POP3 Post Office Agreement - Version 3
table of Contents
Introduction ... 2
2. Brief Description ... 2
3. Basic operation ... 2
4. "Confirm" status ... 3
User
Pass
5. "Operation" status ... 4
Stat (none) ... 4
List [msg] 5
Retr
Dele
NOOP ... 6
Rset (none) ... 6
6. "Update" State ... 6
Quit (none) ... 7
7. Optional POP3 command ... 7
TOP
UIDL [MSG] 7
APOP
8. POP3 Command Summary ... 9
9. POP3 session instance ... 10
10. Message format ... 11
11. Safety considerations ... 11
...
1 Introduction
For a smaller node on the network, the support message transmission system (MTS) is not actually. For example, a workstation may not have sufficient resource to allow SMTP servers and a comparable local mail transfer system to remain resident and continue to run. Similarly, the cost of connecting a personal computer for a long time in the IP type network is also considerable (resource for nodes is called "liability").
Noneto, it is very useful to allow administrative emails on such a summary point, and these nodes often support one user agent to manage messages. To solve this problem, it is possible to support MTS's nodes to provide mail storage features for these unfilled nodes. The post office protocol - Version 3 thus enables such a workstation to access the storage mail stored on the server with a relatively practical approach. Usually, this means that the workstation can get the message from the server, and the server is temporarily saved for mail.
Hereinafter, the client host refers to the host using the POP3 service, and the server host refers to a host that provides a POP3 service.
2. Brief Description
Do not specify how the client host will be sent to the transfer system in this document. Here is an explanation here: When the user agent needs to send the information to the transfer system, it establishes SMTP connections on the relay host (these relay host can be a POP3 host, or may not be).
3. Basic operation
At the beginning, the server starts POP3 service by listening to TCP port 110. When the client host needs to use the service, it will establish a TCP connection with the server host. When the connection is established, POP3 sends a confirmation message. Customer and POP3 servers (separate) exchange commands and responses, this process has always been continued to terminate.
The pop3 command consists of a command and some parameters. All commands end in a CRLF pair. Commands and parameters consist of printed ASCII characters, which are spaced between spaces. Commands are generally three to four letters, and each parameter can reach 40 characters.
The POP3 response consists of a status code and a command that may follow additional information. All responds are also ended by CRLF pairs. There are now two status codes, "determination" (" OK") and "fail" ("-err").
The response to a particular command is made up of many characters. In these cases, the following statement: Any additional information line is transmitted after sending a first row response and a CRLF, and they are also ended by the CRLF. When all the information is transmitted, the last line is sent, including an end character (decimal code 46, which is ".") And a CRLF pair. If any of the lines in the information starts with end characters, this line is filling by the end of the end of the line. Therefore, multi-line response is ended by five CRLF.CRLF. When a multi-row response is detected, the customer is detected to confirm whether the line begins with the end character. If yes, and after the characters are not CRLF, the first character (end character) of this row will be abandoned; if it followed the CRLF, the response from the POP server terminates, including .crlf's row is not It is considered part of the multi-line response. In the life cycle, POP3 sessions have several different states. Once the TCP connection is opened, and the POP3 server sends a confirmation information, this process enters the "confirmation" state. In this state, the customer must confirm that it is its customer to the POP3 server. Once the confirmation is successful, the server gets resources related to the customer mail, and this process enters the "operation" state. In this state, the customer puts forward the service when the customer issues a Quit command, and this process enters the "Update" state. In this state, the POP3 server is released in the "Operation" state, and the message is sent, and the connection is terminated.
The POP3 server can have a batch that automatically exits the login. This timer must be at least 10 minutes. This will be refreshed from the message sent from the customer. When the timer is invalid, the POP3 session does not enter the "update" status, but close the TCP connection, and does not delete any messages and do not send any responses to customers.
4. "Confirm" status
One TCP connection is opened by POP3 customers, and the POP3 server sends a single line of confirmation. This message can be any character over the CRLF. For example, it can be:
S: OK POP3 Server READY
Note: This message is a POP3 response. POP3 servers should give a "determination" response as an acknowledgment.
At this point, the POP3 session enters the "confirmation" state. At this point, the customer must prove its identity to the server. In the documentation, two possible processing mechanisms are introduced, one is the user and pass commands, the other is the apop command to be introduced later.
Use the user and pass command to confirm the process, the customer must first send the user command, if the POP3 server responds to the "confirm" status code, the customer can send the pass command to complete the confirmation, or send the quit command to terminate the POP3 session. If the POP3 server returns a "failed" status code, the customer can send a confirmation command, or send the quit command.
When the customer sends a pass command, the server determines whether to allow access to the corresponding storage email based on the additional information of the user and pass commands.
Once the server is determined by these data to allow the customer to access the mail, the server adds a row lock on the message to prevent changes in the mail before entering the "update" state. If the row lock is successfully obtained, the server returns a "confirmation" status code. The session enters the "Operating Status" and does not have any messages to be marked as delete. If a message cannot be opened because some reason can be opened (for example, the lock can not be obtained, the customer cannot access the corresponding message or mail cannot be gramatic analysis), the server will return "failed" status code. After returning the "failed" status code, the server will turn off the connection. If the server does not turn off the connection, the customer can resend the confirmation command, start, or send the quit command.
After the server opens the message, it specifies a message number for each message and represents the length of each message with an octave. The first message is specified as 1, and the second message is specified as 2, so that the nth message is specified as N. In the POP3 command and response, the message number and length is represented in decimal. The following is a summary of the above three commands:
User
User Specifies the string of the mailbox, which is critical to the server only after the user and pass commands fails or in the "confirmation" state.
u Returns:
OK: effective mailbox;
-Err: Invalid mailbox.
u routine:
C: User MROSE
S: Ok Mrose Is A Real Hoopy Frood
...
C: User Frate
S: -ERR Sorry, No Mailbox for Frate Here
Pass
PASS specifies the mailbox port order, only after the user command is successful in the "confirmation" state (because this command has only one parameter, the space is no longer a separator, and part of the password)
u Returns
OK: Mail is locked and ready;
-Err: Invalid password or cannot lock the email.
u routine
C: User MROSE
S: Ok Mrose Is A Real Hoopy Frood
C: Pass Secret
S: Ok Mrose's Maildrop HAS 2 Messages (320 OCTETS)
...
C: User MROSE
S: Ok Mrose Is A Real Hoopy Frood
C: Pass Secret
S: -ERR MAILDROP ALREADY LOCKED
5. "Operation" status
Once the customer successfully confirms his identity to the server, the server will lock and open the corresponding message, and the POP3 session enters the "Operation" state. Now customers can repeat the POP3 command below, and they will return to each command server. Finally, the customer sends a quit command, the session enters the "Update" status.
Here is the command available in the "Operation" state:
Stat (none)
Request the server to send back statistics on the mailbox, such as the total number of mails and total bytes
u description
STAT is only available in the "operation" state. The server is "confirmed" in response to mail information. To simplify grammar analysis, all servers require a specific format of the mailing list. "Confirm" responds by a space, a space and mail size indicated by an octal representation. This is the minimum implementation, and advanced implementation requires other information.
Note: The letters marked as deleted are not here.
u Returns
OK: NN mm
u routine
C: Stat
S: OK 2 320
List [msg]
Returns the number of emails and the size of each message.
u description
The number of LIST letters (optional), if the message is not included, the letter marked as deletion is not included. Only available in the "operation" state. If the parameters are given, and the POP3 server returns a "confirmation" including the above information, the line is referred to as "scanning table".
If there is no parameters, the server returns "confirm" response, which is given more than many lines. After the initial OK, the server gives the corresponding response for each letter.
To simplify the grammatic analysis, all servers require a specific format of the scan table. It includes spaces, the exact size of each message. This is the minimum implementation, and advanced implementation requires other information. Note: The letters marked as deleted are not here.
u Returns
OK: followed by the table;
-Err: No scan.
u routine
C: List
S: OK 2 Messages (320 OCTES)
S: 1 120
S: 2 200
S:.
...
C: List 2
S: OK 2 200
...
C: List 3
S: -err no sudh message, only 2 messages in maildrop
Retr
Returns all text of the message identified by the parameter.
u description
Retri does not include the number of letters marked as delete. Only available in the "operation" state. If the server returns "confirm", the response given is multi-line. After the initial OK, the server sends information corresponding to the given information number, pays attention to the byte fill terminator for multi-line responses.
u Returns
OK: The message is after;
-Err: There is no message thereafter.
u routine
C: Retr 1
S: OK 120 OCTS
S: ...
S:.
Dele
The server will mark the message identified by the parameter as delete, executed by the quit command
u description
Dele does not include the number of letters marked as delete. Only available in the "operation" state. The server marks this letter as delete, and any other in the future will generate an error. The server does not really delete this letter before the session enters the "Update" state.
u Returns
OK: Letters are deleted;
-Err: Non-this letter.
u routine
C: DELE 1
S: OK Message 1 deleted
...
C: Dele 2
S: -ERR Message 2 Already Deleted
NOOP (none)
The server returns a positive response.
u description
NOOP is available only in the "operation" state. The server returns only "confirm".
u Returns
OK: Confirm.
u routine
C: NOOP
S: OK
Rset (none)
The server will reset all tagged messages to undo dele commands
u description
RSET (none) is available only in the "operation" state. All letters that are marked as deleted, the server returns "confirm".
u Returns
OK
u routine
C: Rset
S: OK MAildrop HAS 2 Messages (320 characters)
6. "Update" status
When the customer sends the quit command in the "Operation" state, the session enters the "Update" status. (Note: If the customer sends QUIT in the "confirmation" state, the session does not enter the "update" state.)
If the session is interrupted because the quit command is interrupted, the session does not enter the "Update" status, nor does any letters from the server.
Quit (none)
Exit and update.
u description
Quit (None) Server Deletes all tagged letters that delete, then release the zone lock and return the status code of these operations. Finally, the TCP connection was interrupted.
u Returns
OK
u routine
C: Quits: OK DEEY POP3 Server SIGNING OFF (Clear Tag Mail)
...
C: quit
S: OK DEEY POP3 Server Signing Off
7. Optional POP3 command
The order discussed above is the minimum implementation of the POP3 service. The optional commands described below allow customers to more easily process letters, which is a relatively general POP3 service implementation.
TOP
The server will return to the N-line content of the N-line of the message identified by the parameter, and n must be positive integers.
u description
Top MSG N is not marked as the number of letters, the other is a non-negative number (must be provided) is only used only in the "operation" state. If the server returns "confirm", the response is multi-line. After the initial OK, the server sends a letter head, one space separated the letter header and the letter, and pay attention to the byte fill terminator for multi-line responses.
Note: If the number of rows required by the customer is larger than the number of rows in the letters, the server will send the entire letter.
u Returns
OK: there is a letterhead;
-Err: There is no similar message thereafter.
u routine
C: TOP 1 10
S: OK
S:
S:.
...
C: TOP 100 3
S: -err no sudh message
UIDL [MSG]
Returns the unique identifier of the message, each identifier of the POP3 session will be unique
u description
UIDL [MSG] Letter number (optional). If the number of letters is given, the letter marked as deletion is not included. Use only in the "operation" state. If the parameters are given, and the POP3 server returns "confirmation" including the above information, the line is referred to as "independent-ID table".
If there is no parameters, the server returns "confirm" response, which is given more than many lines. After the initial OK, the server gives the corresponding response for each letter. This line is called the "independent-ID table" of the letter.
To simplify the grammatic analysis, all servers require a specific format of the independent-ID table. It includes independent-ID of spaces and letters.
The independent -ID of the letter consists of 0x21 to 0x7e character, which will not be repeated in a given storage message.
Note: Letters do not include letters marked as delete.
u Returns
OK: It is independent-ID table;
-Err: There is no similar letter thereafter.
u routine
C: UIDL
S: OK
S: 1 WhiQTSWO00WBW
418F
9T5JXYWZ
S: 2 QHDPYR: 00WBW1PH7X7
S:.
...
C: UIDL 2
S: OK 2 QHDPYR: 00WBW1PH7X7
...
C: UIDL 3
S: -err no sudh message, only 2 messages in maildrop
APOP
Digest is a summary of the MD5 message.
u description
APOP Name Digest specifies the string and MD5 summary string of the mailbox. Use only in the "confirmation" state after POP3 confirmation. Typically, each POP3 session begins with user / pass interchange. This leads to explicit transmission of username and password on the network, which will not cause any danger. However, many customers are often connected to service check letters. Usually the interval is relatively short, which increases the possibility of leakage.
Another way to provide a "confirm" process is to use the APOP command.
The server that implements the APOP command includes a timestamp confirmed by a tag. For example, using the syntax of the APOP command on UNIX: Process-id.clock@hostname, where the process-ID is the decimal number of the process, the clock is the decimal representation of the system clock, the host name is consistent with the POP3 server name. The client records this timestamp, then to send the apop command. The Name syntax is consistent with the USER command. Digest is a string that includes the timestamp and shared key generated by the MD5 algorithm. This key is a customer and server condominations. You should pay attention to protect this key. If you discise, anyone can enter the server as a user.
If the server is connected to the APOP command, it verifies Digest, if correct, the server returns "confirm" and goes to "Operation" status; otherwise, give "failure" and stay in the "confirmation" state.
Note: The length of the shared key is increased, and the difficulty of interpretation is also increased accordingly. This key should be a long string.
u Returns
OK: Mail is locked and ready;
-Err: Rejects the request.
u routine
S: OK POP3 Server Ready 1896.697170952@dbc.mtview.ca.us
C: APOP MROSE C
4C
9334BAC560ECC979E58001B3E22FB
S: Ok Maildrop HAS 1 Message (369 OCTETS)
In this example, the shared key <1896.697170952@dbc.mtview.ca.us> TanStaaf is generated by the MD5 algorithm, which produces a Digest value, C
4C
9334BAC560ECC979E58001B3E22FB
8. Summary of POP3 Commands
command
parameter
status
description
User
Username
Recognize
If this command is successful, the following pass command will result in status conversion
PASS
Password
Recognize
APOP
Name, Digest
Recognize
Digest is a summary of MD5 message
Stat
None
deal with
Request the server to send back statistics on the mailbox, such as the total number of mails and total bytes
UIDL
[Msg #]
deal with
Returns the unique identifier of the message, each identifier of the POP3 session will be unique
List
[Msg #]
deal with
Returns the number of emails and the size of each message
Retri
[Msg #]
deal with
Returns all text of the message identified by the parameter
DELE
[Msg #]
deal with
The server will mark the message identified by the parameter as delete, executed by the quit command
Rset
None
deal with
The server will reset all tagged messages to undo dele commands
TOP
[Msg #]
deal with
The server will return to the N-line content of the N-line of the message identified by the parameter, and n must be positive integers.
NOOP
None
deal with
Server returns a positive response
Quit
None
Update
Basic POP3 command:
User Name is valid in "confirmation"
Pass string
Quit
Stat is valid in the "Operation" status
List [msg]
RETR MSG
Dele MSG
NOOP
Rset
Quit is valid in "Update"
Optional POP3 command:
APOP Name Digest is valid in "confirmation"
TOP MSG N is valid in the "operation" state
UIDL [MSG]
POP3 response:
OK
-Err
Note: In addition to the response of STAT, LIST, and UIDL, the response of other commands is " OK" and "-err". All text after the response will be ignored by the client. 9. POP3 session instance
S:
C:
S: OK POP3 Server Ready 1896.697170952@dbc.mtview.ca.us
C: APOP MROSE C
4C
9334BAC560ECC979E58001B3E22FB
S: Ok Mrose's Maildrop HAS 2 Messages (320 OCTETS)
C: Stat
S: OK 2 320
C: List
S: OK 2 Messages (320 OCTES)
S: 1 120
S: 2 200
S:.
C: Retr 1
S: OK 120 OCTS
S:
S:.
C: DELE 1
S: OK Message 1 deleted
C: Retr 2
S: OK 200 OCTS
S:
S:.
C: Dele 2
S: OK Message 2 deleted
C: quit
S: OK DEEY POP3 Server Signing Off (MAildrop Empty)
C:
S:
10. Message format
The message format in the session is assumed to be consistent with the Internet text message format. It should be noted that the count is not necessarily the same because each server is different from the processing of the newline. Typically, in the "confirmation" state, the server can calculate the size of the letter in an octave. For example, if the server inside the server identifies a character, the general server is calculated as two characters when calculating it. Note that the message line starting with the terminator is not counted twice, because the customer will delete all bytes filled after receiving multiple lines.
11. Safety considerations
It can be speculated that the use of the APOP command can provide protection during session. Accordingly, the server that implements the pass and apop commands only allows the user to access one way; that is, use the USER / PASS combination, or use the APOP command, it is not possible to use two.
Moreover, it is noted that the difficulty of interpretation is rising as the length of the shared key is increased. The server does not give any responses when providing the username, does not give any implies that this username is correct. The password is explicitly transmitted on the network; explicitly transmits the letter on the network using the Retri and TOP commands.
