Bug fixes

• Email relay/masking services (Firefox Relay, DuckDuckGo Email Protection, Apple Hide My Email, SimpleLogin, AnonAddy, and others) are no longer flagged as display-name spoofing or Reply-To mismatch. When the actual From: address belongs to a known relay service, the original sender's email address in the display name is recognized as legitimate forwarding behavior rather than impersonation.
• The DKIM alignment failed verdict reason is no longer surfaced when DMARC overall passes (when SPF or DKIM aligns and DMARC is pass). This eliminates false-positive warnings for brand mail delivered through bulk platforms such as Sailthru, SendGrid, or Mailchimp, where DKIM is signed by the platform but SPF aligns with the brand's bounce domain. Per-signature alignment indicators inside the DKIM card are unchanged.

Acknowledgments

• Thanks to @JerryLerman for the detailed bug reports on GitHub issues #3 and #4.

This release introduces a four-tier link safety severity model: critical, suspicious, untrusted, and privacy. Each level has a distinct meaning and resolution path.

• New "untrusted" level for findings that only indicate an unknown external domain (all-external links, external main CTA). These are shown in a softer amber color and carry a new Untrusted link domain verdict tag, making clear that the domain is simply not yet on your trust list — not evidence of wrongdoing.
• New "privacy" level for tracking pixel detection. Privacy notices no longer contribute to the suspicious verdict and have their own informational style.
• One-click Trust shortcut: when an untrusted indicator involves exactly one external domain, a Trust button appears directly on the finding row for immediate whitelisting.
• Aggregated findings: IP-address, IDN homograph, and URL shortener findings now combine multiple hosts into a single row to prevent list bloat.
• Dark mode support for the new untrusted and privacy styles.
• i18n updates across all 12 supported languages.

The verdict philosophy is unchanged: untrusted findings still do not earn a green badge until the user explicitly trusts the domain. The add-on never assumes legitimacy for any unknown external domain.

Security Fix

• DKIM alignment evaluation hardened: the security verdict now considers only DKIM signatures that passed authentication when evaluating alignment, preventing false alignment matches from failed signatures.

UI Fix

• Added missing CSS rules for alignment labels in SPF/DKIM cards. "Aligned" and "Not Aligned" labels are now properly color-coded (green/red).

Locale Consistency

• Unified alignment terminology between status labels and verdict reason tags in Japanese, Simplified Chinese, Traditional Chinese, Arabic, and Russian.

v1.1.4 — Review Compliance Update

• DOM Safety: Replaced all innerHTML usage with safe DOM APIs (document.createElement, textContent, replaceChildren) in options page and confirm dialog, per ATN review policy.
• Always-Collapsed Panel: The dashboard now always starts collapsed for every email. Status badge and verdict tags are visible at a glance in the header bar; click to expand for details.
• Header Cleanup: Removed the GitHub repository link from the main click area of the feature panel header, per ATN no-surprise policy.

v1.1.3 — Trusted Link Domains, Link Mismatch Badge and All-External Detection

Trusted Link Domains (Whitelist)

• "Trust" button appears next to external domains when link warnings are detected
• Confirm dialog prevents accidental whitelisting
• Trusted domains shown with shield icon in blue, suppress link mismatch and external-link warnings
• Manage from add-on settings page with text-based import/export

Link Mismatch Badge

• Renamed from "PHISHING" to "LINK MISMATCH" — flashing skull animation unchanged
• Better describes the detection: displayed URL differs from link destination

All-External Link Detection

• Warns when all links point to external domains (replaces sole-link check)
• Main CTA external detection no longer requires minimum area threshold
• Both checks respect trusted domain whitelist

Other Changes

• Alignment terminology updated to RFC 7489 standard across all 12 languages
• New "storage" permission for whitelist persistence (no network access)