Well the first round of bugs have been discovered (and fixed). The major issue resolved by this release is that a rogue user with a forged from header could set an autoresponse message for someone else. We now require SASL authentication which addresses this. This is a highly recommended update; you can find it under the “projects” link in the upper-right corner.