< draft-ietf-lemonade-profile-06.txt   draft-ietf-lemonade-profile-07.txt >
Internet Draft: Lemonade Profile S. H. Maes Internet Draft: Lemonade Profile S. H. Maes
Document: draft-ietf-lemonade-profile-06.txt A. Melnikov Document: draft-ietf-lemonade-profile-07.txt A. Melnikov
Expires: May 2006 November 2005 Expires: July 2006 January 2006
Lemonade Profile Lemonade Profile
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
skipping to change at line 45 skipping to change at line 45
constrained in memory, bandwidth, processing power, or other areas) constrained in memory, bandwidth, processing power, or other areas)
to efficiently use IMAP and Submission to access and submit mail. to efficiently use IMAP and Submission to access and submit mail.
This includes the ability to forward received mail without needing to This includes the ability to forward received mail without needing to
download and upload the mail, to optimize submission and to download and upload the mail, to optimize submission and to
efficiently resynchronize in case of loss of connectivity with the efficiently resynchronize in case of loss of connectivity with the
server. server.
The Lemonade profile relies upon extensions to IMAP and Mail The Lemonade profile relies upon extensions to IMAP and Mail
Submission protocols; specifically URLAUTH and CATENATE IMAP protocol Submission protocols; specifically URLAUTH and CATENATE IMAP protocol
[RFC3501] extensions and BURL extension to the SUBMIT protocol [RFC3501] extensions and BURL extension to the SUBMIT protocol
[RFC2476]. [SUBMIT].
Conventions used in this document Conventions used in this document
In examples, "M:", "I:" and "S:" indicate lines sent by the client In examples, "M:", "I:" and "S:" indicate lines sent by the client
messaging user agent, IMAP e-mail server and SMTP submit server messaging user agent, IMAP e-mail server and SMTP submit server
respectively. respectively.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
All examples in this document are optimized for Lemonade use and
might not represent examples of proper protocol usage for a general
use Submit/IMAP client. In particular examples assume that Lemonade
Submit and IMAP servers support all Lemonade extensions described in
this document, so they don't show how to deal with absence of an
extension.
Table of Contents Table of Contents
Status of this Memo 1 Status of this Memo 1
Abstract 1 Abstract 1
Conventions used in this document 2 Conventions used in this document 2
Table of Contents 2 Table of Contents 2
1. Introduction 3 1. Introduction 3
2. Forward without download 4 2. Forward without download 4
2.1. Motivations 4 2.1. Motivations 4
2.2. Message Sending Overview 4 2.2. Message Sending Overview 4
skipping to change at line 106 skipping to change at line 113
Authors Addresses 23 Authors Addresses 23
Intellectual Property Statement 23 Intellectual Property Statement 23
1. Introduction 1. Introduction
Lemonade provides enhancements to Internet email to support diverse Lemonade provides enhancements to Internet email to support diverse
service environments. service environments.
This document describes the lemonade profile that includes: This document describes the lemonade profile that includes:
- "Forward without download" that describes exchanges between - "Forward without download" that describes exchanges between
Lemonade clients and servers to allow to submit new email messages Lemonade clients and servers to allow to submit new email
incorporating content which resides on locations external to the client. messages incorporating content which resides on locations
- Quick mailbox resynchronization using [CONDSTORE]. external to the client.
- Several IMAP and SMTP extensions that allow to save bandwidth - Quick mailbox resynchronization using [CONDSTORE].
and/or number of round trips required to send/receive data. - Several IMAP and SMTP extensions that allow saving bandwidth
and/or number of round trips required to send/receive data.
The organization of this document is as follows. Section 2 describes The organization of this document is as follows. Section 2 describes
the Forward without download. Section 3 describes additional SMTP the Forward without download. Section 3 describes additional SMTP
extensions that must be supported by all Lemonade Submission servers. extensions that must be supported by all Lemonade Submission servers.
Section 4 describes IMAP quick resynchronization. Section 4 describes IMAP quick resynchronization.
2. Forward without download 2. Forward without download
2.1. Motivations 2.1. Motivations
The advent of client/server email using the [RFC3501], [RFC2821] and The advent of client/server email using the [RFC3501], [RFC2821] and
[RFC2476] protocols has changed what formerly were local disk [SUBMIT] protocols has changed what formerly were local disk
operations to become repetitive network data transmissions. operations to become repetitive network data transmissions.
Lemonade "forward without download" makes use of the [BURL] SUBMIT Lemonade "forward without download" makes use of the [BURL] SUBMIT
extension to enable access to external sources during the submission extension to enable access to external sources during the submission
of a message. In combination with the IMAP [URLAUTH] extension, of a message. In combination with the IMAP [URLAUTH] extension,
inclusion of message parts or even entire messages from the IMAP mail inclusion of message parts or even entire messages from the IMAP mail
store is possible with a minimal trust relationship between the IMAP store is possible with a minimal trust relationship between the IMAP
and SMTP SUBMIT servers. and SMTP SUBMIT servers.
Lemonade "forward without download" has the advantage of maintaining Lemonade "forward without download" has the advantage of maintaining
one submission protocol, and thus avoids the risk of having multiple one submission protocol, and thus avoids the risk of having multiple
parallel and possibly divergent mechanisms for submission. The client parallel and possibly divergent mechanisms for submission. The client
can use Submit/SMTP [RFC2476] extensions without these being added to can use Submit/SMTP [SUBMIT] extensions without these being added to
IMAP. Furthermore, by keeping the details of message submission in IMAP. Furthermore, by keeping the details of message submission in
the SMTP SUBMIT server, Lemonade "forward without download" can work the SMTP SUBMIT server, Lemonade "forward without download" can work
with other message retrieval protocols such as POP, NNTP, or whatever with other message retrieval protocols such as POP, NNTP, or whatever
else may be designed in the future. else may be designed in the future.
2.2. Message Sending Overview 2.2. Message Sending Overview
The act of sending an email message can be thought of as involving The act of sending an email message can be thought of as involving
multiple steps: initiation of a new draft, draft editing, message multiple steps: initiation of a new draft, draft editing, message
assembly, and message submission. assembly, and message submission.
skipping to change at line 157 skipping to change at line 165
Initiation of a new draft and draft editing takes place in the MUA. Initiation of a new draft and draft editing takes place in the MUA.
Frequently, users choose to save more complex messages on an Frequently, users choose to save more complex messages on an
[RFC3501] server (via the APPEND command with the \Draft flag) for [RFC3501] server (via the APPEND command with the \Draft flag) for
later recall by the MUA and resumption of the editing process. later recall by the MUA and resumption of the editing process.
Message assembly is the process of producing a complete message from Message assembly is the process of producing a complete message from
the final revision of the draft and external sources. At assembly the final revision of the draft and external sources. At assembly
time, external data is retrieved and inserted in the message. time, external data is retrieved and inserted in the message.
Message submission is the process of inserting the assembled message Message submission is the process of inserting the assembled message
into the [RFC2821] infrastructure, typically using the [RFC2476] into the [RFC2821] infrastructure, typically using the [SUBMIT]
protocol. protocol.
2.3. Traditional Strategy 2.3. Traditional Strategy
Traditionally, messages are initiated, edited, and assembled entirely Traditionally, messages are initiated, edited, and assembled entirely
within an MUA, although drafts may be saved to an [RFC3501] server within an MUA, although drafts may be saved to an [RFC3501] server
and later retrieved from the server. The completed text is then and later retrieved from the server. The completed text is then
transmitted to an MSA for delivery. transmitted to an MSA for delivery.
There is often no clear boundary between the editing and assembly There is often no clear boundary between the editing and assembly
skipping to change at line 185 skipping to change at line 193
submission. submission.
In the past, this was not much of a problem, because drafts, external In the past, this was not much of a problem, because drafts, external
data, and the message submission mechanism were typically located on data, and the message submission mechanism were typically located on
the same system as the MUA. The most common problem was running out the same system as the MUA. The most common problem was running out
of disk quota. of disk quota.
2.4. Step by step description 2.4. Step by step description
The model distinguishes between a Messaging User Agent (MUA), an The model distinguishes between a Messaging User Agent (MUA), an
IMAPv4Rev1 Server ([RFC3501]) and a SMTP submit server ([RFC2476]), IMAPv4Rev1 Server ([RFC3501]) and a SMTP submit server ([SUBMIT]), as
as illustrated in Figure 1. illustrated in Figure 1.
+--------------------+ +--------------+ +--------------------+ +--------------+
| | <------------ | | | | <------------ | |
| MUA (M) | | IMAPv4Rev1 | | MUA (M) | | IMAPv4Rev1 |
| | | Server | | | | Server |
| | ------------> | (Server I) | | | ------------> | (Server I) |
+--------------------+ +--------------+ +--------------------+ +--------------+
^ | ^ | ^ | ^ |
| | | | | | | |
| | | | | | | |
skipping to change at line 232 skipping to change at line 240
achieved. achieved.
2.4.1. Message assembly using IMAP CATENATE extension 2.4.1. Message assembly using IMAP CATENATE extension
In the [BURL]/[CATENATE] variant of the Lemonade "forward without In the [BURL]/[CATENATE] variant of the Lemonade "forward without
download" strategy, messages are initially composed and edited within download" strategy, messages are initially composed and edited within
an MUA. The [CATENATE] extension to [RFC3501] is then used to create an MUA. The [CATENATE] extension to [RFC3501] is then used to create
the messages on the IMAP server by transmitting new text and the messages on the IMAP server by transmitting new text and
assembling them. The [UIDPLUS] IMAP extension is used by the client assembling them. The [UIDPLUS] IMAP extension is used by the client
in order to learn the UID of the created messages. Finally a in order to learn the UID of the created messages. Finally a
[URLAUTH] format URL is given to a [RFC2476] server for submission [URLAUTH] format URL is given to a [SUBMIT] server for submission
using the [BURL] extension. using the [BURL] extension.
The flow involved to support such a use case consists of: The flow involved to support such a use case consists of:
M: {to I -- Optional} The client connects to the IMAP server, M: {to I -- Optional} The client connects to the IMAP server,
optionally starts TLS (if data confidentiality is required), optionally starts TLS (if data confidentiality is required),
authenticates, opens a mailbox ("INBOX" in the example below) and authenticates, opens a mailbox ("INBOX" in the example below) and
fetches body structures (See [RFC3501]). fetches body structures (See [RFC3501]).
Example: Example:
M: A0051 UID FETCH 25627 (UID BODYSTRUCTURE) M: A0051 UID FETCH 25627 (UID BODYSTRUCTURE)
skipping to change at line 392 skipping to change at line 400
Note that if the IMAP server doesn't send CAPABILITY response code Note that if the IMAP server doesn't send CAPABILITY response code
in the greeting, the mail submission server must issue the in the greeting, the mail submission server must issue the
CAPABILITY command to learn about supported IMAP extensions as CAPABILITY command to learn about supported IMAP extensions as
described in RFC 3501. described in RFC 3501.
Also, if data confidentiality is not required the mail submission Also, if data confidentiality is not required the mail submission
server may omit the STARTTLS command before issuing the LOGIN server may omit the STARTTLS command before issuing the LOGIN
command. command.
S2: {to M} OK (2XX) S: {to M} Submission server assembles the complete message and if
the assembly succeeds it returns OK to the MUA:
Submission server returns OK to the MUA:
S: 250 2.5.0 Ok. S: 250 2.5.0 Ok.
M: {to I} The client marks the forwarded message on the IMAP M: {to I} The client marks the forwarded message on the IMAP
server. server.
M: A0053 UID STORE 25627 +FLAGS.SILENT ($Forwarded) M: A0053 UID STORE 25627 +FLAGS.SILENT ($Forwarded)
I: A0053 OK STORE completed I: A0053 OK STORE completed
Note: the UID STORE command shown above will only work if the Note: the UID STORE command shown above will only work if the
marked message is in the currently selected mailbox. This command marked message is in the currently selected mailbox. This command
can be omitted. The $Forwarded IMAP keyword is described in section can be omitted. The $Forwarded IMAP keyword is described in section
2.8. 2.8.
2.4.2. Message assembly using SMTP CHUNKING and BURL extensions 2.4.2. Message assembly using SMTP CHUNKING and BURL extensions
In the [BURL]/[CHUNKING] variant of the Lemonade "forward without In the [BURL]/[CHUNKING] variant of the Lemonade "forward without
download" strategy, messages are initially composed and edited within download" strategy, messages are initially composed and edited within
an MUA. The BURL [BURL] and BDAT [CHINKING] commands are then used an MUA. During submission [RFC2476], BURL [BURL] and BDAT [CHINKING]
to create the messages from multiple parts during submission commands are used to create the messages from multiple parts. New
[RFC2476], existing body parts are referenced using [URLAUTH] format body parts are supplied using BDAT commands, while existing body
URLs. parts are referenced using [URLAUTH] format URLs in BURL commands.
The flow involved to support such a use case consists of: The flow involved to support such a use case consists of:
M: {to I -- Optional} The client connects to the IMAP server, M: {to I -- Optional} The client connects to the IMAP server,
optionally starts TLS (if data confidentiality is required), optionally starts TLS (if data confidentiality is required),
authenticates, opens a mailbox ("INBOX" in the example below) and authenticates, opens a mailbox ("INBOX" in the example below) and
fetches body structures (See [RFC3501]). fetches body structures (See [RFC3501]).
Example: Example:
M: A0051 UID FETCH 25627 (UID BODYSTRUCTURE) M: A0051 UID FETCH 25627 (UID BODYSTRUCTURE)
I: * 161 FETCH (UID 25627 BODYSTRUCTURE (("TEXT" "PLAIN" I: * 161 FETCH (UID 25627 BODYSTRUCTURE (("TEXT" "PLAIN"
skipping to change at line 457 skipping to change at line 464
UIDVALIDITY=385759045/;UID=25627;Section=2.MIME; UIDVALIDITY=385759045/;UID=25627;Section=2.MIME;
expire=2006-10-28T23:59:59Z;urlauth=submit+bob.ar: expire=2006-10-28T23:59:59Z;urlauth=submit+bob.ar:
internal:A0DEAD473744909de610943775f9BEEF" internal:A0DEAD473744909de610943775f9BEEF"
"imap://bob.ar@example.org/INBOX; "imap://bob.ar@example.org/INBOX;
UIDVALIDITY=385759045/;UID=25627;Section=2; UIDVALIDITY=385759045/;UID=25627;Section=2;
expire=2006-10-28T23:59:59Z;urlauth=submit+bob.ar: expire=2006-10-28T23:59:59Z;urlauth=submit+bob.ar:
internal:BEEFA0DEAD473744909de610943775f9" internal:BEEFA0DEAD473744909de610943775f9"
I: A0054 OK GENURLAUTH completed I: A0054 OK GENURLAUTH completed
M: {to S} The client connects to the mail submission server and M: {to S} The client connects to the mail submission server and
starts a new mail transaction. It uses BURL to let the SMTP submit starts a new mail transaction. It uses BURL to instruct the SMTP
server fetch pieces of the message to be sent from the IMAP server submit server to fetch from the IMAP server pieces of the message
(See [BURL] for details of the semantics and steps). Note that the to be sent (See [BURL] for details of the semantics and steps).
second EHLO command is required after a successful STARTTLS Note that the second EHLO command is required after a successful
command. The third EHLO command is required if and only if the STARTTLS command. The third EHLO command is required if and only if
second EHLO response doesn't list any BURL options. See section the second EHLO response doesn't list any BURL options. See section
2.4.1 for an example of submission where the third EHLO 2.4.1 for an example of submission where the third EHLO
command/response is not present. command/response is not present.
S: 220 owlry.example.org ESMTP S: 220 owlry.example.org ESMTP
M: EHLO potter.example.org M: EHLO potter.example.org
S: 250-owlry.example.com S: 250-owlry.example.com
S: 250-8BITMIME S: 250-8BITMIME
S: 250-BINARYMIME S: 250-BINARYMIME
S: 250-PIPELINING S: 250-PIPELINING
S: 250-BURL S: 250-BURL
skipping to change at line 588 skipping to change at line 595
S: a003 OK Logout successful S: a003 OK Logout successful
Note that if the IMAP server doesn't send CAPABILITY response code Note that if the IMAP server doesn't send CAPABILITY response code
in the greeting, the mail submission server must issue the in the greeting, the mail submission server must issue the
CAPABILITY command to learn about supported IMAP extensions as CAPABILITY command to learn about supported IMAP extensions as
described in RFC 3501. described in RFC 3501.
Also, if data confidentiality is required the mail submission Also, if data confidentiality is required the mail submission
server should start TLS before issuing the LOGIN command. server should start TLS before issuing the LOGIN command.
S2: {to M} OK (2XX) S: {to M} Submission server assembles the complete message and if
the assembly succeeds it acknowledges acceptance of the message by
Submission server acknowledges acceptance of the message by sending sending 250 response to the last BDAT command:
250 response to the last BDAT command:
S: 250 2.5.0 Ok, message accepted. S: 250 2.5.0 Ok, message accepted.
M: {to I} The client marks the forwarded message on the IMAP M: {to I} The client marks the forwarded message on the IMAP
server. server.
M: A0053 UID STORE 25627 +FLAGS.SILENT ($Forwarded) M: A0053 UID STORE 25627 +FLAGS.SILENT ($Forwarded)
I: A0053 OK STORE completed I: A0053 OK STORE completed
Note: the UID STORE command shown above will only work if the Note: the UID STORE command shown above will only work if the
marked message is in the currently selected mailbox. This command marked message is in the currently selected mailbox. This command
skipping to change at line 615 skipping to change at line 621
2.5. Normative statements related to forward without download 2.5. Normative statements related to forward without download
Lemonade compliant IMAP servers MUST support IMAPv4Rev1 [RFC3501], Lemonade compliant IMAP servers MUST support IMAPv4Rev1 [RFC3501],
CATENATE [CATENATE], UIDPLUS [UIDPLUS] and URLAUTH [URLAUTH]. This CATENATE [CATENATE], UIDPLUS [UIDPLUS] and URLAUTH [URLAUTH]. This
support MUST be declared via CAPABILITY [RFC3501]. support MUST be declared via CAPABILITY [RFC3501].
Lemonade compliant submit servers MUST support the BURL [BURL], Lemonade compliant submit servers MUST support the BURL [BURL],
8BITMIME [8BITMIME], BINARYMIME [CHUNKING] and CHUNKING [CHUNKING]. 8BITMIME [8BITMIME], BINARYMIME [CHUNKING] and CHUNKING [CHUNKING].
This support MUST be declared via EHLO [RFC2821]. BURL MUST support This support MUST be declared via EHLO [RFC2821]. BURL MUST support
URLAUTH type URLs [URLAUTH], and thus MUST advertise the "imap" URLAUTH type URLs [URLAUTH], and thus MUST advertise the "imap"
option following the BURL EHLO keyword. option following the BURL EHLO keyword (See [BURL] for more details).
Additional normative statements are provided in other sections. Additional normative statements are provided in other sections.
2.6. Security Considerations for pawn-tickets. 2.6. Security Considerations for pawn-tickets.
The so-called "pawn-ticket" authorization mechanism uses a URI, which The so-called "pawn-ticket" authorization mechanism uses a URI, which
contains its own authorization credentials using [URLAUTH]. The contains its own authorization credentials using [URLAUTH]. The
advantage of this mechanism is that the SMTP submit [RFC2476] server advantage of this mechanism is that the SMTP submit [SUBMIT] server
cannot access any data on the [RFC3501] server without a "pawn- cannot access any data on the [RFC3501] server without a "pawn-
ticket" created by the client. ticket" created by the client.
The "pawn-ticket" grants access only to the specific data that the The "pawn-ticket" grants access only to the specific data that the
SMTP submit [RFC2476] server is authorized to access, can be revoked SMTP submit [SUBMIT] server is authorized to access, can be revoked
by the client, and can have a time-limited validity. by the client, and can have a time-limited validity.
2.7. The fcc problem 2.7. The fcc problem
The "fcc problem" refers to delivering a copy of a message to a "file The "fcc problem" refers to delivering a copy of a message to a "file
carbon copy" recipient. By far, the most common case of fcc is a carbon copy" recipient. By far, the most common case of fcc is a
client leaving a copy of outgoing mail in a "Sent Mail" or "Outbox" client leaving a copy of outgoing mail in a "Sent Mail" or "Outbox"
mailbox. mailbox.
In the traditional strategy, the MUA duplicates the effort spent in In the traditional strategy, the MUA duplicates the effort spent in
skipping to change at line 650 skipping to change at line 656
in a separate step. This may be a write to a local disk file or an in a separate step. This may be a write to a local disk file or an
APPEND to a mailbox on an IMAP server. The latter is one of the " APPEND to a mailbox on an IMAP server. The latter is one of the "
repetitive network data transmissions" which represents the "problem" repetitive network data transmissions" which represents the "problem"
aspect of the "fcc problem". aspect of the "fcc problem".
The [CATENATE] extension to [RFC3501] can be used to address the fcc The [CATENATE] extension to [RFC3501] can be used to address the fcc
problem. The final message is constructed in the mailbox designed for problem. The final message is constructed in the mailbox designed for
outgoing mail. Note that the [CATENATE] extension can only create a outgoing mail. Note that the [CATENATE] extension can only create a
single message and only on the server which stages the outgoing single message and only on the server which stages the outgoing
message for submission. Additional copies of the message can be message for submission. Additional copies of the message can be
created on the same server using one or more COPY command. created on the same server using one or more COPY commands.
2.8. Registration of $Forwarded IMAP keyword 2.8. Registration of $Forwarded IMAP keyword
$Forwarded IMAP keyword is used by several IMAP clients to specify The $Forwarded IMAP keyword is used by several IMAP clients to
that the message was resent to another email address, embedded within specify that the message was resent to another email address,
or attached to a new message. A mail client sets this keyword when it embedded within or attached to a new message. A mail client sets this
successfully forwards the message to another email address. Typical keyword when it successfully forwards the message to another email
usage of this keyword is to show a different (or additional) icon for address. Typical usage of this keyword is to show a different (or
a message that has been forwarded. Once set the flag SHOULD NOT be additional) icon for a message that has been forwarded. Once set the
cleared. flag SHOULD NOT be cleared.
Lemonade compliant servers MUST be able to store the $Forwarded Lemonade compliant servers MUST be able to store the $Forwarded
keyword. They MUST preserve it on the COPY operation. The servers keyword. They MUST preserve it on the COPY operation. The servers
MUST support the SEARCH KEYWORD $Forwarded. MUST support the SEARCH KEYWORD $Forwarded.
3. Message Submission 3. Message Submission
LEMONADE compliant mail submission servers are expected to implement LEMONADE compliant mail submission servers are expected to implement
the following set of SMTP extensions to make message submission the following set of SMTP extensions to make message submission
efficient. efficient.
skipping to change at line 692 skipping to change at line 698
Clients SHOULD pipeline SMTP commands when possible. Clients SHOULD pipeline SMTP commands when possible.
3.2. DSN Support 3.2. DSN Support
LEMONADE compliant mail submission servers MUST support SMTP service LEMONADE compliant mail submission servers MUST support SMTP service
extensions for delivery status notifications [RFC3461]. extensions for delivery status notifications [RFC3461].
3.3. Message size declaration 3.3. Message size declaration
LEMONADE compliant mail submission servers MUST support the SMTP LEMONADE compliant mail submission servers MUST support the SMTP
Service Extension for Message Size Declaration [RFC2927]. Service Extension for Message Size Declaration [RFC1870].
Note a LEMONADE compliant mail submission server must perform message LEMONADE compliant mail submission servers MUST ("expand") all BURL
size limit enforcement after performing "expansion" of all BURL parts before enforcing a message size limit.
parts.
A LEMONADE compliant client SHOULD use message size declaration. In A LEMONADE compliant client SHOULD use message size declaration. In
particular it SHOULD NOT send a message to a mail submission server, particular it SHOULD NOT send a message to a mail submission server,
if the client knows that the message exceeds the maximal message size if the client knows that the message exceeds the maximal message size
advertised by the submission server. advertised by the submission server.
3.4. Enhanced status code Support 3.4. Enhanced status code Support
LEMONADE compliant mail submission servers MUST support SMTP Service LEMONADE compliant mail submission servers MUST support SMTP Service
Extension for Returning Enhanced Error Codes [RFC2034]. Extension for Returning Enhanced Error Codes [RFC2034].
skipping to change at line 734 skipping to change at line 739
Lemonade compliant IMAP servers MUST support the NAMESPACE Lemonade compliant IMAP servers MUST support the NAMESPACE
[NAMESPACE] extension. The extension allows clients to discover [NAMESPACE] extension. The extension allows clients to discover
shared mailboxes and mailboxes belonging to other users. shared mailboxes and mailboxes belonging to other users.
Lemonade compliant IMAP servers MUST support the LITERAL+ [LITERAL+] Lemonade compliant IMAP servers MUST support the LITERAL+ [LITERAL+]
extension. The extension allows clients to save a round trip each extension. The extension allows clients to save a round trip each
time a non-synchronizing literal is sent. time a non-synchronizing literal is sent.
Lemonade compliant IMAP servers MUST support the IDLE [IDLE] Lemonade compliant IMAP servers MUST support the IDLE [IDLE]
extension. The extension allows clients to receive instant extension. The extension allows clients to receive instant
notifications about changes in the selected mailbox, without the need notifications about changes in the selected mailbox, without needing
for constant polling for changes. to poll for changes.
LEMONADE Compliant IMAP servers MUST support IMAP over TLS [RFC3501] LEMONADE Compliant IMAP servers MUST support IMAP over TLS [RFC3501]
as required by RFC 3501. as required by RFC 3501.
6. Summary of the required IMAP and SMTP extensions 6. Summary of the required IMAP and SMTP extensions
------------------------------------------------------ -----------------------------------------------------|
|Name of an SMTP extension| Comment | | Name of SMTP extension | Comment |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| PIPELINING | Section 3.1 | | PIPELINING | Section 3.1 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| DNS | Section 3.2 | | DNS | Section 3.2 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| SIZE | Section 3.3 | | SIZE | Section 3.3 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| ENHANCEDSTATUSCODES | Section 3.4 | | ENHANCEDSTATUSCODES | Section 3.4 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| STARTTLS | Section 3.5 | | STARTTLS | Section 3.5 |
skipping to change at line 769 skipping to change at line 774
|-------------------------|--------------------------| |-------------------------|--------------------------|
| CHUNKING, | Section 2.5 | | CHUNKING, | Section 2.5 |
| BINARYMIME | Section 2.5 | | BINARYMIME | Section 2.5 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| 8BITMIME, | Required by BURL | | 8BITMIME, | Required by BURL |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| AUTH | Required by Submission, | | AUTH | Required by Submission, |
| | See [SMTPAUTH]. | | | See [SMTPAUTH]. |
|-------------------------|--------------------------| |-------------------------|--------------------------|
------------------------------------------------------ -----------------------------------------------------|
|Name of an IMAP extension| Comment | | Name of IMAP extension | Comment |
| or feature | | | or feature | |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| NAMESPACE | Section 5 | | NAMESPACE | Section 5 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| CONDSTORE | Section 4 | | CONDSTORE | Section 4 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| STARTTLS |Required by IMAP (RFC3501)| | STARTTLS |Required by IMAP (RFC3501)|
|-------------------------|--------------------------| |-------------------------|--------------------------|
| URLAUTH, | Forward without download,| | URLAUTH, | Forward without download,|
| CATENATE, | Section 2 | | CATENATE, | Section 2 |
| UIDPLUS | | | UIDPLUS | |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| LITERAL+ | Section 5 | | LITERAL+ | Section 5 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| IDLE | Section 5 | | IDLE | Section 5 |
|-------------------------|--------------------------| |-------------------------|--------------------------|
| $Forwarded IMAP keyword | Section 2.8 | | $Forwarded IMAP keyword | Section 2.8
|
|-------------------------|--------------------------| |-------------------------|--------------------------|
7. Future work 7. Future work
The Lemonade Working Group is looking into additional issues related The Lemonade Working Group is looking into additional issues related
to access of email from mobile devices, possibly including: to usage of email by mobile devices, possibly including:
- Media conversion (static and possibly streamed) - Media conversion (static and possibly streamed)
- Transport optimization for low or costly bandwidth and less - Transport optimization for low or costly bandwidth and less
reliable mobile networks (e.g. quick reconnect) reliable mobile networks (e.g. quick reconnect)
- Server to client notifications, possibly outside of the - Server to client notifications, possibly outside of the
traditional IMAP band traditional IMAP band
- Dealing with firewall and intermediaries - Dealing with firewall and intermediaries
- Compression and other bandwidth optimization - Compression and other bandwidth optimization
- Filtering - Filtering
- Other considerations for mobile clients - Other considerations for mobile clients
8. Security Considerations 8. Security Considerations
Security considerations on Lemonade "forward without download" are Security considerations on Lemonade "forward without download" are
discussed throughout section 2. Additional security considerations discussed throughout section 2. Additional security considerations
can be found in [RFC3501] and other documents describing other SMTP can be found in [RFC3501] and other documents describing other SMTP
and IMAP extensions comprising the Lemonade Profile. and IMAP extensions comprising the Lemonade Profile.
Note that the mandatory to implement authentication mechanism for Note that the mandatory to implement authentication mechanism for
SMTP submission is described in [RFC2476]. The mandatory to implement SMTP submission is described in [SUBMIT]. The mandatory to implement
authentication mechanism for IMAP is described in [RFC3501]. authentication mechanism for IMAP is described in [RFC3501].
8.1. Confidentiality Protection of Submitted Messages 8.1. Confidentiality Protection of Submitted Messages
When clients submit new messages, link protection such as TLS guards When clients submit new messages, link protection such as TLS guards
against an eavesdropper seeing the contents of the submitted message. against an eavesdropper seeing the contents of the submitted message.
It's worth noting, however, that even if TLS is not used, the It's worth noting, however, that even if TLS is not used, the
security risks are no worse if BURL is used to reference the text security risks are no worse if BURL is used to reference the text
than if the text is submitted directly. If BURL is not used, an than if the text is submitted directly. If BURL is not used, an
eavesdropper gains access to the full text of the message. If BURL eavesdropper gains access to the full text of the message. If BURL
is used, the eavesdropper may or may not be able to gain such access, is used, the eavesdropper may or may not be able to gain such access,
depending on the form of BURL used. For example, some forms restrict depending on the form of BURL used. For example, some forms restrict
use of the URL to an entity authorized as a submission server or a use of the URL to an entity authorized as a submission server or a
specific user. specific user.
8.2. TLS 8.2. TLS
When LEMONADE clients use the BURL extension to mail submission, an When LEMONADE clients use the BURL extension to mail submission, an
extension that requires sending a URLAUTH token to the mail extension that requires sending a URLAUTH token to the mail
submission server, such a token should be protected from interception submission server, such a token should be protected from interception
to avoid a replay attack that will disclose the contents of the to avoid a replay attack that may disclose the contents of the
message to an attacker. TLS based encryption of the mail submission message to an attacker. TLS based encryption of the mail submission
path will provide protection against this attack. path will provide protection against this attack.
LEMONADE clients SHOULD use TLS protected IMAP and mail submission LEMONADE clients SHOULD use TLS protected IMAP and mail submission
channels when using BURL-based message submission to protect the channels when using BURL-based message submission to protect the
URLAUTH token from interception. URLAUTH token from interception.
LEMONADE compliant mail submission servers SHOULD use TLS protected LEMONADE compliant mail submission servers SHOULD use TLS protected
IMAP connection when fetching message content using the URLAUTH token IMAP connections when fetching message content using the URLAUTH
provided by the LEMONADE client. token provided by the LEMONADE client.
When a client uses SMTP STARTTLS to send a BURL command which When a client uses SMTP STARTTLS to send a BURL command which
references non-public information, there is a user expectation that references non-public information, there is a user expectation that
the entire message content will be treated confidentially. To meet the entire message content will be treated confidentially. To meet
this expectation, the message submission server should use STARTTLS this expectation, the message submission server should use STARTTLS
or a mechanism providing equivalent data confidentiality when or a mechanism providing equivalent data confidentiality when
fetching the content referenced by that URL. fetching the content referenced by that URL.
9. IANA Considerations 9. IANA Considerations
skipping to change at line 885 skipping to change at line 891
UIDPLUS extension", work in progress, draft-crispin-imap- UIDPLUS extension", work in progress, draft-crispin-imap-
rfc2359bis-XX.txt. rfc2359bis-XX.txt.
[RFC2119] Brader, S. "Keywords for use in RFCs to Indicate [RFC2119] Brader, S. "Keywords for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", RFC 2119, March 1997.
http://www.ietf.org/rfc/rfc2119 http://www.ietf.org/rfc/rfc2119
[RFC2197] Freed, N. "SMTP Service Extension for Command Pipelining", [RFC2197] Freed, N. "SMTP Service Extension for Command Pipelining",
RFC 2197, September 1997. http://www.ietf.org/rfc/rfc2197 RFC 2197, September 1997. http://www.ietf.org/rfc/rfc2197
[RFC2476] Gellens, R. and Klensin, J., "Message Submission for Mail", [RFC1870] Freed, N. and K. Moore, "SMTP Service Extension for Message
Size Declaration", RFC 1870, November 1995.
[SUBMIT] Gellens, R. and Klensin, J., "Message Submission for Mail",
draft-gellens-submit-bis-02.txt. draft-gellens-submit-bis-02.txt.
[SMTP-TLS] Hoffman, P. "SMTP Service Extension for Secure SMTP over [SMTP-TLS] Hoffman, P. "SMTP Service Extension for Secure SMTP over
TLS ", RFC 3207, February 2002. http://www.ietf.org/rfc/rfc3207 TLS ", RFC 3207, February 2002. http://www.ietf.org/rfc/rfc3207
[RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, [RFC2821] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821,
April 2001. April 2001.
[RFC3501] Crispin, M. "IMAP4, Internet Message Access Protocol [RFC3501] Crispin, M. "IMAP4, Internet Message Access Protocol
Version 4 rev1", RFC 3501, March 2003. Version 4 rev1", RFC 3501, March 2003.
skipping to change at line 933 skipping to change at line 942
10.2. Informative References 10.2. Informative References
[IMAP-DISC] Melnikov, A. "Synchronization Operations For [IMAP-DISC] Melnikov, A. "Synchronization Operations For
Disconnected Imap4 Clients", IMAP-DISC, work in progress, draft- Disconnected Imap4 Clients", IMAP-DISC, work in progress, draft-
melnikov-imap-disc-XX.txt melnikov-imap-disc-XX.txt
Version History Version History
This section will be deleted before publication. This section will be deleted before publication.
Version 07:
[1] Addressed editorial comments from Randy Gellens and Dave
Cridland.
Version 06: Version 06:
[1] Updated the reference to SMTP STARTTLS. [1] Updated the reference to SMTP STARTTLS.
[2] Updated the CATENATE example as per comments from Dave Cridland [2] Updated the CATENATE example as per comments from Dave Cridland
(message context, missing additional EHLO, etc.). (message context, missing additional EHLO, etc.).
[3] Added a new section showing use of BURL/BDAT for message [3] Added a new section showing use of BURL/BDAT for message
assembly. assembly.
[4] Added a requirement to support IMAP IDLE extension. [4] Added a requirement to support IMAP IDLE extension.
[5] Added description of the $Forwarded IMAP keyword. [5] Added description of the $Forwarded IMAP keyword.
[6] Added a requirement to support URLAUTH in BURL. [6] Added a requirement to support URLAUTH in BURL.
[7] Mentioned mandatory to implement authentication in the Security [7] Mentioned mandatory to implement authentication in the Security
skipping to change at line 1075 skipping to change at line 1088
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
Acknowledgement Acknowledgement
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 32 change blocks. 
61 lines changed or deleted 74 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/