Each month we share a mix of UI updates, bug fixes, and new features shipped across the Paubox platform. Have a suggestion? Let your account manager know.

Sharper ExecProtect display name matching

ExecProtect's protected name matching was rewritten to catch the bypass techniques attackers were using to slip display name spoofs past the previous logic. The new matching is stricter and harder to bypass.

Read more: ExecProtect updates guard against the latest display name spoofing attacks

  • Catches attackers appending text after the protected name (for example, "Jane Doe somecorp.com").
  • Detects padding tricks like trailing spaces and a period after the name.
  • Matches reordered name parts ("Doe Jane" matches "Jane Doe") and middle initials/titles ("John H. Smith Jr." matches "John Smith").
  • Case-insensitive across all matches.
  • A partial name on its own ("Jane" alone) no longer matches a full protected name.
  • A follow-up update extended the same logic to protected name variants.

Click into mail logs to view message headers

Clicking an Inbound Logs entry now reveals the full message headers for the message. Premium customers with archiving enabled can do the same on Outbound Logs. Headers help admins troubleshoot delivery issues directly, including verifying SPF, DKIM, and DMARC results, checking routing, and identifying the source of delays without opening a support ticket.

  • Header viewing on Inbound Logs is available to all customers.
  • Header viewing on Outbound Logs is available to Premium customers with archiving enabled, with broader Outbound access planned in a future release.

Quarantine reliability improvements

A series of fixes addressed cases where messages weren't being routed to the Paubox quarantine as expected, and where Paubox's own notification emails were ending up in customer quarantines. Reviewing flagged mail should now be more predictable.

  • Reporting and notification aliases (no-reply@paubox.com, info@paubox.com) are now bypassed by quarantine checks, so Paubox notification emails no longer end up in customer quarantines.
  • Fixed "disappearing quarantines" where messages flagged for quarantine were not actually arriving in the quarantine view.
  • Phishing messages caught by link-based detection now route to the Paubox quarantine for direct-to-spam customers, where they had previously been delivered to the spam folder.

Additional updates by product

Inbound email security

  • Inbound max attachment size raised to 150MB, matching the outbound limit. Customers sending or receiving large medical files, scans, and similar attachments will see fewer rejections.
  • Voicemail transcription is now enabled by default on new Plus customer accounts.
  • More stable inbound mail processing across link/IP scanning and OCR, reducing intermittent deferrals that some customers were seeing.

Outbound and Email API

  • Fixed intermittent 500 errors in the Email API caused by an edge case in HTML link tracking. An automated test was added to catch regressions.
  • Messages routed to Secure Message Center via "secure" in the subject line now correctly propagate delivery status and stats.

Mail logs and stats

  • New "Queued" status added to Inbound, Outbound, and Email API mail logs, with a matching filter. Messages waiting to be processed now show as "Queued" instead of the previous "No Delivery Status Found".
  • Inbound stats page refreshed: clicking a category now filters the graph, the date and domain dropdowns can be changed while a category filter is active, and AI justifications appear below the filtered chart.
  • Stats page datepicker now allows selecting any date in the past.
  • Mail logs no longer surface internal Paubox journaling emails, giving customers cleaner log views.

Paubox Marketing

  • Paubox Marketing contacts page now persists column visibility and sort order across page refreshes, so admin preferences are restored automatically on page load.
  • Paubox Marketing drip campaign editor canvas fills the viewport correctly, and the Quick Start Guide link now points to the right docs URL.

Account administration

  • Referral footer link toggle now defaults to enabled for new customers, and was back-populated for new customers since the February 19 referrals revamp.
  • Tab visibility now respects user role permissions, so users only see settings tabs their role allows.

Bug fixes

  • Fixed several partner-role and payment regressions, including incorrect roles for partners created via the Users page, role-dropdown selection issues, missing left-nav links when partners impersonated Email API clients, and payment-screen instability that could prevent editing fields when switching from a saved payment method.
  • Fixed Email API mail log failure status display so the status column matches the selected filter (Temporary Failure, Invalid Address, Rejected, Mailbox Unavailable) instead of always showing "Failure".
  • Order Summary panel on the signup flow updated for clearer math.
  • Fixed the date-range picker on the Inbound Transcription chart.
  • Improved email masking on Secure Message Center MFA prompts for very short email addresses.
  • Secure Message Center printer button moved into the Secured Message bar.
  • Various copy and visual updates to the Referrals and Signup flow.