forked from jstedfast/MailKit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrfc9051.txt
8659 lines (6857 loc) · 359 KB
/
rfc9051.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Internet Engineering Task Force (IETF) A. Melnikov, Ed.
Request for Comments: 9051 Isode Ltd
Obsoletes: 3501 B. Leiba, Ed.
Category: Standards Track Futurewei Technologies
ISSN: 2070-1721 August 2021
Internet Message Access Protocol (IMAP) - Version 4rev2
Abstract
The Internet Message Access Protocol Version 4rev2 (IMAP4rev2) allows
a client to access and manipulate electronic mail messages on a
server. IMAP4rev2 permits manipulation of mailboxes (remote message
folders) in a way that is functionally equivalent to local folders.
IMAP4rev2 also provides the capability for an offline client to
resynchronize with the server.
IMAP4rev2 includes operations for creating, deleting, and renaming
mailboxes; checking for new messages; removing messages permanently;
setting and clearing flags; parsing per RFCs 5322, 2045, and 2231;
searching; and selective fetching of message attributes, texts, and
portions thereof. Messages in IMAP4rev2 are accessed by the use of
numbers. These numbers are either message sequence numbers or unique
identifiers.
IMAP4rev2 does not specify a means of posting mail; this function is
handled by a mail submission protocol such as the one specified in
RFC 6409.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9051.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. How to Read This Document
1.1. Organization of This Document
1.2. Conventions Used in This Document
1.3. Special Notes to Implementors
2. Protocol Overview
2.1. Link Level
2.2. Commands and Responses
2.2.1. Client Protocol Sender and Server Protocol Receiver
2.2.2. Server Protocol Sender and Client Protocol Receiver
2.3. Message Attributes
2.3.1. Message Numbers
2.3.2. Flags Message Attribute
2.3.3. Internal Date Message Attribute
2.3.4. RFC822.SIZE Message Attribute
2.3.5. Envelope Structure Message Attribute
2.3.6. Body Structure Message Attribute
2.4. Message Texts
3. State and Flow Diagram
3.1. Not Authenticated State
3.2. Authenticated State
3.3. Selected State
3.4. Logout State
4. Data Formats
4.1. Atom
4.1.1. Sequence Set and UID Set
4.2. Number
4.3. String
4.3.1. 8-Bit and Binary Strings
4.4. Parenthesized List
4.5. NIL
5. Operational Considerations
5.1. Mailbox Naming
5.1.1. Mailbox Hierarchy Naming
5.1.2. Namespaces
5.2. Mailbox Size and Message Status Updates
5.3. Response When No Command in Progress
5.4. Autologout Timer
5.5. Multiple Commands in Progress (Command Pipelining)
6. Client Commands
6.1. Client Commands - Any State
6.1.1. CAPABILITY Command
6.1.2. NOOP Command
6.1.3. LOGOUT Command
6.2. Client Commands - Not Authenticated State
6.2.1. STARTTLS Command
6.2.2. AUTHENTICATE Command
6.2.3. LOGIN Command
6.3. Client Commands - Authenticated State
6.3.1. ENABLE Command
6.3.2. SELECT Command
6.3.3. EXAMINE Command
6.3.4. CREATE Command
6.3.5. DELETE Command
6.3.6. RENAME Command
6.3.7. SUBSCRIBE Command
6.3.8. UNSUBSCRIBE Command
6.3.9. LIST Command
6.3.10. NAMESPACE Command
6.3.11. STATUS Command
6.3.12. APPEND Command
6.3.13. IDLE Command
6.4. Client Commands - Selected State
6.4.1. CLOSE Command
6.4.2. UNSELECT Command
6.4.3. EXPUNGE Command
6.4.4. SEARCH Command
6.4.5. FETCH Command
6.4.6. STORE Command
6.4.7. COPY Command
6.4.8. MOVE Command
6.4.9. UID Command
6.5. Client Commands - Experimental/Expansion
7. Server Responses
7.1. Server Responses - Generic Status Responses
7.1.1. OK Response
7.1.2. NO Response
7.1.3. BAD Response
7.1.4. PREAUTH Response
7.1.5. BYE Response
7.2. Server Responses - Server Status
7.2.1. ENABLED Response
7.2.2. CAPABILITY Response
7.3. Server Responses - Mailbox Status
7.3.1. LIST Response
7.3.2. NAMESPACE Response
7.3.3. STATUS Response
7.3.4. ESEARCH Response
7.3.5. FLAGS Response
7.4. Server Responses - Mailbox Size
7.4.1. EXISTS Response
7.5. Server Responses - Message Status
7.5.1. EXPUNGE Response
7.5.2. FETCH Response
7.6. Server Responses - Command Continuation Request
8. Sample IMAP4rev2 Connection
9. Formal Syntax
10. Author's Note
11. Security Considerations
11.1. TLS-Related Security Considerations
11.2. STARTTLS Command versus Use of Implicit TLS Port
11.3. Client Handling of Unsolicited Responses Not Suitable for
the Current Connection State
11.4. COPYUID and APPENDUID Response Codes
11.5. LIST Command and Other Users' Namespace
11.6. Use of MD5
11.7. Other Security Considerations
12. IANA Considerations
12.1. Updates to IMAP Capabilities Registry
12.2. GSSAPI/SASL Service Name
12.3. LIST Selection Options, LIST Return Options, and LIST
Extended Data Items
12.4. IMAP Mailbox Name Attributes and IMAP Response Codes
13. References
13.1. Normative References
13.2. Informative References
13.2.1. Related Protocols
13.2.2. Historical Aspects of IMAP and Related Protocols
Appendix A. Backward Compatibility with IMAP4rev1
A.1. Mailbox International Naming Convention for Compatibility
with IMAP4rev1
Appendix B. Backward Compatibility with BINARY Extension
Appendix C. Backward Compatibility with LIST-EXTENDED Extension
Appendix D. 63-Bit Body Part and Message Sizes
Appendix E. Changes from RFC 3501 / IMAP4rev1
Appendix F. Other Recommended IMAP Extensions
Acknowledgements
Index
Authors' Addresses
1. How to Read This Document
1.1. Organization of This Document
This document is written from the point of view of the implementor of
an IMAP4rev2 client or server. Beyond the protocol overview in
Section 2, it is not optimized for someone trying to understand the
operation of the protocol. The material in Sections 3, 4, and 5
provides the general context and definitions with which IMAP4rev2
operates.
Sections 6, 7, and 9 describe the IMAP commands, responses, and
syntax, respectively. The relationships among these are such that it
is almost impossible to understand any of them separately. In
particular, do not attempt to deduce command syntax from the command
section alone; instead, refer to "Formal Syntax" (Section 9).
1.2. Conventions Used in This Document
"Conventions" are basic principles or procedures. Document
conventions are noted in this section.
In examples, "C:" and "S:" indicate lines sent by the client and
server, respectively. Note that each line includes the terminating
CRLF.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The word "can" (not "may") is used to refer to a possible
circumstance or situation, as opposed to an optional facility of the
protocol.
"User" is used to refer to a human user, whereas "client" refers to
the software being run by the user.
"Connection" refers to the entire sequence of client/server
interaction from the initial establishment of the network connection
until its termination.
"Session" refers to the sequence of client/server interaction from
the time that a mailbox is selected (SELECT or EXAMINE command) until
the time that selection ends (SELECT or EXAMINE of another mailbox,
CLOSE command, UNSELECT command, or connection termination).
The term "Implicit TLS" refers to the automatic negotiation of TLS
whenever a TCP connection is made on a particular TCP port that is
used exclusively by that server for TLS connections. The term
"Implicit TLS" is intended to contrast with the use of the STARTTLS
command in IMAP that is used by the client and the server to
explicitly negotiate TLS on an established cleartext TCP connection.
Characters are 8-bit UTF-8 (of which 7-bit US-ASCII is a subset),
unless otherwise specified. Other character sets are indicated using
a "CHARSET", as described in [MIME-IMT] and defined in [CHARSET].
CHARSETs have important additional semantics in addition to defining
a character set; refer to these documents for more detail.
There are several protocol conventions in IMAP. These refer to
aspects of the specification that are not strictly part of the IMAP
protocol but reflect generally accepted practice. Implementations
need to be aware of these conventions, and avoid conflicts whether or
not they implement the convention. For example, "&" may not be used
as a hierarchy delimiter since it conflicts with the Mailbox
International Naming Convention, and other uses of "&" in mailbox
names are impacted as well.
1.3. Special Notes to Implementors
Implementors of the IMAP protocol are strongly encouraged to read the
IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in
conjunction with this document, to help understand the intricacies of
this protocol and how best to build an interoperable product.
IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1
[RFC3501], IMAP2 [IMAP2], and unpublished IMAP2bis [IMAP2BIS]
protocols. IMAP4rev2 is largely compatible with the IMAP4rev1
protocol described in RFC 3501 and the IMAP4 protocol described in
[RFC1730]; the exception being in certain facilities added in
[RFC1730] and [RFC3501] that proved problematic and were subsequently
removed or replaced by better alternatives. In the course of the
evolution of IMAP4rev2, some aspects in the earlier protocols have
become obsolete. Obsolete commands, responses, and data formats that
an IMAP4rev2 implementation can encounter when used with an earlier
implementation are described in Appendices A and E and
[IMAP-OBSOLETE]. IMAP4rev2 supports 63-bit body parts and message
sizes. IMAP4rev2 compatibility with BINARY and LIST-EXTENDED IMAP
extensions are described in Appendices B and C, respectively.
Other compatibility issues with IMAP2bis, the most common variant of
the earlier protocol, are discussed in [IMAP-COMPAT]. A full
discussion of compatibility issues with rare (and presumed extinct)
variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is
primarily of historical interest.
IMAP was originally developed for the older [RFC822] standard, and as
a consequence, the "RFC822.SIZE" fetch item in IMAP incorporates
"RFC822" in its name. "RFC822" should be interpreted as a reference
to the updated [RFC5322] standard.
IMAP4rev2 does not specify a means of posting mail; this function is
handled by a mail submission protocol such as the one specified in
[RFC6409].
2. Protocol Overview
2.1. Link Level
The IMAP4rev2 protocol assumes a reliable data stream such as that
provided by TCP. When TCP is used, an IMAP4rev2 server listens on
port 143 (cleartext port) or port 993 (Implicit TLS port).
2.2. Commands and Responses
An IMAP4rev2 connection consists of the establishment of a client/
server network connection, an initial greeting from the server, and
client/server interactions. These client/server interactions consist
of a client command, server data, and a server completion result
response.
All interactions transmitted by client and server are in the form of
lines, that is, strings that end with a CRLF. The protocol receiver
of an IMAP4rev2 client or server is reading either a line or a
sequence of octets with a known count followed by a line.
2.2.1. Client Protocol Sender and Server Protocol Receiver
The client command begins an operation. Each client command is
prefixed with an identifier (typically a short alphanumeric string,
e.g., A0001, A0002, etc.) called a "tag". A different tag is
generated by the client for each command. More formally: the client
SHOULD generate a unique tag for every command, but a server MUST
accept tag reuse.
Clients MUST follow the syntax outlined in this specification
strictly. It is a syntax error to send a command with missing or
extraneous spaces or arguments.
There are two cases in which a line from the client does not
represent a complete command. In one case, a command argument is
quoted with an octet count (see the description of literal in
Section 4.3); in the other case, the command arguments require server
feedback (see the AUTHENTICATE command in Section 6.2.2). In either
case, the server sends a command continuation request response if it
is ready for the octets (if appropriate) and the remainder of the
command. This response is prefixed with the token "+".
Note: If, instead, the server detected an error in the command, it
sends a BAD completion response with a tag matching the command
(as described below) to reject the command and prevent the client
from sending any more of the command.
It is also possible for the server to send a completion response
for some other command (if multiple commands are in progress) or
untagged data. In either case, the command continuation request
is still pending; the client takes the appropriate action for the
response and reads another response from the server. In all
cases, the client MUST send a complete command (including
receiving all command continuation request responses and sending
command continuations for the command) before initiating a new
command.
The protocol receiver of an IMAP4rev2 server reads a command line
from the client, parses the command and its arguments, and transmits
server data and a server command completion result response.
2.2.2. Server Protocol Sender and Client Protocol Receiver
Data transmitted by the server to the client and status responses
that do not indicate command completion are prefixed with the token
"*" and are called untagged responses.
Server data MAY be sent as a result of a client command or MAY be
sent unilaterally by the server. There is no syntactic difference
between server data that resulted from a specific command and server
data that were sent unilaterally.
The server completion result response indicates the success or
failure of the operation. It is tagged with the same tag as the
client command that began the operation. Thus, if more than one
command is in progress, the tag in a server completion response
identifies the command to which the response applies. There are
three possible server completion responses: OK (indicating success),
NO (indicating failure), or BAD (indicating a protocol error such as
unrecognized command or command syntax error).
Servers SHOULD strictly enforce the syntax outlined in this
specification. Any client command with a protocol syntax error,
including (but not limited to) missing or extraneous spaces or
arguments, SHOULD be rejected and the client given a BAD server
completion response.
The protocol receiver of an IMAP4rev2 client reads a response line
from the server. It then takes action on the response based upon the
first token of the response, which can be a tag, a "*", or a "+".
A client MUST be prepared to accept any server response at all times.
This includes server data that was not requested. Server data SHOULD
be remembered (cached), so that the client can reference its
remembered copy rather than sending a command to the server to
request the data. In the case of certain server data, the data MUST
be remembered, as specified elsewhere in this document.
This topic is discussed in greater detail in "Server Responses" (see
Section 7).
2.3. Message Attributes
In addition to message text, each message has several attributes
associated with it. These attributes can be retrieved individually
or in conjunction with other attributes or message texts.
2.3.1. Message Numbers
Messages in IMAP4rev2 are accessed by one of two numbers: the Unique
Identifier (UID) or the message sequence number.
2.3.1.1. Unique Identifier (UID) Message Attribute
A UID is an unsigned non-zero 32-bit value assigned to each message,
which when used with the unique identifier validity value (see below)
forms a 64-bit value that MUST NOT refer to any other message in the
mailbox or any subsequent mailbox with the same name forever. Unique
identifiers are assigned in a strictly ascending fashion in the
mailbox; as each message is added to the mailbox, it is assigned a
higher UID than those of all message(s) that are already in the
mailbox. Unlike message sequence numbers, unique identifiers are not
necessarily contiguous.
The unique identifier of a message MUST NOT change during the session
and SHOULD NOT change between sessions. Any change of unique
identifiers between sessions MUST be detectable using the UIDVALIDITY
mechanism discussed below. Persistent unique identifiers are
required for a client to resynchronize its state from a previous
session with the server (e.g., disconnected or offline access clients
[IMAP-MODEL]); this is discussed further in [IMAP-DISC].
Associated with every mailbox are two 32-bit unsigned non-zero values
that aid in unique identifier handling: the next unique identifier
value (UIDNEXT) and the unique identifier validity value
(UIDVALIDITY).
The next unique identifier value is the predicted value that will be
assigned to a new message in the mailbox. Unless the unique
identifier validity also changes (see below), the next unique
identifier value MUST have the following two characteristics. First,
the next unique identifier value MUST NOT change unless new messages
are added to the mailbox; and second, the next unique identifier
value MUST change whenever new messages are added to the mailbox,
even if those new messages are subsequently expunged.
| Note: The next unique identifier value is intended to provide a
| means for a client to determine whether any messages have been
| delivered to the mailbox since the previous time it checked
| this value. It is not intended to provide any guarantee that
| any message will have this unique identifier. A client can
| only assume, at the time that it obtains the next unique
| identifier value, that messages arriving after that time will
| have a UID greater than or equal to that value.
The unique identifier validity value is sent in a UIDVALIDITY
response code in an OK untagged response at mailbox selection time.
If unique identifiers from an earlier session fail to persist in this
session, the unique identifier validity value MUST be greater than
the one used in the earlier session. A good UIDVALIDITY value to use
is a 32-bit representation of the current date/time when the value is
assigned: this ensures that the value is unique and always increases.
Another possible alternative is a global counter that gets
incremented every time a mailbox is created.
Note: Ideally, unique identifiers SHOULD persist at all times.
Although this specification recognizes that failure to persist can
be unavoidable in certain server environments, it strongly
encourages message store implementation techniques that avoid this
problem. For example:
1. Unique identifiers MUST be strictly ascending in the mailbox at
all times. If the physical message store is reordered by a non-
IMAP agent, the unique identifiers in the mailbox MUST be
regenerated, since the former unique identifiers are no longer
strictly ascending as a result of the reordering.
2. If the message store has no mechanism to store unique
identifiers, it must regenerate unique identifiers at each
session, and each session must have a unique UIDVALIDITY value.
Note that this situation can be very disruptive to client message
caching.
3. If the mailbox is deleted/renamed and a new mailbox with the same
name is created at a later date, the server must either keep
track of unique identifiers from the previous instance of the
mailbox or assign a new UIDVALIDITY value to the new instance of
the mailbox.
4. The combination of mailbox name, UIDVALIDITY, and UID must refer
to a single, immutable (or expunged) message on that server
forever. In particular, the internal date, RFC822.SIZE,
envelope, body structure, and message texts (all BODY[...] fetch
data items) MUST never change. This does not include message
numbers, nor does it include attributes that can be set by a
STORE command (such as FLAGS). When a message is expunged, its
UID MUST NOT be reused under the same UIDVALIDITY value.
2.3.1.2. Message Sequence Number Message Attribute
A message sequence number is a relative position from 1 to the number
of messages in the mailbox. This position MUST be ordered by
ascending unique identifiers. As each new message is added, it is
assigned a message sequence number that is 1 higher than the number
of messages in the mailbox before that new message was added.
Message sequence numbers can be reassigned during the session. For
example, when a message is permanently removed (expunged) from the
mailbox, the message sequence number for all subsequent messages is
decremented. The number of messages in the mailbox is also
decremented. Similarly, a new message can be assigned a message
sequence number that was once held by some other message prior to an
expunge.
In addition to accessing messages by relative position in the
mailbox, message sequence numbers can be used in mathematical
calculations. For example, if an untagged "11 EXISTS" is received,
and previously an untagged "8 EXISTS" was received, three new
messages have arrived with message sequence numbers of 9, 10, and 11.
As another example, if message 287 in a 523-message mailbox has UID
12345, there are exactly 286 messages that have lesser UIDs and 236
messages that have greater UIDs.
2.3.2. Flags Message Attribute
A message has a list of zero or more named tokens, known as "flags",
associated with it. A flag is set by its addition to this list and
is cleared by its removal. There are two types of flags in
IMAP4rev2: system flags and keywords. A flag of either type can be
permanent or session-only.
A system flag is a flag name that is predefined in this specification
and begins with "\". Certain system flags (\Deleted and \Seen) have
special semantics described elsewhere in this document. The
currently defined system flags are:
\Seen Message has been read
\Answered Message has been answered
\Flagged Message is "flagged" for urgent/special attention
\Deleted Message is "deleted" for removal by later EXPUNGE
\Draft Message has not completed composition (marked as a
draft).
\Recent This flag was in use in IMAP4rev1 and is now
deprecated.
A keyword is defined by the server implementation. Keywords do not
begin with "\". Servers MAY permit the client to define new keywords
in the mailbox (see the description of the PERMANENTFLAGS response
code for more information). Some keywords that start with "$" are
also defined in this specification.
This document defines several keywords that were not originally
defined in [RFC3501] but were found to be useful by client
implementations. These keywords SHOULD be supported (allowed in
SEARCH and allowed and preserved in APPEND, COPY, and MOVE commands)
by server implementations:
$Forwarded
Message has been forwarded to another email address by being
embedded within, or attached to a new message. An email client
sets this keyword when it successfully forwards the message to
another email address. Typical usage of this keyword is to show a
different (or additional) icon for a message that has been
forwarded. Once set, the flag SHOULD NOT be cleared.
$MDNSent
Message Disposition Notification [RFC8098] was generated and sent
for this message. See [RFC3503] for more details on how this
keyword is used and for requirements on clients and servers.
$Junk
The user (or a delivery agent on behalf of the user) may choose to
mark a message as definitely containing junk ($Junk; see also the
related keyword $NotJunk). The $Junk keyword can be used to mark,
group, or hide undesirable messages (and such messages might be
moved or deleted later). See [IMAP-KEYWORDS-REG] for more
information.
$NotJunk
The user (or a delivery agent on behalf of the user) may choose to
mark a message as definitely not containing junk ($NotJunk; see
also the related keyword $Junk). The $NotJunk keyword can be used
to mark, group, or show messages that the user wants to see. See
[IMAP-KEYWORDS-REG] for more information.
$Phishing
The $Phishing keyword can be used by a delivery agent to mark a
message as highly likely to be a phishing email. A message that's
determined to be a phishing email by the delivery agent should
also be considered a junk email and have the appropriate junk
filtering applied, including setting the $Junk flag and placing
the message in the \Junk special-use mailbox (see Section 7.3.1),
if available.
If both the $Phishing flag and the $Junk flag are set, the user
agent should display an additional warning message to the user.
Additionally, the user agent might display a warning, such as
something of the form, "This message may be trying to steal your
personal information," when the user clicks on any hyperlinks
within the message.
The requirement for both $Phishing and $Junk to be set before a
user agent displays a warning is for better backwards
compatibility with existing clients that understand the $Junk flag
but not the $Phishing flag. This is so that when an unextended
client removes the $Junk flag, an extended client will also show
the correct state. See [IMAP-KEYWORDS-REG] for more information.
$Junk and $NotJunk are mutually exclusive. If more than one of these
is set for a message, the client MUST treat it as if none are set,
and it SHOULD unset both of them on the IMAP server.
Other registered keywords can be found in the "IMAP and JMAP
Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be
registered in this registry using the procedure specified in
[RFC5788].
A flag can be permanent or session-only on a per-flag basis.
Permanent flags are those that the client can add or remove from the
message flags permanently; that is, concurrent and subsequent
sessions will see any change in permanent flags. Changes to session
flags are valid only in that session.
2.3.3. Internal Date Message Attribute
An Internal Date message attribute is the internal date and time of
the message on the server. This is not the date and time in the
[RFC5322] header but rather a date and time that reflects when the
message was received. In the case of messages delivered via [SMTP],
this is the date and time of final delivery of the message as defined
by [SMTP]. In the case of messages created by the IMAP4rev2 COPY or
MOVE command, this SHOULD be the same as the Internal Date attribute
of the source message. In the case of messages created by the
IMAP4rev2 APPEND command, this SHOULD be the date and time as
specified in the APPEND command description. All other cases are
implementation defined.
2.3.4. RFC822.SIZE Message Attribute
RFC822.SIZE is the number of octets in the message when the message
is expressed in [RFC5322] format. This size SHOULD match the result
of a "FETCH BODY[]" command. If the message is internally stored in
some other format, the server calculates the size and often stores it
for later use to avoid the need for recalculation.
2.3.5. Envelope Structure Message Attribute
An envelope structure is a parsed representation of the [RFC5322]
header of the message. Note that the IMAP envelope structure is not
the same as an [SMTP] envelope.
2.3.6. Body Structure Message Attribute
A body structure is a parsed representation of the [MIME-IMB] body
structure information of the message.
2.4. Message Texts
In addition to being able to fetch the full [RFC5322] text of a
message, IMAP4rev2 permits the fetching of portions of the full
message text. Specifically, it is possible to fetch the [RFC5322]
message header, the [RFC5322] message body, a [MIME-IMB] body part,
or a [MIME-IMB] header.
3. State and Flow Diagram
Once the connection between client and server is established, an
IMAP4rev2 connection is in one of four states. The initial state is
identified in the server greeting. Most commands are only valid in
certain states. It is a protocol error for the client to attempt a
command while the connection is in an inappropriate state, and the
server will respond with a BAD or NO (depending upon server
implementation) command completion result.
3.1. Not Authenticated State
In the not authenticated state, the client MUST supply authentication
credentials before most commands will be permitted. This state is
entered when a connection starts unless the connection has been pre-
authenticated.
3.2. Authenticated State
In the authenticated state, the client is authenticated and MUST
select a mailbox to access before commands that affect messages will
be permitted. This state is entered when a pre-authenticated
connection starts, when acceptable authentication credentials have
been provided, after an error in selecting a mailbox, or after a
successful CLOSE or UNSELECT command.
3.3. Selected State
In a selected state, a mailbox has been selected to access. This
state is entered when a mailbox has been successfully selected.
3.4. Logout State
In the logout state, the connection is being terminated. This state
can be entered as a result of a client request (via the LOGOUT
command) or by unilateral action on the part of either the client or
the server.
If the client requests the logout state, the server MUST send an
untagged BYE response and a tagged OK response to the LOGOUT command
before the server closes the connection; and the client MUST read the
tagged OK response to the LOGOUT command before the client closes the
connection.
A server SHOULD NOT unilaterally close the connection without first
sending an untagged BYE response that contains the reason for doing
so. A client SHOULD NOT unilaterally close the connection; instead,
it SHOULD issue a LOGOUT command. If the server detects that the
client has unilaterally closed the connection, the server MAY omit
the untagged BYE response and simply close its connection.
+----------------------+
|connection established|
+----------------------+
||
\/
+--------------------------------------+
| server greeting |
+--------------------------------------+
|| (1) || (2) || (3)
\/ || ||
+-----------------+ || ||
|Not Authenticated| || ||
+-----------------+ || ||
|| (7) || (4) || ||
|| \/ \/ ||
|| +----------------+ ||
|| | Authenticated |<=++ ||
|| +----------------+ || ||
|| || (7) || (5) || (6) ||
|| || \/ || ||
|| || +--------+ || ||
|| || |Selected|==++ ||
|| || +--------+ ||
|| || || (7) ||
\/ \/ \/ \/
+--------------------------------------+
| Logout |
+--------------------------------------+
||
\/
+-------------------------------+
|both sides close the connection|
+-------------------------------+
Legend for the above diagram:
(1) connection without pre-authentication (OK greeting)
(2) pre-authenticated connection (PREAUTH greeting)
(3) rejected connection (BYE greeting)
(4) successful LOGIN or AUTHENTICATE command
(5) successful SELECT or EXAMINE command
(6) CLOSE or UNSELECT command, unsolicited CLOSED response code, or
failed SELECT or EXAMINE command
(7) LOGOUT command, server shutdown, or connection closed
4. Data Formats
IMAP4rev2 uses textual commands and responses. Data in IMAP4rev2 can
be in one of several forms: atom, number, string, parenthesized list,
or NIL. Note that a particular data item may take more than one
form; for example, a data item defined as using "astring" syntax may
be either an atom or a string.
4.1. Atom
An atom consists of one or more non-special characters.
4.1.1. Sequence Set and UID Set
A set of messages can be referenced by a sequence set containing
either message sequence numbers or unique identifiers. See Section 9
for details. A sequence set can contain ranges of sequence numbers
(such as "5:50"), an enumeration of specific sequence numbers, or a
combination of the above. A sequence set can use the special symbol
"*" to represent the maximum sequence number in the mailbox. A
sequence set never contains unique identifiers.
A "UID set" is similar to the sequence set, but uses unique
identifiers instead of message sequence numbers, and is not permitted
to contain the special symbol "*".
4.2. Number
A number consists of one or more digit characters and represents a
numeric value.
4.3. String
A string is in one of three forms: synchronizing literal, non-
synchronizing literal, or quoted string. The synchronizing literal
form is the general form of a string, without limitation on the
characters the string may include. The non-synchronizing literal
form is also the general form, but it has a length restriction. The
quoted string form is an alternative that avoids the overhead of
processing a literal, but has limitations on the characters that may
be used.
When the distinction between synchronizing and non-synchronizing
literals is not important, this document only uses the term
"literal".
A synchronizing literal is a sequence of zero or more octets
(including CR and LF), prefix-quoted with an octet count in the form
of an open brace ("{"), the number of octets, a close brace ("}"),
and a CRLF. In the case of synchronizing literals transmitted from
server to client, the CRLF is immediately followed by the octet data.
In the case of synchronizing literals transmitted from client to
server, the client MUST wait to receive a command continuation
request (described later in this document) before sending the octet
data (and the remainder of the command).
The non-synchronizing literal is an alternative form of synchronizing
literal and may be used from client to server anywhere a
synchronizing literal is permitted. The non-synchronizing literal
form MUST NOT be sent from server to client. The non-synchronizing
literal is distinguished from the synchronizing literal by having a
plus ("+") between the octet count and the closing brace ("}"). The
server does not generate a command continuation request in response
to a non-synchronizing literal, and clients are not required to wait
before sending the octets of a non-synchronizing literal. Unless
otherwise specified in an IMAP extension, non-synchronizing literals
MUST NOT be larger than 4096 octets. Any literal larger than 4096
bytes MUST be sent as a synchronizing literal. (Non-synchronizing
literals defined in this document are the same as non-synchronizing
literals defined by the LITERAL- extension from [RFC7888]. See that
document for details on how to handle invalid non-synchronizing
literals longer than 4096 octets and for interaction with other IMAP
extensions.)
A quoted string is a sequence of zero or more Unicode characters,
excluding CR and LF, encoded in UTF-8, with double quote (<">)
characters at each end.
The empty string is represented as "" (a quoted string with zero
characters between double quotes), as {0} followed by a CRLF (a
synchronizing literal with an octet count of 0), or as {0+} followed
by a CRLF (a non-synchronizing literal with an octet count of 0).
Note: Even if the octet count is 0, a client transmitting a
synchronizing literal MUST wait to receive a command continuation
request.
4.3.1. 8-Bit and Binary Strings
8-bit textual and binary mail is supported through the use of a
[MIME-IMB] content transfer encoding. IMAP4rev2 implementations MAY
transmit 8-bit or multi-octet characters in literals but SHOULD do so
only when the [CHARSET] is identified.
IMAP4rev2 is compatible with [I18N-HDRS]. As a result, the
identified charset for header-field values with 8-bit content is
UTF-8 [UTF-8]. IMAP4rev2 implementations MUST accept and MAY
transmit [UTF-8] text in quoted-strings as long as the string does
not contain NUL, CR, or LF. This differs from IMAP4rev1
implementations.
Although a BINARY content transfer encoding is defined, unencoded
binary strings are not permitted, unless returned in a <literal8> in
response to a BINARY.PEEK[<section-binary>]<<partial>> or
BINARY[<section-binary>]<<partial>> FETCH data item. A "binary
string" is any string with NUL characters. A string with an
excessive amount of CTL characters MAY also be considered to be
binary. Unless returned in response to BINARY.PEEK[...]/BINARY[...]
FETCH, client and server implementations MUST encode binary data into
a textual form, such as base64, before transmitting the data.
4.4. Parenthesized List
Data structures are represented as a "parenthesized list"; a sequence
of data items, delimited by space, and bounded at each end by
parentheses. A parenthesized list can contain other parenthesized
lists, using multiple levels of parentheses to indicate nesting.
The empty list is represented as () -- a parenthesized list with no
members.
4.5. NIL
The special form "NIL" represents the non-existence of a particular
data item that is represented as a string or parenthesized list, as
distinct from the empty string "" or the empty parenthesized list ().
| Note: NIL is never used for any data item that takes the form
| of an atom. For example, a mailbox name of "NIL" is a mailbox
| named NIL as opposed to a non-existent mailbox name. This is
| because mailbox uses "astring" syntax, which is an atom or a
| string. Conversely, an addr-name of NIL is a non-existent
| personal name, because addr-name uses "nstring" syntax, which
| is NIL or a string, but never an atom.
Examples:
The following LIST response:
* LIST () "/" NIL
is equivalent to:
* LIST () "/" "NIL"
as LIST response ABNF is using "astring" for mailbox name.
However, the following response:
* FETCH 1 (BODY[1] NIL)
is not equivalent to:
* FETCH 1 (BODY[1] "NIL")
The former indicates absence of the body part, while the latter means
that it contains a string with the three characters "NIL".
5. Operational Considerations
The following rules are listed here to ensure that all IMAP4rev2
implementations interoperate properly.
5.1. Mailbox Naming
In IMAP4rev2, mailbox names are encoded in Net-Unicode [NET-UNICODE]
(this differs from IMAP4rev1). Client implementations MAY attempt to
create Net-Unicode mailbox names and MUST interpret any 8-bit mailbox
names returned by LIST as [NET-UNICODE]. Server implementations MUST
prohibit the creation of 8-bit mailbox names that do not comply with
Net-Unicode. However, servers MAY accept a denormalized UTF-8
mailbox name and convert it to Unicode Normalization Form C (NFC) (as
per Net-Unicode requirements) prior to mailbox creation. Servers
that choose to accept such denormalized UTF-8 mailbox names MUST
accept them in all IMAP commands that have a mailbox name parameter.
In particular, SELECT <name> must open the same mailbox that was
successfully created with CREATE <name>, even if <name> is a
denormalized UTF-8 mailbox name.
The case-insensitive mailbox name INBOX is a special name reserved to
mean "the primary mailbox for this user on this server". (Note that
this special name might not exist on some servers for some users, for
example, if the user has no access to personal namespace.) The
interpretation of all other names is implementation dependent.
In particular, this specification takes no position on case
sensitivity in non-INBOX mailbox names. Some server implementations
are fully case sensitive in ASCII range; others preserve the case of
a newly created name but otherwise are case insensitive; and yet
others coerce names to a particular case. Client implementations
must be able to interact with any of these.
There are certain client considerations when creating a new mailbox
name:
1. Any character that is one of the atom-specials (see "Formal
Syntax" in Section 9) will require that the mailbox name be
represented as a quoted string or literal.
2. CTL and other non-graphic characters are difficult to represent
in a user interface and are best avoided. Servers MAY refuse to
create mailbox names containing Unicode CTL characters.
3. Although the list-wildcard characters ("%" and "*") are valid in
a mailbox name, it is difficult to use such mailbox names with
the LIST command due to the conflict with wildcard
interpretation.
4. Usually, a character (determined by the server implementation) is
reserved to delimit levels of hierarchy.
5. Two characters, "#" and "&", have meanings by convention and
should be avoided except when used in that convention. See
Section 5.1.2.1 and Appendix A.1, respectively.
5.1.1. Mailbox Hierarchy Naming
If it is desired to export hierarchical mailbox names, mailbox names
MUST be left-to-right hierarchical, using a single ASCII character to
separate levels of hierarchy. The same hierarchy separator character
is used for all levels of hierarchy within a single name.