idnits 2.17.1 draft-melnikov-imap4rev2-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** There are 2 instances of too long lines in the document, the longest one being 3 characters in excess of 72. -- The draft header indicates that this document obsoletes RFC3501, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 26, 2015) is 3288 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'IMAP2' is mentioned on line 4891, but not defined == Missing Reference: 'IMAP-OBSOLETE' is mentioned on line 4886, but not defined == Missing Reference: 'IMAP-COMPAT' is mentioned on line 4876, but not defined == Missing Reference: 'IMAP-HISTORICAL' is mentioned on line 4881, but not defined == Missing Reference: 'RFC-822' is mentioned on line 4895, but not defined ** Obsolete undefined reference: RFC 822 (Obsoleted by RFC 2822) == Missing Reference: 'HEADER' is mentioned on line 3995, but not defined == Missing Reference: 'IMAP-DISC' is mentioned on line 4849, but not defined == Missing Reference: 'SMTP' is mentioned on line 4863, but not defined == Missing Reference: 'UNSEEN 12' is mentioned on line 1567, but not defined == Missing Reference: 'UIDVALIDITY 3857529045' is mentioned on line 3978, but not defined == Missing Reference: 'UIDNEXT 4392' is mentioned on line 1601, but not defined == Missing Reference: 'UNSEEN 8' is mentioned on line 1599, but not defined == Missing Reference: 'UNSEEN 1' is mentioned on line 2179, but not defined == Missing Reference: 'UIDNEXT 2' is mentioned on line 2181, but not defined == Missing Reference: 'TEXT' is mentioned on line 3931, but not defined == Missing Reference: 'RFC4314' is mentioned on line 4866, but not defined == Missing Reference: 'RFC2087' is mentioned on line 4870, but not defined ** Obsolete undefined reference: RFC 2087 (Obsoleted by RFC 9208) == Missing Reference: 'RFC3501' is mentioned on line 3255, but not defined ** Obsolete undefined reference: RFC 3501 (Obsoleted by RFC 9051) == Missing Reference: 'UNSEEN 17' is mentioned on line 3977, but not defined == Missing Reference: 'READ-WRITE' is mentioned on line 3979, but not defined == Missing Reference: 'IMAP-TLS' is mentioned on line 4902, but not defined == Missing Reference: 'IMAP-MODEL' is mentioned on line 4854, but not defined == Missing Reference: 'ACAP' is mentioned on line 4859, but not defined == Missing Reference: 'RFC-821' is mentioned on line 4899, but not defined ** Obsolete undefined reference: RFC 821 (Obsoleted by RFC 2821) ** Obsolete normative reference: RFC 2831 (ref. 'DIGEST-MD5') (Obsoleted by RFC 6331) ** Obsolete normative reference: RFC 5246 (ref. 'TLS') (Obsoleted by RFC 8446) ** Downref: Normative reference to an Informational RFC: RFC 2152 (ref. 'UTF-7') ** Downref: Normative reference to an Informational RFC: RFC 2683 (ref. 'IMAP-IMPLEMENTATION') ** Downref: Normative reference to an Informational RFC: RFC 2180 (ref. 'IMAP-MULTIACCESS') Summary: 11 errors (**), 0 flaws (~~), 26 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov, Ed. 3 Internet-Draft Isode Ltd 4 Obsoletes: 3501 (if approved) April 26, 2015 5 Intended status: Standards Track 6 Expires: October 28, 2015 8 INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev2 9 draft-melnikov-imap4rev2-00.txt 11 Abstract 13 The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) 14 allows a client to access and manipulate electronic mail messages on 15 a server. IMAP4rev2 permits manipulation of mailboxes (remote 16 message folders) in a way that is functionally equivalent to local 17 folders. IMAP4rev2 also provides the capability for an offline 18 client to resynchronize with the server. 20 IMAP4rev2 includes operations for creating, deleting, and renaming 21 mailboxes, checking for new messages, permanently removing messages, 22 setting and clearing flags, RFC 5322 and RFC 2045 parsing, searching, 23 and selective fetching of message attributes, texts, and portions 24 thereof. Messages in IMAP4rev2 are accessed by the use of numbers. 25 These numbers are either message sequence numbers or unique 26 identifiers. 28 IMAP4rev2 supports a single server. A mechanism for accessing 29 configuration information to support multiple IMAP4rev2 servers is 30 discussed in RFC 2244. 32 IMAP4rev2 does not specify a means of posting mail; this function is 33 handled by a mail transfer protocol such as RFC 5321. 35 Status of This Memo 37 This Internet-Draft is submitted in full conformance with the 38 provisions of BCP 78 and BCP 79. 40 Internet-Drafts are working documents of the Internet Engineering 41 Task Force (IETF). Note that other groups may also distribute 42 working documents as Internet-Drafts. The list of current Internet- 43 Drafts is at http://datatracker.ietf.org/drafts/current/. 45 Internet-Drafts are draft documents valid for a maximum of six months 46 and may be updated, replaced, or obsoleted by other documents at any 47 time. It is inappropriate to use Internet-Drafts as reference 48 material or to cite them other than as "work in progress." 49 This Internet-Draft will expire on October 28, 2015. 51 Copyright Notice 53 Copyright (c) 2015 IETF Trust and the persons identified as the 54 document authors. All rights reserved. 56 This document is subject to BCP 78 and the IETF Trust's Legal 57 Provisions Relating to IETF Documents 58 (http://trustee.ietf.org/license-info) in effect on the date of 59 publication of this document. Please review these documents 60 carefully, as they describe your rights and restrictions with respect 61 to this document. Code Components extracted from this document must 62 include Simplified BSD License text as described in Section 4.e of 63 the Trust Legal Provisions and are provided without warranty as 64 described in the Simplified BSD License. 66 This document may contain material from IETF Documents or IETF 67 Contributions published or made publicly available before November 68 10, 2008. The person(s) controlling the copyright in some of this 69 material may not have granted the IETF Trust the right to allow 70 modifications of such material outside the IETF Standards Process. 71 Without obtaining an adequate license from the person(s) controlling 72 the copyright in such materials, this document may not be modified 73 outside the IETF Standards Process, and derivative works of it may 74 not be created outside the IETF Standards Process, except to format 75 it for publication as an RFC or to translate it into languages other 76 than English. 78 Table of Contents 80 1. How to Read This Document . . . . . . . . . . . . . . . . . . 5 81 1.1. Organization of This Document . . . . . . . . . . . . . . 5 82 1.2. Conventions Used in This Document . . . . . . . . . . . . 5 83 1.3. Special Notes to Implementors . . . . . . . . . . . . . . 6 84 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 6 85 2.1. Link Level . . . . . . . . . . . . . . . . . . . . . . . 7 86 2.2. Commands and Responses . . . . . . . . . . . . . . . . . 7 87 2.2.1. Client Protocol Sender and Server Protocol Receiver . 7 88 2.2.2. Server Protocol Sender and Client Protocol Receiver . 8 89 2.3. Message Attributes . . . . . . . . . . . . . . . . . . . 9 90 2.3.1. Message Numbers . . . . . . . . . . . . . . . . . . . 9 91 2.3.2. Flags Message Attribute . . . . . . . . . . . . . . . 11 92 2.3.3. Internal Date Message Attribute . . . . . . . . . . . 12 93 2.3.4. [RFC-5322] Size Message Attribute . . . . . . . . . . 12 94 2.3.5. Envelope Structure Message Attribute . . . . . . . . 13 95 2.3.6. Body Structure Message Attribute . . . . . . . . . . 13 96 2.4. Message Texts . . . . . . . . . . . . . . . . . . . . . . 13 98 3. State and Flow Diagram . . . . . . . . . . . . . . . . . . . 13 99 3.1. Not Authenticated State . . . . . . . . . . . . . . . . . 13 100 3.2. Authenticated State . . . . . . . . . . . . . . . . . . . 13 101 3.3. Selected State . . . . . . . . . . . . . . . . . . . . . 14 102 3.4. Logout State . . . . . . . . . . . . . . . . . . . . . . 14 103 4. Data Formats . . . . . . . . . . . . . . . . . . . . . . . . 15 104 4.1. Atom . . . . . . . . . . . . . . . . . . . . . . . . . . 16 105 4.1.1. Sequence set and UID set . . . . . . . . . . . . . . 16 106 4.2. Number . . . . . . . . . . . . . . . . . . . . . . . . . 16 107 4.3. String . . . . . . . . . . . . . . . . . . . . . . . . . 16 108 4.3.1. 8-bit and Binary Strings . . . . . . . . . . . . . . 17 109 4.4. Parenthesized List . . . . . . . . . . . . . . . . . . . 17 110 4.5. NIL . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 111 5. Operational Considerations . . . . . . . . . . . . . . . . . 17 112 5.1. Mailbox Naming . . . . . . . . . . . . . . . . . . . . . 17 113 5.1.1. Mailbox Hierarchy Naming . . . . . . . . . . . . . . 19 114 5.1.2. Mailbox Namespace Naming Convention . . . . . . . . . 19 115 5.1.3. Mailbox International Naming Convention . . . . . . . 19 116 5.2. Mailbox Size and Message Status Updates . . . . . . . . . 21 117 5.3. Response when no Command in Progress . . . . . . . . . . 21 118 5.4. Autologout Timer . . . . . . . . . . . . . . . . . . . . 21 119 5.5. Multiple Commands in Progress . . . . . . . . . . . . . . 22 120 6. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 23 121 6.1. Client Commands - Any State . . . . . . . . . . . . . . . 23 122 6.1.1. CAPABILITY Command . . . . . . . . . . . . . . . . . 24 123 6.1.2. NOOP Command . . . . . . . . . . . . . . . . . . . . 25 124 6.1.3. LOGOUT Command . . . . . . . . . . . . . . . . . . . 25 125 6.2. Client Commands - Not Authenticated State . . . . . . . . 26 126 6.2.1. STARTTLS Command . . . . . . . . . . . . . . . . . . 26 127 6.2.2. AUTHENTICATE Command . . . . . . . . . . . . . . . . 27 128 6.2.3. LOGIN Command . . . . . . . . . . . . . . . . . . . . 30 129 6.3. Client Commands - Authenticated State . . . . . . . . . . 30 130 6.3.1. ENABLE Command . . . . . . . . . . . . . . . . . . . 31 131 6.3.2. SELECT Command . . . . . . . . . . . . . . . . . . . 33 132 6.3.3. EXAMINE Command . . . . . . . . . . . . . . . . . . . 34 133 6.3.4. CREATE Command . . . . . . . . . . . . . . . . . . . 35 134 6.3.5. DELETE Command . . . . . . . . . . . . . . . . . . . 36 135 6.3.6. RENAME Command . . . . . . . . . . . . . . . . . . . 37 136 6.3.7. SUBSCRIBE Command . . . . . . . . . . . . . . . . . . 39 137 6.3.8. UNSUBSCRIBE Command . . . . . . . . . . . . . . . . . 40 138 6.3.9. LIST Command . . . . . . . . . . . . . . . . . . . . 40 139 6.3.10. LSUB Command . . . . . . . . . . . . . . . . . . . . 43 140 6.3.11. STATUS Command . . . . . . . . . . . . . . . . . . . 44 141 6.3.12. APPEND Command . . . . . . . . . . . . . . . . . . . 45 142 6.4. Client Commands - Selected State . . . . . . . . . . . . 48 143 6.4.1. CHECK Command . . . . . . . . . . . . . . . . . . . . 48 144 6.4.2. CLOSE Command . . . . . . . . . . . . . . . . . . . . 49 145 6.4.3. UNSELECT Command . . . . . . . . . . . . . . . . . . 49 146 6.4.4. EXPUNGE Command . . . . . . . . . . . . . . . . . . . 50 147 6.4.5. SEARCH Command . . . . . . . . . . . . . . . . . . . 50 148 6.4.6. FETCH Command . . . . . . . . . . . . . . . . . . . . 56 149 6.4.7. STORE Command . . . . . . . . . . . . . . . . . . . . 59 150 6.4.8. COPY Command . . . . . . . . . . . . . . . . . . . . 60 151 6.4.9. UID Command . . . . . . . . . . . . . . . . . . . . . 61 152 6.5. Client Commands - Experimental/Expansion . . . . . . . . 63 153 6.5.1. X Command . . . . . . . . . . . . . . . . . . . 63 154 7. Server Responses . . . . . . . . . . . . . . . . . . . . . . 64 155 7.1. Server Responses - Status Responses . . . . . . . . . . . 65 156 7.1.1. OK Response . . . . . . . . . . . . . . . . . . . . . 72 157 7.1.2. NO Response . . . . . . . . . . . . . . . . . . . . . 72 158 7.1.3. BAD Response . . . . . . . . . . . . . . . . . . . . 73 159 7.1.4. PREAUTH Response . . . . . . . . . . . . . . . . . . 73 160 7.1.5. BYE Response . . . . . . . . . . . . . . . . . . . . 73 161 7.2. Server Responses - Server and Mailbox Status . . . . . . 74 162 7.2.1. The ENABLED Response . . . . . . . . . . . . . . . . 74 163 7.2.2. CAPABILITY Response . . . . . . . . . . . . . . . . . 74 164 7.2.3. LIST Response . . . . . . . . . . . . . . . . . . . . 75 165 7.2.4. LSUB Response . . . . . . . . . . . . . . . . . . . . 76 166 7.2.5. STATUS Response . . . . . . . . . . . . . . . . . . . 77 167 7.2.6. ESEARCH Response . . . . . . . . . . . . . . . . . . 77 168 7.2.7. FLAGS Response . . . . . . . . . . . . . . . . . . . 77 169 7.3. Server Responses - Mailbox Size . . . . . . . . . . . . . 78 170 7.3.1. EXISTS Response . . . . . . . . . . . . . . . . . . . 78 171 7.3.2. RECENT Response . . . . . . . . . . . . . . . . . . . 78 172 7.4. Server Responses - Message Status . . . . . . . . . . . . 79 173 7.4.1. EXPUNGE Response . . . . . . . . . . . . . . . . . . 79 174 7.4.2. FETCH Response . . . . . . . . . . . . . . . . . . . 80 175 7.5. Server Responses - Command Continuation Request . . . . . 85 176 8. Sample IMAP4rev2 connection . . . . . . . . . . . . . . . . . 85 177 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 87 178 10. Author's Note . . . . . . . . . . . . . . . . . . . . . . . . 100 179 11. Security Considerations . . . . . . . . . . . . . . . . . . . 100 180 11.1. STARTTLS Security Considerations . . . . . . . . . . . . 100 181 11.2. COPYUID and APPENDUID response codes . . . . . . . . . . 101 182 11.3. Other Security Considerations . . . . . . . . . . . . . 101 183 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 102 184 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 102 185 13.1. Normative References . . . . . . . . . . . . . . . . . . 102 186 13.2. Informative References (related protocols) . . . . . . . 104 187 13.3. Informative References (historical aspects of IMAP and 188 related protocols) . . . . . . . . . . . . . . . . . . . 105 189 Appendix A. Backward compatibility with IMAP4rev1 . . . . . . . 105 190 Appendix B. Changes from RFC 3501 / IMAP4rev1 . . . . . . . . . 105 191 Appendix C. Acknowledgement . . . . . . . . . . . . . . . . . . 106 192 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 193 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 111 195 1. How to Read This Document 197 1.1. Organization of This Document 199 This document is written from the point of view of the implementor of 200 an IMAP4rev2 client or server. Beyond the protocol overview in 201 section 2, it is not optimized for someone trying to understand the 202 operation of the protocol. The material in sections 3 through 5 203 provides the general context and definitions with which IMAP4rev2 204 operates. 206 Sections 6, 7, and 9 describe the IMAP commands, responses, and 207 syntax, respectively. The relationships among these are such that it 208 is almost impossible to understand any of them separately. In 209 particular, do not attempt to deduce command syntax from the command 210 section alone; instead refer to the Formal Syntax section. 212 1.2. Conventions Used in This Document 214 "Conventions" are basic principles or procedures. Document 215 conventions are noted in this section. 217 In examples, "C:" and "S:" indicate lines sent by the client and 218 server respectively. 220 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 221 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 222 document are to be interpreted as described in [KEYWORDS]. 224 The word "can" (not "may") is used to refer to a possible 225 circumstance or situation, as opposed to an optional facility of the 226 protocol. 228 "User" is used to refer to a human user, whereas "client" refers to 229 the software being run by the user. 231 "Connection" refers to the entire sequence of client/server 232 interaction from the initial establishment of the network connection 233 until its termination. 235 "Session" refers to the sequence of client/server interaction from 236 the time that a mailbox is selected (SELECT or EXAMINE command) until 237 the time that selection ends (SELECT or EXAMINE of another mailbox, 238 CLOSE command, or connection termination). 240 Characters are 7-bit US-ASCII unless otherwise specified. Other 241 character sets are indicated using a "CHARSET", as described in 242 [MIME-IMT] and defined in [CHARSET]. CHARSETs have important 243 additional semantics in addition to defining character set; refer to 244 these documents for more detail. 246 There are several protocol conventions in IMAP. These refer to 247 aspects of the specification which are not strictly part of the IMAP 248 protocol, but reflect generally-accepted practice. Implementations 249 need to be aware of these conventions, and avoid conflicts whether or 250 not they implement the convention. For example, "&" may not be used 251 as a hierarchy delimiter since it conflicts with the Mailbox 252 International Naming Convention, and other uses of "&" in mailbox 253 names are impacted as well. 255 1.3. Special Notes to Implementors 257 Implementors of the IMAP protocol are strongly encouraged to read the 258 IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in 259 conjunction with this document, to help understand the intricacies of 260 this protocol and how best to build an interoperable product. 262 IMAP4rev2 is designed to be upwards compatible from the [IMAP2] and 263 unpublished IMAP2bis protocols. IMAP4rev2 is largely compatible with 264 the IMAP4rev1 protocol described in RFC 3501 and the IMAP4 protocol 265 described in RFC 1730; the exception being in certain facilities 266 added in RFC 1730 that proved problematic and were subsequently 267 removed. In the course of the evolution of IMAP4rev2, some aspects 268 in the earlier protocols have become obsolete. Obsolete commands, 269 responses, and data formats which an IMAP4rev2 implementation can 270 encounter when used with an earlier implementation are described in 271 [IMAP-OBSOLETE]. 273 Other compatibility issues with IMAP2bis, the most common variant of 274 the earlier protocol, are discussed in [IMAP-COMPAT]. A full 275 discussion of compatibility issues with rare (and presumed extinct) 276 variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is 277 primarily of historical interest. 279 IMAP was originally developed for the older [RFC-822] standard, and 280 as a consequence several fetch items in IMAP incorporate "RFC822" in 281 their name. With the exception of RFC822.SIZE, there are more modern 282 replacements; for example, the modern version of RFC822.HEADER is 283 BODY.PEEK[HEADER]. In all cases, "RFC822" should be interpreted as a 284 reference to the updated [RFC-5322] standard. 286 2. Protocol Overview 287 2.1. Link Level 289 The IMAP4rev2 protocol assumes a reliable data stream such as that 290 provided by TCP. When TCP is used, an IMAP4rev2 server listens on 291 port 143. 293 2.2. Commands and Responses 295 An IMAP4rev2 connection consists of the establishment of a client/ 296 server network connection, an initial greeting from the server, and 297 client/server interactions. These client/server interactions consist 298 of a client command, server data, and a server completion result 299 response. 301 All interactions transmitted by client and server are in the form of 302 lines, that is, strings that end with a CRLF. The protocol receiver 303 of an IMAP4rev2 client or server is either reading a line, or is 304 reading a sequence of octets with a known count followed by a line. 306 2.2.1. Client Protocol Sender and Server Protocol Receiver 308 The client command begins an operation. Each client command is 309 prefixed with an identifier (typically a short alphanumeric string, 310 e.g., A0001, A0002, etc.) called a "tag". A different tag is 311 generated by the client for each command. 313 Clients MUST follow the syntax outlined in this specification 314 strictly. It is a syntax error to send a command with missing or 315 extraneous spaces or arguments. 317 There are two cases in which a line from the client does not 318 represent a complete command. In one case, a command argument is 319 quoted with an octet count (see the description of literal in String 320 under Data Formats); in the other case, the command arguments require 321 server feedback (see the AUTHENTICATE command). In either case, the 322 server sends a command continuation request response if it is ready 323 for the octets (if appropriate) and the remainder of the command. 324 This response is prefixed with the token "+". 326 Note: If instead, the server detected an error in the command, it 327 sends a BAD completion response with a tag matching the command 328 (as described below) to reject the command and prevent the client 329 from sending any more of the command. 331 It is also possible for the server to send a completion response 332 for some other command (if multiple commands are in progress), or 333 untagged data. In either case, the command continuation request 334 is still pending; the client takes the appropriate action for the 335 response, and reads another response from the server. In all 336 cases, the client MUST send a complete command (including 337 receiving all command continuation request responses and command 338 continuations for the command) before initiating a new command. 340 The protocol receiver of an IMAP4rev2 server reads a command line 341 from the client, parses the command and its arguments, and transmits 342 server data and a server command completion result response. 344 2.2.2. Server Protocol Sender and Client Protocol Receiver 346 Data transmitted by the server to the client and status responses 347 that do not indicate command completion are prefixed with the token 348 "*", and are called untagged responses. 350 Server data MAY be sent as a result of a client command, or MAY be 351 sent unilaterally by the server. There is no syntactic difference 352 between server data that resulted from a specific command and server 353 data that were sent unilaterally. 355 The server completion result response indicates the success or 356 failure of the operation. It is tagged with the same tag as the 357 client command which began the operation. Thus, if more than one 358 command is in progress, the tag in a server completion response 359 identifies the command to which the response applies. There are 360 three possible server completion responses: OK (indicating success), 361 NO (indicating failure), or BAD (indicating a protocol error such as 362 unrecognized command or command syntax error). 364 Servers SHOULD enforce the syntax outlined in this specification 365 strictly. Any client command with a protocol syntax error, including 366 (but not limited to) missing or extraneous spaces or arguments, 367 SHOULD be rejected, and the client given a BAD server completion 368 response. 370 The protocol receiver of an IMAP4rev2 client reads a response line 371 from the server. It then takes action on the response based upon the 372 first token of the response, which can be a tag, a "*", or a "+". 374 A client MUST be prepared to accept any server response at all times. 375 This includes server data that was not requested. Server data SHOULD 376 be recorded, so that the client can reference its recorded copy 377 rather than sending a command to the server to request the data. In 378 the case of certain server data, the data MUST be recorded. 380 This topic is discussed in greater detail in the Server Responses 381 section. 383 2.3. Message Attributes 385 In addition to message text, each message has several attributes 386 associated with it. These attributes can be retrieved individually 387 or in conjunction with other attributes or message texts. 389 2.3.1. Message Numbers 391 Messages in IMAP4rev2 are accessed by one of two numbers; the unique 392 identifier or the message sequence number. 394 2.3.1.1. Unique Identifier (UID) Message Attribute 396 An unsigned 32-bit value assigned to each message, which when used 397 with the unique identifier validity value (see below) forms a 64-bit 398 value that MUST NOT refer to any other message in the mailbox or any 399 subsequent mailbox with the same name forever. Unique identifiers 400 are assigned in a strictly ascending fashion in the mailbox; as each 401 message is added to the mailbox it is assigned a higher UID than the 402 message(s) which were added previously. Unlike message sequence 403 numbers, unique identifiers are not necessarily contiguous. 405 The unique identifier of a message MUST NOT change during the 406 session, and SHOULD NOT change between sessions. Any change of 407 unique identifiers between sessions MUST be detectable using the 408 UIDVALIDITY mechanism discussed below. Persistent unique identifiers 409 are required for a client to resynchronize its state from a previous 410 session with the server (e.g., disconnected or offline access 411 clients); this is discussed further in [IMAP-DISC]. 413 Associated with every mailbox are two 32-bit unsigned values which 414 aid in unique identifier handling: the next unique identifier value 415 (UIDNEXT) and the unique identifier validity value (UIDVALIDITY). 417 The next unique identifier value is the predicted value that will be 418 assigned to a new message in the mailbox. Unless the unique 419 identifier validity also changes (see below), the next unique 420 identifier value MUST have the following two characteristics. First, 421 the next unique identifier value MUST NOT change unless new messages 422 are added to the mailbox; and second, the next unique identifier 423 value MUST change whenever new messages are added to the mailbox, 424 even if those new messages are subsequently expunged. 426 Note: The next unique identifier value is intended to provide a 427 means for a client to determine whether any messages have been 428 delivered to the mailbox since the previous time it checked this 429 value. It is not intended to provide any guarantee that any 430 message will have this unique identifier. A client can only 431 assume, at the time that it obtains the next unique identifier 432 value, that messages arriving after that time will have a UID 433 greater than or equal to that value. 435 The unique identifier validity value is sent in a UIDVALIDITY 436 response code in an OK untagged response at mailbox selection time. 437 If unique identifiers from an earlier session fail to persist in this 438 session, the unique identifier validity value MUST be greater than 439 the one used in the earlier session. 441 Note: Ideally, unique identifiers SHOULD persist at all times. 442 Although this specification recognizes that failure to persist can 443 be unavoidable in certain server environments, it STRONGLY 444 ENCOURAGES message store implementation techniques that avoid this 445 problem. For example: 447 1. Unique identifiers MUST be strictly ascending in the mailbox 448 at all times. If the physical message store is re-ordered by 449 a non-IMAP agent, this requires that the unique identifiers in 450 the mailbox be regenerated, since the former unique 451 identifiers are no longer strictly ascending as a result of 452 the re-ordering. 454 2. If the message store has no mechanism to store unique 455 identifiers, it must regenerate unique identifiers at each 456 session, and each session must have a unique UIDVALIDITY 457 value. 459 3. If the mailbox is deleted and a new mailbox with the same name 460 is created at a later date, the server must either keep track 461 of unique identifiers from the previous instance of the 462 mailbox, or it must assign a new UIDVALIDITY value to the new 463 instance of the mailbox. A good UIDVALIDITY value to use in 464 this case is a 32-bit representation of the creation date/time 465 of the mailbox. It is alright to use a constant such as 1, 466 but only if it guaranteed that unique identifiers will never 467 be reused, even in the case of a mailbox being deleted (or 468 renamed) and a new mailbox by the same name created at some 469 future time. 471 4. The combination of mailbox name, UIDVALIDITY, and UID must 472 refer to a single immutable message on that server forever. 473 In particular, the internal date, [RFC-5322] size, envelope, 474 body structure, and message texts (RFC822, RFC822.HEADER, 475 RFC822.TEXT, and all BODY[...] fetch data items) must never 476 change. This does not include message numbers, nor does it 477 include attributes that can be set by a STORE command (e.g., 478 FLAGS). 480 2.3.1.2. Message Sequence Number Message Attribute 482 A relative position from 1 to the number of messages in the mailbox. 483 This position MUST be ordered by ascending unique identifier. As 484 each new message is added, it is assigned a message sequence number 485 that is 1 higher than the number of messages in the mailbox before 486 that new message was added. 488 Message sequence numbers can be reassigned during the session. For 489 example, when a message is permanently removed (expunged) from the 490 mailbox, the message sequence number for all subsequent messages is 491 decremented. The number of messages in the mailbox is also 492 decremented. Similarly, a new message can be assigned a message 493 sequence number that was once held by some other message prior to an 494 expunge. 496 In addition to accessing messages by relative position in the 497 mailbox, message sequence numbers can be used in mathematical 498 calculations. For example, if an untagged "11 EXISTS" is received, 499 and previously an untagged "8 EXISTS" was received, three new 500 messages have arrived with message sequence numbers of 9, 10, and 11. 501 Another example, if message 287 in a 523 message mailbox has UID 502 12345, there are exactly 286 messages which have lesser UIDs and 236 503 messages which have greater UIDs. 505 2.3.2. Flags Message Attribute 507 A list of zero or more named tokens associated with the message. A 508 flag is set by its addition to this list, and is cleared by its 509 removal. There are two types of flags in IMAP4rev2. A flag of 510 either type can be permanent or session-only. 512 A system flag is a flag name that is pre-defined in this 513 specification. All system flags begin with "\". Certain system 514 flags (\Deleted and \Seen) have special semantics described 515 elsewhere. The currently-defined system flags are: 517 \Seen Message has been read 519 \Answered Message has been answered 521 \Flagged Message is "flagged" for urgent/special attention 523 \Deleted Message is "deleted" for removal by later EXPUNGE 525 \Draft Message has not completed composition (marked as a draft). 527 \Recent Message is "recently" arrived in this mailbox. This session 528 is the first session to have been notified about this message; if 529 the session is read-write, subsequent sessions will not see 530 \Recent set for this message. This flag can not be altered by the 531 client. 533 If it is not possible to determine whether or not this session is 534 the first session to be notified about a message, then that 535 message SHOULD be considered recent. 537 If multiple connections have the same mailbox selected 538 simultaneously, it is undefined which of these connections will 539 see newly-arrived messages with \Recent set and which will see it 540 without \Recent set. 542 A keyword is defined by the server implementation. Keywords do not 543 begin with "\". Servers MAY permit the client to define new keywords 544 in the mailbox (see the description of the PERMANENTFLAGS response 545 code for more information). 547 A flag can be permanent or session-only on a per-flag basis. 548 Permanent flags are those which the client can add or remove from the 549 message flags permanently; that is, concurrent and subsequent 550 sessions will see any change in permanent flags. Changes to session 551 flags are valid only in that session. 553 Note: The \Recent system flag is a special case of a session flag. 554 \Recent can not be used as an argument in a STORE or APPEND 555 command, and thus can not be changed at all. 557 2.3.3. Internal Date Message Attribute 559 The internal date and time of the message on the server. This is not 560 the date and time in the [RFC-5322] header, but rather a date and 561 time which reflects when the message was received. In the case of 562 messages delivered via [SMTP], this SHOULD be the date and time of 563 final delivery of the message as defined by [SMTP]. In the case of 564 messages delivered by the IMAP4rev2 COPY command, this SHOULD be the 565 internal date and time of the source message. In the case of 566 messages delivered by the IMAP4rev2 APPEND command, this SHOULD be 567 the date and time as specified in the APPEND command description. 568 All other cases are implementation defined. 570 2.3.4. [RFC-5322] Size Message Attribute 572 The number of octets in the message, as expressed in [RFC-5322] 573 format. 575 2.3.5. Envelope Structure Message Attribute 577 A parsed representation of the [RFC-5322] header of the message. 578 Note that the IMAP Envelope structure is not the same as an [SMTP] 579 envelope. 581 2.3.6. Body Structure Message Attribute 583 A parsed representation of the [MIME-IMB] body structure information 584 of the message. 586 2.4. Message Texts 588 In addition to being able to fetch the full [RFC-5322] text of a 589 message, IMAP4rev2 permits the fetching of portions of the full 590 message text. Specifically, it is possible to fetch the [RFC-5322] 591 message header, [RFC-5322] message body, a [MIME-IMB] body part, or a 592 [MIME-IMB] header. 594 3. State and Flow Diagram 596 Once the connection between client and server is established, an 597 IMAP4rev2 connection is in one of four states. The initial state is 598 identified in the server greeting. Most commands are only valid in 599 certain states. It is a protocol error for the client to attempt a 600 command while the connection is in an inappropriate state, and the 601 server will respond with a BAD or NO (depending upon server 602 implementation) command completion result. 604 3.1. Not Authenticated State 606 In the not authenticated state, the client MUST supply authentication 607 credentials before most commands will be permitted. This state is 608 entered when a connection starts unless the connection has been pre- 609 authenticated. 611 3.2. Authenticated State 613 In the authenticated state, the client is authenticated and MUST 614 select a mailbox to access before commands that affect messages will 615 be permitted. This state is entered when a pre-authenticated 616 connection starts, when acceptable authentication credentials have 617 been provided, after an error in selecting a mailbox, or after a 618 successful CLOSE command. 620 3.3. Selected State 622 In a selected state, a mailbox has been selected to access. This 623 state is entered when a mailbox has been successfully selected. 625 3.4. Logout State 627 In the logout state, the connection is being terminated. This state 628 can be entered as a result of a client request (via the LOGOUT 629 command) or by unilateral action on the part of either the client or 630 server. 632 If the client requests the logout state, the server MUST send an 633 untagged BYE response and a tagged OK response to the LOGOUT command 634 before the server closes the connection; and the client MUST read the 635 tagged OK response to the LOGOUT command before the client closes the 636 connection. 638 A server MUST NOT unilaterally close the connection without sending 639 an untagged BYE response that contains the reason for having done so. 640 A client SHOULD NOT unilaterally close the connection, and instead 641 SHOULD issue a LOGOUT command. If the server detects that the client 642 has unilaterally closed the connection, the server MAY omit the 643 untagged BYE response and simply close its connection. 645 +----------------------+ 646 |connection established| 647 +----------------------+ 648 || 649 \/ 650 +--------------------------------------+ 651 | server greeting | 652 +--------------------------------------+ 653 || (1) || (2) || (3) 654 \/ || || 655 +-----------------+ || || 656 |Not Authenticated| || || 657 +-----------------+ || || 658 || (7) || (4) || || 659 || \/ \/ || 660 || +----------------+ || 661 || | Authenticated |<=++ || 662 || +----------------+ || || 663 || || (7) || (5) || (6) || 664 || || \/ || || 665 || || +--------+ || || 666 || || |Selected|==++ || 667 || || +--------+ || 668 || || || (7) || 669 \/ \/ \/ \/ 670 +--------------------------------------+ 671 | Logout | 672 +--------------------------------------+ 673 || 674 \/ 675 +-------------------------------+ 676 |both sides close the connection| 677 +-------------------------------+ 679 (1) connection without pre-authentication (OK greeting) 680 (2) pre-authenticated connection (PREAUTH greeting) 681 (3) rejected connection (BYE greeting) 682 (4) successful LOGIN or AUTHENTICATE command 683 (5) successful SELECT or EXAMINE command 684 (6) CLOSE command, or failed SELECT or EXAMINE command 685 (7) LOGOUT command, server shutdown, or connection closed 687 4. Data Formats 689 IMAP4rev2 uses textual commands and responses. Data in IMAP4rev2 can 690 be in one of several forms: atom, number, string, parenthesized list, 691 or NIL. Note that a particular data item may take more than one 692 form; for example, a data item defined as using "astring" syntax may 693 be either an atom or a string. 695 4.1. Atom 697 An atom consists of one or more non-special characters. 699 4.1.1. Sequence set and UID set 701 A set of messages can be referenced by a sequence set containing 702 either message sequence numbers or unique identifiers. See Section 9 703 for details. Sequence sets can contain ranges (e.g. "5:50"), an 704 enumeration of specific message/UID numbers, a special symbol "*", or 705 a combination of the above. 707 A "UID set" is similar to the sequence set of unique identifiers; 708 however, the "*" value for a sequence number is not permitted. 710 4.2. Number 712 A number consists of one or more digit characters, and represents a 713 numeric value. 715 4.3. String 717 A string is in one of two forms: either literal or quoted string. 718 The literal form is the general form of string. The quoted string 719 form is an alternative that avoids the overhead of processing a 720 literal at the cost of limitations of characters which may be used. 722 A literal is a sequence of zero or more octets (including CR and LF), 723 prefix-quoted with an octet count in the form of an open brace ("{"), 724 the number of octets, close brace ("}"), and CRLF. In the case of 725 literals transmitted from server to client, the CRLF is immediately 726 followed by the octet data. In the case of literals transmitted from 727 client to server, the client MUST wait to receive a command 728 continuation request (described later in this document) before 729 sending the octet data (and the remainder of the command). 731 A quoted string is a sequence of zero or more 7-bit characters, 732 excluding CR and LF, with double quote (<">) characters at each end. 734 The empty string is represented as either "" (a quoted string with 735 zero characters between double quotes) or as {0} followed by CRLF (a 736 literal with an octet count of 0). 738 Note: Even if the octet count is 0, a client transmitting a 739 literal MUST wait to receive a command continuation request. 741 4.3.1. 8-bit and Binary Strings 743 8-bit textual and binary mail is supported through the use of a 744 [MIME-IMB] content transfer encoding. IMAP4rev2 implementations MAY 745 transmit 8-bit or multi-octet characters in literals, but SHOULD do 746 so only when the [CHARSET] is identified. 748 Although a BINARY body encoding is defined, unencoded binary strings 749 are not permitted. A "binary string" is any string with NUL 750 characters. Implementations MUST encode binary data into a textual 751 form, such as BASE64, before transmitting the data. A string with an 752 excessive amount of CTL characters MAY also be considered to be 753 binary. 755 4.4. Parenthesized List 757 Data structures are represented as a "parenthesized list"; a sequence 758 of data items, delimited by space, and bounded at each end by 759 parentheses. A parenthesized list can contain other parenthesized 760 lists, using multiple levels of parentheses to indicate nesting. 762 The empty list is represented as () -- a parenthesized list with no 763 members. 765 4.5. NIL 767 The special form "NIL" represents the non-existence of a particular 768 data item that is represented as a string or parenthesized list, as 769 distinct from the empty string "" or the empty parenthesized list (). 771 Note: NIL is never used for any data item which takes the form of 772 an atom. For example, a mailbox name of "NIL" is a mailbox named 773 NIL as opposed to a non-existent mailbox name. This is because 774 mailbox uses "astring" syntax which is an atom or a string. 775 Conversely, an addr-name of NIL is a non-existent personal name, 776 because addr-name uses "nstring" syntax which is NIL or a string, 777 but never an atom. 779 5. Operational Considerations 781 The following rules are listed here to ensure that all IMAP4rev2 782 implementations interoperate properly. 784 5.1. Mailbox Naming 786 Mailbox names are 7-bit. Client implementations MUST NOT attempt to 787 create 8-bit mailbox names, and SHOULD interpret any 8-bit mailbox 788 names returned by LIST or LSUB as UTF-8. Server implementations 789 SHOULD prohibit the creation of 8-bit mailbox names, and SHOULD NOT 790 return 8-bit mailbox names in LIST or LSUB. See Section 5.1.3 for 791 more information on how to represent non-ASCII mailbox names. 793 Note: 8-bit mailbox names were undefined in earlier versions of 794 this protocol. Some sites used a local 8-bit character set to 795 represent non-ASCII mailbox names. Such usage is not 796 interoperable, and is now formally deprecated. 798 The case-insensitive mailbox name INBOX is a special name reserved to 799 mean "the primary mailbox for this user on this server". The 800 interpretation of all other names is implementation-dependent. 802 In particular, this specification takes no position on case 803 sensitivity in non-INBOX mailbox names. Some server implementations 804 are fully case-sensitive; others preserve case of a newly-created 805 name but otherwise are case-insensitive; and yet others coerce names 806 to a particular case. Client implementations MUST interact with any 807 of these. If a server implementation interprets non-INBOX mailbox 808 names as case-insensitive, it MUST treat names using the 809 international naming convention specially as described in 810 Section 5.1.3. 812 There are certain client considerations when creating a new mailbox 813 name: 815 1. Any character which is one of the atom-specials (see the Formal 816 Syntax) will require that the mailbox name be represented as a 817 quoted string or literal. 819 2. CTL and other non-graphic characters are difficult to represent 820 in a user interface and are best avoided. 822 3. Although the list-wildcard characters ("%" and "*") are valid in 823 a mailbox name, it is difficult to use such mailbox names with 824 the LIST and LSUB commands due to the conflict with wildcard 825 interpretation. 827 4. Usually, a character (determined by the server implementation) is 828 reserved to delimit levels of hierarchy. 830 5. Two characters, "#" and "&", have meanings by convention, and 831 should be avoided except when used in that convention. 833 5.1.1. Mailbox Hierarchy Naming 835 If it is desired to export hierarchical mailbox names, mailbox names 836 MUST be left-to-right hierarchical using a single character to 837 separate levels of hierarchy. The same hierarchy separator character 838 is used for all levels of hierarchy within a single name. 840 5.1.2. Mailbox Namespace Naming Convention 842 By convention, the first hierarchical element of any mailbox name 843 which begins with "#" identifies the "namespace" of the remainder of 844 the name. This makes it possible to disambiguate between different 845 types of mailbox stores, each of which have their own namespaces. 847 For example, implementations which offer access to USENET 848 newsgroups MAY use the "#news" namespace to partition the USENET 849 newsgroup namespace from that of other mailboxes. Thus, the 850 comp.mail.misc newsgroup would have a mailbox name of 851 "#news.comp.mail.misc", and the name "comp.mail.misc" can refer to 852 a different object (e.g., a user's private mailbox). 854 5.1.3. Mailbox International Naming Convention 856 By convention, international mailbox names in IMAP4rev2 are specified 857 using a modified version of the UTF-7 encoding described in [UTF-7]. 858 Modified UTF-7 may also be usable in servers that implement an 859 earlier version of this protocol. 861 In modified UTF-7, printable US-ASCII characters, except for "&", 862 represent themselves; that is, characters with octet values 0x20-0x25 863 and 0x27-0x7e. The character "&" (0x26) is represented by the two- 864 octet sequence "&-". 866 All other characters (octet values 0x00-0x1f and 0x7f-0xff) are 867 represented in modified BASE64, with a further modification from 868 [UTF-7] that "," is used instead of "/". Modified BASE64 MUST NOT be 869 used to represent any printing US-ASCII character which can represent 870 itself. Only characters inside the modified BASE64 alphabet are 871 permitted in modified BASE64 text. 873 "&" is used to shift to modified BASE64 and "-" to shift back to US- 874 ASCII. There is no implicit shift from BASE64 to US-ASCII, and null 875 shifts ("-&" while in BASE64; note that "&-" while in US-ASCII means 876 "&") are not permitted. However, all names start in US-ASCII, and 877 MUST end in US-ASCII; that is, a name that ends with a non-ASCII 878 ISO-10646 character MUST end with a "-"). 880 The purpose of these modifications is to correct the following 881 problems with UTF-7: 883 1. UTF-7 uses the "+" character for shifting; this conflicts with 884 the common use of "+" in mailbox names, in particular USENET 885 newsgroup names. 887 2. UTF-7's encoding is BASE64 which uses the "/" character; this 888 conflicts with the use of "/" as a popular hierarchy delimiter. 890 3. UTF-7 prohibits the unencoded usage of "\"; this conflicts with 891 the use of "\" as a popular hierarchy delimiter. 893 4. UTF-7 prohibits the unencoded usage of "~"; this conflicts with 894 the use of "~" in some servers as a home directory indicator. 896 5. UTF-7 permits multiple alternate forms to represent the same 897 string; in particular, printable US-ASCII characters can be 898 represented in encoded form. 900 Although modified UTF-7 is a convention, it establishes certain 901 requirements on server handling of any mailbox name with an embedded 902 "&" character. In particular, server implementations MUST preserve 903 the exact form of the modified BASE64 portion of a modified UTF-7 904 name and treat that text as case-sensitive, even if names are 905 otherwise case-insensitive or case-folded. 907 Server implementations SHOULD verify that any mailbox name with an 908 embedded "&" character, used as an argument to CREATE, is: in the 909 correctly modified UTF-7 syntax, has no superfluous shifts, and has 910 no encoding in modified BASE64 of any printing US-ASCII character 911 which can represent itself. However, client implementations MUST NOT 912 depend upon the server doing this, and SHOULD NOT attempt to create a 913 mailbox name with an embedded "&" character unless it complies with 914 the modified UTF-7 syntax. 916 Server implementations which export a mail store that does not follow 917 the modified UTF-7 convention MUST convert to modified UTF-7 any 918 mailbox name that contains either non-ASCII characters or the "&" 919 character. 921 For example, here is a mailbox name which mixes English, Chinese, 922 and Japanese text: ~peter/mail/&U,BTFw-/&ZeVnLIqe- 924 For example, the string "&Jjo!" is not a valid mailbox name 925 because it does not contain a shift to US-ASCII before the "!". 926 The correct form is "&Jjo-!". The string "&U,BTFw-&ZeVnLIqe-" is 927 not permitted because it contains a superfluous shift. The 928 correct form is "&U,BTF2XlZyyKng-". 930 5.2. Mailbox Size and Message Status Updates 932 At any time, a server can send data that the client did not request. 933 Sometimes, such behavior is REQUIRED. For example, agents other than 934 the server MAY add messages to the mailbox (e.g., new message 935 delivery), change the flags of the messages in the mailbox (e.g., 936 simultaneous access to the same mailbox by multiple agents), or even 937 remove messages from the mailbox. A server MUST send mailbox size 938 updates automatically if a mailbox size change is observed during the 939 processing of a command. A server SHOULD send message flag updates 940 automatically, without requiring the client to request such updates 941 explicitly. 943 Special rules exist for server notification of a client about the 944 removal of messages to prevent synchronization errors; see the 945 description of the EXPUNGE response for more detail. In particular, 946 it is NOT permitted to send an EXISTS response that would reduce the 947 number of messages in the mailbox; only the EXPUNGE response can do 948 this. 950 Regardless of what implementation decisions a client makes on 951 remembering data from the server, a client implementation MUST record 952 mailbox size updates. It MUST NOT assume that any command after the 953 initial mailbox selection will return the size of the mailbox. 955 5.3. Response when no Command in Progress 957 Server implementations are permitted to send an untagged response 958 (except for EXPUNGE) while there is no command in progress. Server 959 implementations that send such responses MUST deal with flow control 960 considerations. Specifically, they MUST either (1) verify that the 961 size of the data does not exceed the underlying transport's available 962 window size, or (2) use non-blocking writes. 964 5.4. Autologout Timer 966 If a server has an inactivity autologout timer that applies to 967 sessions after authentication, the duration of that timer MUST be at 968 least 30 minutes. The receipt of ANY command from the client during 969 that interval SHOULD suffice to reset the autologout timer. 971 5.5. Multiple Commands in Progress 973 The client MAY send another command without waiting for the 974 completion result response of a command, subject to ambiguity rules 975 (see below) and flow control constraints on the underlying data 976 stream. Similarly, a server MAY begin processing another command 977 before processing the current command to completion, subject to 978 ambiguity rules. However, any command continuation request responses 979 and command continuations MUST be negotiated before any subsequent 980 command is initiated. 982 The exception is if an ambiguity would result because of a command 983 that would affect the results of other commands. Clients MUST NOT 984 send multiple commands without waiting if an ambiguity would result. 985 If the server detects a possible ambiguity, it MUST execute commands 986 to completion in the order given by the client. 988 The most obvious example of ambiguity is when a command would affect 989 the results of another command, e.g., a FETCH of a message's flags 990 and a STORE of that same message's flags. 992 A non-obvious ambiguity occurs with commands that permit an untagged 993 EXPUNGE response (commands other than FETCH, STORE, and SEARCH), 994 since an untagged EXPUNGE response can invalidate sequence numbers in 995 a subsequent command. This is not a problem for FETCH, STORE, or 996 SEARCH commands because servers are prohibited from sending EXPUNGE 997 responses while any of those commands are in progress. Therefore, if 998 the client sends any command other than FETCH, STORE, or SEARCH, it 999 MUST wait for the completion result response before sending a command 1000 with message sequence numbers. 1002 Note: EXPUNGE responses are permitted while UID FETCH, UID STORE, 1003 and UID SEARCH are in progress. If the client sends a UID 1004 command, it MUST wait for a completion result response before 1005 sending a command which uses message sequence numbers (this may 1006 include UID SEARCH). Any message sequence numbers in an argument 1007 to UID SEARCH are associated with messages prior to the effect of 1008 any untagged EXPUNGE returned by the UID SEARCH. 1010 For example, the following non-waiting command sequences are invalid: 1012 FETCH + NOOP + STORE 1014 STORE + COPY + FETCH 1016 COPY + COPY 1018 CHECK + FETCH 1020 The following are examples of valid non-waiting command sequences: 1022 FETCH + STORE + SEARCH + CHECK 1024 STORE + COPY + EXPUNGE 1026 UID SEARCH + UID SEARCH may be valid or invalid as a non-waiting 1027 command sequence, depending upon whether or not the second UID 1028 SEARCH contains message sequence numbers. 1030 6. Client Commands 1032 IMAP4rev2 commands are described in this section. Commands are 1033 organized by the state in which the command is permitted. Commands 1034 which are permitted in multiple states are listed in the minimum 1035 permitted state (for example, commands valid in authenticated and 1036 selected state are listed in the authenticated state commands). 1038 Command arguments, identified by "Arguments:" in the command 1039 descriptions below, are described by function, not by syntax. The 1040 precise syntax of command arguments is described in the Formal Syntax 1041 (Section 9). 1043 Some commands cause specific server responses to be returned; these 1044 are identified by "Responses:" in the command descriptions below. 1045 See the response descriptions in the Responses section for 1046 information on these responses, and the Formal Syntax section for the 1047 precise syntax of these responses. It is possible for server data to 1048 be transmitted as a result of any command. Thus, commands that do 1049 not specifically require server data specify "no specific responses 1050 for this command" instead of "none". 1052 The "Result:" in the command description refers to the possible 1053 tagged status responses to a command, and any special interpretation 1054 of these status responses. 1056 The state of a connection is only changed by successful commands 1057 which are documented as changing state. A rejected command (BAD 1058 response) never changes the state of the connection or of the 1059 selected mailbox. A failed command (NO response) generally does not 1060 change the state of the connection or of the selected mailbox; the 1061 exception being the SELECT and EXAMINE commands. 1063 6.1. Client Commands - Any State 1065 The following commands are valid in any state: CAPABILITY, NOOP, and 1066 LOGOUT. 1068 6.1.1. CAPABILITY Command 1070 Arguments: none 1072 Responses: REQUIRED untagged response: CAPABILITY 1074 Result: OK - capability completed 1075 BAD - command unknown or arguments invalid 1077 The CAPABILITY command requests a listing of capabilities that the 1078 server supports. The server MUST send a single untagged CAPABILITY 1079 response with "IMAP4rev2" as one of the listed capabilities before 1080 the (tagged) OK response. 1082 A capability name which begins with "AUTH=" indicates that the server 1083 supports that particular authentication mechanism. All such names 1084 are, by definition, part of this specification. For example, the 1085 authorization capability for an experimental "blurdybloop" 1086 authenticator would be "AUTH=XBLURDYBLOOP" and not 1087 "XAUTH=BLURDYBLOOP" or "XAUTH=XBLURDYBLOOP". 1089 Other capability names refer to extensions, revisions, or amendments 1090 to this specification. See the documentation of the CAPABILITY 1091 response for additional information. No capabilities, beyond the 1092 base IMAP4rev2 set defined in this specification, are enabled without 1093 explicit client action to invoke the capability. 1095 Client and server implementations MUST implement the STARTTLS, 1096 LOGINDISABLED, and AUTH=PLAIN (described in [PLAIN]) capabilities. 1097 See the Security Considerations section for important information. 1099 See the section entitled "Client Commands - Experimental/Expansion" 1100 for information about the form of site or implementation-specific 1101 capabilities. 1103 Example: C: abcd CAPABILITY 1104 S: * CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI 1105 LOGINDISABLED 1106 S: abcd OK CAPABILITY completed 1107 C: efgh STARTTLS 1108 S: efgh OK STARTLS completed 1109 1110 C: ijkl CAPABILITY 1111 S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN 1112 S: ijkl OK CAPABILITY completed 1114 6.1.2. NOOP Command 1116 Arguments: none 1118 Responses: no specific responses for this command (but see below) 1120 Result: OK - noop completed 1121 BAD - command unknown or arguments invalid 1123 The NOOP command always succeeds. It does nothing. 1125 Since any command can return a status update as untagged data, the 1126 NOOP command can be used as a periodic poll for new messages or 1127 message status updates during a period of inactivity (this is the 1128 preferred method to do this). The NOOP command can also be used to 1129 reset any inactivity autologout timer on the server. 1131 Example: C: a002 NOOP 1132 S: a002 OK NOOP completed 1133 . . . 1134 C: a047 NOOP 1135 S: * 22 EXPUNGE 1136 S: * 23 EXISTS 1137 S: * 3 RECENT 1138 S: * 14 FETCH (FLAGS (\Seen \Deleted)) 1139 S: a047 OK NOOP completed 1141 6.1.3. LOGOUT Command 1143 Arguments: none 1145 Responses: REQUIRED untagged response: BYE 1147 Result: OK - logout completed 1148 BAD - command unknown or arguments invalid 1150 The LOGOUT command informs the server that the client is done with 1151 the connection. The server MUST send a BYE untagged response before 1152 the (tagged) OK response, and then close the network connection. 1154 Example: C: A023 LOGOUT 1155 S: * BYE IMAP4rev2 Server logging out 1156 S: A023 OK LOGOUT completed 1157 (Server and client then close the connection) 1159 6.2. Client Commands - Not Authenticated State 1161 In the not authenticated state, the AUTHENTICATE or LOGIN command 1162 establishes authentication and enters the authenticated state. The 1163 AUTHENTICATE command provides a general mechanism for a variety of 1164 authentication techniques, privacy protection, and integrity 1165 checking; whereas the LOGIN command uses a traditional user name and 1166 plaintext password pair and has no means of establishing privacy 1167 protection or integrity checking. 1169 The STARTTLS command is an alternate form of establishing session 1170 privacy protection and integrity checking, but does not establish 1171 authentication or enter the authenticated state. 1173 Server implementations MAY allow access to certain mailboxes without 1174 establishing authentication. This can be done by means of the 1175 ANONYMOUS [SASL] authenticator described in [ANONYMOUS]. An older 1176 convention is a LOGIN command using the userid "anonymous"; in this 1177 case, a password is required although the server may choose to accept 1178 any password. The restrictions placed on anonymous users are 1179 implementation-dependent. 1181 Once authenticated (including as anonymous), it is not possible to 1182 re-enter not authenticated state. 1184 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1185 the following commands are valid in the not authenticated state: 1186 STARTTLS, AUTHENTICATE and LOGIN. See the Security Considerations 1187 section for important information about these commands. 1189 6.2.1. STARTTLS Command 1191 Arguments: none 1193 Responses: no specific response for this command 1195 Result: OK - starttls completed, begin TLS negotiation 1196 BAD - command unknown or arguments invalid 1198 A [TLS] negotiation begins immediately after the CRLF at the end of 1199 the tagged OK response from the server. Once a client issues a 1200 STARTTLS command, it MUST NOT issue further commands until a server 1201 response is seen and the [TLS] negotiation is complete. 1203 The server remains in the non-authenticated state, even if client 1204 credentials are supplied during the [TLS] negotiation. This does not 1205 preclude an authentication mechanism such as EXTERNAL (defined in 1207 [SASL]) from using client identity determined by the [TLS] 1208 negotiation. 1210 Once [TLS] has been started, the client MUST discard cached 1211 information about server capabilities and SHOULD re-issue the 1212 CAPABILITY command. This is necessary to protect against man-in- 1213 the-middle attacks which alter the capabilities list prior to 1214 STARTTLS. The server MAY advertise different capabilities, and in 1215 particular SHOULD NOT advertise the STARTTLS capability, after a 1216 successful STARTTLS command. 1218 Example: C: a001 CAPABILITY 1219 S: * CAPABILITY IMAP4rev2 STARTTLS LOGINDISABLED 1220 S: a001 OK CAPABILITY completed 1221 C: a002 STARTTLS 1222 S: a002 OK Begin TLS negotiation now 1223 1224 C: a003 CAPABILITY 1225 S: * CAPABILITY IMAP4rev2 AUTH=PLAIN 1226 S: a003 OK CAPABILITY completed 1227 C: a004 LOGIN joe password 1228 S: a004 OK LOGIN completed 1230 6.2.2. AUTHENTICATE Command 1232 Arguments: authentication mechanism name 1234 Responses: continuation data can be requested 1236 Result: OK - authenticate completed, now in authenticated state 1237 NO - authenticate failure: unsupported authentication 1238 mechanism, credentials rejected 1239 BAD - command unknown or arguments invalid, 1240 authentication exchange cancelled 1242 The AUTHENTICATE command indicates a [SASL] authentication mechanism 1243 to the server. If the server supports the requested authentication 1244 mechanism, it performs an authentication protocol exchange to 1245 authenticate and identify the client. It MAY also negotiate an 1246 OPTIONAL security layer for subsequent protocol interactions. If the 1247 requested authentication mechanism is not supported, the server 1248 SHOULD reject the AUTHENTICATE command by sending a tagged NO 1249 response. 1251 The AUTHENTICATE command does not support the optional "initial 1252 response" feature of [SASL]. Section 3 of [SASL] specifies how to 1253 handle an authentication mechanism which uses an initial response. 1255 The service name specified by this protocol's profile of [SASL] is 1256 "imap". 1258 The authentication protocol exchange consists of a series of server 1259 challenges and client responses that are specific to the 1260 authentication mechanism. A server challenge consists of a command 1261 continuation request response with the "+" token followed by a BASE64 1262 encoded string. The client response consists of a single line 1263 consisting of a BASE64 encoded string. If the client wishes to 1264 cancel an authentication exchange, it issues a line consisting of a 1265 single "*". If the server receives such a response, or if it 1266 receives an invalid BASE64 string (e.g. characters outside the 1267 BASE64 alphabet, or non-terminal "="), it MUST reject the 1268 AUTHENTICATE command by sending a tagged BAD response. 1270 If a security layer is negotiated through the [SASL] authentication 1271 exchange, it takes effect immediately following the CRLF that 1272 concludes the authentication exchange for the client, and the CRLF of 1273 the tagged OK response for the server. 1275 While client and server implementations MUST implement the 1276 AUTHENTICATE command itself, it is not required to implement any 1277 authentication mechanisms other than the PLAIN mechanism described in 1278 [PLAIN]. Also, an authentication mechanism is not required to 1279 support any security layers. 1281 Note: a server implementation MUST implement a configuration in 1282 which it does NOT permit any plaintext password mechanisms, unless 1283 either the STARTTLS command has been negotiated or some other 1284 mechanism that protects the session from password snooping has 1285 been provided. Server sites SHOULD NOT use any configuration 1286 which permits a plaintext password mechanism without such a 1287 protection mechanism against password snooping. Client and server 1288 implementations SHOULD implement additional [SASL] mechanisms that 1289 do not use plaintext passwords, such the GSSAPI mechanism 1290 described in [SASL] and/or the [DIGEST-MD5] mechanism. 1292 Servers and clients can support multiple authentication mechanisms. 1293 The server SHOULD list its supported authentication mechanisms in the 1294 response to the CAPABILITY command so that the client knows which 1295 authentication mechanisms to use. 1297 A server MAY include a CAPABILITY response code in the tagged OK 1298 response of a successful AUTHENTICATE command in order to send 1299 capabilities automatically. It is unnecessary for a client to send a 1300 separate CAPABILITY command if it recognizes these automatic 1301 capabilities. This should only be done if a security layer was not 1302 negotiated by the AUTHENTICATE command, because the tagged OK 1303 response as part of an AUTHENTICATE command is not protected by 1304 encryption/integrity checking. [SASL] requires the client to re- 1305 issue a CAPABILITY command in this case. The server MAY advertise 1306 different capabilities after a successful AUTHENTICATE command. 1308 If an AUTHENTICATE command fails with a NO response, the client MAY 1309 try another authentication mechanism by issuing another AUTHENTICATE 1310 command. It MAY also attempt to authenticate by using the LOGIN 1311 command (see Section 6.2.3 for more detail). In other words, the 1312 client MAY request authentication types in decreasing order of 1313 preference, with the LOGIN command as a last resort. 1315 The authorization identity passed from the client to the server 1316 during the authentication exchange is interpreted by the server as 1317 the user name whose privileges the client is requesting. 1319 Example: S: * OK IMAP4rev2 Server 1320 C: A001 AUTHENTICATE GSSAPI 1321 S: + 1322 C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw 1323 MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0 1324 b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW 1325 Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA 1326 cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX 1327 AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y 1328 C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb 1329 I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi 1330 vd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpAL 1331 pHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9n 1332 FdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdE 1333 NKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhx 1334 O6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTB 1335 vCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg== 1336 S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC 1337 AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0 1338 uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg== 1339 C: 1340 S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe 1341 ceP2CWY0SR0fAQAgAAQEBAQ= 1342 C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP 1343 wkhbfa2QteAQAgAG1yYwE= 1344 S: A001 OK GSSAPI authentication successful 1346 Note: The line breaks within server challenges and client responses 1347 are for editorial clarity and are not in real authenticators. 1349 6.2.3. LOGIN Command 1351 Arguments: user name 1352 password 1354 Responses: no specific responses for this command 1356 Result: OK - login completed, now in authenticated state 1357 NO - login failure: user name or password rejected 1358 BAD - command unknown or arguments invalid 1360 The LOGIN command identifies the client to the server and carries the 1361 plaintext password authenticating this user. 1363 A server MAY include a CAPABILITY response code in the tagged OK 1364 response to a successful LOGIN command in order to send capabilities 1365 automatically. It is unnecessary for a client to send a separate 1366 CAPABILITY command if it recognizes these automatic capabilities. 1368 Example: C: a001 LOGIN SMITH SESAME 1369 S: a001 OK LOGIN completed 1371 Note: Use of the LOGIN command over an insecure network (such as the 1372 Internet) is a security risk, because anyone monitoring network 1373 traffic can obtain plaintext passwords. The LOGIN command SHOULD NOT 1374 be used except as a last resort, and it is recommended that client 1375 implementations have a means to disable any automatic use of the 1376 LOGIN command. 1378 Unless either the STARTTLS command has been negotiated or some other 1379 mechanism that protects the session from password snooping has been 1380 provided, a server implementation MUST implement a configuration in 1381 which it advertises the LOGINDISABLED capability and does NOT permit 1382 the LOGIN command. Server sites SHOULD NOT use any configuration 1383 which permits the LOGIN command without such a protection mechanism 1384 against password snooping. A client implementation MUST NOT send a 1385 LOGIN command if the LOGINDISABLED capability is advertised. 1387 6.3. Client Commands - Authenticated State 1389 In the authenticated state, commands that manipulate mailboxes as 1390 atomic entities are permitted. Of these commands, the SELECT and 1391 EXAMINE commands will select a mailbox for access and enter the 1392 selected state. 1394 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1395 the following commands are valid in the authenticated state: ENABLE, 1396 SELECT, EXAMINE, CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, 1397 LIST, LSUB, STATUS, and APPEND. 1399 6.3.1. ENABLE Command 1401 Arguments: capability names 1403 Responses: no specific responses for this command 1405 Result: OK - Relevant capabilities enabled 1406 BAD - No arguments, or syntax error in an argument 1408 Several IMAP extensions allow the server to return unsolicited 1409 responses specific to these extensions in certain circumstances. 1410 However, servers cannot send those unsolicited responses (with the 1411 exception of response codes included in tagged or untagged OK/NO/BAD 1412 responses, which can always be sent) until they know that the clients 1413 support such extensions and thus won't choke on the extension 1414 response data. 1416 The ENABLE command provides an explicit indication from the client 1417 that it supports particular extensions. 1419 The ENABLE command takes a list of capability names, and requests the 1420 server to enable the named extensions. Once enabled using ENABLE, 1421 each extension remains active until the IMAP connection is closed. 1422 For each argument, the server does the following: 1424 o If the argument is not an extension known to the server, the 1425 server MUST ignore the argument. 1427 o If the argument is an extension known to the server, and it is not 1428 specifically permitted to be enabled using ENABLE, the server MUST 1429 ignore the argument. (Note that knowing about an extension 1430 doesn't necessarily imply supporting that extension.) 1432 o If the argument is an extension that is supported by the server 1433 and that needs to be enabled, the server MUST enable the extension 1434 for the duration of the connection. Note that once an extension 1435 is enabled, there is no way to disable it. 1437 If the ENABLE command is successful, the server MUST send an untagged 1438 ENABLED response Section 7.2.1. 1440 Clients SHOULD only include extensions that need to be enabled by the 1441 server. For example, a client can enable IMAP4rev2 specific 1442 behaviour when both IMAP4rev1 and IMAP4rev2 are advertised in the 1443 CAPABILITY response. Future RFCs may add to this list. 1445 The ENABLE command is only valid in the authenticated state, before 1446 any mailbox is selected. Clients MUST NOT issue ENABLE once they 1447 SELECT/EXAMINE a mailbox; however, server implementations don't have 1448 to check that no mailbox is selected or was previously selected 1449 during the duration of a connection. 1451 The ENABLE command can be issued multiple times in a session. It is 1452 additive; i.e., "ENABLE a b", followed by "ENABLE c" is the same as a 1453 single command "ENABLE a b c". When multiple ENABLE commands are 1454 issued, each corresponding ENABLED response SHOULD only contain 1455 extensions enabled by the corresponding ENABLE command. 1457 There are no limitations on pipelining ENABLE. For example, it is 1458 possible to send ENABLE and then immediately SELECT, or a LOGIN 1459 immediately followed by ENABLE. 1461 The server MUST NOT change the CAPABILITY list as a result of 1462 executing ENABLE; i.e., a CAPABILITY command issued right after an 1463 ENABLE command MUST list the same capabilities as a CAPABILITY 1464 command issued before the ENABLE command. This is demonstrated in 1465 the following example: 1467 C: t1 CAPABILITY 1468 S: * CAPABILITY IMAP4rev1 ID LITERAL+ ENABLE X-GOOD-IDEA 1469 S: t1 OK foo 1470 C: t2 ENABLE CONDSTORE X-GOOD-IDEA 1471 S: * ENABLED X-GOOD-IDEA 1472 S: t2 OK foo 1473 C: t3 CAPABILITY 1474 S: * CAPABILITY IMAP4rev1 ID LITERAL+ ENABLE X-GOOD-IDEA 1475 S: t3 OK foo again 1477 In the following example, the client enables CONDSTORE: 1479 C: a1 ENABLE CONDSTORE 1480 S: * ENABLED CONDSTORE 1481 S: a1 OK Conditional Store enabled 1483 6.3.1.1. Note to Designers of Extensions That May Use the ENABLE 1484 Command 1486 Designers of IMAP extensions are discouraged from creating extensions 1487 that require ENABLE unless there is no good alternative design. 1488 Specifically, extensions that cause potentially incompatible behavior 1489 changes to deployed server responses (and thus benefit from ENABLE) 1490 have a higher complexity cost than extensions that do not. 1492 6.3.2. SELECT Command 1494 Arguments: mailbox name 1496 Responses: REQUIRED untagged responses: FLAGS, EXISTS, RECENT 1497 REQUIRED OK untagged responses: UNSEEN (if any unseen 1498 exist), PERMANENTFLAGS, 1499 UIDNEXT, UIDVALIDITY 1501 Result: OK - select completed, now in selected state 1502 NO - select failure, now in authenticated state: no 1503 such mailbox, can't access mailbox 1504 BAD - command unknown or arguments invalid 1506 The SELECT command selects a mailbox so that messages in the mailbox 1507 can be accessed. Before returning an OK to the client, the server 1508 MUST send the following untagged data to the client. Note that 1509 earlier versions of this protocol only required the FLAGS, EXISTS, 1510 and RECENT untagged data; consequently, client implementations SHOULD 1511 implement default behavior for missing data as discussed with the 1512 individual item. 1514 FLAGS Defined flags in the mailbox. See the description of the 1515 FLAGS response for more detail. 1517 EXISTS The number of messages in the mailbox. See the 1518 description of the EXISTS response for more detail. 1520 RECENT The number of messages with the \Recent flag set. See 1521 the description of the RECENT response for more detail. 1523 OK [UNSEEN ] The message sequence number of the first unseen 1524 message in the mailbox. If there are any unseen messages in the 1525 mailbox, an UNSEEN response MUST be sent, if not it MUST be 1526 omitted. If this is missing, the client can not make any 1527 assumptions about the first unseen message in the mailbox, and 1528 needs to issue a SEARCH command if it wants to find it. 1530 OK [PERMANENTFLAGS ()] A list of message flags that 1531 the client can change permanently. If this is missing, the client 1532 should assume that all flags can be changed permanently. 1534 OK [UIDNEXT ] The next unique identifier value. Refer to 1535 Section 2.3.1.1 for more information. If this is missing, the 1536 client can not make any assumptions about the next unique 1537 identifier value. 1539 OK [UIDVALIDITY ] The unique identifier validity value. Refer to 1540 Section 2.3.1.1 for more information. If this is missing, the 1541 server does not support unique identifiers. 1543 Only one mailbox can be selected at a time in a connection; 1544 simultaneous access to multiple mailboxes requires multiple 1545 connections. The SELECT command automatically deselects any 1546 currently selected mailbox before attempting the new selection. 1547 Consequently, if a mailbox is selected and a SELECT command that 1548 fails is attempted, no mailbox is selected. 1550 If the client is permitted to modify the mailbox, the server SHOULD 1551 prefix the text of the tagged OK response with the "[READ-WRITE]" 1552 response code. 1554 If the client is not permitted to modify the mailbox but is permitted 1555 read access, the mailbox is selected as read-only, and the server 1556 MUST prefix the text of the tagged OK response to SELECT with the 1557 "[READ-ONLY]" response code. Read-only access through SELECT differs 1558 from the EXAMINE command in that certain read-only mailboxes MAY 1559 permit the change of permanent state on a per-user (as opposed to 1560 global) basis. Netnews messages marked in a server-based .newsrc 1561 file are an example of such per-user permanent state that can be 1562 modified with read-only mailboxes. 1564 Example: C: A142 SELECT INBOX 1565 S: * 172 EXISTS 1566 S: * 1 RECENT 1567 S: * OK [UNSEEN 12] Message 12 is first unseen 1568 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1569 S: * OK [UIDNEXT 4392] Predicted next UID 1570 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1571 S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited 1572 S: A142 OK [READ-WRITE] SELECT completed 1574 6.3.3. EXAMINE Command 1576 Arguments: mailbox name 1578 Responses: REQUIRED untagged responses: FLAGS, EXISTS, RECENT 1579 REQUIRED OK untagged responses: UNSEEN, PERMANENTFLAGS, 1580 UIDNEXT, UIDVALIDITY 1582 Result: OK - examine completed, now in selected state 1583 NO - examine failure, now in authenticated state: no 1584 such mailbox, can't access mailbox BAD - command unknown 1585 or arguments invalid 1587 The EXAMINE command is identical to SELECT and returns the same 1588 output; however, the selected mailbox is identified as read-only. No 1589 changes to the permanent state of the mailbox, including per-user 1590 state, are permitted; in particular, EXAMINE MUST NOT cause messages 1591 to lose the \Recent flag. 1593 The text of the tagged OK response to the EXAMINE command MUST begin 1594 with the "[READ-ONLY]" response code. 1596 Example: C: A932 EXAMINE blurdybloop 1597 S: * 17 EXISTS 1598 S: * 2 RECENT 1599 S: * OK [UNSEEN 8] Message 8 is first unseen 1600 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1601 S: * OK [UIDNEXT 4392] Predicted next UID 1602 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1603 S: * OK [PERMANENTFLAGS ()] No permanent flags permitted 1604 S: A932 OK [READ-ONLY] EXAMINE completed 1606 6.3.4. CREATE Command 1608 Arguments: mailbox name 1610 Responses: no specific responses for this command 1612 Result: OK - create completed 1613 NO - create failure: can't create mailbox with that name 1614 BAD - command unknown or arguments invalid 1616 The CREATE command creates a mailbox with the given name. An OK 1617 response is returned only if a new mailbox with that name has been 1618 created. It is an error to attempt to create INBOX or a mailbox with 1619 a name that refers to an extant mailbox. Any error in creation will 1620 return a tagged NO response. 1622 If the mailbox name is suffixed with the server's hierarchy separator 1623 character (as returned from the server by a LIST command), this is a 1624 declaration that the client intends to create mailbox names under 1625 this name in the hierarchy. Server implementations that do not 1626 require this declaration MUST ignore the declaration. In any case, 1627 the name created is without the trailing hierarchy delimiter. 1629 If the server's hierarchy separator character appears elsewhere in 1630 the name, the server SHOULD create any superior hierarchical names 1631 that are needed for the CREATE command to be successfully completed. 1632 In other words, an attempt to create "foo/bar/zap" on a server in 1633 which "/" is the hierarchy separator character SHOULD create foo/ and 1634 foo/bar/ if they do not already exist. 1636 If a new mailbox is created with the same name as a mailbox which was 1637 deleted, its unique identifiers MUST be greater than any unique 1638 identifiers used in the previous incarnation of the mailbox UNLESS 1639 the new incarnation has a different unique identifier validity value. 1640 See the description of the UID command for more detail. 1642 Example: C: A003 CREATE owatagusiam/ 1643 S: A003 OK CREATE completed 1644 C: A004 CREATE owatagusiam/blurdybloop 1645 S: A004 OK CREATE completed 1647 Note: The interpretation of this example depends on whether "/" 1648 was returned as the hierarchy separator from LIST. If "/" is the 1649 hierarchy separator, a new level of hierarchy named "owatagusiam" 1650 with a member called "blurdybloop" is created. Otherwise, two 1651 mailboxes at the same hierarchy level are created. 1653 6.3.5. DELETE Command 1655 Arguments: mailbox name 1657 Responses: no specific responses for this command 1659 Result: OK - delete completed 1660 NO - delete failure: can't delete mailbox with that name 1661 BAD - command unknown or arguments invalid 1663 The DELETE command permanently removes the mailbox with the given 1664 name. A tagged OK response is returned only if the mailbox has been 1665 deleted. It is an error to attempt to delete INBOX or a mailbox name 1666 that does not exist. 1668 The DELETE command MUST NOT remove inferior hierarchical names. For 1669 example, if a mailbox "foo" has an inferior "foo.bar" (assuming "." 1670 is the hierarchy delimiter character), removing "foo" MUST NOT remove 1671 "foo.bar". It is an error to attempt to delete a name that has 1672 inferior hierarchical names and also has the \Noselect mailbox name 1673 attribute (see the description of the LIST response for more 1674 details). 1676 It is permitted to delete a name that has inferior hierarchical names 1677 and does not have the \Noselect mailbox name attribute. If the 1678 server implementation does not permit deleting the name while 1679 inferior hierarchical names exists the \Noselect mailbox name 1680 attribute is set for that name. In any case, all messages in that 1681 mailbox are removed by the DELETE command. 1683 The value of the highest-used unique identifier of the deleted 1684 mailbox MUST be preserved so that a new mailbox created with the same 1685 name will not reuse the identifiers of the former incarnation, UNLESS 1686 the new incarnation has a different unique identifier validity value. 1687 See the description of the UID command for more detail. 1689 Examples: C: A682 LIST "" * 1690 S: * LIST () "/" blurdybloop 1691 S: * LIST (\Noselect) "/" foo 1692 S: * LIST () "/" foo/bar 1693 S: A682 OK LIST completed 1694 C: A683 DELETE blurdybloop 1695 S: A683 OK DELETE completed 1696 C: A684 DELETE foo 1697 S: A684 NO Name "foo" has inferior hierarchical names 1698 C: A685 DELETE foo/bar 1699 S: A685 OK DELETE Completed 1700 C: A686 LIST "" * 1701 S: * LIST (\Noselect) "/" foo 1702 S: A686 OK LIST completed 1703 C: A687 DELETE foo 1704 S: A687 OK DELETE Completed 1705 C: A82 LIST "" * 1706 S: * LIST () "." blurdybloop 1707 S: * LIST () "." foo 1708 S: * LIST () "." foo.bar 1709 S: A82 OK LIST completed 1710 C: A83 DELETE blurdybloop 1711 S: A83 OK DELETE completed 1712 C: A84 DELETE foo 1713 S: A84 OK DELETE Completed 1714 C: A85 LIST "" * 1715 S: * LIST () "." foo.bar 1716 S: A85 OK LIST completed 1717 C: A86 LIST "" % 1718 S: * LIST (\Noselect) "." foo 1719 S: A86 OK LIST completed 1721 6.3.6. RENAME Command 1723 Arguments: existing mailbox name 1724 new mailbox name 1726 Responses: no specific responses for this command 1728 Result: OK - rename completed 1729 NO - rename failure: can't rename mailbox with that name, 1730 can't rename to mailbox with that name 1731 BAD - command unknown or arguments invalid 1733 The RENAME command changes the name of a mailbox. A tagged OK 1734 response is returned only if the mailbox has been renamed. It is an 1735 error to attempt to rename from a mailbox name that does not exist or 1736 to a mailbox name that already exists. Any error in renaming will 1737 return a tagged NO response. 1739 If the name has inferior hierarchical names, then the inferior 1740 hierarchical names MUST also be renamed. For example, a rename of 1741 "foo" to "zap" will rename "foo/bar" (assuming "/" is the hierarchy 1742 delimiter character) to "zap/bar". 1744 If the server's hierarchy separator character appears in the name, 1745 the server SHOULD create any superior hierarchical names that are 1746 needed for the RENAME command to complete successfully. In other 1747 words, an attempt to rename "foo/bar/zap" to baz/rag/zowie on a 1748 server in which "/" is the hierarchy separator character SHOULD 1749 create baz/ and baz/rag/ if they do not already exist. 1751 The value of the highest-used unique identifier of the old mailbox 1752 name MUST be preserved so that a new mailbox created with the same 1753 name will not reuse the identifiers of the former incarnation, UNLESS 1754 the new incarnation has a different unique identifier validity value. 1755 See the description of the UID command for more detail. 1757 Renaming INBOX is permitted, and has special behavior. It moves all 1758 messages in INBOX to a new mailbox with the given name, leaving INBOX 1759 empty. If the server implementation supports inferior hierarchical 1760 names of INBOX, these are unaffected by a rename of INBOX. 1762 Examples: C: A682 LIST "" * 1763 S: * LIST () "/" blurdybloop 1764 S: * LIST (\Noselect) "/" foo 1765 S: * LIST () "/" foo/bar 1766 S: A682 OK LIST completed 1767 C: A683 RENAME blurdybloop sarasoop 1768 S: A683 OK RENAME completed 1769 C: A684 RENAME foo zowie 1770 S: A684 OK RENAME Completed 1771 C: A685 LIST "" * 1772 S: * LIST () "/" sarasoop 1773 S: * LIST (\Noselect) "/" zowie 1774 S: * LIST () "/" zowie/bar 1775 S: A685 OK LIST completed 1777 C: Z432 LIST "" * 1778 S: * LIST () "." INBOX 1779 S: * LIST () "." INBOX.bar 1780 S: Z432 OK LIST completed 1781 C: Z433 RENAME INBOX old-mail 1782 S: Z433 OK RENAME completed 1783 C: Z434 LIST "" * 1784 S: * LIST () "." INBOX 1785 S: * LIST () "." INBOX.bar 1786 S: * LIST () "." old-mail 1787 S: Z434 OK LIST completed 1789 6.3.7. SUBSCRIBE Command 1791 Arguments: mailbox 1793 Responses: no specific responses for this command 1795 Result: OK - subscribe completed 1796 NO - subscribe failure: can't subscribe to that name 1797 BAD - command unknown or arguments invalid 1799 The SUBSCRIBE command adds the specified mailbox name to the server's 1800 set of "active" or "subscribed" mailboxes as returned by the LSUB 1801 command. This command returns a tagged OK response only if the 1802 subscription is successful. 1804 A server MAY validate the mailbox argument to SUBSCRIBE to verify 1805 that it exists. However, it MUST NOT unilaterally remove an existing 1806 mailbox name from the subscription list even if a mailbox by that 1807 name no longer exists. 1809 Note: This requirement is because a server site can choose to 1810 routinely remove a mailbox with a well-known name (e.g., "system- 1811 alerts") after its contents expire, with the intention of 1812 recreating it when new contents are appropriate. 1814 Example: C: A002 SUBSCRIBE #news.comp.mail.mime 1815 S: A002 OK SUBSCRIBE completed 1817 6.3.8. UNSUBSCRIBE Command 1819 Arguments: mailbox name 1821 Responses: no specific responses for this command 1823 Result: OK - unsubscribe completed 1824 NO - unsubscribe failure: can't unsubscribe that name 1825 BAD - command unknown or arguments invalid 1827 The UNSUBSCRIBE command removes the specified mailbox name from the 1828 server's set of "active" or "subscribed" mailboxes as returned by the 1829 LSUB command. This command returns a tagged OK response only if the 1830 unsubscription is successful. 1832 Example: C: A002 UNSUBSCRIBE #news.comp.mail.mime 1833 S: A002 OK UNSUBSCRIBE completed 1835 6.3.9. LIST Command 1837 Arguments: reference name 1838 mailbox name with possible wildcards 1840 Responses: untagged responses: LIST 1842 Result: OK - list completed 1843 NO - list failure: can't list that reference or name 1844 BAD - command unknown or arguments invalid 1846 The LIST command returns a subset of names from the complete set of 1847 all names available to the client. Zero or more untagged LIST 1848 replies are returned, containing the name attributes, hierarchy 1849 delimiter, and name; see the description of the LIST reply for more 1850 detail. 1852 The LIST command SHOULD return its data quickly, without undue delay. 1853 For example, it SHOULD NOT go to excess trouble to calculate the 1854 \Marked or \Unmarked status or perform other processing; if each name 1855 requires 1 second of processing, then a list of 1200 names would take 1856 20 minutes! 1857 An empty ("" string) reference name argument indicates that the 1858 mailbox name is interpreted as by SELECT. The returned mailbox names 1859 MUST match the supplied mailbox name pattern. A non-empty reference 1860 name argument is the name of a mailbox or a level of mailbox 1861 hierarchy, and indicates the context in which the mailbox name is 1862 interpreted. 1864 An empty ("" string) mailbox name argument is a special request to 1865 return the hierarchy delimiter and the root name of the name given in 1866 the reference. The value returned as the root MAY be the empty 1867 string if the reference is non-rooted or is an empty string. In all 1868 cases, a hierarchy delimiter (or NIL if there is no hierarchy) is 1869 returned. This permits a client to get the hierarchy delimiter (or 1870 find out that the mailbox names are flat) even when no mailboxes by 1871 that name currently exist. 1873 The reference and mailbox name arguments are interpreted into a 1874 canonical form that represents an unambiguous left-to-right 1875 hierarchy. The returned mailbox names will be in the interpreted 1876 form. 1878 Note: The interpretation of the reference argument is 1879 implementation-defined. It depends upon whether the server 1880 implementation has a concept of the "current working directory" 1881 and leading "break out characters", which override the current 1882 working directory. 1884 For example, on a server which exports a UNIX or NT filesystem, 1885 the reference argument contains the current working directory, and 1886 the mailbox name argument would contain the name as interpreted in 1887 the current working directory. 1889 If a server implementation has no concept of break out characters, 1890 the canonical form is normally the reference name appended with 1891 the mailbox name. Note that if the server implements the 1892 namespace convention (Section 5.1.2), "#" is a break out character 1893 and must be treated as such. 1895 If the reference argument is not a level of mailbox hierarchy 1896 (that is, it is a \NoInferiors name), and/or the reference 1897 argument does not end with the hierarchy delimiter, it is 1898 implementation-dependent how this is interpreted. For example, a 1899 reference of "foo/bar" and mailbox name of "rag/baz" could be 1900 interpreted as "foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/ 1901 baz". A client SHOULD NOT use such a reference argument except at 1902 the explicit request of the user. A hierarchical browser MUST NOT 1903 make any assumptions about server interpretation of the reference 1904 unless the reference is a level of mailbox hierarchy AND ends with 1905 the hierarchy delimiter. 1907 Any part of the reference argument that is included in the 1908 interpreted form SHOULD prefix the interpreted form. It SHOULD also 1909 be in the same form as the reference name argument. This rule 1910 permits the client to determine if the returned mailbox name is in 1911 the context of the reference argument, or if something about the 1912 mailbox argument overrode the reference argument. Without this rule, 1913 the client would have to have knowledge of the server's naming 1914 semantics including what characters are "breakouts" that override a 1915 naming context. 1917 For example, here are some examples of how references 1918 and mailbox names might be interpreted on a UNIX-based 1919 server: 1921 Reference Mailbox Name Interpretation 1922 ------------ ------------ -------------- 1923 ~smith/Mail/ foo.* ~smith/Mail/foo.* 1924 archive/ % archive/% 1925 #news. comp.mail.* #news.comp.mail.* 1926 ~smith/Mail/ /usr/doc/foo /usr/doc/foo 1927 archive/ ~fred/Mail/* ~fred/Mail/* 1929 The first three examples demonstrate interpretations in 1930 the context of the reference argument. Note that 1931 "~smith/Mail" SHOULD NOT be transformed into something 1932 like "/u2/users/smith/Mail", or it would be impossible 1933 for the client to determine that the interpretation was 1934 in the context of the reference. 1936 The character "*" is a wildcard, and matches zero or more characters 1937 at this position. The character "%" is similar to "*", but it does 1938 not match a hierarchy delimiter. If the "%" wildcard is the last 1939 character of a mailbox name argument, matching levels of hierarchy 1940 are also returned. If these levels of hierarchy are not also 1941 selectable mailboxes, they are returned with the \Noselect mailbox 1942 name attribute (see the description of the LIST response for more 1943 details). 1945 Server implementations are permitted to "hide" otherwise accessible 1946 mailboxes from the wildcard characters, by preventing certain 1947 characters or names from matching a wildcard in certain situations. 1948 For example, a UNIX-based server might restrict the interpretation of 1949 "*" so that an initial "/" character does not match. 1951 The special name INBOX is included in the output from LIST, if INBOX 1952 is supported by this server for this user and if the uppercase string 1953 "INBOX" matches the interpreted reference and mailbox name arguments 1954 with wildcards as described above. The criteria for omitting INBOX 1955 is whether SELECT INBOX will return failure; it is not relevant 1956 whether the user's real INBOX resides on this or some other server. 1958 Example: C: A101 LIST "" "" 1959 S: * LIST (\Noselect) "/" "" 1960 S: A101 OK LIST Completed 1961 C: A102 LIST #news.comp.mail.misc "" 1962 S: * LIST (\Noselect) "." #news. 1963 S: A102 OK LIST Completed 1964 C: A103 LIST /usr/staff/jones "" 1965 S: * LIST (\Noselect) "/" / 1966 S: A103 OK LIST Completed 1967 C: A202 LIST ~/Mail/ % 1968 S: * LIST (\Noselect) "/" ~/Mail/foo 1969 S: * LIST () "/" ~/Mail/meetings 1970 S: A202 OK LIST completed 1972 6.3.10. LSUB Command 1974 Arguments: reference name 1975 mailbox name with possible wildcards 1977 Responses: untagged responses: LSUB 1979 Result: OK - lsub completed 1980 NO - lsub failure: can't list that reference or name 1981 BAD - command unknown or arguments invalid 1983 The LSUB command returns a subset of names from the set of names that 1984 the user has declared as being "active" or "subscribed". Zero or 1985 more untagged LSUB replies are returned. The arguments to LSUB are 1986 in the same form as those for LIST. 1988 The returned untagged LSUB response MAY contain different mailbox 1989 flags from a LIST untagged response. If this should happen, the 1990 flags in the untagged LIST are considered more authoritative. 1992 A special situation occurs when using LSUB with the % wildcard. 1993 Consider what happens if "foo/bar" (with a hierarchy delimiter of 1994 "/") is subscribed but "foo" is not. A "%" wildcard to LSUB must 1995 return foo, not foo/bar, in the LSUB response, and it MUST be flagged 1996 with the \Noselect attribute. 1998 The server MUST NOT unilaterally remove an existing mailbox name from 1999 the subscription list even if a mailbox by that name no longer 2000 exists. 2002 Example: C: A002 LSUB "#news." "comp.mail.*" 2003 S: * LSUB () "." #news.comp.mail.mime 2004 S: * LSUB () "." #news.comp.mail.misc 2005 S: A002 OK LSUB completed 2006 C: A003 LSUB "#news." "comp.%" 2007 S: * LSUB (\NoSelect) "." #news.comp.mail 2008 S: A003 OK LSUB completed 2010 6.3.11. STATUS Command 2012 Arguments: mailbox name 2013 status data item names 2015 Responses: REQUIRED untagged responses: STATUS 2017 Result: OK - status completed 2018 NO - status failure: no status for that name 2019 BAD - command unknown or arguments invalid 2021 The STATUS command requests the status of the indicated mailbox. It 2022 does not change the currently selected mailbox, nor does it affect 2023 the state of any messages in the queried mailbox (in particular, 2024 STATUS MUST NOT cause messages to lose the \Recent flag). 2026 The STATUS command provides an alternative to opening a second 2027 IMAP4rev2 connection and doing an EXAMINE command on a mailbox to 2028 query that mailbox's status without deselecting the current mailbox 2029 in the first IMAP4rev2 connection. 2031 Unlike the LIST command, the STATUS command is not guaranteed to be 2032 fast in its response. Under certain circumstances, it can be quite 2033 slow. In some implementations, the server is obliged to open the 2034 mailbox read-only internally to obtain certain status information. 2035 Also unlike the LIST command, the STATUS command does not accept 2036 wildcards. 2038 Note: The STATUS command is intended to access the status of 2039 mailboxes other than the currently selected mailbox. Because the 2040 STATUS command can cause the mailbox to be opened internally, and 2041 because this information is available by other means on the 2042 selected mailbox, the STATUS command SHOULD NOT be used on the 2043 currently selected mailbox. 2045 The STATUS command MUST NOT be used as a "check for new messages 2046 in the selected mailbox" operation (refer to sections 7, 2047 Section 7.3.1, and Section 7.3.2 for more information about the 2048 proper method for new message checking). 2050 Because the STATUS command is not guaranteed to be fast in its 2051 results, clients SHOULD NOT expect to be able to issue many 2052 consecutive STATUS commands and obtain reasonable performance. 2054 The currently defined status data items that can be requested are: 2056 MESSAGES The number of messages in the mailbox. 2058 RECENT The number of messages with the \Recent flag set. 2060 UIDNEXT The next unique identifier value of the mailbox. Refer to 2061 Section 2.3.1.1 for more information. 2063 UIDVALIDITY The unique identifier validity value of the mailbox. 2064 Refer to Section 2.3.1.1 for more information. 2066 UNSEEN The number of messages which do not have the \Seen flag set. 2068 Example: C: A042 STATUS blurdybloop (UIDNEXT MESSAGES) 2069 S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 2070 S: A042 OK STATUS completed 2072 6.3.12. APPEND Command 2074 Arguments: mailbox name 2075 OPTIONAL flag parenthesized list 2076 OPTIONAL date/time string 2077 message literal 2079 Responses: no specific responses for this command 2081 Result: OK - append completed 2082 NO - append error: can't append to that mailbox, error 2083 in flags or date/time or message text 2084 BAD - command unknown or arguments invalid 2086 The APPEND command appends the literal argument as a new message to 2087 the end of the specified destination mailbox. This argument SHOULD 2088 be in the format of an [RFC-5322] message. 8-bit characters are 2089 permitted in the message. A server implementation that is unable to 2090 preserve 8-bit data properly MUST be able to reversibly convert 8-bit 2091 APPEND data to 7-bit using a [MIME-IMB] content transfer encoding. 2093 Note: There may be exceptions, e.g., draft messages, in which 2094 required [RFC-5322] header lines are omitted in the message 2095 literal argument to APPEND. The full implications of doing so 2096 must be understood and carefully weighed. 2098 If a flag parenthesized list is specified, the flags SHOULD be set in 2099 the resulting message; otherwise, the flag list of the resulting 2100 message is set to empty by default. In either case, the Recent flag 2101 is also set. 2103 If a date-time is specified, the internal date SHOULD be set in the 2104 resulting message; otherwise, the internal date of the resulting 2105 message is set to the current date and time by default. 2107 If the append is unsuccessful for any reason, the mailbox MUST be 2108 restored to its state before the APPEND attempt; no partial appending 2109 is permitted. 2111 If the destination mailbox does not exist, a server MUST return an 2112 error, and MUST NOT automatically create the mailbox. Unless it is 2113 certain that the destination mailbox can not be created, the server 2114 MUST send the response code "[TRYCREATE]" as the prefix of the text 2115 of the tagged NO response. This gives a hint to the client that it 2116 can attempt a CREATE command and retry the APPEND if the CREATE is 2117 successful. 2119 On successful completion of an APPEND, the server SHOULD return an 2120 APPENDUID response code. 2122 In the case of a mailbox that has permissions set so that the client 2123 can APPEND to the mailbox, but not SELECT or EXAMINE it, the server 2124 SHOULD NOT send an APPENDUID response code as it would disclose 2125 information about the mailbox. 2127 In the case of a mailbox that has UIDNOTSTICKY status (see 2128 UIDNOTSTICKY response code definition), the server MAY omit the 2129 APPENDUID response code as it is not meaningful. 2131 If the server does not return the APPENDUID response codes, the 2132 client can discover this information by selecting the destination 2133 mailbox. The location of messages placed in the destination mailbox 2134 by APPEND can be determined by using FETCH and/or SEARCH commands 2135 (e.g., for Message-ID or some unique marker placed in the message in 2136 an APPEND). 2138 If the mailbox is currently selected, the normal new message actions 2139 SHOULD occur. Specifically, the server SHOULD notify the client 2140 immediately via an untagged EXISTS response. If the server does not 2141 do so, the client MAY issue a NOOP command (or failing that, a CHECK 2142 command) after one or more APPEND commands. 2144 Example: C: A003 APPEND saved-messages (\Seen) {310} 2145 S: + Ready for literal data 2146 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 2147 C: From: Fred Foobar 2148 C: Subject: afternoon meeting 2149 C: To: mooch@owatagu.siam.edu 2150 C: Message-Id: 2151 C: MIME-Version: 1.0 2152 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 2153 C: 2154 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 2155 C: 2156 S: A003 OK APPEND completed 2158 Example: C: A003 APPEND saved-messages (\Seen) {297} 2159 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 2160 C: From: Fred Foobar 2161 C: Subject: afternoon meeting 2162 C: To: mooch@example.com 2163 C: Message-Id: 2164 C: MIME-Version: 1.0 2165 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 2166 C: 2167 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 2168 C: 2169 S: A003 OK [APPENDUID 38505 3955] APPEND completed 2170 C: A004 COPY 2:4 meeting 2171 S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done 2172 C: A005 UID COPY 305:310 meeting 2173 S: A005 OK No matching messages, so nothing copied 2174 C: A006 COPY 2 funny 2175 S: A006 OK Done 2176 C: A007 SELECT funny 2177 S: * 1 EXISTS 2178 S: * 1 RECENT 2179 S: * OK [UNSEEN 1] Message 1 is first unseen 2180 S: * OK [UIDVALIDITY 3857529045] Validity session-only 2181 S: * OK [UIDNEXT 2] Predicted next UID 2182 S: * NO [UIDNOTSTICKY] Non-persistent UIDs 2183 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 2184 S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited 2185 S: A007 OK [READ-WRITE] SELECT completed 2187 In this example, A003 and A004 demonstrate successful appending and 2188 copying to a mailbox that returns the UIDs assigned to the messages. 2190 A005 is an example in which no messages were copied; this is because 2191 in A003, we see that message 2 had UID 304, and message 3 had UID 2192 319; therefore, UIDs 305 through 310 do not exist (refer to 2193 Section 2.3.1.1 for further explanation). A006 is an example of a 2194 message being copied that did not return a COPYUID; and, as expected, 2195 A007 shows that the mail store containing that mailbox does not 2196 support persistent UIDs. 2198 Note: The APPEND command is not used for message delivery, because 2199 it does not provide a mechanism to transfer [SMTP] envelope 2200 information. 2202 6.4. Client Commands - Selected State 2204 In the selected state, commands that manipulate messages in a mailbox 2205 are permitted. 2207 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 2208 and the authenticated state commands (SELECT, EXAMINE, CREATE, 2209 DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, LSUB, STATUS, and 2210 APPEND), the following commands are valid in the selected state: 2211 CHECK, CLOSE, UNSELECT, EXPUNGE, SEARCH, FETCH, STORE, COPY, and UID. 2213 6.4.1. CHECK Command 2215 Arguments: none 2217 Responses: no specific responses for this command 2219 Result: OK - check completed 2220 BAD - command unknown or arguments invalid 2222 The CHECK command requests a checkpoint of the currently selected 2223 mailbox. A checkpoint refers to any implementation-dependent 2224 housekeeping associated with the mailbox (e.g., resolving the 2225 server's in-memory state of the mailbox with the state on its disk) 2226 that is not normally executed as part of each command. A checkpoint 2227 MAY take a non-instantaneous amount of real time to complete. If a 2228 server implementation has no such housekeeping considerations, CHECK 2229 is equivalent to NOOP. 2231 There is no guarantee that an EXISTS untagged response will happen as 2232 a result of CHECK. NOOP, not CHECK, SHOULD be used for new message 2233 polling. 2235 Example: C: FXXZ CHECK 2236 S: FXXZ OK CHECK Completed 2238 6.4.2. CLOSE Command 2240 Arguments: none 2242 Responses: no specific responses for this command 2244 Result: OK - close completed, now in authenticated state 2245 BAD - command unknown or arguments invalid 2247 The CLOSE command permanently removes all messages that have the 2248 \Deleted flag set from the currently selected mailbox, and returns to 2249 the authenticated state from the selected state. No untagged EXPUNGE 2250 responses are sent. 2252 No messages are removed, and no error is given, if the mailbox is 2253 selected by an EXAMINE command or is otherwise selected read-only. 2255 Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUT command 2256 MAY be issued without previously issuing a CLOSE command. The 2257 SELECT, EXAMINE, and LOGOUT commands implicitly close the currently 2258 selected mailbox without doing an expunge. However, when many 2259 messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECT sequence is 2260 considerably faster than an EXPUNGE-LOGOUT or EXPUNGE-SELECT because 2261 no untagged EXPUNGE responses (which the client would probably 2262 ignore) are sent. 2264 Example: C: A341 CLOSE 2265 S: A341 OK CLOSE completed 2267 6.4.3. UNSELECT Command 2269 Arguments: none 2271 Responses: no specific responses for this command 2273 Result: OK - unselect completed, now in authenticated state 2274 BAD - no mailbox selected, or argument supplied but none 2275 permitted 2277 The UNSELECT command frees server's resources associated with the 2278 selected mailbox and returns the server to the authenticated state. 2279 This command performs the same actions as CLOSE, except that no 2280 messages are permanently removed from the currently selected mailbox. 2282 Example: C: A342 UNSELECT 2283 S: A342 OK Unselect completed 2285 6.4.4. EXPUNGE Command 2287 Arguments: none 2289 Responses: untagged responses: EXPUNGE 2291 Result: OK - expunge completed 2292 NO - expunge failure: can't expunge (e.g., permission 2293 denied) 2294 BAD - command unknown or arguments invalid 2296 The EXPUNGE command permanently removes all messages that have the 2297 \Deleted flag set from the currently selected mailbox. Before 2298 returning an OK to the client, an untagged EXPUNGE response is sent 2299 for each message that is removed. Note that if any messages with the 2300 \Recent flag set are expunged, an untagged RECENT response is sent 2301 after the untagged EXPUNGE(s) to update the client's count of RECENT 2302 messages. 2304 Example: C: A202 EXPUNGE 2305 S: * 3 EXPUNGE 2306 S: * 3 EXPUNGE 2307 S: * 5 EXPUNGE 2308 S: * 8 EXPUNGE 2309 S: A202 OK EXPUNGE completed 2311 Note: In this example, messages 3, 4, 7, and 11 had the \Deleted flag 2312 set. See the description of the EXPUNGE response for further 2313 explanation. 2315 6.4.5. SEARCH Command 2317 Arguments: OPTIONAL result specifier 2318 OPTIONAL [CHARSET] specification 2319 searching criteria (one or more) 2321 Responses: REQUIRED untagged response: ESEARCH 2323 Result: OK - search completed 2324 NO - search error: can't search that [CHARSET] or 2325 criteria 2326 BAD - command unknown or arguments invalid 2328 The SEARCH command searches the mailbox for messages that match the 2329 given searching criteria. 2331 The SEARCH command may contain result options. Result options 2332 control what kind of information is returned about messages matching 2333 the search criteria in an untagged ESEARCH response. If no result 2334 option is specified or empty list of options is specified "()", ALL 2335 is assumed (see below). The order of individual options is 2336 arbitrary. Individual options may contain parameters enclosed in 2337 parentheses (*). If an option has parameters, they consist of atoms 2338 and/or strings and/or lists in a specific order. Any options not 2339 defined by extensions that the server supports must be rejected with 2340 a BAD response. 2342 (*) - if an option has a mandatory parameter, which can always be 2343 represented as a number or a sequence-set, the option parameter does 2344 not need the enclosing (). See ABNF for more details. 2346 This document specifies the following result options: 2348 MIN 2350 Return the lowest message number/UID that satisfies the SEARCH 2351 criteria. 2353 If the SEARCH results in no matches, the server MUST NOT 2354 include the MIN result option in the ESEARCH response; however, 2355 it still MUST send the ESEARCH response. 2357 MAX 2359 Return the highest message number/UID that satisfies the SEARCH 2360 criteria. 2362 If the SEARCH results in no matches, the server MUST NOT 2363 include the MAX result option in the ESEARCH response; however, 2364 it still MUST send the ESEARCH response. 2366 ALL 2368 Return all message numbers/UIDs that satisfy the SEARCH 2369 criteria using the sequence-set syntax. Note, the client MUST 2370 NOT assume that messages/UIDs will be listed in any particular 2371 order. 2373 If the SEARCH results in no matches, the server MUST NOT 2374 include the ALL result option in the ESEARCH response; however, 2375 it still MUST send the ESEARCH response. 2377 COUNT Return number of the messages that satisfy the SEARCH 2378 criteria. This result option MUST always be included in the 2379 ESEARCH response. 2381 Note: future extensions to this document can allow servers to return 2382 multiple ESEARCH responses for a single extended SEARCH command. 2383 However all options specified above REQUIRE a single ESEARCH 2384 response. These extensions will have to describe how results from 2385 multiple ESEARCH responses are to be amalgamated. 2387 Searching criteria consist of one or more search keys. 2389 When multiple keys are specified, the result is the intersection (AND 2390 function) of all the messages that match those keys. For example, 2391 the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers to all 2392 deleted messages from Smith that were placed in the mailbox since 2393 February 1, 1994. A search key can also be a parenthesized list of 2394 one or more search keys (e.g., for use with the OR and NOT keys). 2396 Server implementations MAY exclude [MIME-IMB] body parts with 2397 terminal content media types other than TEXT and MESSAGE from 2398 consideration in SEARCH matching. 2400 The OPTIONAL [CHARSET] specification consists of the word "CHARSET" 2401 followed by a registered [CHARSET]. It indicates the [CHARSET] of 2402 the strings that appear in the search criteria. [MIME-IMB] content 2403 transfer encodings, and [MIME-HDRS] strings in [RFC-5322]/[MIME-IMB] 2404 headers, MUST be decoded before comparing text. US-ASCII MUST be 2405 supported; other [CHARSET]s MAY be supported. 2407 If the server does not support the specified [CHARSET], it MUST 2408 return a tagged NO response (not a BAD). This response SHOULD 2409 contain the BADCHARSET response code, which MAY list the [CHARSET]s 2410 supported by the server. 2412 In all search keys that use strings, a message matches the key if the 2413 string is a substring of the associated text. The matching is case- 2414 insensitive. Note that the empty string is a substring; this is 2415 useful when doing a HEADER search. 2417 The defined search keys are as follows. Refer to the Formal Syntax 2418 section for the precise syntactic definitions of the arguments. 2420 Messages with message sequence numbers corresponding 2421 to the specified message sequence number set. 2423 ALL All messages in the mailbox; the default initial key for ANDing. 2425 ANSWERED Messages with the \Answered flag set. 2427 BCC Messages that contain the specified string in the 2428 envelope structure's BCC field. 2430 BEFORE Messages whose internal date (disregarding time and 2431 timezone) is earlier than the specified date. 2433 BODY Messages that contain the specified string in the body 2434 of the message. 2436 CC Messages that contain the specified string in the 2437 envelope structure's CC field. 2439 DELETED Messages with the \Deleted flag set. 2441 DRAFT Messages with the \Draft flag set. 2443 FLAGGED Messages with the \Flagged flag set. 2445 FROM Messages that contain the specified string in the 2446 envelope structure's FROM field. 2448 HEADER Messages that have a header with the 2449 specified field-name (as defined in [RFC-5322]) and that contains 2450 the specified string in the text of the header (what comes after 2451 the colon). If the string to search is zero-length, this matches 2452 all messages that have a header line with the specified field-name 2453 regardless of the contents. 2455 KEYWORD Messages with the specified keyword flag set. 2457 LARGER Messages with an [RFC-5322] size larger than the 2458 specified number of octets. 2460 NEW Messages that have the \Recent flag set but not the \Seen flag. 2461 This is functionally equivalent to "(RECENT UNSEEN)". 2463 NOT Messages that do not match the specified search 2464 key. 2466 OLD Messages that do not have the \Recent flag set. This is 2467 functionally equivalent to "NOT RECENT" (as opposed to "NOT NEW"). 2469 ON Messages whose internal date (disregarding time and 2470 timezone) is within the specified date. 2472 OR Messages that match either search 2473 key. 2475 RECENT Messages that have the \Recent flag set. 2477 SEEN Messages that have the \Seen flag set. 2479 SENTBEFORE Messages whose [RFC-5322] Date: header 2480 (disregarding time and timezone) is earlier than the specified 2481 date. 2483 SENTON Messages whose [RFC-5322] Date: header (disregarding 2484 time and timezone) is within the specified date. 2486 SENTSINCE Messages whose [RFC-5322] Date: header 2487 (disregarding time and timezone) is within or later than the 2488 specified date. 2490 SINCE Messages whose internal date (disregarding time and 2491 timezone) is within or later than the specified date. 2493 SMALLER Messages with an [RFC-5322] size smaller than the 2494 specified number of octets. 2496 SUBJECT Messages that contain the specified string in the 2497 envelope structure's SUBJECT field. 2499 TEXT Messages that contain the specified string in the 2500 header or body of the message. 2502 TO Messages that contain the specified string in the 2503 envelope structure's TO field. 2505 UID Messages with unique identifiers corresponding to 2506 the specified unique identifier set. Sequence set ranges are 2507 permitted. 2509 UNANSWERED Messages that do not have the \Answered flag set. 2511 UNDELETED Messages that do not have the \Deleted flag set. 2513 UNDRAFT Messages that do not have the \Draft flag set. 2515 UNFLAGGED Messages that do not have the \Flagged flag set. 2517 UNKEYWORD Messages that do not have the specified keyword 2518 flag set. 2520 UNSEEN Messages that do not have the \Seen flag set. 2522 Example: C: A282 SEARCH RETURN (MIN COUNT) FLAGGED 2523 SINCE 1-Feb-1994 NOT FROM "Smith" 2524 S: * ESEARCH (TAG "A282") MIN 2 COUNT 3 2525 S: A282 OK SEARCH completed 2527 Example: C: A283 SEARCH RETURN () FLAGGED 2528 SINCE 1-Feb-1994 NOT FROM "Smith" 2529 S: * ESEARCH (TAG "A283") ALL 2,10:11 2530 S: A283 OK SEARCH completed 2532 Example: C: A284 SEARCH TEXT "string not in mailbox" 2533 S: * ESEARCH (TAG "A284") 2534 S: A284 OK SEARCH completed 2535 C: A285 SEARCH CHARSET UTF-8 TEXT {6} 2536 S: + Ready for literal text 2537 C: XXXXXX 2538 S: * ESEARCH (TAG "A285") ALL 43 2539 S: A285 OK SEARCH completed 2541 Note: Since this document is restricted to 7-bit ASCII text, it is 2542 not possible to show actual UTF-8 data. The "XXXXXX" is a 2543 placeholder for what would be 6 octets of 8-bit data in an actual 2544 transaction. 2546 The following example demonstrates finding the first unseen message 2547 as returned in the UNSEEN response code on a successful SELECT 2548 command: 2550 Example: C: A284 SEARCH RETURN (MIN) UNSEEN 2551 S: * ESEARCH (TAG "A284") MIN 4 2552 S: A284 OK SEARCH completed 2554 The following example demonstrates that if the ESEARCH UID indicator 2555 is present, all data in the ESEARCH response is referring to UIDs; 2556 for example, the MIN result specifier will be followed by a UID. 2558 Example: C: A285 UID SEARCH RETURN (MIN MAX) 1:5000 2559 S: * ESEARCH (TAG "A285") UID MIN 7 MAX 3800 2560 S: A285 OK SEARCH completed 2562 The following example demonstrates returning the number of deleted 2563 messages: 2565 Example: C: A286 SEARCH RETURN (COUNT) DELETED 2566 S: * ESEARCH (TAG "A286") COUNT 15 2567 S: A286 OK SEARCH completed 2569 6.4.6. FETCH Command 2571 Arguments: sequence set 2572 message data item names or macro 2574 Responses: untagged responses: FETCH 2576 Result: OK - fetch completed 2577 NO - fetch error: can't fetch that data 2578 BAD - command unknown or arguments invalid 2580 The FETCH command retrieves data associated with a message in the 2581 mailbox. The data items to be fetched can be either a single atom or 2582 a parenthesized list. 2584 Most data items, identified in the formal syntax under the msg-att- 2585 static rule, are static and MUST NOT change for any particular 2586 message. Other data items, identified in the formal syntax under the 2587 msg-att-dynamic rule, MAY change, either as a result of a STORE 2588 command or due to external events. 2590 For example, if a client receives an ENVELOPE for a message when 2591 it already knows the envelope, it can safely ignore the newly 2592 transmitted envelope. 2594 There are three macros which specify commonly-used sets of data 2595 items, and can be used instead of data items. A macro must be used 2596 by itself, and not in conjunction with other macros or data items. 2598 ALL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE) 2600 FAST Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE) 2602 FULL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE 2603 BODY) 2605 The currently defined data items that can be fetched are: 2607 BODY Non-extensible form of BODYSTRUCTURE. 2609 BODY[
]<> 2611 The text of a particular body section. The section 2612 specification is a set of zero or more part specifiers 2613 delimited by periods. A part specifier is either a part number 2614 or one of the following: HEADER, HEADER.FIELDS, 2615 HEADER.FIELDS.NOT, MIME, and TEXT. An empty section 2616 specification refers to the entire message, including the 2617 header. 2619 Every message has at least one part number. Non-[MIME-IMB] 2620 messages, and non-multipart [MIME-IMB] messages with no 2621 encapsulated message, only have a part 1. 2623 Multipart messages are assigned consecutive part numbers, as 2624 they occur in the message. If a particular part is of type 2625 message or multipart, its parts MUST be indicated by a period 2626 followed by the part number within that nested multipart part. 2628 A part of type MESSAGE/RFC822 also has nested part numbers, 2629 referring to parts of the MESSAGE part's body. 2631 The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT part 2632 specifiers can be the sole part specifier or can be prefixed by 2633 one or more numeric part specifiers, provided that the numeric 2634 part specifier refers to a part of type MESSAGE/RFC822. The 2635 MIME part specifier MUST be prefixed by one or more numeric 2636 part specifiers. 2638 The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT part 2639 specifiers refer to the [RFC-5322] header of the message or of 2640 an encapsulated [MIME-IMT] MESSAGE/RFC822 message. 2641 HEADER.FIELDS and HEADER.FIELDS.NOT are followed by a list of 2642 field-name (as defined in [RFC-5322]) names, and return a 2643 subset of the header. The subset returned by HEADER.FIELDS 2644 contains only those header fields with a field-name that 2645 matches one of the names in the list; similarly, the subset 2646 returned by HEADER.FIELDS.NOT contains only the header fields 2647 with a non-matching field-name. The field-matching is case- 2648 insensitive but otherwise exact. Subsetting does not exclude 2649 the [RFC-5322] delimiting blank line between the header and the 2650 body; the blank line is included in all header fetches, except 2651 in the case of a message which has no body and no blank line. 2653 The MIME part specifier refers to the [MIME-IMB] header for 2654 this part. 2656 The TEXT part specifier refers to the text body of the message, 2657 omitting the [RFC-5322] header. 2659 Here is an example of a complex message with some of its 2660 part specifiers: 2662 HEADER ([RFC-5322] header of the message) 2663 TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 2664 1 TEXT/PLAIN 2665 2 APPLICATION/OCTET-STREAM 2666 3 MESSAGE/RFC822 2667 3.HEADER ([RFC-5322] header of the message) 2668 3.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 2669 3.1 TEXT/PLAIN 2670 3.2 APPLICATION/OCTET-STREAM 2671 4 MULTIPART/MIXED 2672 4.1 IMAGE/GIF 2673 4.1.MIME ([MIME-IMB] header for the IMAGE/GIF) 2674 4.2 MESSAGE/RFC822 2675 4.2.HEADER ([RFC-5322] header of the message) 2676 4.2.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 2677 4.2.1 TEXT/PLAIN 2678 4.2.2 MULTIPART/ALTERNATIVE 2679 4.2.2.1 TEXT/PLAIN 2680 4.2.2.2 TEXT/RICHTEXT 2682 It is possible to fetch a substring of the designated text. 2683 This is done by appending an open angle bracket ("<"), the 2684 octet position of the first desired octet, a period, the 2685 maximum number of octets desired, and a close angle bracket 2686 (">") to the part specifier. If the starting octet is beyond 2687 the end of the text, an empty string is returned. 2689 Any partial fetch that attempts to read beyond the end of the 2690 text is truncated as appropriate. A partial fetch that starts 2691 at octet 0 is returned as a partial fetch, even if this 2692 truncation happened. 2694 Note: This means that BODY[]<0.2048> of a 1500-octet message 2695 will return BODY[]<0> with a literal of size 1500, not 2696 BODY[]. 2698 Note: A substring fetch of a HEADER.FIELDS or 2699 HEADER.FIELDS.NOT part specifier is calculated after 2700 subsetting the header. 2702 The \Seen flag is implicitly set; if this causes the flags to 2703 change, they SHOULD be included as part of the FETCH responses. 2705 BODY.PEEK[
]<> An alternate form of BODY[
] 2706 that does not implicitly set the \Seen flag. 2708 BODYSTRUCTURE The [MIME-IMB] body structure of the message. This is 2709 computed by the server by parsing the [MIME-IMB] header fields in 2710 the [RFC-5322] header and [MIME-IMB] headers. 2712 ENVELOPE The envelope structure of the message. This is computed by 2713 the server by parsing the [RFC-5322] header into the component 2714 parts, defaulting various fields as necessary. 2716 FLAGS The flags that are set for this message. 2718 INTERNALDATE The internal date of the message. 2720 RFC822 Functionally equivalent to BODY[], differing in the syntax of 2721 the resulting untagged FETCH data (RFC822 is returned). 2723 RFC822.HEADER Functionally equivalent to BODY.PEEK[HEADER], 2724 differing in the syntax of the resulting untagged FETCH data 2725 (RFC822.HEADER is returned). 2727 RFC822.SIZE The [RFC-5322] size of the message. 2729 RFC822.TEXT Functionally equivalent to BODY[TEXT], differing in the 2730 syntax of the resulting untagged FETCH data (RFC822.TEXT is 2731 returned). 2733 UID The unique identifier for the message. 2735 Example: C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)]) 2736 S: * 2 FETCH .... 2737 S: * 3 FETCH .... 2738 S: * 4 FETCH .... 2739 S: A654 OK FETCH completed 2741 6.4.7. STORE Command 2743 Arguments: sequence set 2744 message data item name 2745 value for message data item 2747 Responses: untagged responses: FETCH 2749 Result: OK - store completed 2750 NO - store error: can't store that data 2751 BAD - command unknown or arguments invalid 2753 The STORE command alters data associated with a message in the 2754 mailbox. Normally, STORE will return the updated value of the data 2755 with an untagged FETCH response. A suffix of ".SILENT" in the data 2756 item name prevents the untagged FETCH, and the server SHOULD assume 2757 that the client has determined the updated value itself or does not 2758 care about the updated value. 2760 Note: Regardless of whether or not the ".SILENT" suffix was used, 2761 the server SHOULD send an untagged FETCH response if a change to a 2762 message's flags from an external source is observed. The intent 2763 is that the status of the flags is determinate without a race 2764 condition. 2766 The currently defined data items that can be stored are: 2768 FLAGS Replace the flags for the message (other than 2769 \Recent) with the argument. The new value of the flags is 2770 returned as if a FETCH of those flags was done. 2772 FLAGS.SILENT Equivalent to FLAGS, but without returning 2773 a new value. 2775 +FLAGS Add the argument to the flags for the message. 2776 The new value of the flags is returned as if a FETCH of those 2777 flags was done. 2779 +FLAGS.SILENT Equivalent to +FLAGS, but without 2780 returning a new value. 2782 -FLAGS Remove the argument from the flags for the 2783 message. The new value of the flags is returned as if a FETCH of 2784 those flags was done. 2786 -FLAGS.SILENT Equivalent to -FLAGS, but without 2787 returning a new value. 2789 Example: C: A003 STORE 2:4 +FLAGS (\Deleted) 2790 S: * 2 FETCH (FLAGS (\Deleted \Seen)) 2791 S: * 3 FETCH (FLAGS (\Deleted)) 2792 S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen)) 2793 S: A003 OK STORE completed 2795 6.4.8. COPY Command 2797 Arguments: sequence set 2798 mailbox name 2800 Responses: no specific responses for this command 2802 Result: OK - copy completed 2803 NO - copy error: can't copy those messages or to that 2804 name 2805 BAD - command unknown or arguments invalid 2807 The COPY command copies the specified message(s) to the end of the 2808 specified destination mailbox. The flags and internal date of the 2809 message(s) SHOULD be preserved, and the Recent flag SHOULD be set, in 2810 the copy. 2812 If the destination mailbox does not exist, a server SHOULD return an 2813 error. It SHOULD NOT automatically create the mailbox. Unless it is 2814 certain that the destination mailbox can not be created, the server 2815 MUST send the response code "[TRYCREATE]" as the prefix of the text 2816 of the tagged NO response. This gives a hint to the client that it 2817 can attempt a CREATE command and retry the COPY if the CREATE is 2818 successful. 2820 If the COPY command is unsuccessful for any reason, server 2821 implementations MUST restore the destination mailbox to its state 2822 before the COPY attempt. 2824 On successful completion of a COPY, the server SHOULD return a 2825 COPYUID response code. 2827 In the case of a mailbox that has permissions set so that the client 2828 can COPY to the mailbox, but not SELECT or EXAMINE it, the server 2829 SHOULD NOT send an COPYUID response code as it would disclose 2830 information about the mailbox. 2832 In the case of a mailbox that has UIDNOTSTICKY status (see the 2833 UIDNOTSTICKY response code), the server MAY omit the COPYUID response 2834 code as it is not meaningful. 2836 If the server does not return the COPYUID response code, the client 2837 can discover this information by selecting the destination mailbox. 2838 The location of messages placed in the destination mailbox by COPY 2839 can be determined by using FETCH and/or SEARCH commands (e.g., for 2840 Message-ID). 2842 Example: C: A003 COPY 2:4 MEETING 2843 S: A003 OK COPY completed 2845 6.4.9. UID Command 2847 Arguments: command name 2848 command arguments 2850 Responses: untagged responses: FETCH, SEARCH 2851 Result: OK - UID command completed 2852 NO - UID command error 2853 BAD - command unknown or arguments invalid 2855 The UID command has three forms. In the first form, it takes as its 2856 arguments a COPY, FETCH, or STORE command with arguments appropriate 2857 for the associated command. However, the numbers in the sequence set 2858 argument are unique identifiers instead of message sequence numbers. 2859 Sequence set ranges are permitted, but there is no guarantee that 2860 unique identifiers will be contiguous. 2862 A non-existent unique identifier is ignored without any error message 2863 generated. Thus, it is possible for a UID FETCH command to return an 2864 OK without any data or a UID COPY or UID STORE to return an OK 2865 without performing any operations. 2867 In the second form, the UID command takes an EXPUNGE command with an 2868 extra parameter the specified a sequence set of UIDs to operate on. 2869 The UID EXPUNGE command permanently removes all messages that both 2870 have the \Deleted flag set and have a UID that is included in the 2871 specified sequence set from the currently selected mailbox. If a 2872 message either does not have the \Deleted flag set or has a UID that 2873 is not included in the specified sequence set, it is not affected. 2875 UID EXPUNGE is particularly useful for disconnected use clients. 2876 By using UID EXPUNGE instead of EXPUNGE when resynchronizing with 2877 the server, the client can ensure that it does not inadvertantly 2878 remove any messages that have been marked as \Deleted by other 2879 clients between the time that the client was last connected and 2880 the time the client resynchronizes. 2882 Example: C: A003 UID EXPUNGE 3000:3002 2883 S: * 3 EXPUNGE 2884 S: * 3 EXPUNGE 2885 S: * 3 EXPUNGE 2886 S: A003 OK UID EXPUNGE completed 2888 In the third form, the UID command takes a SEARCH command with SEARCH 2889 command arguments. The interpretation of the arguments is the same 2890 as with SEARCH; however, the numbers returned in a ESEARCH response 2891 for a UID SEARCH command are unique identifiers instead of message 2892 sequence numbers. Also, the corresponding ESEARCH response MUST 2893 include the UID indicator. For example, the command UID SEARCH 1:100 2894 UID 443:557 returns the unique identifiers corresponding to the 2895 intersection of two sequence sets, the message sequence number range 2896 1:100 and the UID range 443:557. 2898 Note: in the above example, the UID range 443:557 appears. The 2899 same comment about a non-existent unique identifier being ignored 2900 without any error message also applies here. Hence, even if 2901 neither UID 443 or 557 exist, this range is valid and would 2902 include an existing UID 495. 2904 Also note that a UID range of 559:* always includes the UID of the 2905 last message in the mailbox, even if 559 is higher than any 2906 assigned UID value. This is because the contents of a range are 2907 independent of the order of the range endpoints. Thus, any UID 2908 range with * as one of the endpoints indicates at least one 2909 message (the message with the highest numbered UID), unless the 2910 mailbox is empty. 2912 The number after the "*" in an untagged FETCH or EXPUNGE response is 2913 always a message sequence number, not a unique identifier, even for a 2914 UID command response. However, server implementations MUST 2915 implicitly include the UID message data item as part of any FETCH 2916 response caused by a UID command, regardless of whether a UID was 2917 specified as a message data item to the FETCH. 2919 Note: The rule about including the UID message data item as part of a 2920 FETCH response primarily applies to the UID FETCH and UID STORE 2921 commands, including a UID FETCH command that does not include UID as 2922 a message data item. Although it is unlikely that the other UID 2923 commands will cause an untagged FETCH, this rule applies to these 2924 commands as well. 2926 Example: C: A999 UID FETCH 4827313:4828442 FLAGS 2927 S: * 23 FETCH (FLAGS (\Seen) UID 4827313) 2928 S: * 24 FETCH (FLAGS (\Seen) UID 4827943) 2929 S: * 25 FETCH (FLAGS (\Seen) UID 4828442) 2930 S: A999 OK UID FETCH completed 2932 6.5. Client Commands - Experimental/Expansion 2934 6.5.1. X Command 2936 Arguments: implementation defined 2938 Responses: implementation defined 2940 Result: OK - command completed 2941 NO - failure 2942 BAD - command unknown or arguments invalid 2944 Any command prefixed with an X is an experimental command. Commands 2945 which are not part of this specification, a standard or standards- 2946 track revision of this specification, or an IESG-approved 2947 experimental protocol, MUST use the X prefix. 2949 Any added untagged responses issued by an experimental command MUST 2950 also be prefixed with an X. Server implementations MUST NOT send any 2951 such untagged responses, unless the client requested it by issuing 2952 the associated experimental command. 2954 Example: C: a441 CAPABILITY 2955 S: * CAPABILITY IMAP4rev2 XPIG-LATIN 2956 S: a441 OK CAPABILITY completed 2957 C: A442 XPIG-LATIN 2958 S: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-lay 2959 S: A442 OK XPIG-LATIN ompleted-cay 2961 7. Server Responses 2963 Server responses are in three forms: status responses, server data, 2964 and command continuation request. The information contained in a 2965 server response, identified by "Contents:" in the response 2966 descriptions below, is described by function, not by syntax. The 2967 precise syntax of server responses is described in the Formal Syntax 2968 section. 2970 The client MUST be prepared to accept any response at all times. 2972 Status responses can be tagged or untagged. Tagged status responses 2973 indicate the completion result (OK, NO, or BAD status) of a client 2974 command, and have a tag matching the command. 2976 Some status responses, and all server data, are untagged. An 2977 untagged response is indicated by the token "*" instead of a tag. 2978 Untagged status responses indicate server greeting, or server status 2979 that does not indicate the completion of a command (for example, an 2980 impending system shutdown alert). For historical reasons, untagged 2981 server data responses are also called "unsolicited data", although 2982 strictly speaking, only unilateral server data is truly 2983 "unsolicited". 2985 Certain server data MUST be recorded by the client when it is 2986 received; this is noted in the description of that data. Such data 2987 conveys critical information which affects the interpretation of all 2988 subsequent commands and responses (e.g., updates reflecting the 2989 creation or destruction of messages). 2991 Other server data SHOULD be recorded for later reference; if the 2992 client does not need to record the data, or if recording the data has 2993 no obvious purpose (e.g., a SEARCH response when no SEARCH command is 2994 in progress), the data SHOULD be ignored. 2996 An example of unilateral untagged server data occurs when the IMAP 2997 connection is in the selected state. In the selected state, the 2998 server checks the mailbox for new messages as part of command 2999 execution. Normally, this is part of the execution of every command; 3000 hence, a NOOP command suffices to check for new messages. If new 3001 messages are found, the server sends untagged EXISTS and RECENT 3002 responses reflecting the new size of the mailbox. Server 3003 implementations that offer multiple simultaneous access to the same 3004 mailbox SHOULD also send appropriate unilateral untagged FETCH and 3005 EXPUNGE responses if another agent changes the state of any message 3006 flags or expunges any messages. 3008 Command continuation request responses use the token "+" instead of a 3009 tag. These responses are sent by the server to indicate acceptance 3010 of an incomplete client command and readiness for the remainder of 3011 the command. 3013 7.1. Server Responses - Status Responses 3015 Status responses are OK, NO, BAD, PREAUTH and BYE. OK, NO, and BAD 3016 can be tagged or untagged. PREAUTH and BYE are always untagged. 3018 Status responses MAY include an OPTIONAL "response code". A response 3019 code consists of data inside square brackets in the form of an atom, 3020 possibly followed by a space and arguments. The response code 3021 contains additional information or status codes for client software 3022 beyond the OK/NO/BAD condition, and are defined when there is a 3023 specific action that a client can take based upon the additional 3024 information. 3026 The currently defined response codes are: 3028 ALERT The human-readable text contains a special alert that MUST be 3029 presented to the user in a fashion that calls the user's attention 3030 to the message. 3032 ALREADYEXISTS 3034 The operation attempts to create something that already exists, 3035 such as when the CREATE or RENAME directories attempt to create 3036 a mailbox and there is already one of that name. 3038 C: o RENAME this that 3039 S: o NO [ALREADYEXISTS] Mailbox "that" already exists 3041 APPENDUID 3043 Followed by the UIDVALIDITY of the destination mailbox and the 3044 UID assigned to the appended message in the destination 3045 mailbox, indicates that the message has been appended to the 3046 destination mailbox with that UID. 3048 If the server also supports the [MULTIAPPEND] extension, and if 3049 multiple messages were appended in the APPEND command, then the 3050 second value is a UID set containing the UIDs assigned to the 3051 appended messages, in the order they were transmitted in the 3052 APPEND command. This UID set may not contain extraneous UIDs 3053 or the symbol "*". 3055 Note: the UID set form of the APPENDUID response code MUST 3056 NOT be used if only a single message was appended. In 3057 particular, a server MUST NOT send a range such as 123:123. 3058 This is because a client that does not support [MULTIAPPEND] 3059 expects only a single UID and not a UID set. 3061 UIDs are assigned in strictly ascending order in the mailbox 3062 (refer to Section 2.3.1.1); note that a range of 12:10 is 3063 exactly equivalent to 10:12 and refers to the sequence 3064 10,11,12. 3066 This response code is returned in a tagged OK response to the 3067 APPEND command. 3069 AUTHENTICATIONFAILED 3071 Authentication failed for some reason on which the server is 3072 unwilling to elaborate. Typically, this includes "unknown 3073 user" and "bad password". 3075 This is the same as not sending any response code, except that 3076 when a client sees AUTHENTICATIONFAILED, it knows that the 3077 problem wasn't, e.g., UNAVAILABLE, so there's no point in 3078 trying the same login/password again later. 3080 C: b LOGIN "fred" "foo" 3081 S: b NO [AUTHENTICATIONFAILED] Authentication failed 3083 AUTHORIZATIONFAILED Authentication succeeded in using the 3084 authentication identity, but the server cannot or will not allow 3085 the authentication identity to act as the requested authorization 3086 identity. This is only applicable when the authentication and 3087 authorization identities are different. C: c1 AUTHENTICATE PLAIN 3088 [...] 3089 S: c1 NO [AUTHORIZATIONFAILED] No such authorization-ID 3090 C: c2 AUTHENTICATE PLAIN 3091 [...] 3092 S: c2 NO [AUTHORIZATIONFAILED] Authenticator is not an admin 3094 BADCHARSET Optionally followed by a parenthesized list of charsets. 3095 A SEARCH failed because the given charset is not supported by this 3096 implementation. If the optional list of charsets is given, this 3097 lists the charsets that are supported by this implementation. 3099 CANNOT 3101 The operation violates some invariant of the server and can 3102 never succeed. 3104 C: l create "///////" 3105 S: l NO [CANNOT] Adjacent slashes are not supported 3107 CAPABILITY Followed by a list of capabilities. This can appear in 3108 the initial OK or PREAUTH response to transmit an initial 3109 capabilities list. This makes it unnecessary for a client to send 3110 a separate CAPABILITY command if it recognizes this response. 3112 CLIENTBUG 3114 The server has detected a client bug. This can accompany all 3115 of OK, NO, and BAD, depending on what the client bug is. 3117 C: k1 select "/archive/projects/experiment-iv" 3118 [...] 3119 S: k1 OK [READ-ONLY] Done 3120 C: k2 status "/archive/projects/experiment-iv" (messages) 3121 [...] 3122 S: k2 OK [CLIENTBUG] Done 3124 CONTACTADMIN 3126 The user should contact the system administrator or support 3127 desk. 3129 C: e login "fred" "foo" 3130 S: e OK [CONTACTADMIN] 3132 COPYUID 3133 Followed by the UIDVALIDITY of the destination mailbox, a UID 3134 set containing the UIDs of the message(s) in the source mailbox 3135 that were copied to the destination mailbox and containing the 3136 UIDs assigned to the copied message(s) in the destination 3137 mailbox, indicates that the message(s) have been copied to the 3138 destination mailbox with the stated UID(s). 3140 The source UID set is in the order the message(s) were copied; 3141 the destination UID set corresponds to the source UID set and 3142 is in the same order. Neither of the UID sets may contain 3143 extraneous UIDs or the symbol "*". 3145 UIDs are assigned in strictly ascending order in the mailbox 3146 (refer to Section 2.3.1.1); note that a range of 12:10 is 3147 exactly equivalent to 10:12 and refers to the sequence 3148 10,11,12. 3150 This response code is returned in a tagged OK response to the 3151 COPY command. 3153 CORRUPTION 3155 The server discovered that some relevant data (e.g., the 3156 mailbox) are corrupt. This response code does not include any 3157 information about what's corrupt, but the server can write that 3158 to its logfiles. 3160 C: i select "/archive/projects/experiment-iv" 3161 S: i NO [CORRUPTION] Cannot open mailbox 3163 EXPIRED 3165 Either authentication succeeded or the server no longer had the 3166 necessary data; either way, access is no longer permitted using 3167 that passphrase. The client or user should get a new 3168 passphrase. 3170 C: d login "fred" "foo" 3171 S: d NO [EXPIRED] That password isn't valid any more 3173 EXPUNGEISSUED 3175 Someone else has issued an EXPUNGE for the same mailbox. The 3176 client may want to issue NOOP soon. [IMAP-MULTIACCESS] 3177 discusses this subject in depth. 3179 C: h search from fred@example.com 3180 S: * SEARCH 1 2 3 5 8 13 21 42 3181 S: h OK [EXPUNGEISSUED] Search completed 3183 INUSE 3185 An operation has not been carried out because it involves 3186 sawing off a branch someone else is sitting on. Someone else 3187 may be holding an exclusive lock needed for this operation, or 3188 the operation may involve deleting a resource someone else is 3189 using, typically a mailbox. 3191 The operation may succeed if the client tries again later. 3193 C: g delete "/archive/projects/experiment-iv" 3194 S: g NO [INUSE] Mailbox in use 3196 LIMIT 3198 The operation ran up against an implementation limit of some 3199 kind, such as the number of flags on a single message or the 3200 number of flags used in a mailbox. 3202 C: m STORE 42 FLAGS f1 f2 f3 f4 f5 ... f250 3203 S: m NO [LIMIT] At most 32 flags in one mailbox supported 3205 NONEXISTENT 3207 The operation attempts to delete something that does not exist. 3208 Similar to ALREADYEXISTS. 3210 C: p RENAME this that 3211 S: p NO [NONEXISTENT] No such mailbox 3213 NOPERM 3215 The access control system (e.g., Access Control List (ACL), see 3216 [RFC4314] does not permit this user to carry out an operation, 3217 such as selecting or creating a mailbox. 3219 C: f select "/archive/projects/experiment-iv" 3220 S: f NO [NOPERM] Access denied 3222 OVERQUOTA 3224 The user would be over quota after the operation. (The user 3225 may or may not be over quota already.) 3226 Note that if the server sends OVERQUOTA but doesn't support the 3227 IMAP QUOTA extension defined by [RFC2087], then there is a 3228 quota, but the client cannot find out what the quota is. 3230 C: n1 uid copy 1:* oldmail 3231 S: n1 NO [OVERQUOTA] Sorry 3233 C: n2 uid copy 1:* oldmail 3234 S: n2 OK [OVERQUOTA] You are now over your soft quota 3236 PARSE The human-readable text represents an error in parsing the 3237 [RFC-5322] header or [MIME-IMB] headers of a message in the 3238 mailbox. 3240 PERMANENTFLAGS Followed by a parenthesized list of flags, indicates 3241 which of the known flags the client can change permanently. Any 3242 flags that are in the FLAGS untagged response, but not the 3243 PERMANENTFLAGS list, can not be set permanently. If the client 3244 attempts to STORE a flag that is not in the PERMANENTFLAGS list, 3245 the server will either ignore the change or store the state change 3246 for the remainder of the current session only. The PERMANENTFLAGS 3247 list can also include the special flag \*, which indicates that it 3248 is possible to create new keywords by attempting to store those 3249 flags in the mailbox. 3251 PRIVACYREQUIRED 3253 The operation is not permitted due to a lack of privacy. If 3254 Transport Layer Security (TLS) is not in use, the client could 3255 try STARTTLS (see Section 6.2.1 of [RFC3501]) and then repeat 3256 the operation. 3258 C: d login "fred" "foo" 3259 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 3261 C: d select inbox 3262 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 3264 READ-ONLY The mailbox is selected read-only, or its access while 3265 selected has changed from read-write to read-only. 3267 READ-WRITE The mailbox is selected read-write, or its access while 3268 selected has changed from read-only to read-write. 3270 SERVERBUG 3271 The server encountered a bug in itself or violated one of its 3272 own invariants. 3274 C: j select "/archive/projects/experiment-iv" 3275 S: j NO [SERVERBUG] This should not happen 3277 TRYCREATE An APPEND or COPY attempt is failing because the target 3278 mailbox does not exist (as opposed to some other reason). This is 3279 a hint to the client that the operation can succeed if the mailbox 3280 is first created by the CREATE command. 3282 UIDNEXT Followed by a decimal number, indicates the next unique 3283 identifier value. Refer to Section 2.3.1.1 for more information. 3285 UIDNOTSTICKY 3287 The selected mailbox is supported by a mail store that does not 3288 support persistent UIDs; that is, UIDVALIDITY will be different 3289 each time the mailbox is selected. Consequently, APPEND or 3290 COPY to this mailbox will not return an APPENDUID or COPYUID 3291 response code. 3293 This response code is returned in an untagged NO response to 3294 the SELECT command. 3296 Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores. 3297 This facility exists to support legacy mail stores in which 3298 it is technically infeasible to support persistent UIDs. 3299 This should be avoided when designing new mail stores. 3301 UIDVALIDITY Followed by a decimal number, indicates the unique 3302 identifier validity value. Refer to Section 2.3.1.1 for more 3303 information. 3305 UNAVAILABLE 3307 Temporary failure because a subsystem is down. For example, an 3308 IMAP server that uses a Lightweight Directory Access Protocol 3309 (LDAP) or Radius server for authentication might use this 3310 response code when the LDAP/Radius server is down. 3312 C: a LOGIN "fred" "foo" 3313 S: a NO [UNAVAILABLE] User's backend down for maintenance 3315 UNSEEN Followed by a decimal number, indicates the number of the 3316 first message without the \Seen flag set. 3318 Additional response codes defined by particular client or server 3319 implementations SHOULD be prefixed with an "X" until they are added 3320 to a revision of this protocol. Client implementations SHOULD ignore 3321 response codes that they do not recognize. 3323 7.1.1. OK Response 3325 Contents: OPTIONAL response code 3326 human-readable text 3328 The OK response indicates an information message from the server. 3329 When tagged, it indicates successful completion of the associated 3330 command. The human-readable text MAY be presented to the user as an 3331 information message. The untagged form indicates an information-only 3332 message; the nature of the information MAY be indicated by a response 3333 code. 3335 The untagged form is also used as one of three possible greetings at 3336 connection startup. It indicates that the connection is not yet 3337 authenticated and that a LOGIN command is needed. 3339 Example: S: * OK IMAP4rev2 server ready 3340 C: A001 LOGIN fred blurdybloop 3341 S: * OK [ALERT] System shutdown in 10 minutes 3342 S: A001 OK LOGIN Completed 3344 7.1.2. NO Response 3346 Contents: OPTIONAL response code 3347 human-readable text 3349 The NO response indicates an operational error message from the 3350 server. When tagged, it indicates unsuccessful completion of the 3351 associated command. The untagged form indicates a warning; the 3352 command can still complete successfully. The human-readable text 3353 describes the condition. 3355 Example: C: A222 COPY 1:2 owatagusiam 3356 S: * NO Disk is 98% full, please delete unnecessary data 3357 S: A222 OK COPY completed 3358 C: A223 COPY 3:200 blurdybloop 3359 S: * NO Disk is 98% full, please delete unnecessary data 3360 S: * NO Disk is 99% full, please delete unnecessary data 3361 S: A223 NO COPY failed: disk is full 3363 7.1.3. BAD Response 3365 Contents: OPTIONAL response code 3366 human-readable text 3368 The BAD response indicates an error message from the server. When 3369 tagged, it reports a protocol-level error in the client's command; 3370 the tag indicates the command that caused the error. The untagged 3371 form indicates a protocol-level error for which the associated 3372 command can not be determined; it can also indicate an internal 3373 server failure. The human-readable text describes the condition. 3375 Example: C: ...very long command line... 3376 S: * BAD Command line too long 3377 C: ...empty line... 3378 S: * BAD Empty command line 3379 C: A443 EXPUNGE 3380 S: * BAD Disk crash, attempting salvage to a new disk! 3381 S: * OK Salvage successful, no data lost 3382 S: A443 OK Expunge completed 3384 7.1.4. PREAUTH Response 3386 Contents: OPTIONAL response code 3387 human-readable text 3389 The PREAUTH response is always untagged, and is one of three possible 3390 greetings at connection startup. It indicates that the connection 3391 has already been authenticated by external means; thus no LOGIN 3392 command is needed. 3394 Example: S: * PREAUTH IMAP4rev2 server logged in as Smith 3396 7.1.5. BYE Response 3398 Contents: OPTIONAL response code 3399 human-readable text 3401 The BYE response is always untagged, and indicates that the server is 3402 about to close the connection. The human-readable text MAY be 3403 displayed to the user in a status report by the client. The BYE 3404 response is sent under one of four conditions: 3406 1. as part of a normal logout sequence. The server will close the 3407 connection after sending the tagged OK response to the LOGOUT 3408 command. 3410 2. as a panic shutdown announcement. The server closes the 3411 connection immediately. 3413 3. as an announcement of an inactivity autologout. The server 3414 closes the connection immediately. 3416 4. as one of three possible greetings at connection startup, 3417 indicating that the server is not willing to accept a connection 3418 from this client. The server closes the connection immediately. 3420 The difference between a BYE that occurs as part of a normal LOGOUT 3421 sequence (the first case) and a BYE that occurs because of a failure 3422 (the other three cases) is that the connection closes immediately in 3423 the failure case. In all cases the client SHOULD continue to read 3424 response data from the server until the connection is closed; this 3425 will ensure that any pending untagged or completion responses are 3426 read and processed. 3428 Example: S: * BYE Autologout; idle for too long 3430 7.2. Server Responses - Server and Mailbox Status 3432 These responses are always untagged. This is how server and mailbox 3433 status data are transmitted from the server to the client. Many of 3434 these responses typically result from a command with the same name. 3436 7.2.1. The ENABLED Response 3438 Contents: capability listing 3440 The ENABLED response occurs as a result of an ENABLE command. The 3441 capability listing contains a space-separated listing of capability 3442 names that the server supports and that were successfully enabled. 3443 The ENABLED response may contain no capabilities, which means that no 3444 extensions listed by the client were successfully enabled. 3446 7.2.2. CAPABILITY Response 3448 Contents: capability listing 3450 The CAPABILITY response occurs as a result of a CAPABILITY command. 3451 The capability listing contains a space-separated listing of 3452 capability names that the server supports. The capability listing 3453 MUST include the atom "IMAP4rev2". 3455 In addition, client and server implementations MUST implement the 3456 STARTTLS, LOGINDISABLED, and AUTH=PLAIN (described in [PLAIN]) 3457 capabilities. See the Security Considerations section for important 3458 information. 3460 A capability name which begins with "AUTH=" indicates that the server 3461 supports that particular authentication mechanism. 3463 The LOGINDISABLED capability indicates that the LOGIN command is 3464 disabled, and that the server will respond with a tagged NO response 3465 to any attempt to use the LOGIN command even if the user name and 3466 password are valid. An IMAP client MUST NOT issue the LOGIN command 3467 if the server advertises the LOGINDISABLED capability. 3469 Other capability names indicate that the server supports an 3470 extension, revision, or amendment to the IMAP4rev2 protocol. Server 3471 responses MUST conform to this document until the client issues a 3472 command that uses the associated capability. 3474 Capability names MUST either begin with "X" or be standard or 3475 standards-track IMAP4rev2 extensions, revisions, or amendments 3476 registered with IANA. A server MUST NOT offer unregistered or non- 3477 standard capability names, unless such names are prefixed with an 3478 "X". 3480 Client implementations SHOULD NOT require any capability name other 3481 than "IMAP4rev2", and MUST ignore any unknown capability names. 3483 A server MAY send capabilities automatically, by using the CAPABILITY 3484 response code in the initial PREAUTH or OK responses, and by sending 3485 an updated CAPABILITY response code in the tagged OK response as part 3486 of a successful authentication. It is unnecessary for a client to 3487 send a separate CAPABILITY command if it recognizes these automatic 3488 capabilities. 3490 Example: S: * CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI XPIG-LATIN 3492 7.2.3. LIST Response 3494 Contents: name attributes 3495 hierarchy delimiter 3496 name 3498 The LIST response occurs as a result of a LIST command. It returns a 3499 single name that matches the LIST specification. There can be 3500 multiple LIST responses for a single LIST command. 3502 Four name attributes are defined: 3504 \Noinferiors It is not possible for any child levels of hierarchy to 3505 exist under this name; no child levels exist now and none can be 3506 created in the future. 3508 \Noselect It is not possible to use this name as a selectable 3509 mailbox. 3511 \Marked The mailbox has been marked "interesting" by the server; the 3512 mailbox probably contains messages that have been added since the 3513 last time the mailbox was selected. 3515 \Unmarked The mailbox does not contain any additional messages since 3516 the last time the mailbox was selected. 3518 If it is not feasible for the server to determine whether or not the 3519 mailbox is "interesting", the server SHOULD NOT send either \Marked 3520 or \Unmarked. The server MUST NOT send more than one of \Marked, 3521 \Unmarked, and \Noselect for a single mailbox, and MAY send none of 3522 these. 3524 The hierarchy delimiter is a character used to delimit levels of 3525 hierarchy in a mailbox name. A client can use it to create child 3526 mailboxes, and to search higher or lower levels of naming hierarchy. 3527 All children of a top-level hierarchy node MUST use the same 3528 separator character. A NIL hierarchy delimiter means that no 3529 hierarchy exists; the name is a "flat" name. 3531 The name represents an unambiguous left-to-right hierarchy, and MUST 3532 be valid for use as a reference in LIST and LSUB commands. Unless 3533 \Noselect is indicated, the name MUST also be valid as an argument 3534 for commands, such as SELECT, that accept mailbox names. 3536 Example: S: * LIST (\Noselect) "/" ~/Mail/foo 3538 7.2.4. LSUB Response 3540 Contents: name attributes 3541 hierarchy delimiter 3542 name 3544 The LSUB response occurs as a result of an LSUB command. It returns 3545 a single name that matches the LSUB specification. There can be 3546 multiple LSUB responses for a single LSUB command. The data is 3547 identical in format to the LIST response. 3549 Example: S: * LSUB () "." #news.comp.mail.misc 3551 7.2.5. STATUS Response 3553 Contents: name 3554 status parenthesized list 3556 The STATUS response occurs as a result of an STATUS command. It 3557 returns the mailbox name that matches the STATUS specification and 3558 the requested mailbox status information. 3560 Example: S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 3562 7.2.6. ESEARCH Response 3564 Contents: one or more search-return-data pairs 3566 The ESEARCH response occurs as a result of a SEARCH or UID SEARCH 3567 command. 3569 The ESEARCH response starts with an optional search correlator. If 3570 it is missing, then the response was not caused by a particular IMAP 3571 command, whereas if it is present, it contains the tag of the command 3572 that caused the response to be returned. 3574 The search correlator is followed by an optional UID indicator. If 3575 this indicator is present, all data in the ESEARCH response refers to 3576 UIDs, otherwise all returned data refers to message numbers. 3578 The rest of the ESEARCH response contains one or more search data 3579 pairs. Each pair starts with unique return item name, followed by a 3580 space and the corresponding data. Search data pairs may be returned 3581 in any order. Unless specified otherwise by an extension, any return 3582 item name SHOULD appear only once in an ESEARCH response. 3584 [[TBD: describe the most common search data pairs returned.]] 3586 Example: S: * ESEARCH UID COUNT 5 ALL 4:19,21,28 3588 Example: S: * ESEARCH (TAG "a567") UID COUNT 5 ALL 4:19,21,28 3590 Example: S: * ESEARCH COUNT 5 ALL 1:17,21 3592 7.2.7. FLAGS Response 3594 Contents: flag parenthesized list 3596 The FLAGS response occurs as a result of a SELECT or EXAMINE command. 3597 The flag parenthesized list identifies the flags (at a minimum, the 3598 system-defined flags) that are applicable for this mailbox. Flags 3599 other than the system flags can also exist, depending on server 3600 implementation. 3602 The update from the FLAGS response MUST be recorded by the client. 3604 Example: S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 3606 7.3. Server Responses - Mailbox Size 3608 These responses are always untagged. This is how changes in the size 3609 of the mailbox are transmitted from the server to the client. 3610 Immediately following the "*" token is a number that represents a 3611 message count. 3613 7.3.1. EXISTS Response 3615 Contents: none 3617 The EXISTS response reports the number of messages in the mailbox. 3618 This response occurs as a result of a SELECT or EXAMINE command, and 3619 if the size of the mailbox changes (e.g., new messages). 3621 The update from the EXISTS response MUST be recorded by the client. 3623 Example: S: * 23 EXISTS 3625 7.3.2. RECENT Response 3627 Contents: none 3629 The RECENT response reports the number of messages with the \Recent 3630 flag set. This response occurs as a result of a SELECT or EXAMINE 3631 command, and if the size of the mailbox changes (e.g., new messages). 3633 Note: It is not guaranteed that the message sequence numbers of 3634 recent messages will be a contiguous range of the highest n 3635 messages in the mailbox (where n is the value reported by the 3636 RECENT response). Examples of situations in which this is not the 3637 case are: multiple clients having the same mailbox open (the first 3638 session to be notified will see it as recent, others will probably 3639 see it as non-recent), and when the mailbox is re-ordered by a 3640 non-IMAP agent. 3642 The only reliable way to identify recent messages is to look at 3643 message flags to see which have the \Recent flag set, or to do a 3644 SEARCH RECENT. 3646 The update from the RECENT response MUST be recorded by the client. 3648 Example: S: * 5 RECENT 3650 7.4. Server Responses - Message Status 3652 These responses are always untagged. This is how message data are 3653 transmitted from the server to the client, often as a result of a 3654 command with the same name. Immediately following the "*" token is a 3655 number that represents a message sequence number. 3657 7.4.1. EXPUNGE Response 3659 Contents: none 3661 The EXPUNGE response reports that the specified message sequence 3662 number has been permanently removed from the mailbox. The message 3663 sequence number for each successive message in the mailbox is 3664 immediately decremented by 1, and this decrement is reflected in 3665 message sequence numbers in subsequent responses (including other 3666 untagged EXPUNGE responses). 3668 The EXPUNGE response also decrements the number of messages in the 3669 mailbox; it is not necessary to send an EXISTS response with the new 3670 value. 3672 As a result of the immediate decrement rule, message sequence numbers 3673 that appear in a set of successive EXPUNGE responses depend upon 3674 whether the messages are removed starting from lower numbers to 3675 higher numbers, or from higher numbers to lower numbers. For 3676 example, if the last 5 messages in a 9-message mailbox are expunged, 3677 a "lower to higher" server will send five untagged EXPUNGE responses 3678 for message sequence number 5, whereas a "higher to lower server" 3679 will send successive untagged EXPUNGE responses for message sequence 3680 numbers 9, 8, 7, 6, and 5. 3682 An EXPUNGE response MUST NOT be sent when no command is in progress, 3683 nor while responding to a FETCH, STORE, or SEARCH command. This rule 3684 is necessary to prevent a loss of synchronization of message sequence 3685 numbers between client and server. A command is not "in progress" 3686 until the complete command has been received; in particular, a 3687 command is not "in progress" during the negotiation of command 3688 continuation. 3690 Note: UID FETCH, UID STORE, and UID SEARCH are different commands 3691 from FETCH, STORE, and SEARCH. An EXPUNGE response MAY be sent 3692 during a UID command. 3694 The update from the EXPUNGE response MUST be recorded by the client. 3696 Example: S: * 44 EXPUNGE 3698 7.4.2. FETCH Response 3700 Contents: message data 3702 The FETCH response returns data about a message to the client. The 3703 data are pairs of data item names and their values in parentheses. 3704 This response occurs as the result of a FETCH or STORE command, as 3705 well as by unilateral server decision (e.g., flag updates). 3707 The current data items are: 3709 BODY A form of BODYSTRUCTURE without extension data. 3711 BODY[
]<> 3713 A string expressing the body contents of the specified section. 3714 The string SHOULD be interpreted by the client according to the 3715 content transfer encoding, body type, and subtype. 3717 If the origin octet is specified, this string is a substring of 3718 the entire body contents, starting at that origin octet. This 3719 means that BODY[]<0> MAY be truncated, but BODY[] is NEVER 3720 truncated. 3722 Note: The origin octet facility MUST NOT be used by a server 3723 in a FETCH response unless the client specifically requested 3724 it by means of a FETCH of a BODY[
]<> data 3725 item. 3727 8-bit textual data is permitted if a [CHARSET] identifier is 3728 part of the body parameter parenthesized list for this section. 3729 Note that headers (part specifiers HEADER or MIME, or the 3730 header portion of a MESSAGE/RFC822 part), MUST be 7-bit; 8-bit 3731 characters are not permitted in headers. Note also that the 3732 [RFC-5322] delimiting blank line between the header and the 3733 body is not affected by header line subsetting; the blank line 3734 is always included as part of header data, except in the case 3735 of a message which has no body and no blank line. 3737 Non-textual data such as binary data MUST be transfer encoded 3738 into a textual form, such as BASE64, prior to being sent to the 3739 client. To derive the original binary data, the client MUST 3740 decode the transfer encoded string. 3742 BODYSTRUCTURE 3743 A parenthesized list that describes the [MIME-IMB] body 3744 structure of a message. This is computed by the server by 3745 parsing the [MIME-IMB] header fields, defaulting various fields 3746 as necessary. 3748 For example, a simple text message of 48 lines and 2279 octets 3749 can have a body structure of: ("TEXT" "PLAIN" ("CHARSET" "US- 3750 ASCII") NIL NIL "7BIT" 2279 48) 3752 Multiple parts are indicated by parenthesis nesting. Instead 3753 of a body type as the first element of the parenthesized list, 3754 there is a sequence of one or more nested body structures. The 3755 second element of the parenthesized list is the multipart 3756 subtype (mixed, digest, parallel, alternative, etc.). 3758 For example, a two part message consisting of a text and a 3759 BASE64-encoded text attachment can have a body structure of: 3760 (("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 1152 3761 23)("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff") 3762 "<960723163407.20117h@cac.washington.edu>" "Compiler diff" 3763 "BASE64" 4554 73) "MIXED") 3765 Extension data follows the multipart subtype. Extension data 3766 is never returned with the BODY fetch, but can be returned with 3767 a BODYSTRUCTURE fetch. Extension data, if present, MUST be in 3768 the defined order. The extension data of a multipart body part 3769 are in the following order: 3771 body parameter parenthesized list A parenthesized list of 3772 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 3773 "bar" is the value of "foo", and "rag" is the value of 3774 "baz"] as defined in [MIME-IMB]. 3776 body disposition A parenthesized list, consisting of a 3777 disposition type string, followed by a parenthesized list of 3778 disposition attribute/value pairs as defined in 3779 [DISPOSITION]. 3781 body language A string or parenthesized list giving the body 3782 language value as defined in [LANGUAGE-TAGS]. 3784 body location A string giving the body content URI as defined 3785 in [LOCATION]. 3787 Any following extension data are not yet defined in this 3788 version of the protocol. Such extension data can consist of 3789 zero or more NILs, strings, numbers, or potentially nested 3790 parenthesized lists of such data. Client implementations that 3791 do a BODYSTRUCTURE fetch MUST be prepared to accept such 3792 extension data. Server implementations MUST NOT send such 3793 extension data until it has been defined by a revision of this 3794 protocol. 3796 The basic fields of a non-multipart body part are in the 3797 following order: 3799 body type A string giving the content media type name as 3800 defined in [MIME-IMB]. 3802 body subtype A string giving the content subtype name as 3803 defined in [MIME-IMB]. 3805 body parameter parenthesized list A parenthesized list of 3806 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 3807 "bar" is the value of "foo" and "rag" is the value of "baz"] 3808 as defined in [MIME-IMB]. 3810 body id A string giving the content id as defined in 3811 [MIME-IMB]. 3813 body description A string giving the content description as 3814 defined in [MIME-IMB]. 3816 body encoding A string giving the content transfer encoding as 3817 defined in [MIME-IMB]. 3819 body size A number giving the size of the body in octets. 3820 Note that this size is the size in its transfer encoding and 3821 not the resulting size after any decoding. 3823 A body type of type MESSAGE and subtype RFC822 contains, 3824 immediately after the basic fields, the envelope structure, 3825 body structure, and size in text lines of the encapsulated 3826 message. 3828 A body type of type TEXT contains, immediately after the basic 3829 fields, the size of the body in text lines. Note that this 3830 size is the size in its content transfer encoding and not the 3831 resulting size after any decoding. 3833 Extension data follows the basic fields and the type-specific 3834 fields listed above. Extension data is never returned with the 3835 BODY fetch, but can be returned with a BODYSTRUCTURE fetch. 3836 Extension data, if present, MUST be in the defined order. 3838 The extension data of a non-multipart body part are in the 3839 following order: 3841 body MD5 A string giving the body MD5 value as defined in 3842 [MD5]. 3844 body disposition A parenthesized list with the same content 3845 and function as the body disposition for a multipart body 3846 part. 3848 body language A string or parenthesized list giving the body 3849 language value as defined in [LANGUAGE-TAGS]. 3851 body location A string giving the body content URI as defined 3852 in [LOCATION]. 3854 Any following extension data are not yet defined in this 3855 version of the protocol, and would be as described above under 3856 multipart extension data. 3858 ENVELOPE 3860 A parenthesized list that describes the envelope structure of a 3861 message. This is computed by the server by parsing the 3862 [RFC-5322] header into the component parts, defaulting various 3863 fields as necessary. 3865 The fields of the envelope structure are in the following 3866 order: date, subject, from, sender, reply-to, to, cc, bcc, in- 3867 reply-to, and message-id. The date, subject, in-reply-to, and 3868 message-id fields are strings. The from, sender, reply-to, to, 3869 cc, and bcc fields are parenthesized lists of address 3870 structures. 3872 An address structure is a parenthesized list that describes an 3873 electronic mail address. The fields of an address structure 3874 are in the following order: personal name, [SMTP] at-domain- 3875 list (source route), mailbox name, and host name. 3877 [RFC-5322] group syntax is indicated by a special form of 3878 address structure in which the host name field is NIL. If the 3879 mailbox name field is also NIL, this is an end of group marker 3880 (semi-colon in RFC 822 syntax). If the mailbox name field is 3881 non-NIL, this is a start of group marker, and the mailbox name 3882 field holds the group name phrase. 3884 If the Date, Subject, In-Reply-To, and Message-ID header lines 3885 are absent in the [RFC-5322] header, the corresponding member 3886 of the envelope is NIL; if these header lines are present but 3887 empty the corresponding member of the envelope is the empty 3888 string. 3890 Note: some servers may return a NIL envelope member in the 3891 "present but empty" case. Clients SHOULD treat NIL and 3892 empty string as identical. 3894 Note: [RFC-5322] requires that all messages have a valid 3895 Date header. Therefore, the date member in the envelope can 3896 not be NIL or the empty string. 3898 Note: [RFC-5322] requires that the In-Reply-To and Message- 3899 ID headers, if present, have non-empty content. Therefore, 3900 the in-reply-to and message-id members in the envelope can 3901 not be the empty string. 3903 If the From, To, Cc, and Bcc header lines are absent in the 3904 [RFC-5322] header, or are present but empty, the corresponding 3905 member of the envelope is NIL. 3907 If the Sender or Reply-To lines are absent in the [RFC-5322] 3908 header, or are present but empty, the server sets the 3909 corresponding member of the envelope to be the same value as 3910 the from member (the client is not expected to know to do 3911 this). 3913 Note: [RFC-5322] requires that all messages have a valid 3914 From header. Therefore, the from, sender, and reply-to 3915 members in the envelope can not be NIL. 3917 FLAGS A parenthesized list of flags that are set for this message. 3919 INTERNALDATE A string representing the internal date of the message. 3921 RFC822 Equivalent to BODY[]. 3923 RFC822.HEADER Equivalent to BODY[HEADER]. Note that this did not 3924 result in \Seen being set, because RFC822.HEADER response data 3925 occurs as a result of a FETCH of RFC822.HEADER. BODY[HEADER] 3926 response data occurs as a result of a FETCH of BODY[HEADER] (which 3927 sets \Seen) or BODY.PEEK[HEADER] (which does not set \Seen). 3929 RFC822.SIZE A number expressing the [RFC-5322] size of the message. 3931 RFC822.TEXT Equivalent to BODY[TEXT]. 3933 UID A number expressing the unique identifier of the message. 3935 Example: S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827) 3937 7.5. Server Responses - Command Continuation Request 3939 The command continuation request response is indicated by a "+" token 3940 instead of a tag. This form of response indicates that the server is 3941 ready to accept the continuation of a command from the client. The 3942 remainder of this response is a line of text. 3944 This response is used in the AUTHENTICATE command to transmit server 3945 data to the client, and request additional client data. This 3946 response is also used if an argument to any command is a literal. 3948 The client is not permitted to send the octets of the literal unless 3949 the server indicates that it is expected. This permits the server to 3950 process commands and reject errors on a line-by-line basis. The 3951 remainder of the command, including the CRLF that terminates a 3952 command, follows the octets of the literal. If there are any 3953 additional command arguments, the literal octets are followed by a 3954 space and those arguments. 3956 Example: C: A001 LOGIN {11} 3957 S: + Ready for additional command text 3958 C: FRED FOOBAR {7} 3959 S: + Ready for additional command text 3960 C: fat man 3961 S: A001 OK LOGIN completed 3962 C: A044 BLURDYBLOOP {102856} 3963 S: A044 BAD No such command as "BLURDYBLOOP" 3965 8. Sample IMAP4rev2 connection 3967 The following is a transcript of an IMAP4rev2 connection. A long 3968 line in this sample is broken for editorial clarity. 3970 S: * OK IMAP4rev2 Service Ready 3971 C: a001 login mrc secret 3972 S: a001 OK LOGIN completed 3973 C: a002 select inbox 3974 S: * 18 EXISTS 3975 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 3976 S: * 2 RECENT 3977 S: * OK [UNSEEN 17] Message 17 is the first unseen message 3978 S: * OK [UIDVALIDITY 3857529045] UIDs valid 3979 S: a002 OK [READ-WRITE] SELECT completed 3980 C: a003 fetch 12 full 3981 S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700" 3982 RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)" 3983 "IMAP4rev2 WG mtg summary and minutes" 3984 (("Terry Gray" NIL "gray" "cac.washington.edu")) 3985 (("Terry Gray" NIL "gray" "cac.washington.edu")) 3986 (("Terry Gray" NIL "gray" "cac.washington.edu")) 3987 ((NIL NIL "imap" "cac.washington.edu")) 3988 ((NIL NIL "minutes" "CNRI.Reston.VA.US") 3989 ("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL 3990 "") 3991 BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 3028 3992 92)) 3993 S: a003 OK FETCH completed 3994 C: a004 fetch 12 body[header] 3995 S: * 12 FETCH (BODY[HEADER] {342} 3996 S: Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT) 3997 S: From: Terry Gray 3998 S: Subject: IMAP4rev2 WG mtg summary and minutes 3999 S: To: imap@cac.washington.edu 4000 S: cc: minutes@CNRI.Reston.VA.US, John Klensin 4001 S: Message-Id: 4002 S: MIME-Version: 1.0 4003 S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 4004 S: 4005 S: ) 4006 S: a004 OK FETCH completed 4007 C: a005 store 12 +flags \deleted 4008 S: * 12 FETCH (FLAGS (\Seen \Deleted)) 4009 S: a005 OK +FLAGS completed 4010 C: a006 logout 4011 S: * BYE IMAP4rev2 server terminating connection 4012 S: a006 OK LOGOUT completed 4013 9. Formal Syntax 4015 The following syntax specification uses the Augmented Backus-Naur 4016 Form (ABNF) notation as specified in [ABNF]. 4018 In the case of alternative or optional rules in which a later rule 4019 overlaps an earlier rule, the rule which is listed earlier MUST take 4020 priority. For example, "\Seen" when parsed as a flag is the \Seen 4021 flag name and not a flag-extension, even though "\Seen" can be parsed 4022 as a flag-extension. Some, but not all, instances of this rule are 4023 noted below. 4025 Note: [ABNF] rules MUST be followed strictly; in particular: 4027 (1) Except as noted otherwise, all alphabetic characters are case- 4028 insensitive. The use of upper or lower case characters to define 4029 token strings is for editorial clarity only. Implementations MUST 4030 accept these strings in a case-insensitive fashion. 4032 (2) In all cases, SP refers to exactly one space. It is NOT 4033 permitted to substitute TAB, insert additional spaces, or 4034 otherwise treat SP as being equivalent to LWSP. 4036 (3) The ASCII NUL character, %x00, MUST NOT be used at any time. 4038 address = "(" addr-name SP addr-adl SP addr-mailbox SP 4039 addr-host ")" 4041 addr-adl = nstring 4042 ; Holds route from [RFC-5322] route-addr if 4043 ; non-NIL 4045 addr-host = nstring 4046 ; NIL indicates [RFC-5322] group syntax. 4047 ; Otherwise, holds [RFC-5322] domain name 4049 addr-mailbox = nstring 4050 ; NIL indicates end of [RFC-5322] group; if 4051 ; non-NIL and addr-host is NIL, holds 4052 ; [RFC-5322] group name. 4053 ; Otherwise, holds [RFC-5322] local-part 4054 ; after removing [RFC-5322] quoting 4056 addr-name = nstring 4057 ; If non-NIL, holds phrase from [RFC-5322] 4058 ; mailbox after removing [RFC-5322] quoting 4060 append = "APPEND" SP mailbox [SP flag-list] [SP date-time] SP 4061 literal 4063 append-uid = uniqueid 4065 astring = 1*ASTRING-CHAR / string 4067 ASTRING-CHAR = ATOM-CHAR / resp-specials 4069 atom = 1*ATOM-CHAR 4071 ATOM-CHAR = 4073 atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards / 4074 quoted-specials / resp-specials 4076 authenticate = "AUTHENTICATE" SP auth-type *(CRLF base64) 4078 auth-type = atom 4079 ; Defined by [SASL] 4081 base64 = *(4base64-char) [base64-terminal] 4083 base64-char = ALPHA / DIGIT / "+" / "/" 4084 ; Case-sensitive 4086 base64-terminal = (2base64-char "==") / (3base64-char "=") 4088 body = "(" (body-type-1part / body-type-mpart) ")" 4090 body-extension = nstring / number / 4091 "(" body-extension *(SP body-extension) ")" 4092 ; Future expansion. Client implementations 4093 ; MUST accept body-extension fields. Server 4094 ; implementations MUST NOT generate 4095 ; body-extension fields except as defined by 4096 ; future standard or standards-track 4097 ; revisions of this specification. 4099 body-ext-1part = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang 4100 [SP body-fld-loc *(SP body-extension)]]] 4101 ; MUST NOT be returned on non-extensible 4102 ; "BODY" fetch 4104 body-ext-mpart = body-fld-param [SP body-fld-dsp [SP body-fld-lang 4105 [SP body-fld-loc *(SP body-extension)]]] 4106 ; MUST NOT be returned on non-extensible 4107 ; "BODY" fetch 4109 body-fields = body-fld-param SP body-fld-id SP body-fld-desc SP 4110 body-fld-enc SP body-fld-octets 4112 body-fld-desc = nstring 4114 body-fld-dsp = "(" string SP body-fld-param ")" / nil 4116 body-fld-enc = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/ 4117 "QUOTED-PRINTABLE") DQUOTE) / string 4119 body-fld-id = nstring 4121 body-fld-lang = nstring / "(" string *(SP string) ")" 4123 body-fld-loc = nstring 4125 body-fld-lines = number 4127 body-fld-md5 = nstring 4129 body-fld-octets = number 4131 body-fld-param = "(" string SP string *(SP string SP string) ")" / nil 4133 body-type-1part = (body-type-basic / body-type-msg / body-type-text) 4134 [SP body-ext-1part] 4136 body-type-basic = media-basic SP body-fields 4137 ; MESSAGE subtype MUST NOT be "RFC822" 4139 body-type-mpart = 1*body SP media-subtype 4140 [SP body-ext-mpart] 4142 body-type-msg = media-message SP body-fields SP envelope 4143 SP body SP body-fld-lines 4145 body-type-text = media-text SP body-fields SP body-fld-lines 4147 capability = ("AUTH=" auth-type) / atom 4148 ; New capabilities MUST begin with "X" or be 4149 ; registered with IANA as standard or 4150 ; standards-track 4152 capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev2" 4153 *(SP capability) 4154 ; Servers MUST implement the STARTTLS, AUTH=PLAIN, 4155 ; and LOGINDISABLED capabilities 4156 ; Servers which offer RFC 1730 compatibility MUST 4157 ; list "IMAP4" as the first capability. 4159 CHAR8 = %x01-ff 4160 ; any OCTET except NUL, %x00 4162 charset = atom / quoted 4164 command = tag SP (command-any / command-auth / command-nonauth / 4165 command-select) CRLF 4166 ; Modal based on state 4168 command-any = "CAPABILITY" / "LOGOUT" / "NOOP" / enable / x-command 4169 ; Valid in all states 4171 command-auth = append / create / delete / examine / list / lsub / 4172 rename / select / status / subscribe / unsubscribe 4173 ; Valid only in Authenticated or Selected state 4175 command-nonauth = login / authenticate / "STARTTLS" 4176 ; Valid only when in Not Authenticated state 4178 command-select = "CHECK" / "CLOSE" / "UNSELECT" / "EXPUNGE" / copy / 4179 fetch / store / search / uid 4180 ; Valid only when in Selected state 4182 continue-req = "+" SP (resp-text / base64) CRLF 4184 copy = "COPY" SP sequence-set SP mailbox 4186 create = "CREATE" SP mailbox 4187 ; Use of INBOX gives a NO error 4189 date = date-text / DQUOTE date-text DQUOTE 4191 date-day = 1*2DIGIT 4192 ; Day of month 4194 date-day-fixed = (SP DIGIT) / 2DIGIT 4195 ; Fixed-format version of date-day 4197 date-month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" / 4198 "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec" 4200 date-text = date-day "-" date-month "-" date-year 4202 date-year = 4DIGIT 4204 date-time = DQUOTE date-day-fixed "-" date-month "-" date-year 4205 SP time SP zone DQUOTE 4207 delete = "DELETE" SP mailbox 4208 ; Use of INBOX gives a NO error 4210 digit-nz = %x31-39 4211 ; 1-9 4213 enable = "ENABLE" 1*(SP capability) 4215 enable-data = "ENABLED" *(SP capability) 4217 envelope = "(" env-date SP env-subject SP env-from SP 4218 env-sender SP env-reply-to SP env-to SP env-cc SP 4219 env-bcc SP env-in-reply-to SP env-message-id ")" 4221 env-bcc = "(" 1*address ")" / nil 4223 env-cc = "(" 1*address ")" / nil 4225 env-date = nstring 4227 env-from = "(" 1*address ")" / nil 4229 env-in-reply-to = nstring 4231 env-message-id = nstring 4233 env-reply-to = "(" 1*address ")" / nil 4235 env-sender = "(" 1*address ")" / nil 4237 env-subject = nstring 4239 env-to = "(" 1*address ")" / nil 4241 esearch-response = "ESEARCH" [search-correlator] [SP "UID"] 4242 *(SP search-return-data) 4243 ; ESEARCH response replaces SEARCH response 4244 ; from IMAP4rev1. 4246 examine = "EXAMINE" SP mailbox 4248 fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" / "FAST" / 4249 fetch-att / "(" fetch-att *(SP fetch-att) ")") 4251 fetch-att = "ENVELOPE" / "FLAGS" / "INTERNALDATE" / 4252 "RFC822" [".HEADER" / ".SIZE" / ".TEXT"] / 4253 "BODY" ["STRUCTURE"] / "UID" / 4254 "BODY" section ["<" number "." nz-number ">"] / 4255 "BODY.PEEK" section ["<" number "." nz-number ">"] 4257 flag = "\Answered" / "\Flagged" / "\Deleted" / 4258 "\Seen" / "\Draft" / flag-keyword / flag-extension 4259 ; Does not include "\Recent" 4261 flag-extension = "\" atom 4262 ; Future expansion. Client implementations 4263 ; MUST accept flag-extension flags. Server 4264 ; implementations MUST NOT generate 4265 ; flag-extension flags except as defined by 4266 ; future standard or standards-track 4267 ; revisions of this specification. 4269 flag-fetch = flag / "\Recent" 4271 flag-keyword = atom 4273 flag-list = "(" [flag *(SP flag)] ")" 4275 flag-perm = flag / "\*" 4277 greeting = "*" SP (resp-cond-auth / resp-cond-bye) CRLF 4279 header-fld-name = astring 4281 header-list = "(" header-fld-name *(SP header-fld-name) ")" 4283 list = "LIST" SP mailbox SP list-mailbox 4285 list-mailbox = 1*list-char / string 4287 list-char = ATOM-CHAR / list-wildcards / resp-specials 4289 list-wildcards = "%" / "*" 4291 literal = "{" number "}" CRLF *CHAR8 4292 ; Number represents the number of CHAR8s 4294 login = "LOGIN" SP userid SP password 4296 lsub = "LSUB" SP mailbox SP list-mailbox 4298 mailbox = "INBOX" / astring 4299 ; INBOX is case-insensitive. All case variants of 4300 ; INBOX (e.g., "iNbOx") MUST be interpreted as INBOX 4301 ; not as an astring. An astring which consists of 4302 ; the case-insensitive sequence "I" "N" "B" "O" "X" 4303 ; is considered to be INBOX and not an astring. 4304 ; Refer to section 5.1 for further 4305 ; semantic details of mailbox names. 4307 mailbox-data = "FLAGS" SP flag-list / "LIST" SP mailbox-list / 4308 "LSUB" SP mailbox-list / esearch-response / 4309 "STATUS" SP mailbox SP "(" [status-att-list] ")" / 4310 number SP "EXISTS" / number SP "RECENT" 4312 mailbox-list = "(" [mbx-list-flags] ")" SP 4313 (DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailbox 4315 mbx-list-flags = *(mbx-list-oflag SP) mbx-list-sflag 4316 *(SP mbx-list-oflag) / 4317 mbx-list-oflag *(SP mbx-list-oflag) 4319 mbx-list-oflag = "\Noinferiors" / flag-extension 4320 ; Other flags; multiple possible per LIST response 4322 mbx-list-sflag = "\Noselect" / "\Marked" / "\Unmarked" 4323 ; Selectability flags; only one per LIST response 4325 media-basic = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" / 4326 "MESSAGE" / "VIDEO") DQUOTE) / string) SP 4327 media-subtype 4328 ; Defined in [MIME-IMT] 4330 media-message = DQUOTE "MESSAGE" DQUOTE SP DQUOTE "RFC822" DQUOTE 4331 ; Defined in [MIME-IMT] 4333 media-subtype = string 4334 ; Defined in [MIME-IMT] 4336 media-text = DQUOTE "TEXT" DQUOTE SP media-subtype 4337 ; Defined in [MIME-IMT] 4339 message-data = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att)) 4341 msg-att = "(" (msg-att-dynamic / msg-att-static) 4342 *(SP (msg-att-dynamic / msg-att-static)) ")" 4344 msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")" 4345 ; MAY change for a message 4347 msg-att-static = "ENVELOPE" SP envelope / "INTERNALDATE" SP date-time / 4348 "RFC822" [".HEADER" / ".TEXT"] SP nstring / 4349 "RFC822.SIZE" SP number / 4350 "BODY" ["STRUCTURE"] SP body / 4351 "BODY" section ["<" number ">"] SP nstring / 4352 "UID" SP uniqueid 4353 ; MUST NOT change for a message 4355 nil = "NIL" 4357 nstring = string / nil 4359 number = 1*DIGIT 4360 ; Unsigned 32-bit integer 4361 ; (0 <= n < 4,294,967,296) 4363 nz-number = digit-nz *DIGIT 4364 ; Non-zero unsigned 32-bit integer 4365 ; (0 < n < 4,294,967,296) 4367 password = astring 4369 quoted = DQUOTE *QUOTED-CHAR DQUOTE 4371 QUOTED-CHAR = / 4372 "\" quoted-specials 4374 quoted-specials = DQUOTE / "\" 4376 rename = "RENAME" SP mailbox SP mailbox 4377 ; Use of INBOX as a destination gives a NO error 4379 response = *(continue-req / response-data) response-done 4381 response-data = "*" SP (resp-cond-state / resp-cond-bye / 4382 mailbox-data / message-data / capability-data / 4383 enable-data) CRLF 4385 response-done = response-tagged / response-fatal 4387 response-fatal = "*" SP resp-cond-bye CRLF 4388 ; Server closes connection immediately 4390 response-tagged = tag SP resp-cond-state CRLF 4392 resp-code-apnd = "APPENDUID" SP nz-number SP append-uid 4394 resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set 4396 resp-cond-auth = ("OK" / "PREAUTH") SP resp-text 4397 ; Authentication condition 4399 resp-cond-bye = "BYE" SP resp-text 4401 resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text 4402 ; Status condition 4404 resp-specials = "]" 4406 resp-text = ["[" resp-text-code "]" SP] text 4408 resp-text-code = "ALERT" / 4409 "BADCHARSET" [SP "(" charset *(SP charset) ")" ] / 4410 capability-data / "PARSE" / 4411 "PERMANENTFLAGS" SP "(" 4412 [flag-perm *(SP flag-perm)] ")" / 4413 "READ-ONLY" / "READ-WRITE" / "TRYCREATE" / 4414 "UIDNEXT" SP nz-number / "UIDVALIDITY" SP nz-number / 4415 "UNSEEN" SP nz-number / 4416 resp-code-apnd / resp-code-copy / "UIDNOTSTICKY" / 4417 "UNAVAILABLE" / "AUTHENTICATIONFAILED" / 4418 "AUTHORIZATIONFAILED" / "EXPIRED" / 4419 "PRIVACYREQUIRED" / "CONTACTADMIN" / "NOPERM" / 4420 "INUSE" / "EXPUNGEISSUED" / "CORRUPTION" / 4421 "SERVERBUG" / "CLIENTBUG" / "CANNOT" / 4422 "LIMIT" / "OVERQUOTA" / "ALREADYEXISTS" / 4423 "NONEXISTENT" / 4424 atom [SP 1*] 4426 search = "SEARCH" [search-return-opts] 4427 SP search-program 4429 search-correlator = SP "(" "TAG" SP tag-string ")" 4431 search-key = "ALL" / "ANSWERED" / "BCC" SP astring / 4432 "BEFORE" SP date / "BODY" SP astring / 4433 "CC" SP astring / "DELETED" / "FLAGGED" / 4434 "FROM" SP astring / "KEYWORD" SP flag-keyword / 4435 "NEW" / "OLD" / "ON" SP date / "RECENT" / "SEEN" / 4436 "SINCE" SP date / "SUBJECT" SP astring / 4437 "TEXT" SP astring / "TO" SP astring / 4438 "UNANSWERED" / "UNDELETED" / "UNFLAGGED" / 4439 "UNKEYWORD" SP flag-keyword / "UNSEEN" / 4440 ; Above this line were in [IMAP2] 4441 "DRAFT" / "HEADER" SP header-fld-name SP astring / 4442 "LARGER" SP number / "NOT" SP search-key / 4443 "OR" SP search-key SP search-key / 4444 "SENTBEFORE" SP date / "SENTON" SP date / 4445 "SENTSINCE" SP date / "SMALLER" SP number / 4446 "UID" SP sequence-set / "UNDRAFT" / sequence-set / 4447 "(" search-key *(SP search-key) ")" 4449 search-modifier-name = tagged-ext-label 4451 search-mod-params = tagged-ext-val 4452 ; This non-terminal shows recommended syntax 4453 ; for future extensions. 4455 search-program = ["CHARSET" SP charset SP] 4456 search-key *(SP search-key) 4457 ; CHARSET argument to SEARCH MUST be 4458 ; registered with IANA. 4460 search-ret-data-ext = search-modifier-name SP search-return-value 4461 ; Note that not every SEARCH return option 4462 ; is required to have the corresponding 4463 ; ESEARCH return data. 4465 search-return-data = "MIN" SP nz-number / 4466 "MAX" SP nz-number / 4467 "ALL" SP sequence-set / 4468 "COUNT" SP number / 4469 search-ret-data-ext 4470 ; All return data items conform to search-ret-data-ext 4471 ; syntax 4473 search-return-opts = SP "RETURN" SP "(" [search-return-opt 4474 *(SP search-return-opt)] ")" 4476 search-return-opt = "MIN" / "MAX" / "ALL" / "COUNT" / 4477 search-ret-opt-ext 4478 ; conforms to generic search-ret-opt-ext 4479 ; syntax 4481 search-ret-opt-ext = search-modifier-name [SP search-mod-params] 4483 search-return-value = tagged-ext-val 4484 ; Data for the returned search option. 4485 ; A single "nz-number"/"number" value 4486 ; can be returned as an atom (i.e., without 4487 ; quoting). A sequence-set can be returned 4488 ; as an atom as well. 4490 section = "[" [section-spec] "]" 4492 section-msgtext = "HEADER" / "HEADER.FIELDS" [".NOT"] SP header-list / 4493 "TEXT" 4494 ; top-level or MESSAGE/RFC822 part 4496 section-part = nz-number *("." nz-number) 4497 ; body part nesting 4499 section-spec = section-msgtext / (section-part ["." section-text]) 4501 section-text = section-msgtext / "MIME" 4502 ; text other than actual body part (headers, etc.) 4504 select = "SELECT" SP mailbox 4506 seq-number = nz-number / "*" 4507 ; message sequence number (COPY, FETCH, STORE 4508 ; commands) or unique identifier (UID COPY, 4509 ; UID FETCH, UID STORE commands). 4510 ; * represents the largest number in use. In 4511 ; the case of message sequence numbers, it is 4512 ; the number of messages in a non-empty mailbox. 4513 ; In the case of unique identifiers, it is the 4514 ; unique identifier of the last message in the 4515 ; mailbox or, if the mailbox is empty, the 4516 ; mailbox's current UIDNEXT value. 4517 ; The server should respond with a tagged BAD 4518 ; response to a command that uses a message 4519 ; sequence number greater than the number of 4520 ; messages in the selected mailbox. This 4521 ; includes "*" if the selected mailbox is empty. 4523 seq-range = seq-number ":" seq-number 4524 ; two seq-number values and all values between 4525 ; these two regardless of order. 4526 ; Example: 2:4 and 4:2 are equivalent and indicate 4527 ; values 2, 3, and 4. 4528 ; Example: a unique identifier sequence range of 4529 ; 3291:* includes the UID of the last message in 4530 ; the mailbox, even if that value is less than 3291. 4532 sequence-set = (seq-number / seq-range) ["," sequence-set] 4533 ; set of seq-number values, regardless of order. 4534 ; Servers MAY coalesce overlaps and/or execute the 4535 ; sequence in any order. 4536 ; Example: a message sequence number set of 4537 ; 2,4:7,9,12:* for a mailbox with 15 messages is 4538 ; equivalent to 2,4,5,6,7,9,12,13,14,15 4539 ; Example: a message sequence number set of *:4,5:7 4540 ; for a mailbox with 10 messages is equivalent to 4541 ; 10,9,8,7,6,5,4,5,6,7 and MAY be reordered and 4542 ; overlap coalesced to be 4,5,6,7,8,9,10. 4544 status = "STATUS" SP mailbox SP 4545 "(" status-att *(SP status-att) ")" 4547 status-att = "MESSAGES" / "RECENT" / "UIDNEXT" / "UIDVALIDITY" / 4548 "UNSEEN" 4550 status-att-val = ("MESSAGES" SP number) / ("RECENT" SP number) / 4551 ("UIDNEXT" SP nz-number) / ("UIDVALIDITY" SP nz-number) / 4552 ("UNSEEN" SP number) 4553 ; Extensions to the STATUS responses 4554 ; should extend this production. 4555 ; Extensions should use the generic 4556 ; syntax defined by tagged-ext. 4558 status-att-list = status-att-val *(SP status-att-val) 4560 store = "STORE" SP sequence-set SP store-att-flags 4562 store-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP 4563 (flag-list / (flag *(SP flag))) 4565 string = quoted / literal 4567 subscribe = "SUBSCRIBE" SP mailbox 4569 tag = 1* 4571 tagged-ext-label = tagged-label-fchar *tagged-label-char 4572 ;; Is a valid RFC 3501 "atom". 4574 tagged-label-fchar = ALPHA / "-" / "_" / "." 4576 tagged-label-char = tagged-label-fchar / DIGIT / ":" 4578 tagged-ext-comp = astring / 4579 tagged-ext-comp *(SP tagged-ext-comp) / 4580 "(" tagged-ext-comp ")" 4581 ;; Extensions that follow this general 4582 ;; syntax should use nstring instead of 4583 ;; astring when appropriate in the context 4584 ;; of the extension. 4585 ;; Note that a message set or a "number" 4586 ;; can always be represented as an "atom". 4587 ;; An URL should be represented as 4588 ;; a "quoted" string. 4590 tagged-ext-simple = sequence-set / number 4592 tagged-ext-val = tagged-ext-simple / 4593 "(" [tagged-ext-comp] ")" 4595 text = 1*TEXT-CHAR 4597 TEXT-CHAR = 4599 time = 2DIGIT ":" 2DIGIT ":" 2DIGIT 4600 ; Hours minutes seconds 4602 uid = "UID" SP (copy / fetch / search / store / uid-expunge) 4603 ; Unique identifiers used instead of message 4604 ; sequence numbers 4606 uid-expunge = "EXPUNGE" SP sequence-set 4607 ; Unique identifiers used instead of message 4608 ; sequence numbers 4610 uid-set = (uniqueid / uid-range) *("," uid-set) 4612 uid-range = (uniqueid ":" uniqueid) 4613 ; two uniqueid values and all values 4614 ; between these two regards of order. 4615 ; Example: 2:4 and 4:2 are equivalent. 4617 uniqueid = nz-number 4618 ; Strictly ascending 4620 unsubscribe = "UNSUBSCRIBE" SP mailbox 4622 userid = astring 4624 x-command = "X" atom 4626 zone = ("+" / "-") 4DIGIT 4627 ; Signed four-digit value of hhmm representing 4628 ; hours and minutes east of Greenwich (that is, 4629 ; the amount that the given time differs from 4630 ; Universal Time). Subtracting the timezone 4631 ; from the given time will give the UT form. 4632 ; The Universal Time zone is "+0000". 4634 10. Author's Note 4636 This document is a revision or rewrite of earlier documents, and 4637 supercedes the protocol specification in those documents: RFC 2060, 4638 RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and RFC 1064. 4640 11. Security Considerations 4642 IMAP4rev2 protocol transactions, including electronic mail data, are 4643 sent in the clear over the network unless protection from snooping is 4644 negotiated. This can be accomplished either by the use of STARTTLS, 4645 negotiated privacy protection in the AUTHENTICATE command, or some 4646 other protection mechanism. 4648 11.1. STARTTLS Security Considerations 4650 IMAP client and server implementations MUST implement the 4651 TLS_RSA_WITH_RC4_128_MD5 [TLS] cipher suite, and SHOULD implement the 4652 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [TLS] cipher suite. This is 4653 important as it assures that any two compliant implementations can be 4654 configured to interoperate. All other cipher suites are OPTIONAL. 4655 Note that this is a change from section 2.1 of [IMAP-TLS]. 4657 During the [TLS] negotiation, the client MUST check its understanding 4658 of the server hostname against the server's identity as presented in 4659 the server Certificate message, in order to prevent man-in-the-middle 4660 attacks. If the match fails, the client SHOULD either ask for 4661 explicit user confirmation, or terminate the connection and indicate 4662 that the server's identity is suspect. Matching is performed 4663 according to these rules: 4665 The client MUST use the server hostname it used to open the 4666 connection as the value to compare against the server name as 4667 expressed in the server certificate. The client MUST NOT use any 4668 form of the server hostname derived from an insecure remote source 4669 (e.g., insecure DNS lookup). CNAME canonicalization is not done. 4671 If a subjectAltName extension of type dNSName is present in the 4672 certificate, it SHOULD be used as the source of the server's 4673 identity. 4675 Matching is case-insensitive. 4677 A "*" wildcard character MAY be used as the left-most name 4678 component in the certificate. For example, *.example.com would 4679 match a.example.com, foo.example.com, etc. but would not match 4680 example.com. 4682 If the certificate contains multiple names (e.g., more than one 4683 dNSName field), then a match with any one of the fields is 4684 considered acceptable. 4686 Both the client and server MUST check the result of the STARTTLS 4687 command and subsequent [TLS] negotiation to see whether acceptable 4688 authentication or privacy was achieved. 4690 11.2. COPYUID and APPENDUID response codes 4692 The COPYUID and APPENDUID response codes return information about the 4693 mailbox, which may be considered sensitive if the mailbox has 4694 permissions set that permit the client to COPY or APPEND to the 4695 mailbox, but not SELECT or EXAMINE it. 4697 Consequently, these response codes SHOULD NOT be issued if the client 4698 does not have access to SELECT or EXAMINE the mailbox. 4700 11.3. Other Security Considerations 4702 A server error message for an AUTHENTICATE command which fails due to 4703 invalid credentials SHOULD NOT detail why the credentials are 4704 invalid. 4706 Use of the LOGIN command sends passwords in the clear. This can be 4707 avoided by using the AUTHENTICATE command with a [SASL] mechanism 4708 that does not use plaintext passwords, by first negotiating 4709 encryption via STARTTLS or some other protection mechanism. 4711 A server implementation MUST implement a configuration that, at the 4712 time of authentication, requires: 4713 (1) The STARTTLS command has been negotiated. 4714 OR 4715 (2) Some other mechanism that protects the session from password 4716 snooping has been provided. 4717 OR 4718 (3) The following measures are in place: 4719 (a) The LOGINDISABLED capability is advertised, and [SASL] mechanisms 4720 (such as PLAIN) using plaintext passwords are NOT advertised in the 4721 CAPABILITY list. 4722 AND 4723 (b) The LOGIN command returns an error even if the password is 4724 correct. 4725 AND 4726 (c) The AUTHENTICATE command returns an error with all [SASL] 4727 mechanisms that use plaintext passwords, even if the password is 4728 correct. 4730 A server error message for a failing LOGIN command SHOULD NOT specify 4731 that the user name, as opposed to the password, is invalid. 4733 A server SHOULD have mechanisms in place to limit or delay failed 4734 AUTHENTICATE/LOGIN attempts. 4736 Additional security considerations are discussed in the section 4737 discussing the AUTHENTICATE and LOGIN commands. 4739 12. IANA Considerations 4741 IMAP4 capabilities are registered by publishing a standards track or 4742 IESG approved experimental RFC. The registry is currently located 4743 at: http://www.iana.org/assignments/imap4-capabilities 4745 As this specification revises the STARTTLS and LOGINDISABLED 4746 extensions previously defined in [IMAP-TLS], IANA is requested to 4747 update the registry accordingly. 4749 13. References 4751 13.1. Normative References 4753 [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 4754 Specifications: ABNF", STD 68, RFC 5234, January 2008, 4755 . 4757 [ANONYMOUS] 4758 Zeilenga, K., "Anonymous Simple Authentication and 4759 Security Layer (SASL) Mechanism", RFC 4505, June 2006, 4760 . 4762 [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration 4763 Procedures", BCP 19, RFC 2978, October 2000, 4764 . 4766 [DIGEST-MD5] 4767 Leach, P. and C. Newman, "Using Digest Authentication as a 4768 SASL Mechanism", RFC 2831, May 2000, 4769 . 4771 [DISPOSITION] 4772 Troost, R., Dorner, S., and K. Moore, Ed., "Communicating 4773 Presentation Information in Internet Messages: The 4774 Content-Disposition Header Field", RFC 2183, August 1997, 4775 . 4777 [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and 4778 Security Layer (SASL) Mechanism", RFC 4616, August 2006, 4779 . 4781 [KEYWORDS] 4782 Bradner, S., "Key words for use in RFCs to Indicate 4783 Requirement Levels", BCP 14, RFC 2119, March 1997, 4784 . 4786 [LANGUAGE-TAGS] 4787 Alvestrand, H., "Content Language Headers", RFC 3282, May 4788 2002, . 4790 [LOCATION] 4791 Palme, J., Hopmann, A., and N. Shelness, "MIME 4792 Encapsulation of Aggregate Documents, such as HTML 4793 (MHTML)", RFC 2557, March 1999, 4794 . 4796 [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field", RFC 4797 1864, October 1995, 4798 . 4800 [MIME-HDRS] 4801 Moore, K., "MIME (Multipurpose Internet Mail Extensions) 4802 Part Three: Message Header Extensions for Non-ASCII Text", 4803 RFC 2047, November 1996, 4804 . 4806 [MIME-IMB] 4807 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 4808 Extensions (MIME) Part One: Format of Internet Message 4809 Bodies", RFC 2045, November 1996, 4810 . 4812 [MIME-IMT] 4813 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 4814 Extensions (MIME) Part Two: Media Types", RFC 2046, 4815 November 1996, . 4817 [RFC-5322] 4818 Resnick, P., Ed., "Internet Message Format", RFC 5322, 4819 October 2008, . 4821 [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple 4822 Authentication and Security Layer (SASL)", RFC 4422, June 4823 2006, . 4825 [TLS] Dierks, T. and E. Rescorla, "The Transport Layer Security 4826 (TLS) Protocol Version 1.2", RFC 5246, August 2008, 4827 . 4829 [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe 4830 Transformation Format of Unicode", RFC 2152, May 1997, 4831 . 4833 [MULTIAPPEND] 4834 Crispin, M., "Internet Message Access Protocol (IMAP) - 4835 MULTIAPPEND Extension", RFC 3502, March 2003, 4836 . 4838 [IMAP-IMPLEMENTATION] 4839 Leiba, B., "IMAP4 Implementation Recommendations", RFC 4840 2683, September 1999, 4841 . 4843 [IMAP-MULTIACCESS] 4844 Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", RFC 4845 2180, July 1997, . 4847 13.2. Informative References (related protocols) 4849 [IMAP-DISC] 4850 Melnikov, A., Ed., "Synchronization Operations for 4851 Disconnected IMAP4 Clients", RFC 4549, June 2006, 4852 . 4854 [IMAP-MODEL] 4855 Crispin, M., "Distributed Electronic Mail Models in 4856 IMAP4", RFC 1733, December 1994, 4857 . 4859 [ACAP] Newman, C. and J. G. Myers, "ACAP -- Application 4860 Configuration Access Protocol", RFC 2244, November 1997, 4861 . 4863 [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 4864 October 2008, . 4866 [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", 4867 RFC 4314, December 2005, 4868 . 4870 [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January 4871 1997, . 4873 13.3. Informative References (historical aspects of IMAP and related 4874 protocols) 4876 [IMAP-COMPAT] 4877 Crispin, M., "IMAP4 Compatibility with IMAP2bis", RFC 4878 2061, December 1996, 4879 . 4881 [IMAP-HISTORICAL] 4882 Crispin, M., "IMAP4 Compatibility with IMAP2 and 4883 IMAP2bis", RFC 1732, December 1994, 4884 . 4886 [IMAP-OBSOLETE] 4887 Crispin, M., "Internet Message Access Protocol - Obsolete 4888 Syntax", RFC 2062, December 1996, 4889 . 4891 [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version 4892 2", RFC 1176, August 1990, 4893 . 4895 [RFC-822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET 4896 TEXT MESSAGES", STD 11, RFC 822, August 1982, 4897 . 4899 [RFC-821] Postel, J., "Simple Mail Transfer Protocol", STD 10, RFC 4900 821, August 1982, . 4902 [IMAP-TLS] 4903 Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC 4904 2595, June 1999, . 4906 Appendix A. Backward compatibility with IMAP4rev1 4908 An implementation that wants to remain compatible with IMAP4rev1 can 4909 advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response/ 4910 response code. While some IMAP4rev1 response were removed in 4911 IMAP4rev2, their presence will not break IMAP4rev2-only clients. 4913 If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that 4914 wants to use IMAP4rev2 MUST issue "ENABLE IMAP4rev2" command. 4916 Appendix B. Changes from RFC 3501 / IMAP4rev1 4918 The following is the plan for remaining changes. The plan might 4919 change over time. 4921 1. Fold in the following extensions/RFC: RFC 5530 (IMAP Response 4922 Codes), UIDPLUS (done), ENABLE (done), ESEARCH, LITERAL+, 4923 NAMESPACE. 4925 2. Possibly fold in the following extensions/RFC: SEARCHRES, 4926 SPECIAL-USE, Base LIST-EXTENDED syntax + deprecate LSUB, STATUS- 4927 in-LIST, BINARY. 4929 3. Add CLOSED response code (from CONDSTORE), 4931 4. Drop UTF-7, all mailboxes are always in UTF-8. 4933 5. Update recommendations on TLS ciphers to match UTA WG work. 4935 6. Deprecated features: RECENT response on SELECT/EXAMINE, Recent 4936 flag, RECENT STATUS item. UNSEEN response code on SELECT/ 4937 EXAMINE. SEARCH response (use ESEARCH instead). 4939 1. Folded in IMAP UNSELECT (RFC 3691), UIDPLUS (RFC 4315), ESEARCH 4940 (RFC 4731), ENABLE (RFC 5161) extensions. Also folded RFC 5530. 4942 Appendix C. Acknowledgement 4944 Earlier versions of this document were edited by Mark Crispin. 4945 Sadly, he is no longer available to help with this work. Editor of 4946 this revisions is hoping that Mark would have approved. 4948 Thank you to Tony Hansen for helping with the index generation. 4950 This document incorporate text from RFC 4315, RFC 4466, RFC 4731, RFC 4951 5161, so work done by authors/editors of these documents is 4952 appreciated. 4954 Index 4956 + 4957 +FLAGS 60 4958 +FLAGS.SILENT 60 4960 - 4961 -FLAGS 60 4962 -FLAGS.SILENT 60 4964 A 4965 ALERT (response code) 65 4966 ALL (fetch item) 56 4967 ALL (search key) 52 4968 ALL (search result option) 51 4969 ALREADYEXISTS (response code) 65 4970 ANSWERED (search key) 52 4971 APPEND (command) 45 4972 APPENDUID (response code) 66 4973 AUTHENTICATE (command) 27 4974 AUTHENTICATIONFAILED (response code) 66 4975 AUTHORIZATIONFAILED (response code) 66 4977 B 4978 BAD (response) 73 4979 BADCHARSET (response code) 67 4980 BCC (search key) 52 4981 BEFORE (search key) 53 4982 BODY (fetch item) 56 4983 BODY (fetch result) 80 4984 BODY (search key) 53 4985 BODY.PEEK[
]<> (fetch item) 58 4986 BODYSTRUCTURE (fetch item) 59 4987 BODYSTRUCTURE (fetch result) 80 4988 BODY[
]<> (fetch result) 80 4989 BODY[
]<> (fetch item) 56 4990 BYE (response) 73 4991 Body Structure (message attribute) 13 4993 C 4994 CANNOT (response code) 67 4995 CAPABILITY (command) 24 4996 CAPABILITY (response code) 67 4997 CAPABILITY (response) 74 4998 CC (search key) 53 4999 CHECK (command) 48 5000 CLIENTBUG (response code) 67 5001 CLOSE (command) 49 5002 CONTACTADMIN (response code) 67 5003 COPY (command) 60 5004 COPYUID (response code) 67 5005 CORRUPTION (response code) 68 5006 COUNT (search result option) 51 5007 CREATE (command) 35 5009 D 5010 DELETE (command) 36 5011 DELETED (search key) 53 5012 DRAFT (search key) 53 5014 E 5015 ENABLE (command) 31 5016 ENVELOPE (fetch item) 59 5017 ENVELOPE (fetch result) 83 5018 ESEARCH (response) 77 5019 EXAMINE (command) 34 5020 EXPIRED (response code) 68 5021 EXPUNGE (command) 50 5022 EXPUNGE (response) 79 5023 EXPUNGEISSUED (response code) 68 5024 Envelope Structure (message attribute) 13 5026 F 5027 FAST (fetch item) 56 5028 FETCH (command) 56 5029 FETCH (response) 80 5030 FLAGGED (search key) 53 5031 FLAGS (fetch item) 59 5032 FLAGS (fetch result) 84 5033 FLAGS (response) 77 5034 FLAGS (store command data item) 60 5035 FLAGS.SILENT (store command data item) 60 5036 FROM (search key) 53 5037 FULL (fetch item) 56 5038 Flags (message attribute) 11 5040 H 5041 HEADER (part specifier) 57 5042 HEADER (search key) 53 5043 HEADER.FIELDS (part specifier) 57 5044 HEADER.FIELDS.NOT (part specifier) 57 5046 I 5047 INTERNALDATE (fetch item) 59 5048 INTERNALDATE (fetch result) 84 5049 INUSE (response code) 69 5050 Internal Date (message attribute) 12 5052 K 5053 KEYWORD (search key) 53 5054 Keyword (type of flag) 12 5056 L 5057 LARGER (search key) 53 5058 LIMIT (response code) 69 5059 LIST (command) 40 5060 LIST (response) 75 5061 LOGOUT (command) 25 5062 LSUB (command) 43 5063 LSUB (response) 76 5065 M 5066 MAX (search result option) 51 5067 MAY (specification requirement term) 5 5068 MESSAGES (status item) 45 5069 MIME (part specifier) 57 5070 MIN (search result option) 51 5071 MUST (specification requirement term) 5 5072 MUST NOT (specification requirement term) 5 5073 Message Sequence Number (message attribute) 11 5075 N 5076 NEW (search key) 53 5077 NO (response) 72 5078 NONEXISTENT (response code) 69 5079 NOOP (command) 25 5080 NOPERM (response code) 69 5081 NOT (search key) 53 5083 O 5084 OK (response) 72 5085 OLD (search key) 53 5086 ON (search key) 53 5087 OPTIONAL (specification requirement term) 5 5088 OR (search key) 53 5089 OVERQUOTA (response code) 69 5091 P 5092 PARSE (response code) 70 5093 PERMANENTFLAGS (response code) 70 5094 PREAUTH (response) 73 5095 PRIVACYREQUIRED (response code) 70 5096 Permanent Flag (class of flag) 12 5098 R 5099 READ-ONLY (response code) 70 5100 READ-WRITE (response code) 70 5101 RECENT (search key) 53 5102 RECENT (status item) 45 5103 RECOMMENDED (specification requirement term) 5 5104 RENAME (command) 37 5105 REQUIRED (specification requirement term) 5 5106 RFC822 (fetch item) 59 5107 RFC822 (fetch result) 84 5108 RFC822.HEADER (fetch item) 59 5109 RFC822.HEADER (fetch result) 84 5110 RFC822.SIZE (fetch item) 59 5111 RFC822.SIZE (fetch result) 84 5112 RFC822.TEXT (fetch item) 59 5113 RFC822.TEXT (fetch result) 84 5115 S 5116 SEARCH (command) 50 5117 SEEN (search key) 53 5118 SELECT (command) 33 5119 SENTBEFORE (search key) 54 5120 SENTON (search key) 54 5121 SENTSINCE (search key) 54 5122 SERVERBUG (response code) 70 5123 SHOULD (specification requirement term) 5 5124 SHOULD NOT (specification requirement term) 5 5125 SINCE (search key) 54 5126 SMALLER (search key) 54 5127 STARTTLS (command) 26 5128 STATUS (command) 44 5129 STATUS (response) 77 5130 STORE (command) 59 5131 SUBJECT (search key) 54 5132 SUBSCRIBE (command) 39 5133 Session Flag (class of flag) 12 5134 System Flag (type of flag) 11 5136 T 5137 TEXT (part specifier) 57 5138 TEXT (search key) 54 5139 TO (search key) 54 5140 TRYCREATE (response code) 71 5142 U 5143 UID (command) 61 5144 UID (fetch item) 59 5145 UID (fetch result) 84 5146 UID (search key) 54 5147 UIDNEXT (response code) 71 5148 UIDNEXT (status item) 45 5149 UIDNOTSTICKY (response code) 71 5150 UIDVALIDITY (response code) 71 5151 UIDVALIDITY (status item) 45 5152 UNANSWERED (search key) 54 5153 UNAVAILABLE (response code) 71 5154 UNDELETED (search key) 54 5155 UNDRAFT (search key) 54 5156 UNFLAGGED (search key) 54 5157 UNKEYWORD (search key) 54 5158 UNSEEN (response code) 71 5159 UNSEEN (search key) 54 5160 UNSEEN (status item) 45 5161 UNSELECT (command) 49 5162 UNSUBSCRIBE (command) 40 5163 Unique Identifier (UID) (message attribute) 9 5165 X 5166 X (command) 63 5168 [ 5169 [RFC-5322] Size (message attribute) 12 5171 \ 5172 \Answered (system flag) 11 5173 \Deleted (system flag) 11 5174 \Draft (system flag) 11 5175 \Flagged (system flag) 11 5176 \Marked (mailbox name attribute) 76 5177 \Noinferiors (mailbox name attribute) 76 5178 \Noselect (mailbox name attribute) 76 5179 \Recent (system flag) 12 5180 \Seen (system flag) 11 5181 \Unmarked (mailbox name attribute) 76 5183 Author's Address 5185 Alexey Melnikov (editor) 5186 Isode Ltd 5187 14 Castle Mews 5188 Hampton, Middlesex TW12 2NP 5189 UK 5191 Email: Alexey.Melnikov@isode.com