thread':")
+    expect(content).toContain("case 'webhook':")
+  })
+
+  test('help command lists thread and webhook', () => {
+    const helpPath = join(import.meta.dir, '..', '..', 'src', 'cli', 'commands', 'help.ts')
+    const content = readFileSync(helpPath, 'utf-8')
+
+    expect(content).toContain('thread')
+    expect(content).toContain('webhook')
+    expect(content).toContain('mails thread list')
+    expect(content).toContain('mails webhook set')
+  })
+})