idnits 2.17.00 (12 Aug 2021) /tmp/idnits28488/draft-ietf-extra-imap4rev2-27.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** There are 5 instances of too long lines in the document, the longest one being 6 characters in excess of 72. -- The draft header indicates that this document obsoletes RFC3501, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 2, 2021) is 472 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC3501' is mentioned on line 7281, but not defined ** Obsolete undefined reference: RFC 3501 (Obsoleted by RFC 9051) == Missing Reference: 'IMAP2' is mentioned on line 7306, but not defined == Missing Reference: 'IMAP2BIS' is mentioned on line 7295, but not defined == Missing Reference: 'IMAP-OBSOLETE' is mentioned on line 7301, but not defined == Missing Reference: 'IMAP-COMPAT' is mentioned on line 7285, but not defined == Missing Reference: 'IMAP-HISTORICAL' is mentioned on line 7290, but not defined == Missing Reference: 'RFC-822' is mentioned on line 7310, but not defined ** Obsolete undefined reference: RFC 822 (Obsoleted by RFC 2822) == Missing Reference: 'IMAP-MODEL' is mentioned on line 7234, but not defined == Missing Reference: 'IMAP-DISC' is mentioned on line 7223, but not defined == Missing Reference: 'RFC3503' is mentioned on line 7200, but not defined == Missing Reference: 'IMAP-KEYWORDS-REG' is mentioned on line 7263, but not defined == Missing Reference: 'SMTP' is mentioned on line 7244, but not defined == Missing Reference: 'RFC7888' is mentioned on line 7219, but not defined -- Looks like a reference, but probably isn't: '1' on line 908 == Missing Reference: 'IMAP-URL' is mentioned on line 7258, but not defined == Missing Reference: 'TLS' is mentioned on line 1509, but not defined == Missing Reference: 'CERT-555316' is mentioned on line 7186, but not defined == Missing Reference: 'UIDVALIDITY 3857529045' is mentioned on line 3335, but not defined == Missing Reference: 'UIDNEXT 4392' is mentioned on line 1802, but not defined == Missing Reference: 'RFC2193' is mentioned on line 7191, but not defined == Missing Reference: 'RFC3348' is mentioned on line 7600, but not defined ** Obsolete undefined reference: RFC 3348 (Obsoleted by RFC 5258) == Missing Reference: 'RFC4314' is mentioned on line 7251, but not defined == Missing Reference: 'UIDNEXT 2' is mentioned on line 3336, but not defined == Missing Reference: 'UIDVALIDITY 1' is mentioned on line 3408, but not defined == Missing Reference: 'CHARSET-REG' is mentioned on line 7273, but not defined == Missing Reference: 'IMAP-I18N' is mentioned on line 7228, but not defined == Missing Reference: 'HEADER' is mentioned on line 3938, but not defined == Missing Reference: 'BADCHARSET UTF-8' is mentioned on line 3988, but not defined == Missing Reference: 'UID' is mentioned on line 4411, but not defined == Missing Reference: 'RFC2087' is mentioned on line 7255, but not defined ** Obsolete undefined reference: RFC 2087 (Obsoleted by RFC 9208) == Missing Reference: 'IMAP-MAILBOX-NAME-ATTRS-REG' is mentioned on line 7268, but not defined == Missing Reference: 'RFC4422' is mentioned on line 6253, but not defined == Missing Reference: 'IMAP4' is mentioned on line 6338, but not defined == Missing Reference: 'IMAP-TLS' is mentioned on line 7314, but not defined == Missing Reference: 'RFC6186' is mentioned on line 7214, but not defined == Missing Reference: 'RFCXXXX' is mentioned on line 7007, but not defined == Missing Reference: 'RFC5465' is mentioned on line 7210, but not defined == Missing Reference: 'RFC5256' is mentioned on line 7205, but not defined == Missing Reference: 'IMAP-UTF-8' is mentioned on line 7332, but not defined == Missing Reference: 'RFC3516' is mentioned on line 7428, but not defined ** Downref: Normative reference to an Informational RFC: RFC 2152 (ref. 'UTF-7') ** Downref: Normative reference to an Informational RFC: RFC 2683 (ref. 'IMAP-IMPLEMENTATION') ** Downref: Normative reference to an Informational RFC: RFC 2180 (ref. 'IMAP-MULTIACCESS') Summary: 9 errors (**), 0 flaws (~~), 41 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov, Ed. 3 Internet-Draft Isode Ltd 4 Obsoletes: 3501 (if approved) B. Leiba, Ed. 5 Intended status: Standards Track Futurewei Technologies 6 Expires: August 6, 2021 February 2, 2021 8 Internet Message Access Protocol (IMAP) - Version 4rev2 9 draft-ietf-extra-imap4rev2-27 11 Abstract 13 The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) 14 allows a client to access and manipulate electronic mail messages on 15 a server. IMAP4rev2 permits manipulation of mailboxes (remote 16 message folders) in a way that is functionally equivalent to local 17 folders. IMAP4rev2 also provides the capability for an offline 18 client to resynchronize with the server. 20 IMAP4rev2 includes operations for creating, deleting, and renaming 21 mailboxes, checking for new messages, permanently removing messages, 22 setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing, 23 searching, and selective fetching of message attributes, texts, and 24 portions thereof. Messages in IMAP4rev2 are accessed by the use of 25 numbers. These numbers are either message sequence numbers or unique 26 identifiers. 28 IMAP4rev2 does not specify a means of posting mail; this function is 29 handled by a mail submission protocol such as the one specified in 30 RFC 6409. 32 Status of This Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at https://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on August 6, 2021. 49 Copyright Notice 51 Copyright (c) 2021 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (https://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 This document may contain material from IETF Documents or IETF 65 Contributions published or made publicly available before November 66 10, 2008. The person(s) controlling the copyright in some of this 67 material may not have granted the IETF Trust the right to allow 68 modifications of such material outside the IETF Standards Process. 69 Without obtaining an adequate license from the person(s) controlling 70 the copyright in such materials, this document may not be modified 71 outside the IETF Standards Process, and derivative works of it may 72 not be created outside the IETF Standards Process, except to format 73 it for publication as an RFC or to translate it into languages other 74 than English. 76 Table of Contents 78 1. How to Read This Document . . . . . . . . . . . . . . . . . . 5 79 1.1. Organization of This Document . . . . . . . . . . . . . . 5 80 1.2. Conventions Used in This Document . . . . . . . . . . . . 5 81 1.3. Special Notes to Implementors . . . . . . . . . . . . . . 6 82 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 7 83 2.1. Link Level . . . . . . . . . . . . . . . . . . . . . . . 7 84 2.2. Commands and Responses . . . . . . . . . . . . . . . . . 7 85 2.2.1. Client Protocol Sender and Server Protocol Receiver . 7 86 2.2.2. Server Protocol Sender and Client Protocol Receiver . 8 87 2.3. Message Attributes . . . . . . . . . . . . . . . . . . . 9 88 2.3.1. Message Numbers . . . . . . . . . . . . . . . . . . . 9 89 2.3.2. Flags Message Attribute . . . . . . . . . . . . . . . 12 90 2.3.3. Internal Date Message Attribute . . . . . . . . . . . 14 91 2.3.4. [RFC-5322] Size Message Attribute . . . . . . . . . . 14 92 2.3.5. Envelope Structure Message Attribute . . . . . . . . 14 93 2.3.6. Body Structure Message Attribute . . . . . . . . . . 14 94 2.4. Message Texts . . . . . . . . . . . . . . . . . . . . . . 14 95 3. State and Flow Diagram . . . . . . . . . . . . . . . . . . . 14 96 3.1. Not Authenticated State . . . . . . . . . . . . . . . . . 15 97 3.2. Authenticated State . . . . . . . . . . . . . . . . . . . 15 98 3.3. Selected State . . . . . . . . . . . . . . . . . . . . . 15 99 3.4. Logout State . . . . . . . . . . . . . . . . . . . . . . 15 100 4. Data Formats . . . . . . . . . . . . . . . . . . . . . . . . 17 101 4.1. Atom . . . . . . . . . . . . . . . . . . . . . . . . . . 17 102 4.1.1. Sequence set and UID set . . . . . . . . . . . . . . 17 103 4.2. Number . . . . . . . . . . . . . . . . . . . . . . . . . 17 104 4.3. String . . . . . . . . . . . . . . . . . . . . . . . . . 17 105 4.3.1. 8-bit and Binary Strings . . . . . . . . . . . . . . 18 106 4.4. Parenthesized List . . . . . . . . . . . . . . . . . . . 19 107 4.5. NIL . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 108 5. Operational Considerations . . . . . . . . . . . . . . . . . 20 109 5.1. Mailbox Naming . . . . . . . . . . . . . . . . . . . . . 20 110 5.1.1. Mailbox Hierarchy Naming . . . . . . . . . . . . . . 21 111 5.1.2. Namespaces . . . . . . . . . . . . . . . . . . . . . 21 112 5.2. Mailbox Size and Message Status Updates . . . . . . . . . 23 113 5.3. Response when no Command in Progress . . . . . . . . . . 23 114 5.4. Autologout Timer . . . . . . . . . . . . . . . . . . . . 23 115 5.5. Multiple Commands in Progress (Command Pipelining) . . . 24 116 6. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 25 117 6.1. Client Commands - Any State . . . . . . . . . . . . . . . 26 118 6.1.1. CAPABILITY Command . . . . . . . . . . . . . . . . . 26 119 6.1.2. NOOP Command . . . . . . . . . . . . . . . . . . . . 27 120 6.1.3. LOGOUT Command . . . . . . . . . . . . . . . . . . . 27 121 6.2. Client Commands - Not Authenticated State . . . . . . . . 28 122 6.2.1. STARTTLS Command . . . . . . . . . . . . . . . . . . 28 123 6.2.2. AUTHENTICATE Command . . . . . . . . . . . . . . . . 30 124 6.2.3. LOGIN Command . . . . . . . . . . . . . . . . . . . . 33 125 6.3. Client Commands - Authenticated State . . . . . . . . . . 34 126 6.3.1. ENABLE Command . . . . . . . . . . . . . . . . . . . 34 127 6.3.2. SELECT Command . . . . . . . . . . . . . . . . . . . 36 128 6.3.3. EXAMINE Command . . . . . . . . . . . . . . . . . . . 38 129 6.3.4. CREATE Command . . . . . . . . . . . . . . . . . . . 39 130 6.3.5. DELETE Command . . . . . . . . . . . . . . . . . . . 40 131 6.3.6. RENAME Command . . . . . . . . . . . . . . . . . . . 42 132 6.3.7. SUBSCRIBE Command . . . . . . . . . . . . . . . . . . 44 133 6.3.8. UNSUBSCRIBE Command . . . . . . . . . . . . . . . . . 45 134 6.3.9. LIST Command . . . . . . . . . . . . . . . . . . . . 45 135 6.3.10. NAMESPACE Command . . . . . . . . . . . . . . . . . . 64 136 6.3.11. STATUS Command . . . . . . . . . . . . . . . . . . . 68 137 6.3.12. APPEND Command . . . . . . . . . . . . . . . . . . . 69 138 6.3.13. IDLE Command . . . . . . . . . . . . . . . . . . . . 72 139 6.4. Client Commands - Selected State . . . . . . . . . . . . 74 140 6.4.1. CLOSE Command . . . . . . . . . . . . . . . . . . . . 75 141 6.4.2. UNSELECT Command . . . . . . . . . . . . . . . . . . 75 142 6.4.3. EXPUNGE Command . . . . . . . . . . . . . . . . . . . 76 143 6.4.4. SEARCH Command . . . . . . . . . . . . . . . . . . . 76 144 6.4.5. FETCH Command . . . . . . . . . . . . . . . . . . . . 88 145 6.4.6. STORE Command . . . . . . . . . . . . . . . . . . . . 93 146 6.4.7. COPY Command . . . . . . . . . . . . . . . . . . . . 94 147 6.4.8. MOVE Command . . . . . . . . . . . . . . . . . . . . 95 148 6.4.9. UID Command . . . . . . . . . . . . . . . . . . . . . 97 149 6.5. Client Commands - Experimental/Expansion . . . . . . . . 99 150 7. Server Responses . . . . . . . . . . . . . . . . . . . . . . 99 151 7.1. Server Responses - Generic Status Responses . . . . . . . 100 152 7.1.1. OK Response . . . . . . . . . . . . . . . . . . . . . 108 153 7.1.2. NO Response . . . . . . . . . . . . . . . . . . . . . 109 154 7.1.3. BAD Response . . . . . . . . . . . . . . . . . . . . 109 155 7.1.4. PREAUTH Response . . . . . . . . . . . . . . . . . . 110 156 7.1.5. BYE Response . . . . . . . . . . . . . . . . . . . . 110 157 7.2. Server Responses - Server Status . . . . . . . . . . . . 111 158 7.2.1. ENABLED Response . . . . . . . . . . . . . . . . . . 111 159 7.2.2. CAPABILITY Response . . . . . . . . . . . . . . . . . 111 160 7.3. Server Responses - Mailbox Status . . . . . . . . . . . . 112 161 7.3.1. LIST Response . . . . . . . . . . . . . . . . . . . . 112 162 7.3.2. NAMESPACE Response . . . . . . . . . . . . . . . . . 116 163 7.3.3. STATUS Response . . . . . . . . . . . . . . . . . . . 117 164 7.3.4. ESEARCH Response . . . . . . . . . . . . . . . . . . 117 165 7.3.5. FLAGS Response . . . . . . . . . . . . . . . . . . . 117 166 7.4. Server Responses - Mailbox Size . . . . . . . . . . . . . 118 167 7.4.1. EXISTS Response . . . . . . . . . . . . . . . . . . . 118 168 7.5. Server Responses - Message Status . . . . . . . . . . . . 118 169 7.5.1. EXPUNGE Response . . . . . . . . . . . . . . . . . . 118 170 7.5.2. FETCH Response . . . . . . . . . . . . . . . . . . . 119 171 7.6. Server Responses - Command Continuation Request . . . . . 125 172 8. Sample IMAP4rev2 connection . . . . . . . . . . . . . . . . . 126 173 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 127 174 10. Author's Note . . . . . . . . . . . . . . . . . . . . . . . . 145 175 11. Security Considerations . . . . . . . . . . . . . . . . . . . 145 176 11.1. TLS related Security Considerations . . . . . . . . . . 145 177 11.2. STARTTLS command versa use of Implicit TLS port . . . . 146 178 11.3. Client handling of unsolicited responses not suitable 179 for the current connection state . . . . . . . . . . . . 146 180 11.4. COPYUID and APPENDUID response codes . . . . . . . . . . 147 181 11.5. LIST command and Other Users' namespace . . . . . . . . 147 182 11.6. Other Security Considerations . . . . . . . . . . . . . 147 183 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 148 184 12.1. Updates to IMAP4 Capabilities registry . . . . . . . . . 149 185 12.2. GSSAPI/SASL service name . . . . . . . . . . . . . . . . 149 186 12.3. LIST Selection Options, LIST Return Options, LIST 187 extended data items . . . . . . . . . . . . . . . . . . 149 188 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes . . 150 189 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 150 190 13.1. Normative References . . . . . . . . . . . . . . . . . . 150 191 13.2. Informative References (related protocols) . . . . . . . 153 192 13.3. Informative References (historical aspects of IMAP and 193 related protocols) . . . . . . . . . . . . . . . . . . . 155 194 Appendix A. Backward compatibility with IMAP4rev1 . . . . . . . 156 195 A.1. Mailbox International Naming Convention for compatibility 196 with IMAP4rev1 . . . . . . . . . . . . . . . . . . . . . 157 197 Appendix B. Backward compatibility with BINARY extension . . . . 158 198 Appendix C. Backward compatibility with LIST-EXTENDED extension 159 199 Appendix D. 63 bit body part and message sizes . . . . . . . . . 159 200 Appendix E. Changes from RFC 3501 / IMAP4rev1 . . . . . . . . . 159 201 Appendix F. Other Recommended IMAP Extensions . . . . . . . . . 161 202 Appendix G. Acknowledgement . . . . . . . . . . . . . . . . . . 162 203 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 204 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 167 206 1. How to Read This Document 208 1.1. Organization of This Document 210 This document is written from the point of view of the implementor of 211 an IMAP4rev2 client or server. Beyond the protocol overview in 212 section 2, it is not optimized for someone trying to understand the 213 operation of the protocol. The material in sections 3 through 5 214 provides the general context and definitions with which IMAP4rev2 215 operates. 217 Sections 6, 7, and 9 describe the IMAP commands, responses, and 218 syntax, respectively. The relationships among these are such that it 219 is almost impossible to understand any of them separately. In 220 particular, do not attempt to deduce command syntax from the command 221 section alone; instead refer to the Formal Syntax (Section 9). 223 1.2. Conventions Used in This Document 225 "Conventions" are basic principles or procedures. Document 226 conventions are noted in this section. 228 In examples, "C:" and "S:" indicate lines sent by the client and 229 server respectively. Note that each line includes the terminating 230 CRLF. 232 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 233 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 234 "OPTIONAL" in this document are to be interpreted as described in BCP 235 14 [RFC2119] [RFC8174] when, and only when, they appear in all 236 capitals, as shown here. 238 The word "can" (not "may") is used to refer to a possible 239 circumstance or situation, as opposed to an optional facility of the 240 protocol. 242 "User" is used to refer to a human user, whereas "client" refers to 243 the software being run by the user. 245 "Connection" refers to the entire sequence of client/server 246 interaction from the initial establishment of the network connection 247 until its termination. 249 "Session" refers to the sequence of client/server interaction from 250 the time that a mailbox is selected (SELECT or EXAMINE command) until 251 the time that selection ends (SELECT or EXAMINE of another mailbox, 252 CLOSE command, UNSELECT command, or connection termination). 254 The term "Implicit TLS" refers to the automatic negotiation of TLS 255 whenever a TCP connection is made on a particular TCP port that is 256 used exclusively by that server for TLS connections. The term 257 "Implicit TLS" is intended to contrast with the use of STARTTLS 258 command in IMAP that is used by the client and the server to 259 explicitly negotiate TLS on an established cleartext TCP connection. 261 Characters are 8-bit UTF-8 (of which 7-bit US-ASCII is a subset) 262 unless otherwise specified. Other character sets are indicated using 263 a "CHARSET", as described in [MIME-IMT] and defined in [CHARSET]. 264 CHARSETs have important additional semantics in addition to defining 265 character set; refer to these documents for more detail. 267 There are several protocol conventions in IMAP. These refer to 268 aspects of the specification which are not strictly part of the IMAP 269 protocol, but reflect generally-accepted practice. Implementations 270 need to be aware of these conventions, and avoid conflicts whether or 271 not they implement the convention. For example, "&" may not be used 272 as a hierarchy delimiter since it conflicts with the Mailbox 273 International Naming Convention, and other uses of "&" in mailbox 274 names are impacted as well. 276 1.3. Special Notes to Implementors 278 Implementors of the IMAP protocol are strongly encouraged to read the 279 IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in 280 conjunction with this document, to help understand the intricacies of 281 this protocol and how best to build an interoperable product. 283 IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1 284 [RFC3501], the [IMAP2] and unpublished IMAP2bis [IMAP2BIS] protocols. 285 IMAP4rev2 is largely compatible with the IMAP4rev1 protocol described 286 in RFC 3501 and the IMAP4 protocol described in RFC 1730; the 287 exception being in certain facilities added in RFC 1730 and RFC 3501 288 that proved problematic and were subsequently removed or replaced by 289 better alternatives. In the course of the evolution of IMAP4rev2, 290 some aspects in the earlier protocols have become obsolete. Obsolete 291 commands, responses, and data formats which an IMAP4rev2 292 implementation can encounter when used with an earlier implementation 293 are described in Appendix E, Appendix A and [IMAP-OBSOLETE]. 294 IMAP4rev2 supports 63bit body part and message sizes. IMAP4rev2 295 compatibility with BINARY and LIST-EXTENDED IMAP extensions are 296 described in Appendix B and Appendix C respectively. 298 Other compatibility issues with IMAP2bis, the most common variant of 299 the earlier protocol, are discussed in [IMAP-COMPAT]. A full 300 discussion of compatibility issues with rare (and presumed extinct) 301 variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is 302 primarily of historical interest. 304 IMAP was originally developed for the older [RFC-822] standard, and 305 as a consequence several fetch items in IMAP incorporate "RFC822" in 306 their name. In all cases, "RFC822" should be interpreted as a 307 reference to the updated [RFC-5322] standard. 309 2. Protocol Overview 311 2.1. Link Level 313 The IMAP4rev2 protocol assumes a reliable data stream such as that 314 provided by TCP. When TCP is used, an IMAP4rev2 server listens on 315 port 143 (cleartext port) or port 993 (Implicit TLS port). 317 2.2. Commands and Responses 319 An IMAP4rev2 connection consists of the establishment of a client/ 320 server network connection, an initial greeting from the server, and 321 client/server interactions. These client/server interactions consist 322 of a client command, server data, and a server completion result 323 response. 325 All interactions transmitted by client and server are in the form of 326 lines, that is, strings that end with a CRLF. The protocol receiver 327 of an IMAP4rev2 client or server is either reading a line, or is 328 reading a sequence of octets with a known count followed by a line. 330 2.2.1. Client Protocol Sender and Server Protocol Receiver 332 The client command begins an operation. Each client command is 333 prefixed with an identifier (typically a short alphanumeric string, 334 e.g., A0001, A0002, etc.) called a "tag". A different tag is 335 generated by the client for each command. More formally: the client 336 SHOULD generate a unique tag for every command, but a server MUST 337 accept tag reuse. 339 Clients MUST follow the syntax outlined in this specification 340 strictly. It is a syntax error to send a command with missing or 341 extraneous spaces or arguments. 343 There are two cases in which a line from the client does not 344 represent a complete command. In one case, a command argument is 345 quoted with an octet count (see the description of literal in 346 Section 4.3); in the other case, the command arguments require server 347 feedback (see the AUTHENTICATE command in Section 6.2.2). In either 348 case, the server sends a command continuation request response if it 349 is ready for the octets (if appropriate) and the remainder of the 350 command. This response is prefixed with the token "+". 352 Note: If instead, the server detected an error in the command, it 353 sends a BAD completion response with a tag matching the command 354 (as described below) to reject the command and prevent the client 355 from sending any more of the command. 357 It is also possible for the server to send a completion response 358 for some other command (if multiple commands are in progress), or 359 untagged data. In either case, the command continuation request 360 is still pending; the client takes the appropriate action for the 361 response, and reads another response from the server. In all 362 cases, the client MUST send a complete command (including 363 receiving all command continuation request responses and command 364 continuations for the command) before initiating a new command. 366 The protocol receiver of an IMAP4rev2 server reads a command line 367 from the client, parses the command and its arguments, and transmits 368 server data and a server command completion result response. 370 2.2.2. Server Protocol Sender and Client Protocol Receiver 372 Data transmitted by the server to the client and status responses 373 that do not indicate command completion are prefixed with the token 374 "*", and are called untagged responses. 376 Server data MAY be sent as a result of a client command, or MAY be 377 sent unilaterally by the server. There is no syntactic difference 378 between server data that resulted from a specific command and server 379 data that were sent unilaterally. 381 The server completion result response indicates the success or 382 failure of the operation. It is tagged with the same tag as the 383 client command which began the operation. Thus, if more than one 384 command is in progress, the tag in a server completion response 385 identifies the command to which the response applies. There are 386 three possible server completion responses: OK (indicating success), 387 NO (indicating failure), or BAD (indicating a protocol error such as 388 unrecognized command or command syntax error). 390 Servers SHOULD enforce the syntax outlined in this specification 391 strictly. Any client command with a protocol syntax error, including 392 (but not limited to) missing or extraneous spaces or arguments, 393 SHOULD be rejected, and the client given a BAD server completion 394 response. 396 The protocol receiver of an IMAP4rev2 client reads a response line 397 from the server. It then takes action on the response based upon the 398 first token of the response, which can be a tag, a "*", or a "+". 400 A client MUST be prepared to accept any server response at all times. 401 This includes server data that was not requested. Server data SHOULD 402 be remembered (cached), so that the client can reference its 403 remembered copy rather than sending a command to the server to 404 request the data. In the case of certain server data, the data MUST 405 be remembered, as specified elsewhere in this document. 407 This topic is discussed in greater detail in the Server Responses 408 section. 410 2.3. Message Attributes 412 In addition to message text, each message has several attributes 413 associated with it. These attributes can be retrieved individually 414 or in conjunction with other attributes or message texts. 416 2.3.1. Message Numbers 418 Messages in IMAP4rev2 are accessed by one of two numbers; the unique 419 identifier (UID) or the message sequence number. 421 2.3.1.1. Unique Identifier (UID) Message Attribute 423 A UID is an unsigned non-zero 32-bit value assigned to each message, 424 which when used with the unique identifier validity value (see below) 425 forms a 64-bit value that MUST NOT refer to any other message in the 426 mailbox or any subsequent mailbox with the same name forever. Unique 427 identifiers are assigned in a strictly ascending fashion in the 428 mailbox; as each message is added to the mailbox it is assigned a 429 higher UID than the message(s) which were added previously. Unlike 430 message sequence numbers, unique identifiers are not necessarily 431 contiguous. 433 The unique identifier of a message MUST NOT change during the 434 session, and SHOULD NOT change between sessions. Any change of 435 unique identifiers between sessions MUST be detectable using the 436 UIDVALIDITY mechanism discussed below. Persistent unique identifiers 437 are required for a client to resynchronize its state from a previous 438 session with the server (e.g., disconnected or offline access clients 439 [IMAP-MODEL]); this is discussed further in [IMAP-DISC]. 441 Associated with every mailbox are two 32-bit unsigned non-zero values 442 which aid in unique identifier handling: the next unique identifier 443 value (UIDNEXT) and the unique identifier validity value 444 (UIDVALIDITY). 446 The next unique identifier value is the predicted value that will be 447 assigned to a new message in the mailbox. Unless the unique 448 identifier validity also changes (see below), the next unique 449 identifier value MUST have the following two characteristics. First, 450 the next unique identifier value MUST NOT change unless new messages 451 are added to the mailbox; and second, the next unique identifier 452 value MUST change whenever new messages are added to the mailbox, 453 even if those new messages are subsequently expunged. 455 Note: The next unique identifier value is intended to provide a 456 means for a client to determine whether any messages have been 457 delivered to the mailbox since the previous time it checked this 458 value. It is not intended to provide any guarantee that any 459 message will have this unique identifier. A client can only 460 assume, at the time that it obtains the next unique identifier 461 value, that messages arriving after that time will have a UID 462 greater than or equal to that value. 464 The unique identifier validity value is sent in a UIDVALIDITY 465 response code in an OK untagged response at mailbox selection time. 466 If unique identifiers from an earlier session fail to persist in this 467 session, the unique identifier validity value MUST be greater than 468 the one used in the earlier session. A good UIDVALIDITY value to use 469 is a 32-bit representation of the current date/time when the value is 470 assigned: this ensures that the value is unique and always increases. 471 Another possible alternative is a global counter that gets 472 incremented every time a mailbox is created. 474 Note: Ideally, unique identifiers SHOULD persist at all times. 475 Although this specification recognizes that failure to persist can 476 be unavoidable in certain server environments, it strongly 477 encourages message store implementation techniques that avoid this 478 problem. For example: 480 1. Unique identifiers MUST be strictly ascending in the mailbox 481 at all times. If the physical message store is re-ordered by 482 a non-IMAP agent, this requires that the unique identifiers in 483 the mailbox be regenerated, since the former unique 484 identifiers are no longer strictly ascending as a result of 485 the re-ordering. 487 2. If the message store has no mechanism to store unique 488 identifiers, it must regenerate unique identifiers at each 489 session, and each session must have a unique UIDVALIDITY 490 value. 492 3. If the mailbox is deleted/renamed and a new mailbox with the 493 same name is created at a later date, the server must either 494 keep track of unique identifiers from the previous instance of 495 the mailbox, or it must assign a new UIDVALIDITY value to the 496 new instance of the mailbox. 498 4. The combination of mailbox name, UIDVALIDITY, and UID must 499 refer to a single immutable (or expunged) message on that 500 server forever. In particular, the internal date, [RFC-5322] 501 size, envelope, body structure, and message texts (all 502 BODY[...] fetch data items) MUST never change. This does not 503 include message numbers, nor does it include attributes that 504 can be set by a STORE command (e.g., FLAGS). When a message 505 is expunged, its UID MUST NOT be reused under the same 506 UIDVALIDITY value. 508 2.3.1.2. Message Sequence Number Message Attribute 510 A Message Sequence Number is a relative position from 1 to the number 511 of messages in the mailbox. This position MUST be ordered by 512 ascending unique identifier. As each new message is added, it is 513 assigned a message sequence number that is 1 higher than the number 514 of messages in the mailbox before that new message was added. 516 Message sequence numbers can be reassigned during the session. For 517 example, when a message is permanently removed (expunged) from the 518 mailbox, the message sequence number for all subsequent messages is 519 decremented. The number of messages in the mailbox is also 520 decremented. Similarly, a new message can be assigned a message 521 sequence number that was once held by some other message prior to an 522 expunge. 524 In addition to accessing messages by relative position in the 525 mailbox, message sequence numbers can be used in mathematical 526 calculations. For example, if an untagged "11 EXISTS" is received, 527 and previously an untagged "8 EXISTS" was received, three new 528 messages have arrived with message sequence numbers of 9, 10, and 11. 529 Another example, if message 287 in a 523 message mailbox has UID 530 12345, there are exactly 286 messages which have lesser UIDs and 236 531 messages which have greater UIDs. 533 2.3.2. Flags Message Attribute 535 A message has associated with it a list of zero or more named tokens, 536 known as "flags". A flag is set by its addition to this list, and is 537 cleared by its removal. There are two types of flags in IMAP4rev2: 538 system flags, and keywords. A flag of either type can also be 539 permanent or session-only. 541 A system flag is a flag name that is pre-defined in this 542 specification and begins with "\". Certain system flags (\Deleted 543 and \Seen) have special semantics described elsewhere in this 544 document. The currently-defined system flags are: 546 \Seen Message has been read 548 \Answered Message has been answered 550 \Flagged Message is "flagged" for urgent/special attention 552 \Deleted Message is "deleted" for removal by later EXPUNGE 554 \Draft Message has not completed composition (marked as a draft). 556 \Recent This flag was in use in IMAP4rev1 and is now deprecated. 558 A keyword is defined by the server implementation. Keywords do not 559 begin with "\". Servers MAY permit the client to define new keywords 560 in the mailbox (see the description of the PERMANENTFLAGS response 561 code for more information). Some keywords that start with "$" are 562 also defined in this specification. 564 This document defines several keywords that were not originally 565 defined in RFC 3501, but which were found to be useful by client 566 implementations. These keywords SHOULD be supported (i.e. allowed in 567 SEARCH, allowed and preserved in APPEND, COPY, MOVE commands) by 568 server implementations: 570 $Forwarded Message has been forwarded to another email address, 571 embedded within or attached to a new message. An email client 572 sets this keyword when it successfully forwards the message to 573 another email address. Typical usage of this keyword is to show a 574 different (or additional) icon for a message that has been 575 forwarded. Once set, the flag SHOULD NOT be cleared. 577 $MDNSent Message Disposition Notification [RFC8098] was generated 578 and sent for this message. See [RFC3503] for more details on how 579 this keyword is used. 581 $Junk The user (or a delivery agent on behalf of the user) may 582 choose to mark a message as definitely containing junk ($Junk; see 583 also the related keyword $NotJunk). The $Junk keyword can be used 584 to mark (and potentially move/delete messages later), group or 585 hide undesirable messages. See [IMAP-KEYWORDS-REG] for more 586 information. 588 $NotJunk The user (or a delivery agent on behalf of the user) may 589 choose to mark a message as definitely not containing junk 590 ($NotJunk; see also the related keyword $Junk). The $NotJunk 591 keyword can be used to mark, group or show messages that the user 592 wants to see. See [IMAP-KEYWORDS-REG] for more information. 594 $Phishing The $Phishing keyword can be used by a delivery agent to 595 mark a message as highly likely to be a phishing email. An email 596 that's determined to be a phishing email by the delivery agent 597 should also be considered a junk email and have the appropriate 598 junk filtering applied, including setting the $Junk flag and 599 placing in the \Junk special-use mailbox (see Section 7.3.1) if 600 available. 601 If both the $Phishing flag and the $Junk flag are set, the user 602 agent should display an additional warning message to the user. 603 Additionally the user agent may display a warning when clicking on 604 any hyperlinks within the message. 605 The requirement for both $Phishing and $Junk to be set before a 606 user agent displays a warning is for better backwards 607 compatibility with existing clients that understand the $Junk flag 608 but not the $Phishing flag. This is so that when an unextended 609 client removes the $Junk flag, an extended client will also show 610 the correct state. See [IMAP-KEYWORDS-REG] for more information. 612 $Junk and $NotJunk are mutually exclusive. If more than one of them 613 is set for a message, the client MUST treat this as if none of them 614 is set and SHOULD unset both of them on the IMAP server. 616 Other registered keywords can be found in the "IMAP and JMAP 617 Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be 618 registered in this registry using the procedure specified in 619 [RFC5788]. 621 A flag can be permanent or session-only on a per-flag basis. 622 Permanent flags are those which the client can add or remove from the 623 message flags permanently; that is, concurrent and subsequent 624 sessions will see any change in permanent flags. Changes to session 625 flags are valid only in that session. 627 2.3.3. Internal Date Message Attribute 629 An Internal Date message attribute is the internal date and time of 630 the message on the server. This is not the date and time in the 631 [RFC-5322] header, but rather a date and time which reflects when the 632 message was received. In the case of messages delivered via [SMTP], 633 this is the date and time of final delivery of the message as defined 634 by [SMTP]. In the case of messages delivered by the IMAP4rev2 COPY 635 or MOVE command, this SHOULD be the internal date and time of the 636 source message. In the case of messages delivered by the IMAP4rev2 637 APPEND command, this SHOULD be the date and time as specified in the 638 APPEND command description. All other cases are implementation 639 defined. 641 2.3.4. [RFC-5322] Size Message Attribute 643 An RFC 5322 size is the number of octets in the message, as expressed 644 in [RFC-5322] format. 646 2.3.5. Envelope Structure Message Attribute 648 An Envelope Structure is a parsed representation of the [RFC-5322] 649 header of the message. Note that the IMAP Envelope structure is not 650 the same as an [SMTP] envelope. 652 2.3.6. Body Structure Message Attribute 654 A Body Structure is a parsed representation of the [MIME-IMB] body 655 structure information of the message. 657 2.4. Message Texts 659 In addition to being able to fetch the full [RFC-5322] text of a 660 message, IMAP4rev2 permits the fetching of portions of the full 661 message text. Specifically, it is possible to fetch the [RFC-5322] 662 message header, [RFC-5322] message body, a [MIME-IMB] body part, or a 663 [MIME-IMB] header. 665 3. State and Flow Diagram 667 Once the connection between client and server is established, an 668 IMAP4rev2 connection is in one of four states. The initial state is 669 identified in the server greeting. Most commands are only valid in 670 certain states. It is a protocol error for the client to attempt a 671 command while the connection is in an inappropriate state, and the 672 server will respond with a BAD or NO (depending upon server 673 implementation) command completion result. 675 3.1. Not Authenticated State 677 In the not authenticated state, the client MUST supply authentication 678 credentials before most commands will be permitted. This state is 679 entered when a connection starts unless the connection has been pre- 680 authenticated. 682 3.2. Authenticated State 684 In the authenticated state, the client is authenticated and MUST 685 select a mailbox to access before commands that affect messages will 686 be permitted. This state is entered when a pre-authenticated 687 connection starts, when acceptable authentication credentials have 688 been provided, after an error in selecting a mailbox, or after a 689 successful CLOSE command. 691 3.3. Selected State 693 In a selected state, a mailbox has been selected to access. This 694 state is entered when a mailbox has been successfully selected. 696 3.4. Logout State 698 In the logout state, the connection is being terminated. This state 699 can be entered as a result of a client request (via the LOGOUT 700 command) or by unilateral action on the part of either the client or 701 server. 703 If the client requests the logout state, the server MUST send an 704 untagged BYE response and a tagged OK response to the LOGOUT command 705 before the server closes the connection; and the client MUST read the 706 tagged OK response to the LOGOUT command before the client closes the 707 connection. 709 A server SHOULD NOT unilaterally close the connection without sending 710 an untagged BYE response that contains the reason for having done so. 711 A client SHOULD NOT unilaterally close the connection, and instead 712 SHOULD issue a LOGOUT command. If the server detects that the client 713 has unilaterally closed the connection, the server MAY omit the 714 untagged BYE response and simply close its connection. 716 +----------------------+ 717 |connection established| 718 +----------------------+ 719 || 720 \/ 721 +--------------------------------------+ 722 | server greeting | 723 +--------------------------------------+ 724 || (1) || (2) || (3) 725 \/ || || 726 +-----------------+ || || 727 |Not Authenticated| || || 728 +-----------------+ || || 729 || (7) || (4) || || 730 || \/ \/ || 731 || +----------------+ || 732 || | Authenticated |<=++ || 733 || +----------------+ || || 734 || || (7) || (5) || (6) || 735 || || \/ || || 736 || || +--------+ || || 737 || || |Selected|==++ || 738 || || +--------+ || 739 || || || (7) || 740 \/ \/ \/ \/ 741 +--------------------------------------+ 742 | Logout | 743 +--------------------------------------+ 744 || 745 \/ 746 +-------------------------------+ 747 |both sides close the connection| 748 +-------------------------------+ 750 (1) connection without pre-authentication (OK greeting) 751 (2) pre-authenticated connection (PREAUTH greeting) 752 (3) rejected connection (BYE greeting) 753 (4) successful LOGIN or AUTHENTICATE command 754 (5) successful SELECT or EXAMINE command 755 (6) CLOSE command, unsolicited CLOSED response code or 756 failed SELECT or EXAMINE command 757 (7) LOGOUT command, server shutdown, or connection closed 759 4. Data Formats 761 IMAP4rev2 uses textual commands and responses. Data in IMAP4rev2 can 762 be in one of several forms: atom, number, string, parenthesized list, 763 or NIL. Note that a particular data item may take more than one 764 form; for example, a data item defined as using "astring" syntax may 765 be either an atom or a string. 767 4.1. Atom 769 An atom consists of one or more non-special characters. 771 4.1.1. Sequence set and UID set 773 A set of messages can be referenced by a sequence set containing 774 either message sequence numbers or unique identifiers. See Section 9 775 for details. Sequence sets can contain ranges (e.g. "5:50"), an 776 enumeration of specific message sequence numbers/unique identifiers, 777 a special symbol "*", or a combination of the above. Note that a 778 sequence set never mixes message sequence numbers and unique 779 identifiers in the same representation. 781 A "UID set" is similar to the sequence set of unique identifiers; 782 however, the "*" value for a sequence number is not permitted. 784 4.2. Number 786 A number consists of one or more digit characters, and represents a 787 numeric value. 789 4.3. String 791 A string is in one of three forms: synchronizing literal, non- 792 synchronizing literal or quoted string. The synchronizing literal 793 form is the general form of string. The non-synchronizing literal 794 form is also the general form, but has length limitation. The quoted 795 string form is an alternative that avoids the overhead of processing 796 a literal at the cost of limitations of characters which may be used. 798 When the distinction between synchronizing and non-synchronizing 799 literals is not important, this document just uses the term 800 "literal". 802 A synchronizing literal is a sequence of zero or more octets 803 (including CR and LF), prefix-quoted with an octet count in the form 804 of an open brace ("{"), the number of octets, close brace ("}"), and 805 CRLF. In the case of synchronizing literals transmitted from server 806 to client, the CRLF is immediately followed by the octet data. In 807 the case of synchronizing literals transmitted from client to server, 808 the client MUST wait to receive a command continuation request 809 (described later in this document) before sending the octet data (and 810 the remainder of the command). 812 The non-synchronizing literal is an alternative form of synchronizing 813 literal, and it may appear in communication from client to server 814 instead of the synchonizing form of literal. The non-synchronizing 815 literal form MUST NOT be sent from server to client. The non- 816 synchronizing literal is distinguished from the synchronizing literal 817 by having a plus ("+") between the octet count and the closing brace 818 ("}"). The server does not generate a command continuation request 819 in response to a non-synchronizing literal, and clients are not 820 required to wait before sending the octets of a non- synchronizing 821 literal. Non-synchronizing literals MUST NOT be larger than 4096 822 octets. Any literal larger than 4096 bytes MUST be sent as a 823 synchronizing literal. (Non-synchronizing literals defined in this 824 document are the same as non-synchronizing literals defined by the 825 LITERAL- extension from [RFC7888]. See that document for details on 826 how to handle invalid non-synchronizing literals longer than 4096 827 octets and for interaction with other IMAP extensions.) 829 A quoted string is a sequence of zero or more Unicode characters, 830 excluding CR and LF, encoded in UTF-8, with double quote (<">) 831 characters at each end. 833 The empty string is represented as "" (a quoted string with zero 834 characters between double quotes), as {0} followed by CRLF (a 835 synchronizing literal with an octet count of 0) or as {0+} followed 836 by CRLF (a non-synchronizing literal with an octet count of 0). 838 Note: Even if the octet count is 0, a client transmitting a 839 synchronizing literal MUST wait to receive a command continuation 840 request. 842 4.3.1. 8-bit and Binary Strings 844 8-bit textual and binary mail is supported through the use of a 845 [MIME-IMB] content transfer encoding. IMAP4rev2 implementations MAY 846 transmit 8-bit or multi-octet characters in literals, but SHOULD do 847 so only when the [CHARSET] is identified. 849 IMAP4rev2 is compatible with [I18N-HDRS]. As a result, the 850 identified charset for header-field values with 8-bit content is 851 UTF-8 [UTF-8]. IMAP4rev2 implementations MUST accept and MAY 852 transmit [UTF-8] text in quoted-strings as long as the string does 853 not contain NUL, CR, or LF. This differs from IMAP4rev1 854 implementations. 856 Although a BINARY content transfer encoding is defined, unencoded 857 binary strings are not permitted, unless returned in a in 858 response to BINARY.PEEK[]<> or 859 BINARY[]<> FETCH data item. A "binary 860 string" is any string with NUL characters. A string with an 861 excessive amount of CTL characters MAY also be considered to be 862 binary. Unless returned in response to BINARY.PEEK[...]/BINARY[...] 863 FETCH, client and server implementations MUST encode binary data into 864 a textual form, such as BASE64, before transmitting the data. 866 4.4. Parenthesized List 868 Data structures are represented as a "parenthesized list"; a sequence 869 of data items, delimited by space, and bounded at each end by 870 parentheses. A parenthesized list can contain other parenthesized 871 lists, using multiple levels of parentheses to indicate nesting. 873 The empty list is represented as () -- a parenthesized list with no 874 members. 876 4.5. NIL 878 The special form "NIL" represents the non-existence of a particular 879 data item that is represented as a string or parenthesized list, as 880 distinct from the empty string "" or the empty parenthesized list (). 882 Note: NIL is never used for any data item which takes the form of 883 an atom. For example, a mailbox name of "NIL" is a mailbox named 884 NIL as opposed to a non-existent mailbox name. This is because 885 mailbox uses "astring" syntax which is an atom or a string. 886 Conversely, an addr-name of NIL is a non-existent personal name, 887 because addr-name uses "nstring" syntax which is NIL or a string, 888 but never an atom. 890 Examples: 892 The following LIST response: 894 * LIST () "/" NIL 896 is equivalent to: 898 * LIST () "/" "NIL" 900 as LIST response ABNF is using "astring" for mailbox name. 902 However, the following response 904 * FETCH 1 (BODY[1] NIL) 906 is not equivalent to: 908 * FETCH 1 (BODY[1] "NIL") 910 The former means absence of the body part, while the latter 911 means that it contains literal sequence of characters "NIL". 913 5. Operational Considerations 915 The following rules are listed here to ensure that all IMAP4rev2 916 implementations interoperate properly. 918 5.1. Mailbox Naming 920 In IMAP4rev2, Mailbox names are encoded in Net-Unicode [NET-UNICODE] 921 (this differs from IMAP4rev1). Client implementations MAY attempt to 922 create Net-Unicode mailbox names, and MUST interpret any 8-bit 923 mailbox names returned by LIST as [NET-UNICODE]. Server 924 implementations MUST prohibit the creation of 8-bit mailbox names 925 that do not comply with Net-Unicode. However, servers MAY accept a 926 de-normalized UTF-8 mailbox name and convert it to Unicode 927 normalization form "NFC" (as per Net-Unicode requirements) prior to 928 mailbox creation. Servers that choose to accept such de-normalized 929 UTF-8 mailbox names MUST accept them in all IMAP commands that have a 930 mailbox name parameter. In particular SELECT must open the 931 same mailbox that was successfully created with CREATE , even 932 if is a de-normalized UTF-8 mailbox name. 934 The case-insensitive mailbox name INBOX is a special name reserved to 935 mean "the primary mailbox for this user on this server". (Note that 936 this special name may not exist on some servers for some users, for 937 example if the user has no access to personal namespace.) The 938 interpretation of all other names is implementation-dependent. 940 In particular, this specification takes no position on case 941 sensitivity in non-INBOX mailbox names. Some server implementations 942 are fully case-sensitive in ASCII range; others preserve case of a 943 newly-created name but otherwise are case-insensitive; and yet others 944 coerce names to a particular case. Client implementations must be 945 able to interact with any of these. 947 There are certain client considerations when creating a new mailbox 948 name: 950 1. Any character which is one of the atom-specials (see the Formal 951 Syntax in Section 9) will require that the mailbox name be 952 represented as a quoted string or literal. 954 2. CTL and other non-graphic characters are difficult to represent 955 in a user interface and are best avoided. Servers MAY refuse to 956 create mailbox names containing Unicode CTL characters. 958 3. Although the list-wildcard characters ("%" and "*") are valid in 959 a mailbox name, it is difficult to use such mailbox names with 960 the LIST command due to the conflict with wildcard 961 interpretation. 963 4. Usually, a character (determined by the server implementation) is 964 reserved to delimit levels of hierarchy. 966 5. Two characters, "#" and "&", have meanings by convention, and 967 should be avoided except when used in that convention. See 968 Section 5.1.2.1 and Appendix A.1 respectively. 970 5.1.1. Mailbox Hierarchy Naming 972 If it is desired to export hierarchical mailbox names, mailbox names 973 MUST be left-to-right hierarchical using a single character to 974 separate levels of hierarchy. The same hierarchy separator character 975 is used for all levels of hierarchy within a single name. 977 5.1.2. Namespaces 979 Personal Namespace: A namespace that the server considers within the 980 personal scope of the authenticated user on a particular connection. 981 Typically, only the authenticated user has access to mailboxes in 982 their Personal Namespace. It is the part of the namespace that 983 belongs to the user that is allocated for mailboxes. If an INBOX 984 exists for a user, it MUST appear within the user's personal 985 namespace. In the typical case, there SHOULD be only one Personal 986 Namespace per user on a server. 988 Other Users' Namespace: A namespace that consists of mailboxes from 989 the Personal Namespaces of other users. To access mailboxes in the 990 Other Users' Namespace, the currently authenticated user MUST be 991 explicitly granted access rights. For example, it is common for a 992 manager to grant to their administrative support staff access rights 993 to their mailbox. In the typical case, there SHOULD be only one 994 Other Users' Namespace per user on a server. 996 Shared Namespace: A namespace that consists of mailboxes that are 997 intended to be shared amongst users and do not exist within a user's 998 Personal Namespace. 1000 The namespaces a server uses MAY differ on a per-user basis. 1002 5.1.2.1. Historic Mailbox Namespace Naming Convention 1004 By convention, the first hierarchical element of any mailbox name 1005 which begins with "#" identifies the "namespace" of the remainder of 1006 the name. This makes it possible to disambiguate between different 1007 types of mailbox stores, each of which have their own namespaces. 1009 For example, implementations which offer access to USENET 1010 newsgroups MAY use the "#news" namespace to partition the USENET 1011 newsgroup namespace from that of other mailboxes. Thus, the 1012 comp.mail.misc newsgroup would have a mailbox name of 1013 "#news.comp.mail.misc", and the name "comp.mail.misc" can refer to 1014 a different object (e.g., a user's private mailbox). 1016 Namespaces that include the "#" character are not IMAP URL [IMAP-URL] 1017 friendly requiring the "#" character to be represented as %23 when 1018 within URLs. As such, server implementors MAY instead consider using 1019 namespace prefixes that do not contain the "#" character. 1021 5.1.2.2. Common namespace models 1023 Previous version of this protocol does not define a default server 1024 namespace. Two common namespace models have evolved: 1026 The "Personal Mailbox" model, in which the default namespace that is 1027 presented consists of only the user's personal mailboxes. To access 1028 shared mailboxes, the user must use an escape mechanism to reach 1029 another namespace. 1031 The "Complete Hierarchy" model, in which the default namespace that 1032 is presented includes the user's personal mailboxes along with any 1033 other mailboxes they have access to. 1035 5.2. Mailbox Size and Message Status Updates 1037 At any time, a server can send data that the client did not request. 1038 Sometimes, such behavior is required by this specification and/or 1039 extensions. For example, agents other than the server MAY add 1040 messages to the mailbox (e.g., new message delivery), change the 1041 flags of the messages in the mailbox (e.g., simultaneous access to 1042 the same mailbox by multiple agents), or even remove messages from 1043 the mailbox. A server MUST send mailbox size updates automatically 1044 if a mailbox size change is observed during the processing of a 1045 command. A server SHOULD send message flag updates automatically, 1046 without requiring the client to request such updates explicitly. 1048 Special rules exist for server notification of a client about the 1049 removal of messages to prevent synchronization errors; see the 1050 description of the EXPUNGE response (Section 7.5.1) for more detail. 1051 In particular, it is NOT permitted to send an EXISTS response that 1052 would reduce the number of messages in the mailbox; only the EXPUNGE 1053 response can do this. 1055 Regardless of what implementation decisions a client makes on 1056 remembering data from the server, a client implementation MUST 1057 remember mailbox size updates. It MUST NOT assume that any command 1058 after the initial mailbox selection will return the size of the 1059 mailbox. 1061 5.3. Response when no Command in Progress 1063 Server implementations are permitted to send an untagged response 1064 (except for EXPUNGE) while there is no command in progress. Server 1065 implementations that send such responses MUST deal with flow control 1066 considerations. Specifically, they MUST either (1) verify that the 1067 size of the data does not exceed the underlying transport's available 1068 window size, or (2) use non-blocking writes. 1070 5.4. Autologout Timer 1072 If a server has an inactivity autologout timer that applies to 1073 sessions after authentication, the duration of that timer MUST be at 1074 least 30 minutes. The receipt of any command from the client during 1075 that interval resets the autologout timer. 1077 Note that this specification doesn't have any restrictions on 1078 autologout timer used before successful client authentication. In 1079 particular, servers are allowed to use shortened pre-authentication 1080 timer to protect themselves from Denial of Service attacks. 1082 5.5. Multiple Commands in Progress (Command Pipelining) 1084 The client MAY send another command without waiting for the 1085 completion result response of a command, subject to ambiguity rules 1086 (see below) and flow control constraints on the underlying data 1087 stream. Similarly, a server MAY begin processing another command 1088 before processing the current command to completion, subject to 1089 ambiguity rules. However, any command continuation request responses 1090 and command continuations MUST be negotiated before any subsequent 1091 command is initiated. 1093 The exception is if an ambiguity would result because of a command 1094 that would affect the results of other commands. If the server 1095 detects a possible ambiguity, it MUST execute commands to completion 1096 in the order given by the client. 1098 The most obvious example of ambiguity is when a command would affect 1099 the results of another command, e.g., a FETCH of a message's flags 1100 and a STORE of that same message's flags. 1102 A non-obvious ambiguity occurs with commands that permit an untagged 1103 EXPUNGE response (commands other than FETCH, STORE, and SEARCH), 1104 since an untagged EXPUNGE response can invalidate sequence numbers in 1105 a subsequent command. This is not a problem for FETCH, STORE, or 1106 SEARCH commands because servers are prohibited from sending EXPUNGE 1107 responses while any of those commands are in progress. Therefore, if 1108 the client sends any command other than FETCH, STORE, or SEARCH, it 1109 MUST wait for the completion result response before sending a command 1110 with message sequence numbers. 1112 Note: EXPUNGE responses are permitted while UID FETCH, UID STORE, 1113 and UID SEARCH are in progress. If the client sends a UID 1114 command, it MUST wait for a completion result response before 1115 sending a command which uses message sequence numbers (this may 1116 include UID SEARCH). Any message sequence numbers in an argument 1117 to UID SEARCH are associated with messages prior to the effect of 1118 any untagged EXPUNGE returned by the UID SEARCH. 1120 For example, the following non-waiting command sequences are invalid: 1122 FETCH + NOOP + STORE 1124 STORE + COPY + FETCH 1126 COPY + COPY 1128 The following are examples of valid non-waiting command sequences: 1130 FETCH + STORE + SEARCH + NOOP 1132 STORE + COPY + EXPUNGE 1134 UID SEARCH + UID SEARCH may be valid or invalid as a non-waiting 1135 command sequence, depending upon whether or not the second UID 1136 SEARCH contains message sequence numbers. 1138 Use of SEARCH result variable (see Section 6.4.4.1) creates direct 1139 dependency between two commands. See Section 6.4.4.2 for more 1140 considerations about pipelining such dependent commands. 1142 6. Client Commands 1144 IMAP4rev2 commands are described in this section. Commands are 1145 organized by the state in which the command is permitted. Commands 1146 which are permitted in multiple states are listed in the minimum 1147 permitted state (for example, commands valid in authenticated and 1148 selected state are listed in the authenticated state commands). 1150 Command arguments, identified by "Arguments:" in the command 1151 descriptions below, are described by function, not by syntax. The 1152 precise syntax of command arguments is described in the Formal Syntax 1153 (Section 9). 1155 Some commands cause specific server responses to be returned; these 1156 are identified by "Responses:" in the command descriptions below. 1157 See the response descriptions in the Responses section (Section 7) 1158 for information on these responses, and the Formal Syntax (Section 9) 1159 for the precise syntax of these responses. It is possible for server 1160 data to be transmitted as a result of any command. Thus, commands 1161 that do not specifically require server data specify "no specific 1162 responses for this command" instead of "none". 1164 The "Result:" in the command description refers to the possible 1165 tagged status responses to a command, and any special interpretation 1166 of these status responses. 1168 The state of a connection is only changed by successful commands 1169 which are documented as changing state. A rejected command (BAD 1170 response) never changes the state of the connection or of the 1171 selected mailbox. A failed command (NO response) generally does not 1172 change the state of the connection or of the selected mailbox; the 1173 exception being the SELECT and EXAMINE commands. 1175 6.1. Client Commands - Any State 1177 The following commands are valid in any state: CAPABILITY, NOOP, and 1178 LOGOUT. 1180 6.1.1. CAPABILITY Command 1182 Arguments: none 1184 Responses: REQUIRED untagged response: CAPABILITY 1186 Result: OK - capability completed 1187 BAD - arguments invalid 1189 The CAPABILITY command requests a listing of capabilities (e.g. 1190 extensions and/or modifications of server behaviour) that the server 1191 supports. The server MUST send a single untagged CAPABILITY response 1192 with "IMAP4rev2" as one of the listed capabilities before the 1193 (tagged) OK response. 1195 A capability name which begins with "AUTH=" indicates that the server 1196 supports that particular authentication mechanism as defined in 1197 [SASL]. All such names are, by definition, part of this 1198 specification. 1200 Other capability names refer to extensions, revisions, or amendments 1201 to this specification. See the documentation of the CAPABILITY 1202 response in Section 7.2.2 for additional information. No 1203 capabilities, beyond the base IMAP4rev2 set defined in this 1204 specification, are enabled without explicit client action to invoke 1205 the capability. 1207 Client and server implementations MUST implement the STARTTLS 1208 Section 6.2.1, LOGINDISABLED, and AUTH=PLAIN (described in [PLAIN]) 1209 capabilities. See the Security Considerations (Section 11) for 1210 important information. 1212 Unless specified otherwise, all registered extensions to IMAP4rev1 1213 are also valid extensions to IMAP4rev2. 1215 Example: C: abcd CAPABILITY 1216 S: * CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI 1217 LOGINDISABLED 1218 S: abcd OK CAPABILITY completed 1219 C: efgh STARTTLS 1220 S: efgh OK STARTLS completed 1221 1222 C: ijkl CAPABILITY 1223 S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN 1224 S: ijkl OK CAPABILITY completed 1226 6.1.2. NOOP Command 1228 Arguments: none 1230 Responses: no specific responses for this command (but see below) 1232 Result: OK - noop completed 1233 BAD - command unknown or arguments invalid 1235 The NOOP command always succeeds. It does nothing. 1237 Since any command can return a status update as untagged data, the 1238 NOOP command can be used as a periodic poll for new messages or 1239 message status updates during a period of inactivity (the IDLE 1240 command Section 6.3.13 should be used instead of NOOP if real-time 1241 updates to mailbox state are desirable). The NOOP command can also 1242 be used to reset any inactivity autologout timer on the server. 1244 Example: C: a002 NOOP 1245 S: a002 OK NOOP completed 1246 . . . 1247 C: a047 NOOP 1248 S: * 22 EXPUNGE 1249 S: * 23 EXISTS 1250 S: * 14 FETCH (UID 1305 FLAGS (\Seen \Deleted)) 1251 S: a047 OK NOOP completed 1253 6.1.3. LOGOUT Command 1255 Arguments: none 1257 Responses: REQUIRED untagged response: BYE 1259 Result: OK - logout completed 1260 BAD - command unknown or arguments invalid 1262 The LOGOUT command informs the server that the client is done with 1263 the connection. The server MUST send a BYE untagged response before 1264 the (tagged) OK response, and then close the network connection. 1266 Example: C: A023 LOGOUT 1267 S: * BYE IMAP4rev2 Server logging out 1268 S: A023 OK LOGOUT completed 1269 (Server and client then close the connection) 1271 6.2. Client Commands - Not Authenticated State 1273 In the not authenticated state, the AUTHENTICATE or LOGIN command 1274 establishes authentication and enters the authenticated state. The 1275 AUTHENTICATE command provides a general mechanism for a variety of 1276 authentication techniques, privacy protection, and integrity 1277 checking; whereas the LOGIN command uses a traditional user name and 1278 plaintext password pair and has no means of establishing privacy 1279 protection or integrity checking. 1281 The STARTTLS command is an alternative form of establishing session 1282 privacy protection and integrity checking, but does not by itself 1283 establish authentication or enter the authenticated state. 1285 Server implementations MAY allow access to certain mailboxes without 1286 establishing authentication. This can be done by means of the 1287 ANONYMOUS [SASL] authenticator described in [ANONYMOUS]. An older 1288 convention is a LOGIN command using the userid "anonymous"; in this 1289 case, a password is required although the server may choose to accept 1290 any password. The restrictions placed on anonymous users are 1291 implementation-dependent. 1293 Once authenticated (including as anonymous), it is not possible to 1294 re-enter not authenticated state. 1296 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1297 the following commands are valid in the not authenticated state: 1298 STARTTLS, AUTHENTICATE and LOGIN. See the Security Considerations 1299 (Section 11) for important information about these commands. 1301 6.2.1. STARTTLS Command 1303 Arguments: none 1305 Responses: no specific response for this command 1307 Result: OK - starttls completed, begin TLS negotiation 1308 NO - TLS negotiation can't be initiated, due to server 1309 configuration error 1310 BAD - STARTTLS received after a successful TLS 1311 negotiation or arguments invalid 1313 A TLS [TLS-1.3] negotiation begins immediately after the CRLF at the 1314 end of the tagged OK response from the server. Once a client issues 1315 a STARTTLS command, it MUST NOT issue further commands until a server 1316 response is seen and the TLS negotiation is complete. Some past 1317 server implementation incorrectly implemented STARTTLS processing and 1318 are known to contain STARTTLS plaintext command injection 1319 vulnerability [CERT-555316]. In order to avoid this vulnerability, 1320 server implementations MUST do one of the following If any data is 1321 received in the same TCP buffer after the CRLF that starts the 1322 STARTTLS command: 1324 1. Extra data from the TCP buffer is interpreted as beginning of the 1325 TLS handshake. (If the data is in cleartext, this will result in 1326 the TLS handshake failing.) 1328 2. Extra data from the TCP buffer is thrown away. 1330 Note that the first option is friendlier to clients that pipeline 1331 beginning of STARTTLS command with TLS handshake data. 1333 After successful TLS negotiation the server remains in the non- 1334 authenticated state, even if client credentials are supplied during 1335 the TLS negotiation. This does not preclude an authentication 1336 mechanism such as EXTERNAL (defined in [SASL]) from using client 1337 identity determined by the TLS negotiation. 1339 Once TLS has been started, the client MUST discard cached information 1340 about server capabilities and SHOULD re-issue the CAPABILITY command. 1341 This is necessary to protect against man-in- the-middle attacks which 1342 alter the capabilities list prior to STARTTLS. The server MAY 1343 advertise different capabilities, and in particular SHOULD NOT 1344 advertise the STARTTLS capability, after a successful STARTTLS 1345 command. 1347 Example: C: a001 CAPABILITY 1348 S: * CAPABILITY IMAP4rev2 STARTTLS LOGINDISABLED 1349 S: a001 OK CAPABILITY completed 1350 C: a002 STARTTLS 1351 S: a002 OK Begin TLS negotiation now 1352 1353 C: a003 CAPABILITY 1354 S: * CAPABILITY IMAP4rev2 AUTH=PLAIN 1355 S: a003 OK CAPABILITY completed 1356 C: a004 LOGIN joe password 1357 S: a004 OK LOGIN completed 1359 6.2.2. AUTHENTICATE Command 1361 Arguments: SASL authentication mechanism name 1362 OPTIONAL initial response 1364 Responses: continuation data can be requested 1366 Result: OK - authenticate completed, now in authenticated state 1367 NO - authenticate failure: unsupported authentication 1368 mechanism, credentials rejected 1369 BAD - command unknown or arguments invalid, 1370 authentication exchange cancelled 1372 The AUTHENTICATE command indicates a [SASL] authentication mechanism 1373 to the server. If the server supports the requested authentication 1374 mechanism, it performs an authentication protocol exchange to 1375 authenticate and identify the client. It MAY also negotiate an 1376 OPTIONAL security layer for subsequent protocol interactions. If the 1377 requested authentication mechanism is not supported, the server 1378 SHOULD reject the AUTHENTICATE command by sending a tagged NO 1379 response. 1381 The AUTHENTICATE command supports the optional "initial response" 1382 feature defined in Section 5.1 of [SASL]. The client doesn't need to 1383 use it. If a SASL mechanism supports "initial response", but it is 1384 not specified by the client, the server handles this as specified in 1385 Section 3 of [SASL]. 1387 The service name specified by this protocol's profile of [SASL] is 1388 "imap". 1390 The authentication protocol exchange consists of a series of server 1391 challenges and client responses that are specific to the 1392 authentication mechanism. A server challenge consists of a command 1393 continuation request response with the "+" token followed by a BASE64 1394 encoded (see Section 4 of [RFC4648]) string. The client response 1395 consists of a single line consisting of a BASE64 encoded string. If 1396 the client wishes to cancel an authentication exchange, it issues a 1397 line consisting of a single "*". If the server receives such a 1398 response, or if it receives an invalid BASE64 string (e.g. 1399 characters outside the BASE64 alphabet, or non-terminal "="), it MUST 1400 reject the AUTHENTICATE command by sending a tagged BAD response. 1402 As with any other client response, this initial response MUST be 1403 encoded as BASE64. It also MUST be transmitted outside of a quoted 1404 string or literal. To send a zero-length initial response, the 1405 client MUST send a single pad character ("="). This indicates that 1406 the response is present, but is a zero-length string. 1408 When decoding the BASE64 data in the initial response, decoding 1409 errors MUST be treated as in any normal SASL client response, i.e. 1410 with a tagged BAD response. In particular, the server should check 1411 for any characters not explicitly allowed by the BASE64 alphabet, as 1412 well as any sequence of BASE64 characters that contains the pad 1413 character ('=') anywhere other than the end of the string (e.g., 1414 "=AAA" and "AAA=BBB" are not allowed). 1416 If the client uses an initial response with a SASL mechanism that 1417 does not support an initial response, the server MUST reject the 1418 command with a tagged BAD response. 1420 If a security layer is negotiated through the [SASL] authentication 1421 exchange, it takes effect immediately following the CRLF that 1422 concludes the authentication exchange for the client, and the CRLF of 1423 the tagged OK response for the server. 1425 While client and server implementations MUST implement the 1426 AUTHENTICATE command itself, it is not required to implement any 1427 authentication mechanisms other than the PLAIN mechanism described in 1428 [PLAIN]. Also, an authentication mechanism is not required to 1429 support any security layers. 1431 Note: a server implementation MUST implement a configuration in 1432 which it does NOT permit any plaintext password mechanisms, unless 1433 either the STARTTLS command has been negotiated, TLS has been 1434 negotiated on an Implicit TLS port, or some other mechanism that 1435 protects the session from password snooping has been provided. 1436 Server sites SHOULD NOT use any configuration which permits a 1437 plaintext password mechanism without such a protection mechanism 1438 against password snooping. Client and server implementations 1439 SHOULD implement additional [SASL] mechanisms that do not use 1440 plaintext passwords, such the GSSAPI mechanism described in 1441 [RFC4752], the SCRAM-SHA-256/SCRAM-SHA-256-PLUS [SCRAM-SHA-256] 1442 mechanisms and/or EXTERNAL [SASL] mechanism for mutual TLS 1443 authentication. (Note that SASL framework allows creation of SASL 1444 mechanisms that support 2FA (2-factor authentication), however 1445 none are fully ready to be recommended by this document.) 1447 Servers and clients can support multiple authentication mechanisms. 1448 The server SHOULD list its supported authentication mechanisms in the 1449 response to the CAPABILITY command so that the client knows which 1450 authentication mechanisms to use. 1452 A server MAY include a CAPABILITY response code in the tagged OK 1453 response of a successful AUTHENTICATE command in order to send 1454 capabilities automatically. It is unnecessary for a client to send a 1455 separate CAPABILITY command if it recognizes these automatic 1456 capabilities. This should only be done if a security layer was not 1457 negotiated by the AUTHENTICATE command, because the tagged OK 1458 response as part of an AUTHENTICATE command is not protected by 1459 encryption/integrity checking. [SASL] requires the client to re- 1460 issue a CAPABILITY command in this case. The server MAY advertise 1461 different capabilities after a successful AUTHENTICATE command. 1463 If an AUTHENTICATE command fails with a NO response, the client MAY 1464 try another authentication mechanism by issuing another AUTHENTICATE 1465 command. It MAY also attempt to authenticate by using the LOGIN 1466 command (see Section 6.2.3 for more detail). In other words, the 1467 client MAY request authentication types in decreasing order of 1468 preference, with the LOGIN command as a last resort. 1470 The authorization identity passed from the client to the server 1471 during the authentication exchange is interpreted by the server as 1472 the user name whose privileges the client is requesting. 1474 Example: S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI] 1475 Capabilities 1476 C: A001 AUTHENTICATE GSSAPI 1477 S: + 1478 C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw 1479 MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0 1480 b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW 1481 Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA 1482 cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX 1483 AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y 1484 C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb 1485 I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi 1486 vd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpAL 1487 pHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9n 1488 FdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdE 1489 NKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhx 1490 O6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTB 1491 vCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg== 1492 S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC 1493 AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0 1494 uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg== 1495 C: 1496 S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe 1497 ceP2CWY0SR0fAQAgAAQEBAQ= 1498 C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP 1499 wkhbfa2QteAQAgAG1yYwE= 1500 S: A001 OK GSSAPI authentication successful 1502 The following example demonstrates use of initial response 1504 Example: 1505 S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI 1506 LOGINDISABLED] Server ready 1507 C: A01 STARTTLS 1508 S: A01 OK STARTLS completed 1509 1510 C: A02 CAPABILITY 1511 S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN 1512 S: A02 OK CAPABILITY completed 1513 C: A01 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q= 1514 S: A001 OK Success (tls protection) 1516 Note: The line breaks within server challenges and client responses 1517 are for editorial clarity and are not in real authenticators. 1519 6.2.3. LOGIN Command 1521 Arguments: user name 1522 password 1524 Responses: no specific responses for this command 1526 Result: OK - login completed, now in authenticated state 1527 NO - login failure: user name or password rejected 1528 BAD - command unknown or arguments invalid 1530 The LOGIN command identifies the client to the server and carries the 1531 plaintext password authenticating this user. The LOGIN command 1532 SHOULD NOT be used except as a last resort (after attempting and 1533 failing to authenticate using the AUTHENTICATE command one or more 1534 times), and it is recommended that client implementations have a 1535 means to disable any automatic use of the LOGIN command. 1537 A server MAY include a CAPABILITY response code in the tagged OK 1538 response to a successful LOGIN command in order to send capabilities 1539 automatically. It is unnecessary for a client to send a separate 1540 CAPABILITY command if it recognizes these automatic capabilities. 1542 Example: C: a001 LOGIN SMITH SESAME 1543 S: a001 OK LOGIN completed 1545 Note: Use of the LOGIN command over an insecure network (such as the 1546 Internet) is a security risk, because anyone monitoring network 1547 traffic can obtain plaintext passwords. For that reason clients MUST 1548 NOT use LOGIN on unsecure networks. 1550 Unless either the client is accessing IMAP service on Implicit TLS 1551 port [RFC8314], the STARTTLS command has been negotiated or some 1552 other mechanism that protects the session from password snooping has 1553 been provided, a server implementation MUST implement a configuration 1554 in which it advertises the LOGINDISABLED capability and does NOT 1555 permit the LOGIN command. Server sites SHOULD NOT use any 1556 configuration which permits the LOGIN command without such a 1557 protection mechanism against password snooping. A client 1558 implementation MUST NOT send a LOGIN command if the LOGINDISABLED 1559 capability is advertised. 1561 6.3. Client Commands - Authenticated State 1563 In the authenticated state, commands that manipulate mailboxes as 1564 atomic entities are permitted. Of these commands, the SELECT and 1565 EXAMINE commands will select a mailbox for access and enter the 1566 selected state. 1568 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1569 the following commands are valid in the authenticated state: ENABLE, 1570 SELECT, EXAMINE, NAMESPACE, CREATE, DELETE, RENAME, SUBSCRIBE, 1571 UNSUBSCRIBE, LIST, STATUS, APPEND and IDLE. 1573 6.3.1. ENABLE Command 1575 Arguments: capability names 1577 Responses: no specific responses for this command 1579 Result: OK - Relevant capabilities enabled 1580 BAD - No arguments, or syntax error in an argument 1582 Several IMAP extensions allow the server to return unsolicited 1583 responses specific to these extensions in certain circumstances. 1584 However, servers cannot send those unsolicited responses (with the 1585 exception of response codes (see Section 7.1) included in tagged or 1586 untagged OK/NO/BAD responses, which can always be sent) until they 1587 know that the clients support such extensions and thus won't choke on 1588 the extension response data. 1590 The ENABLE command provides an explicit indication from the client 1591 that it supports particular extensions. It is designed such that the 1592 client can send a simple constant string with the extensions it 1593 supports, and the server will enable the shared subset that both 1594 support. 1596 The ENABLE command takes a list of capability names, and requests the 1597 server to enable the named extensions. Once enabled using ENABLE, 1598 each extension remains active until the IMAP connection is closed. 1599 For each argument, the server does the following: 1601 o If the argument is not an extension known to the server, the 1602 server MUST ignore the argument. 1604 o If the argument is an extension known to the server, and it is not 1605 specifically permitted to be enabled using ENABLE, the server MUST 1606 ignore the argument. (Note that knowing about an extension 1607 doesn't necessarily imply supporting that extension.) 1609 o If the argument is an extension that is supported by the server 1610 and that needs to be enabled, the server MUST enable the extension 1611 for the duration of the connection. Note that once an extension 1612 is enabled, there is no way to disable it. 1614 If the ENABLE command is successful, the server MUST send an untagged 1615 ENABLED response Section 7.2.1, which includes all enabled extensions 1616 as specified above. The ENABLED response is sent even if no 1617 extensions were enabled. 1619 Clients SHOULD only include extensions that need to be enabled by the 1620 server. For example, a client can enable IMAP4rev2 specific 1621 behaviour when both IMAP4rev1 and IMAP4rev2 are advertised in the 1622 CAPABILITY response. Future RFCs may add to this list. 1624 The ENABLE command is only valid in the authenticated state, before 1625 any mailbox is selected. Clients MUST NOT issue ENABLE once they 1626 SELECT/EXAMINE a mailbox; however, server implementations don't have 1627 to check that no mailbox is selected or was previously selected 1628 during the duration of a connection. 1630 The ENABLE command can be issued multiple times in a session. It is 1631 additive; i.e., "ENABLE a b", followed by "ENABLE c" is the same as a 1632 single command "ENABLE a b c". When multiple ENABLE commands are 1633 issued, each corresponding ENABLED response SHOULD only contain 1634 extensions enabled by the corresponding ENABLE command, i.e. for the 1635 above example, the ENABLED response to "ENABLE c" should not contain 1636 "a" or "b". 1638 There are no limitations on pipelining ENABLE. For example, it is 1639 possible to send ENABLE and then immediately SELECT, or a LOGIN 1640 immediately followed by ENABLE. 1642 The server MUST NOT change the CAPABILITY list as a result of 1643 executing ENABLE; i.e., a CAPABILITY command issued right after an 1644 ENABLE command MUST list the same capabilities as a CAPABILITY 1645 command issued before the ENABLE command. This is demonstrated in 1646 the following example. Note that below "X-GOOD-IDEA" is a fictitious 1647 extension capability that can be ENABLEd. 1649 C: t1 CAPABILITY 1650 S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA 1651 S: t1 OK foo 1652 C: t2 ENABLE CONDSTORE X-GOOD-IDEA 1653 S: * ENABLED X-GOOD-IDEA 1654 S: t2 OK foo 1655 C: t3 CAPABILITY 1656 S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA 1657 S: t3 OK foo again 1659 In the following example, the client enables CONDSTORE: 1661 C: a1 ENABLE CONDSTORE 1662 S: * ENABLED CONDSTORE 1663 S: a1 OK Conditional Store enabled 1665 6.3.1.1. Note to Designers of Extensions That May Use the ENABLE 1666 Command 1668 Designers of IMAP extensions are discouraged from creating extensions 1669 that require ENABLE unless there is no good alternative design. 1670 Specifically, extensions that cause potentially incompatible behavior 1671 changes to deployed server responses (and thus benefit from ENABLE) 1672 have a higher complexity cost than extensions that do not. 1674 6.3.2. SELECT Command 1676 Arguments: mailbox name 1678 Responses: REQUIRED untagged responses: FLAGS, EXISTS 1679 REQUIRED OK untagged responses: PERMANENTFLAGS, 1680 UIDNEXT, UIDVALIDITY 1681 REQUIRED untagged response: LIST 1683 Result: OK - select completed, now in selected state 1684 NO - select failure, now in authenticated state: no 1685 such mailbox, can't access mailbox 1686 BAD - command unknown or arguments invalid 1688 The SELECT command selects a mailbox so that messages in the mailbox 1689 can be accessed. Before returning an OK to the client, the server 1690 MUST send the following untagged data to the client. (The order of 1691 individual responses is not important.) Note that earlier versions 1692 of this protocol (e.g. IMAP2bis) only required the FLAGS and EXISTS 1693 untagged data; consequently, client implementations SHOULD implement 1694 default behavior for missing data as discussed with the individual 1695 item. 1697 FLAGS Defined flags in the mailbox. See the description of the 1698 FLAGS response in Section 7.3.5 for more detail. 1700 EXISTS The number of messages in the mailbox. See the 1701 description of the EXISTS response in Section 7.4.1 for more 1702 detail. 1704 LIST The server MUST return a LIST response with the mailbox name. 1705 If the server allows de-normalized UTF-8 mailbox names (see 1706 Section 5.1) and the supplied mailbox name differs from the 1707 normalized version, the server MUST return LIST with the OLDNAME 1708 extended data item. See Section 6.3.9.7 for more details. 1710 OK [PERMANENTFLAGS ()] A list of message flags that 1711 the client can change permanently. If this is missing, the client 1712 should assume that all flags can be changed permanently. 1714 OK [UIDNEXT ] The next unique identifier value. Refer to 1715 Section 2.3.1.1 for more information. 1717 OK [UIDVALIDITY ] The unique identifier validity value. Refer to 1718 Section 2.3.1.1 for more information. 1720 Only one mailbox can be selected at a time in a connection; 1721 simultaneous access to multiple mailboxes requires multiple 1722 connections. The SELECT command automatically deselects any 1723 currently selected mailbox before attempting the new selection. 1724 Consequently, if a mailbox is selected and a SELECT command that 1725 fails is attempted, no mailbox is selected. When deselecting a 1726 selected mailbox, the server MUST return an untagged OK response with 1727 the "[CLOSED]" response code when the currently selected mailbox is 1728 closed (see Paragraph 10). 1730 If the client is permitted to modify the mailbox, the server SHOULD 1731 prefix the text of the tagged OK response with the "[READ-WRITE]" 1732 response code. 1734 If the client is not permitted to modify the mailbox but is permitted 1735 read access, the mailbox is selected as read-only, and the server 1736 MUST prefix the text of the tagged OK response to SELECT with the 1737 "[READ-ONLY]" response code. Read-only access through SELECT differs 1738 from the EXAMINE command in that certain read-only mailboxes MAY 1739 permit the change of permanent state on a per-user (as opposed to 1740 global) basis. Netnews messages marked in a server-based .newsrc 1741 file are an example of such per-user permanent state that can be 1742 modified with read-only mailboxes. 1744 Example: C: A142 SELECT INBOX 1745 S: * 172 EXISTS 1746 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1747 S: * OK [UIDNEXT 4392] Predicted next UID 1748 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1749 S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited 1750 S: * LIST () "/" INBOX 1751 S: A142 OK [READ-WRITE] SELECT completed 1753 Example: C: A142 SELECT INBOX 1754 S: * 172 EXISTS 1755 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1756 S: * OK [UIDNEXT 4392] Predicted next UID 1757 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1758 S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited 1759 S: A142 OK [READ-WRITE] SELECT completed 1760 [...some time later...] 1761 C: A143 SELECT Drafts 1762 S: * OK [CLOSED] Previous mailbox is now closed 1763 S: * 5 EXISTS 1764 S: * OK [UIDVALIDITY 9877410381] UIDs valid 1765 S: * OK [UIDNEXT 102] Predicted next UID 1766 S: * LIST () "/" Drafts 1767 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1768 S: * OK [PERMANENTFLAGS (\Deleted \Seen \Answered 1769 \Flagged \Draft \*)] System flags and keywords allowed 1770 S: A143 OK [READ-WRITE] SELECT completed 1772 Note that IMAP4rev1 compliant servers can also send the untagged 1773 RECENT response which was deprecated in IMAP4rev2. E.g. "* 0 1774 RECENT". Pure IMAP4rev2 clients are advised to ignore the untagged 1775 RECENT response. 1777 6.3.3. EXAMINE Command 1779 Arguments: mailbox name 1781 Responses: REQUIRED untagged responses: FLAGS, EXISTS 1782 REQUIRED OK untagged responses: PERMANENTFLAGS, 1783 UIDNEXT, UIDVALIDITY 1784 REQUIRED untagged response: LIST 1786 Result: OK - examine completed, now in selected state 1787 NO - examine failure, now in authenticated state: no 1788 such mailbox, can't access mailbox BAD - command unknown 1789 or arguments invalid 1791 The EXAMINE command is identical to SELECT and returns the same 1792 output; however, the selected mailbox is identified as read-only. No 1793 changes to the permanent state of the mailbox, including per-user 1794 state, are permitted. 1796 The text of the tagged OK response to the EXAMINE command MUST begin 1797 with the "[READ-ONLY]" response code. 1799 Example: C: A932 EXAMINE blurdybloop 1800 S: * 17 EXISTS 1801 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1802 S: * OK [UIDNEXT 4392] Predicted next UID 1803 S: * LIST () "/" blurdybloop 1804 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1805 S: * OK [PERMANENTFLAGS ()] No permanent flags permitted 1806 S: A932 OK [READ-ONLY] EXAMINE completed 1808 6.3.4. CREATE Command 1810 Arguments: mailbox name 1812 Responses: OPTIONAL untagged response: LIST 1814 Result: OK - create completed 1815 NO - create failure: can't create mailbox with that name 1816 BAD - command unknown or arguments invalid 1818 The CREATE command creates a mailbox with the given name. An OK 1819 response is returned only if a new mailbox with that name has been 1820 created. It is an error to attempt to create INBOX or a mailbox with 1821 a name that refers to an extant mailbox. Any error in creation will 1822 return a tagged NO response. If a client attempts to create a UTF-8 1823 mailbox name that is not a valid Net-Unicode name, the server MUST 1824 reject the creation or convert the name to Net-Unicode prior to 1825 creating the mailbox. If the server decides to convert (normalize) 1826 the name, it SHOULD return an untagged LIST with OLDNAME extended 1827 data item, with the OLDNAME value being the supplied mailbox name and 1828 the name parameter being the normalized mailbox name. (See 1829 Section 6.3.9.7 for more details.) 1831 Mailboxes created in one IMAP session MAY be announced to other IMAP 1832 sessions using unsolicited LIST response. If the server 1833 automatically subscribes a mailbox when it is created, then the 1834 unsolicited LIST response for each affected subscribed mailbox name 1835 MUST include the \Subscribed attribute. 1837 If the mailbox name is suffixed with the server's hierarchy separator 1838 character (as returned from the server by a LIST command), this is a 1839 declaration that the client intends to create mailbox names under 1840 this name in the hierarchy. Server implementations that do not 1841 require this declaration MUST ignore the declaration. In any case, 1842 the name created is without the trailing hierarchy delimiter. 1844 If the server's hierarchy separator character appears elsewhere in 1845 the name, the server SHOULD create any superior hierarchical names 1846 that are needed for the CREATE command to be successfully completed. 1847 In other words, an attempt to create "foo/bar/zap" on a server in 1848 which "/" is the hierarchy separator character SHOULD create foo/ and 1849 foo/bar/ if they do not already exist. 1851 If a new mailbox is created with the same name as a mailbox which was 1852 deleted, its unique identifiers MUST be greater than any unique 1853 identifiers used in the previous incarnation of the mailbox unless 1854 the new incarnation has a different unique identifier validity value. 1855 See the description of the UID command in Section 6.4.9 for more 1856 detail. 1858 Example: C: A003 CREATE owatagusiam/ 1859 S: A003 OK CREATE completed 1860 C: A004 CREATE owatagusiam/blurdybloop 1861 S: A004 OK CREATE completed 1862 C: A005 CREATE NonNormalized 1863 S: * LIST () "/" "Normalized" ("OLDNAME" ("NonNormalized")) 1864 S: A005 OK CREATE completed 1866 (in the last example imagine that "NonNormalized" is 1867 a non NFC normalized Unicode mailbox name and that 1868 "Normalized" is its NFC normalized version.) 1870 Note: The interpretation of this example depends on whether "/" 1871 was returned as the hierarchy separator from LIST. If "/" is the 1872 hierarchy separator, a new level of hierarchy named "owatagusiam" 1873 with a member called "blurdybloop" is created. Otherwise, two 1874 mailboxes at the same hierarchy level are created. 1876 6.3.5. DELETE Command 1878 Arguments: mailbox name 1880 Responses: OPTIONAL untagged response: LIST 1882 Result: OK - delete completed 1883 NO - delete failure: can't delete mailbox with that name 1884 BAD - command unknown or arguments invalid 1886 The DELETE command permanently removes the mailbox with the given 1887 name. A tagged OK response is returned only if the mailbox has been 1888 deleted. It is an error to attempt to delete INBOX or a mailbox name 1889 that does not exist. 1891 The DELETE command MUST NOT remove inferior hierarchical names. For 1892 example, if a mailbox "foo" has an inferior "foo.bar" (assuming "." 1893 is the hierarchy delimiter character), removing "foo" MUST NOT remove 1894 "foo.bar". It is an error to attempt to delete a name that has 1895 inferior hierarchical names and also has the \Noselect mailbox name 1896 attribute (see the description of the LIST response (Section 7.3.1) 1897 for more details). 1899 It is permitted to delete a name that has inferior hierarchical names 1900 and does not have the \Noselect mailbox name attribute. If the 1901 server implementation does not permit deleting the name while 1902 inferior hierarchical names exists then it SHOULD disallow the DELETE 1903 command by returning a tagged NO response. The NO response SHOULD 1904 include the HASCHILDREN response code. Alternatively the server MAY 1905 allow the DELETE command, but sets the \Noselect mailbox name 1906 attribute for that name. 1908 If the server returns OK response, all messages in that mailbox are 1909 removed by the DELETE command. 1911 The value of the highest-used unique identifier of the deleted 1912 mailbox MUST be preserved so that a new mailbox created with the same 1913 name will not reuse the identifiers of the former incarnation, unless 1914 the new incarnation has a different unique identifier validity value. 1915 See the description of the UID command in Section 6.4.9 for more 1916 detail. 1918 If the server decides to convert (normalize) the mailbox name, it 1919 SHOULD return an untagged LIST with the "\NonExistent" attribute and 1920 OLDNAME extended data item, with the OLDNAME value being the supplied 1921 mailbox name and the name parameter being the normalized mailbox 1922 name. (See Section 6.3.9.7 for more details.) 1924 Mailboxes deleted in one IMAP session MAY be announced to other IMAP 1925 sessions using unsolicited LIST response, containing the 1926 "\NonExistent" attribute. 1928 Examples: C: A682 LIST "" * 1929 S: * LIST () "/" blurdybloop 1930 S: * LIST (\Noselect) "/" foo 1931 S: * LIST () "/" foo/bar 1932 S: A682 OK LIST completed 1933 C: A683 DELETE blurdybloop 1934 S: A683 OK DELETE completed 1935 C: A684 DELETE foo 1936 S: A684 NO Name "foo" has inferior hierarchical names 1937 C: A685 DELETE foo/bar 1938 S: A685 OK DELETE Completed 1939 C: A686 LIST "" * 1940 S: * LIST (\Noselect) "/" foo 1941 S: A686 OK LIST completed 1942 C: A687 DELETE foo 1943 S: A687 OK DELETE Completed 1944 C: A82 LIST "" * 1945 S: * LIST () "." blurdybloop 1946 S: * LIST () "." foo 1947 S: * LIST () "." foo.bar 1948 S: A82 OK LIST completed 1949 C: A83 DELETE blurdybloop 1950 S: A83 OK DELETE completed 1951 C: A84 DELETE foo 1952 S: A84 OK DELETE Completed 1953 C: A85 LIST "" * 1954 S: * LIST () "." foo.bar 1955 S: A85 OK LIST completed 1956 C: A86 LIST "" % 1957 S: * LIST (\Noselect) "." foo 1958 S: A86 OK LIST completed 1960 6.3.6. RENAME Command 1962 Arguments: existing mailbox name 1963 new mailbox name 1965 Responses: OPTIONAL untagged response: LIST 1967 Result: OK - rename completed 1968 NO - rename failure: can't rename mailbox with that name, 1969 can't rename to mailbox with that name 1970 BAD - command unknown or arguments invalid 1972 The RENAME command changes the name of a mailbox. A tagged OK 1973 response is returned only if the mailbox has been renamed. It is an 1974 error to attempt to rename from a mailbox name that does not exist or 1975 to a mailbox name that already exists. Any error in renaming will 1976 return a tagged NO response. 1978 If the name has inferior hierarchical names, then the inferior 1979 hierarchical names MUST also be renamed. For example, a rename of 1980 "foo" to "zap" will rename "foo/bar" (assuming "/" is the hierarchy 1981 delimiter character) to "zap/bar". 1983 If the server's hierarchy separator character appears in the name, 1984 the server SHOULD create any superior hierarchical names that are 1985 needed for the RENAME command to complete successfully. In other 1986 words, an attempt to rename "foo/bar/zap" to baz/rag/zowie on a 1987 server in which "/" is the hierarchy separator character in the 1988 corresponding namespace SHOULD create baz/ and baz/rag/ if they do 1989 not already exist. 1991 The value of the highest-used unique identifier of the old mailbox 1992 name MUST be preserved so that a new mailbox created with the same 1993 name will not reuse the identifiers of the former incarnation, unless 1994 the new incarnation has a different unique identifier validity value. 1995 See the description of the UID command in Section 6.4.9 for more 1996 detail. 1998 Renaming INBOX is permitted (i.e. it doesn't result in a tagged BAD 1999 response), and has special behavior. (Note that some servers 2000 disallow renaming INBOX by returning a tagged NO response, so clients 2001 need to be able to handle such RENAME failing). It moves all 2002 messages in INBOX to a new mailbox with the given name, leaving INBOX 2003 empty. If the server implementation supports inferior hierarchical 2004 names of INBOX, these are unaffected by a rename of INBOX. 2006 If the server allows creation of mailboxes with names that are not 2007 valid Net-Unicode names, the server normalizes both the existing 2008 mailbox name parameter and the new mailbox name parameter. If the 2009 normalized version of any of these 2 parameters differs from the 2010 corresponding supplied version, the server SHOULD return an untagged 2011 LIST response with OLDNAME extended data item, with the OLDNAME value 2012 being the supplied existing mailbox name and the name parameter being 2013 the normalized new mailbox name (see Section 6.3.9.7). This would 2014 allow the client to correlate supplied name with the normalized name. 2016 Mailboxes renamed in one IMAP session MAY be announced to other IMAP 2017 sessions using unsolicited LIST response with OLDNAME extended data 2018 item. 2020 In both of the above cases: if the server automatically subscribes a 2021 mailbox when it is renamed, then the unsolicited LIST response for 2022 each affected subscribed mailbox name MUST include the \Subscribed 2023 attribute. No unsolicited LIST responses need to be sent for 2024 children mailboxes, if any. When INBOX is successfully renamed, a 2025 new INBOX is assumed to be created. No unsolicited LIST responses 2026 need to be sent for INBOX in this case. 2028 Examples: C: A682 LIST "" * 2029 S: * LIST () "/" blurdybloop 2030 S: * LIST (\Noselect) "/" foo 2031 S: * LIST () "/" foo/bar 2032 S: A682 OK LIST completed 2033 C: A683 RENAME blurdybloop sarasoop 2034 S: A683 OK RENAME completed 2035 C: A684 RENAME foo zowie 2036 S: A684 OK RENAME Completed 2037 C: A685 LIST "" * 2038 S: * LIST () "/" sarasoop 2039 S: * LIST (\Noselect) "/" zowie 2040 S: * LIST () "/" zowie/bar 2041 S: A685 OK LIST completed 2043 C: Z432 LIST "" * 2044 S: * LIST () "." INBOX 2045 S: * LIST () "." INBOX.bar 2046 S: Z432 OK LIST completed 2047 C: Z433 RENAME INBOX old-mail 2048 S: Z433 OK RENAME completed 2049 C: Z434 LIST "" * 2050 S: * LIST () "." INBOX 2051 S: * LIST () "." INBOX.bar 2052 S: * LIST () "." old-mail 2053 S: Z434 OK LIST completed 2055 Note that renaming a mailbox doesn't update subscription information 2056 on the original name. To keep subscription information in sync, the 2057 following sequence of commands can be used: 2059 C: 1001 RENAME X Y 2060 C: 1002 SUBSCRIBE Y 2061 C: 1003 UNSUBSCRIBE X 2063 Note that the above sequence of commands doesn't account for updating 2064 subscription for any children mailboxes of mailbox X. 2066 6.3.7. SUBSCRIBE Command 2068 Arguments: mailbox 2070 Responses: no specific responses for this command 2071 Result: OK - subscribe completed 2072 NO - subscribe failure: can't subscribe to that name 2073 BAD - command unknown or arguments invalid 2075 The SUBSCRIBE command adds the specified mailbox name to the server's 2076 set of "active" or "subscribed" mailboxes as returned by the LIST 2077 (SUBSCRIBED) command. This command returns a tagged OK response if 2078 the subscription is successful or if the mailbox is already 2079 subscribed. 2081 A server MAY validate the mailbox argument to SUBSCRIBE to verify 2082 that it exists. However, it SHOULD NOT unilaterally remove an 2083 existing mailbox name from the subscription list even if a mailbox by 2084 that name no longer exists. 2086 Note: This requirement is because a server site can choose to 2087 routinely remove a mailbox with a well-known name (e.g., "system- 2088 alerts") after its contents expire, with the intention of 2089 recreating it when new contents are appropriate. 2091 Example: C: A002 SUBSCRIBE #news.comp.mail.mime 2092 S: A002 OK SUBSCRIBE completed 2094 6.3.8. UNSUBSCRIBE Command 2096 Arguments: mailbox name 2098 Responses: no specific responses for this command 2100 Result: OK - unsubscribe completed 2101 NO - unsubscribe failure: can't unsubscribe that name 2102 BAD - command unknown or arguments invalid 2104 The UNSUBSCRIBE command removes the specified mailbox name from the 2105 server's set of "active" or "subscribed" mailboxes as returned by the 2106 LIST (SUBSCRIBED) command. This command returns a tagged OK response 2107 if the unsubscription is successful or if the mailbox is not 2108 subscribed. 2110 Example: C: A002 UNSUBSCRIBE #news.comp.mail.mime 2111 S: A002 OK UNSUBSCRIBE completed 2113 6.3.9. LIST Command 2115 Arguments (basic): reference name 2116 mailbox name with possible wildcards 2118 Arguments (extended): selection options (OPTIONAL) 2119 reference name 2120 mailbox patterns 2121 return options (OPTIONAL) 2123 Responses: untagged responses: LIST 2125 Result: OK - list completed 2126 NO - list failure: can't list that reference or mailbox 2127 name 2128 BAD - command unknown or arguments invalid 2130 The LIST command returns a subset of mailbox names from the complete 2131 set of all mailbox names available to the client. Zero or more 2132 untagged LIST responses are returned, containing the name attributes, 2133 hierarchy delimiter, name, and possible extension information; see 2134 the description of the LIST response (Section 7.3.1) for more detail. 2136 The LIST command SHOULD return its data quickly, without undue delay. 2137 For example, it should not go to excess trouble to calculate the 2138 \Marked or \Unmarked status or perform other processing; if each name 2139 requires 1 second of processing, then a list of 1200 names would take 2140 20 minutes! 2142 The extended LIST command, originally introduced in [RFC5258], 2143 provides capabilities beyond that of the original IMAP LIST command. 2144 The extended syntax is being used if one or more of the following 2145 conditions is true: 2147 1. if the first word after the command name begins with a 2148 parenthesis ("LIST selection options"); 2150 2. if the second word after the command name begins with a 2151 parenthesis; 2153 3. if the LIST command has more than 2 parameters ("LIST return 2154 options") 2156 An empty ("" string) reference name argument indicates that the 2157 mailbox name is interpreted as by SELECT. The returned mailbox names 2158 MUST match the supplied mailbox name pattern(s). A non-empty 2159 reference name argument is the name of a mailbox or a level of 2160 mailbox hierarchy, and indicates the context in which the mailbox 2161 name is interpreted. Clients SHOULD use the empty reference 2162 argument. 2164 In the basic syntax only, an empty ("" string) mailbox name argument 2165 is a special request to return the hierarchy delimiter and the root 2166 name of the name given in the reference. The value returned as the 2167 root MAY be the empty string if the reference is non-rooted or is an 2168 empty string. In all cases, a hierarchy delimiter (or NIL if there 2169 is no hierarchy) is returned. This permits a client to get the 2170 hierarchy delimiter (or find out that the mailbox names are flat) 2171 even when no mailboxes by that name currently exist. 2173 In the extended syntax, any mailbox name arguments that are empty 2174 strings are ignored. There is no special meaning for empty mailbox 2175 names when the extended syntax is used. 2177 The reference and mailbox name arguments are interpreted into a 2178 canonical form that represents an unambiguous left-to-right 2179 hierarchy. The returned mailbox names will be in the interpreted 2180 form, that we call "canonical LIST pattern" later in this document. 2181 To define the term "canonical LIST pattern" formally: it refers to 2182 the canonical pattern constructed internally by the server from the 2183 reference and mailbox name arguments. 2185 Note: The interpretation of the reference argument is 2186 implementation-defined. It depends upon whether the server 2187 implementation has a concept of the "current working directory" 2188 and leading "break out characters", which override the current 2189 working directory. 2191 For example, on a server which exports a UNIX or NT filesystem, 2192 the reference argument contains the current working directory, and 2193 the mailbox name argument would contain the name as interpreted in 2194 the current working directory. 2196 If a server implementation has no concept of break out characters, 2197 the canonical form is normally the reference name appended with 2198 the mailbox name. Note that if the server implements the 2199 namespace convention (Section 5.1.2.1), "#" is a break out 2200 character and must be treated as such. 2202 If the reference argument is not a level of mailbox hierarchy 2203 (that is, it is a \NoInferiors name), and/or the reference 2204 argument does not end with the hierarchy delimiter, it is 2205 implementation-dependent how this is interpreted. For example, a 2206 reference of "foo/bar" and mailbox name of "rag/baz" could be 2207 interpreted as "foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/ 2208 baz". A client SHOULD NOT use such a reference argument except at 2209 the explicit request of the user. A hierarchical browser MUST NOT 2210 make any assumptions about server interpretation of the reference 2211 unless the reference is a level of mailbox hierarchy AND ends with 2212 the hierarchy delimiter. 2214 Any part of the reference argument that is included in the 2215 interpreted form SHOULD prefix the interpreted form. It SHOULD also 2216 be in the same form as the reference name argument. This rule 2217 permits the client to determine if the returned mailbox name is in 2218 the context of the reference argument, or if something about the 2219 mailbox argument overrode the reference argument. Without this rule, 2220 the client would have to have knowledge of the server's naming 2221 semantics including what characters are "breakouts" that override a 2222 naming context. 2224 Here are some examples of how references 2225 and mailbox names might be interpreted on a UNIX-based 2226 server: 2228 Reference Mailbox Name Interpretation 2229 ------------ ------------ -------------- 2230 ~smith/Mail/ foo.* ~smith/Mail/foo.* 2231 archive/ % archive/% 2232 #news. comp.mail.* #news.comp.mail.* 2233 ~smith/Mail/ /usr/doc/foo /usr/doc/foo 2234 archive/ ~fred/Mail/* ~fred/Mail/* 2236 The first three examples demonstrate interpretations in 2237 the context of the reference argument. Note that 2238 "~smith/Mail" SHOULD NOT be transformed into something 2239 like "/u2/users/smith/Mail", or it would be impossible 2240 for the client to determine that the interpretation was 2241 in the context of the reference. 2243 The character "*" is a wildcard, and matches zero or more characters 2244 at this position. The character "%" is similar to "*", but it does 2245 not match a hierarchy delimiter. If the "%" wildcard is the last 2246 character of a mailbox name argument, matching levels of hierarchy 2247 are also returned. If these levels of hierarchy are not also 2248 selectable mailboxes, they are returned with the \Noselect mailbox 2249 name attribute (see the description of the LIST response 2250 (Section 7.3.1) for more details). 2252 Any syntactically valid pattern that is not accepted by a server for 2253 any reason MUST be silently ignored. I.e. it results in no LIST 2254 responses and the LIST command still returns tagged OK response. 2256 Selection options tell the server to limit the mailbox names that are 2257 selected by the LIST operation. If selection options are used, the 2258 mailboxes returned are those that match both the list of canonical 2259 LIST patterns and the selection options. Unless a particular 2260 selection option provides special rules, the selection options are 2261 cumulative: a mailbox that matches the mailbox patterns is selected 2262 only if it also matches all of the selection options. (An example of 2263 a selection option with special rules is the RECURSIVEMATCH option.) 2265 Return options control what information is returned for each matched 2266 mailbox. Return options MUST NOT cause the server to report 2267 information about additional mailbox names other than those that 2268 match the canonical LIST patterns and selection options. If no 2269 return options are specified, the client is only expecting 2270 information about mailbox attributes. The server MAY return other 2271 information about the matched mailboxes, and clients MUST be able to 2272 handle that situation. 2274 Initial selection options and return options are defined in the 2275 following subsections, and new ones will also be defined in 2276 extensions. Initial options defined in this document MUST be 2277 supported. Each non-initial option will be enabled by a capability 2278 string (one capability may enable multiple options), and a client 2279 MUST NOT send an option for which the server has not advertised 2280 support. A server MUST respond to options it does not recognize with 2281 a BAD response. The client SHOULD NOT specify any option more than 2282 once; however, if the client does this, the server MUST act as if it 2283 received the option only once. The order in which options are 2284 specified by the client is not significant. 2286 In general, each selection option except RECURSIVEMATCH will have a 2287 corresponding return option with the same name. The REMOTE selection 2288 option is an anomaly in this regard, and does not have a 2289 corresponding return option. That is because it expands, rather than 2290 restricts, the set of mailboxes that are returned. Future extensions 2291 to this specification should keep this parallelism in mind and define 2292 a pair of corresponding selection and return options. 2294 Server implementations are permitted to "hide" otherwise accessible 2295 mailboxes from the wildcard characters, by preventing certain 2296 characters or names from matching a wildcard in certain situations. 2297 For example, a UNIX-based server might restrict the interpretation of 2298 "*" so that an initial "/" character does not match. 2300 The special name INBOX is included in the output from LIST, if INBOX 2301 is supported by this server for this user and if the uppercase string 2302 "INBOX" matches the interpreted reference and mailbox name arguments 2303 with wildcards as described above. The criteria for omitting INBOX 2304 is whether SELECT INBOX will return failure; it is not relevant 2305 whether the user's real INBOX resides on this or some other server. 2307 6.3.9.1. LIST Selection Options 2309 The selection options defined in this specification are as follows: 2311 SUBSCRIBED - causes the LIST command to list subscribed names, 2312 rather than the existing mailboxes. This will often be a subset 2313 of the actual mailboxes. It's also possible for this list to 2314 contain the names of mailboxes that don't exist. In any case, the 2315 list MUST include exactly those mailbox names that match the 2316 canonical list pattern and are subscribed to. 2318 This option defines a mailbox attribute, "\Subscribed", that 2319 indicates that a mailbox name is subscribed to. The "\Subscribed" 2320 attribute MUST be supported and MUST be accurately computed when 2321 the SUBSCRIBED selection option is specified. 2323 Note that the SUBSCRIBED selection option implies the SUBSCRIBED 2324 return option (see below). 2326 REMOTE - causes the LIST command to show remote mailboxes as well as 2327 local ones, as described in [RFC2193]. This option is intended to 2328 replace the RLIST command and, in conjunction with the SUBSCRIBED 2329 selection option, the RLSUB command. Servers that don't support 2330 the concept of remote mailboxes just ignore this option. 2332 This option defines a mailbox attribute, "\Remote", that indicates 2333 that a mailbox is a remote mailbox. The "\Remote" attribute MUST 2334 be accurately computed when the REMOTE option is specified. 2336 The REMOTE selection option has no interaction with other options. 2337 Its effect is to tell the server to apply the other options, if 2338 any, to remote mailboxes, in addition to local ones. In 2339 particular, it has no interaction with RECURSIVEMATCH (see below). 2340 A request for (REMOTE RECURSIVEMATCH) is invalid, because a 2341 request for (RECURSIVEMATCH) is also invalid. A request for 2342 (REMOTE RECURSIVEMATCH SUBSCRIBED) is asking for all subscribed 2343 mailboxes, both local and remote. 2345 RECURSIVEMATCH - this option forces the server to return information 2346 about parent mailboxes that don't match other selection options, 2347 but have some submailboxes that do. Information about children is 2348 returned in the CHILDINFO extended data item, as described in 2349 Section 6.3.9.6. 2351 Note 1: In order for a parent mailbox to be returned, it still has 2352 to match the canonical LIST pattern. 2354 Note 2: When returning the CHILDINFO extended data item, it 2355 doesn't matter whether or not the submailbox matches the canonical 2356 LIST pattern. See also example 9 in Section 6.3.9.8. 2358 The RECURSIVEMATCH option MUST NOT occur as the only selection 2359 option (or only with REMOTE), as it only makes sense when other 2360 selection options are also used. The server MUST return BAD 2361 tagged response in such case. 2363 Note that even if the RECURSIVEMATCH option is specified, the 2364 client MUST still be able to handle a case when a CHILDINFO 2365 extended data item is returned and there are no submailboxes that 2366 meet the selection criteria of the subsequent LIST command, as 2367 they can be deleted/renamed after the LIST response was sent, but 2368 before the client had a chance to access them. 2370 6.3.9.2. LIST Return Options 2372 The return options defined in this specification are as follows: 2374 SUBSCRIBED - causes the LIST command to return subscription state 2375 for all matching mailbox names. The "\Subscribed" attribute MUST 2376 be supported and MUST be accurately computed when the SUBSCRIBED 2377 return option is specified. Further, all other mailbox attributes 2378 MUST be accurately computed (this differs from the behavior of the 2379 obsolete LSUB command from RFC 3501). Note that the above 2380 requirements don't override the requirement for the LIST command 2381 to return results quickly (see Section 6.3.9), i.e. server 2382 implementations need to compute results quickly and accurately. 2383 For example, server implementors might need to create quick access 2384 indices. 2386 CHILDREN - requests mailbox child information as originally proposed 2387 in [RFC3348]. See Section 6.3.9.5, below, for details. 2389 STATUS - requests STATUS response for each matching mailbox. 2391 This option takes STATUS data items as parameters. For each 2392 selectable mailbox matching the list pattern and selection 2393 options, the server MUST return an untagged LIST response 2394 followed by an untagged STATUS response containing the 2395 information requested in the STATUS return option, except for 2396 some cases described below. 2398 If an attempted STATUS for a listed mailbox fails because the 2399 mailbox can't be selected (e.g., if the "l" ACL right [RFC4314] 2400 is granted to the mailbox and the "r" right is not granted, or 2401 due to a race condition between LIST and STATUS changing the 2402 mailbox to \NoSelect), the STATUS response MUST NOT be returned 2403 and the LIST response MUST include the \NoSelect attribute. 2404 This means the server may have to buffer the LIST reply until 2405 it has successfully looked up the necessary STATUS information. 2407 If the server runs into unexpected problems while trying to 2408 look up the STATUS information, it MAY drop the corresponding 2409 STATUS reply. In such a situation, the LIST command would 2410 still return a tagged OK reply. 2412 6.3.9.3. General Principles for Returning LIST Responses 2414 This section outlines several principles that can be used by server 2415 implementations of this document to decide whether a LIST response 2416 should be returned, as well as how many responses and what kind of 2417 information they may contain. 2419 1. At most one LIST response should be returned for each mailbox 2420 name that matches the canonical LIST pattern. Server 2421 implementors must not assume that clients will be able to 2422 assemble mailbox attributes and other information returned in 2423 multiple LIST responses. 2425 2. There are only two reasons for including a matching mailbox name 2426 in the responses to the LIST command (note that the server is 2427 allowed to return unsolicited responses at any time, and such 2428 responses are not governed by this rule): 2430 A. The mailbox name also satisfies the selection criteria. 2432 B. The mailbox name doesn't satisfy the selection criteria, but 2433 it has at least one descendant mailbox name that satisfies 2434 the selection criteria and that doesn't match the canonical 2435 LIST pattern. 2437 For more information on this case, see the CHILDINFO extended 2438 data item described in Section 6.3.9.6. Note that the 2439 CHILDINFO extended data item can only be returned when the 2440 RECURSIVEMATCH selection option is specified. 2442 3. Attributes returned in the same LIST response are treated 2443 additively. For example, the following response 2445 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2447 means that the "Fruit/Peach" mailbox doesn't exist, but it is 2448 subscribed. 2450 6.3.9.4. Additional LIST-related Requirements on Clients 2452 All clients MUST treat a LIST attribute with a stronger meaning as 2453 implying any attribute that can be inferred from it. (See 2454 Section 7.3.1 for the list of currently defined attributes). For 2455 example, the client must treat the presence of the \NoInferiors 2456 attribute as if the \HasNoChildren attribute was also sent by the 2457 server. 2459 The following table summarizes inference rules. 2461 +--------------------+-------------------+ 2462 | returned attribute | implied attribute | 2463 +--------------------+-------------------+ 2464 | \NoInferiors | \HasNoChildren | 2465 | \NonExistent | \NoSelect | 2466 +--------------------+-------------------+ 2468 6.3.9.5. The CHILDREN Return Option 2470 The CHILDREN return option is simply an indication that the client 2471 wants information about whether or not mailboxes contain children 2472 mailboxes; a server MAY provide it even if the option is not 2473 specified. 2475 Many IMAP4 clients present to the user a hierarchical view of the 2476 mailboxes that a user has access to. Rather than initially 2477 presenting to the user the entire mailbox hierarchy, it is often 2478 preferable to show to the user a collapsed outline list of the 2479 mailbox hierarchy (particularly if there is a large number of 2480 mailboxes). The user can then expand the collapsed outline hierarchy 2481 as needed. It is common to include within the collapsed hierarchy a 2482 visual clue (such as a ''+'') to indicate that there are child 2483 mailboxes under a particular mailbox. When the visual clue is 2484 clicked, the hierarchy list is expanded to show the child mailboxes. 2485 The CHILDREN return option provides a mechanism for a client to 2486 efficiently determine whether a particular mailbox has children, 2487 without issuing a LIST "" * or a LIST "" % for each mailbox name. 2488 The CHILDREN return option defines two new attributes that MUST be 2489 returned within a LIST response: \HasChildren and \HasNoChildren. 2490 Although these attributes MAY be returned in response to any LIST 2491 command, the CHILDREN return option is provided to indicate that the 2492 client particularly wants this information. If the CHILDREN return 2493 option is present, the server MUST return these attributes even if 2494 their computation is expensive. 2496 \HasChildren 2497 The presence of this attribute indicates that the mailbox has 2498 child mailboxes. A server SHOULD NOT set this attribute if 2499 there are child mailboxes and the user does not have permission 2500 to access any of them. In this case, \HasNoChildren SHOULD be 2501 used. In many cases, however, a server may not be able to 2502 efficiently compute whether a user has access to any child 2503 mailbox. Note that even though the \HasChildren attribute for a 2504 mailbox must be correct at the time of processing of the 2505 mailbox, a client must be prepared to deal with a situation when 2506 a mailbox is marked with the \HasChildren attribute, but no 2507 child mailbox appears in the response to the LIST command. This 2508 might happen, for example, due to children mailboxes being 2509 deleted or made inaccessible to the user (using access control) 2510 by another client before the server is able to list them. 2512 \HasNoChildren 2514 The presence of this attribute indicates that the mailbox has NO 2515 child mailboxes that are accessible to the currently 2516 authenticated user. 2518 It is an error for the server to return both a \HasChildren and a 2519 \HasNoChildren attribute in the same LIST response. 2521 Note: the \HasNoChildren attribute should not be confused with the 2522 the \NoInferiors attribute, which indicates that no child mailboxes 2523 exist now and none can be created in the future. 2525 6.3.9.6. CHILDINFO Extended Data Item 2527 The CHILDINFO extended data item MUST NOT be returned unless the 2528 client has specified the RECURSIVEMATCH selection option. 2530 The CHILDINFO extended data item in a LIST response describes the 2531 selection criteria that has caused it to be returned and indicates 2532 that the mailbox has at least one descendant mailbox that matches the 2533 selection criteria. 2535 Note: Some servers allow for mailboxes to exist without requiring 2536 their parent to exist. For example, a mailbox "Customers/ABC" can 2537 exist while the mailbox "Customers" does not. As CHILDINFO extended 2538 data item is not allowed if the RECURSIVEMATCH selection option is 2539 not specified, such servers SHOULD use the "\NonExistent 2540 \HasChildren" attribute pair to signal to the client that there is a 2541 descendant mailbox that matches the selection criteria. See example 2542 11 in Section 6.3.9.8. 2544 The returned selection criteria allow the client to distinguish a 2545 solicited response from an unsolicited one, as well as to distinguish 2546 among solicited responses caused by multiple pipelined LIST commands 2547 that specify different criteria. 2549 Servers SHOULD only return a non-matching mailbox name along with 2550 CHILDINFO if at least one matching child is not also being returned. 2551 That is, servers SHOULD suppress redundant CHILDINFO responses. 2553 Examples 8 and 10 in Section 6.3.9.8 demonstrate the difference 2554 between present CHILDINFO extended data item and the "\HasChildren" 2555 attribute. 2557 The following table summarizes interaction between the "\NonExistent" 2558 attribute and CHILDINFO (the first column indicates whether the 2559 parent mailbox exists): 2561 +--------+-------------+------------------+-------------------------+ 2562 | exists | meets the | has a child that | returned | 2563 | | selection | meets the | IMAP4rev2/LIST-EXTENDED | 2564 | | criteria | selection | attributes and | 2565 | | | criteria | CHILDINFO | 2566 +--------+-------------+------------------+-------------------------+ 2567 | no | no | no | no LIST response | 2568 | | | | returned | 2569 | yes | no | no | no LIST response | 2570 | | | | returned | 2571 | no | yes | no | (\NonExistent ) | 2572 | yes | yes | no | () | 2573 | no | no | yes | (\NonExistent) + | 2574 | | | | CHILDINFO | 2575 | yes | no | yes | () + CHILDINFO | 2576 | no | yes | yes | (\NonExistent ) + | 2577 | | | | CHILDINFO | 2578 | yes | yes | yes | () + CHILDINFO | 2579 +--------+-------------+------------------+-------------------------+ 2581 where is one or more attributes that correspond to the 2582 selection criteria; for example, for the SUBSCRIBED option the 2583 is \Subscribed. 2585 6.3.9.7. OLDNAME Extended Data Item 2587 The OLDNAME extended data item is included when a mailbox name is 2588 created (with CREATE command), renamed (with RENAME command) or 2589 deleted (with DELETE command). (When a mailbox is deleted the 2590 "\NonExistent" attribute is also included.) IMAP extensions can 2591 specify other conditions when OLDNAME extended data item should be 2592 included. 2594 If the server allows de-normalized mailbox names (see Section 5.1) in 2595 SELECT/EXAMINE, CREATE, RENAME or DELETE, it SHOULD return an 2596 unsolicited LIST response that includes OLDNAME extended data item, 2597 whenever the supplied mailbox name differs from the resulting 2598 normalized mailbox name. From the client point of view this is 2599 indistinguishable from another user renaming or deleting the mailbox, 2600 as specified in the previous paragraph. 2602 A deleted mailbox can be announced like this: 2604 S: * LIST (\NonExistent) "." "INBOX.DeletedMailbox" 2606 Example of a renamed mailbox: 2608 S: * LIST () "/" "NewMailbox" ("OLDNAME" ("OldMailbox")) 2610 6.3.9.8. LIST Command Examples 2612 This example shows some uses of the basic LIST command: 2614 Example: C: A101 LIST "" "" 2615 S: * LIST (\Noselect) "/" "" 2616 S: A101 OK LIST Completed 2617 C: A102 LIST #news.comp.mail.misc "" 2618 S: * LIST (\Noselect) "." #news. 2619 S: A102 OK LIST Completed 2620 C: A103 LIST /usr/staff/jones "" 2621 S: * LIST (\Noselect) "/" / 2622 S: A103 OK LIST Completed 2623 C: A202 LIST ~/Mail/ % 2624 S: * LIST (\Noselect) "/" ~/Mail/foo 2625 S: * LIST () "/" ~/Mail/meetings 2626 S: A202 OK LIST completed 2628 Extended examples: 2630 1: The first example shows the complete local hierarchy that will 2631 be used for the other examples. 2633 C: A01 LIST "" "*" 2634 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2635 S: * LIST () "/" "Fruit" 2636 S: * LIST () "/" "Fruit/Apple" 2637 S: * LIST () "/" "Fruit/Banana" 2638 S: * LIST () "/" "Tofu" 2639 S: * LIST () "/" "Vegetable" 2640 S: * LIST () "/" "Vegetable/Broccoli" 2641 S: * LIST () "/" "Vegetable/Corn" 2642 S: A01 OK done 2644 2: In the next example, we will see the subscribed mailboxes. This 2645 is similar to, but not equivalent with now deprecated, (see [RFC3501] for more details on LSUB command). Note 2647 that the mailbox called "Fruit/Peach" is subscribed to, but does 2648 not actually exist (perhaps it was deleted while still 2649 subscribed). The "Fruit" mailbox is not subscribed to, but it 2650 has two subscribed children. The "Vegetable" mailbox is 2651 subscribed and has two children; one of them is subscribed as 2652 well. 2654 C: A02 LIST (SUBSCRIBED) "" "*" 2655 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2656 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2657 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2658 S: * LIST (\Subscribed) "/" "Vegetable" 2659 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2660 S: A02 OK done 2662 3: The next example shows the use of the CHILDREN option. The 2663 client, without having to list the second level of hierarchy, 2664 now knows which of the top-level mailboxes have submailboxes 2665 (children) and which do not. Note that it's not necessary for 2666 the server to return the \HasNoChildren attribute for the inbox, 2667 because the \NoInferiors attribute already implies that, and has 2668 a stronger meaning. 2670 C: A03 LIST () "" "%" RETURN (CHILDREN) 2671 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2672 S: * LIST (\HasChildren) "/" "Fruit" 2673 S: * LIST (\HasNoChildren) "/" "Tofu" 2674 S: * LIST (\HasChildren) "/" "Vegetable" 2675 S: A03 OK done 2677 4: In this example, we see more mailboxes that reside on another 2678 server. This is similar to the command . 2680 C: A04 LIST (REMOTE) "" "%" RETURN (CHILDREN) 2681 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2682 S: * LIST (\HasChildren) "/" "Fruit" 2683 S: * LIST (\HasNoChildren) "/" "Tofu" 2684 S: * LIST (\HasChildren) "/" "Vegetable" 2685 S: * LIST (\Remote) "/" "Bread" 2686 S: * LIST (\HasChildren \Remote) "/" "Meat" 2687 S: A04 OK done 2689 5: The following example also requests the server to include 2690 mailboxes that reside on another server. The server returns 2691 information about all mailboxes that are subscribed. This is 2692 similar to the command (see [RFC2193] for more 2693 details on RLSUB). We also see the use of two selection 2694 options. 2696 C: A05 LIST (REMOTE SUBSCRIBED) "" "*" 2697 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2698 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2699 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2700 S: * LIST (\Subscribed) "/" "Vegetable" 2701 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2702 S: * LIST (\Remote \Subscribed) "/" "Bread" 2703 S: A05 OK done 2705 6: The following example requests the server to include mailboxes 2706 that reside on another server. The server is asked to return 2707 subscription information for all returned mailboxes. This is 2708 different from the example above. 2710 Note that the output of this command is not a superset of the 2711 output in the previous example, as it doesn't include LIST 2712 response for the non-existent "Fruit/Peach". 2714 C: A06 LIST (REMOTE) "" "*" RETURN (SUBSCRIBED) 2715 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2716 S: * LIST () "/" "Fruit" 2717 S: * LIST () "/" "Fruit/Apple" 2718 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2719 S: * LIST () "/" "Tofu" 2720 S: * LIST (\Subscribed) "/" "Vegetable" 2721 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2722 S: * LIST () "/" "Vegetable/Corn" 2723 S: * LIST (\Remote \Subscribed) "/" "Bread" 2724 S: * LIST (\Remote) "/" "Meat" 2725 S: A06 OK done 2727 7: The following example demonstrates the difference between the 2728 \HasChildren attribute and the CHILDINFO extended data item. 2730 Let's assume there is the following hierarchy: 2732 C: C01 LIST "" "*" 2733 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2734 S: * LIST () "/" "Foo" 2735 S: * LIST () "/" "Foo/Bar" 2736 S: * LIST () "/" "Foo/Baz" 2737 S: * LIST () "/" "Moo" 2738 S: C01 OK done 2740 If the client asks RETURN (CHILDREN), it will get this: 2742 C: CA3 LIST "" "%" RETURN (CHILDREN) 2743 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2744 S: * LIST (\HasChildren) "/" "Foo" 2745 S: * LIST (\HasNoChildren) "/" "Moo" 2746 S: CA3 OK done 2748 A) Let's also assume that the mailbox "Foo/Baz" is the only 2749 subscribed mailbox. Then we get this result: 2751 C: C02 LIST (SUBSCRIBED) "" "*" 2752 S: * LIST (\Subscribed) "/" "Foo/Baz" 2753 S: C02 OK done 2755 Now, if the client issues , the server 2756 will return no mailboxes (as the mailboxes "Moo", "Foo", and 2757 "Inbox" are NOT subscribed). However, if the client issues 2758 this: 2760 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2761 S: * LIST () "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2762 S: C04 OK done 2764 (i.e., the mailbox "Foo" is not subscribed, but it has a child 2765 that is.) 2767 A1) If the mailbox "Foo" had also been subscribed, the last 2768 command would return this: 2770 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2771 S: * LIST (\Subscribed) "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2772 S: C04 OK done 2774 or even this: 2776 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2777 S: * LIST (\Subscribed \HasChildren) "/" "Foo" ("CHILDINFO" 2778 ("SUBSCRIBED")) 2779 S: C04 OK done 2781 A2) If we assume instead that the mailbox "Foo" is not part of 2782 the original hierarchy and is not subscribed, the last command 2783 will give this result: 2785 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2786 S: * LIST (\NonExistent) "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2787 S: C04 OK done 2789 B) Now, let's assume that no mailbox is subscribed. In this 2790 case, the command will 2791 return no responses, as there are no subscribed children (even 2792 though "Foo" has children). 2794 C) And finally, suppose that only the mailboxes "Foo" and "Moo" 2795 are subscribed. In that case, we see this result: 2797 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" RETURN (CHILDREN) 2798 S: * LIST (\HasChildren \Subscribed) "/" "Foo" 2799 S: * LIST (\HasNoChildren \Subscribed) "/" "Moo" 2800 S: C04 OK done 2802 (which means that the mailbox "Foo" has children, but none of 2803 them is subscribed). 2805 8: The following example demonstrates that the CHILDINFO extended 2806 data item is returned whether or not children mailboxes match 2807 the canonical LIST pattern. 2809 Let's assume there is the following hierarchy: 2811 C: D01 LIST "" "*" 2812 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2813 S: * LIST () "/" "foo2" 2814 S: * LIST () "/" "foo2/bar1" 2815 S: * LIST () "/" "foo2/bar2" 2816 S: * LIST () "/" "baz2" 2817 S: * LIST () "/" "baz2/bar2" 2818 S: * LIST () "/" "baz2/bar22" 2819 S: * LIST () "/" "baz2/bar222" 2820 S: * LIST () "/" "eps2" 2821 S: * LIST () "/" "eps2/mamba" 2822 S: * LIST () "/" "qux2/bar2" 2823 S: D01 OK done 2824 And that the following mailboxes are subscribed: 2826 C: D02 LIST (SUBSCRIBED) "" "*" 2827 S: * LIST (\Subscribed) "/" "foo2/bar1" 2828 S: * LIST (\Subscribed) "/" "foo2/bar2" 2829 S: * LIST (\Subscribed) "/" "baz2/bar2" 2830 S: * LIST (\Subscribed) "/" "baz2/bar22" 2831 S: * LIST (\Subscribed) "/" "baz2/bar222" 2832 S: * LIST (\Subscribed) "/" "eps2" 2833 S: * LIST (\Subscribed) "/" "eps2/mamba" 2834 S: * LIST (\Subscribed) "/" "qux2/bar2" 2835 S: D02 OK done 2837 The client issues the following command first: 2839 C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*2" 2840 S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED")) 2841 S: * LIST (\Subscribed) "/" "foo2/bar2" 2842 S: * LIST (\Subscribed) "/" "baz2/bar2" 2843 S: * LIST (\Subscribed) "/" "baz2/bar22" 2844 S: * LIST (\Subscribed) "/" "baz2/bar222" 2845 S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED")) 2846 S: * LIST (\Subscribed) "/" "qux2/bar2" 2847 S: D03 OK done 2849 and the server may also include (but this would violate a SHOULD 2850 NOT in Section 3.5, because CHILDINFO is redundant) 2852 S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED")) 2853 S: * LIST (\NonExistent) "/" "qux2" ("CHILDINFO" ("SUBSCRIBED")) 2855 The CHILDINFO extended data item is returned for mailboxes 2856 "foo2", "baz2", and "eps2", because all of them have subscribed 2857 children, even though for the mailbox "foo2" only one of the two 2858 subscribed children matches the pattern, for the mailbox "baz2" 2859 all the subscribed children match the pattern, and for the 2860 mailbox "eps2" none of the subscribed children matches the 2861 pattern. 2863 Note that if the client issues 2865 C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*" 2866 S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED")) 2867 S: * LIST (\Subscribed) "/" "foo2/bar1" 2868 S: * LIST (\Subscribed) "/" "foo2/bar2" 2869 S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED")) 2870 S: * LIST (\Subscribed) "/" "baz2/bar2" 2871 S: * LIST (\Subscribed) "/" "baz2/bar22" 2872 S: * LIST (\Subscribed) "/" "baz2/bar222" 2873 S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED")) 2874 S: * LIST (\Subscribed) "/" "eps2/mamba" 2875 S: * LIST (\Subscribed) "/" "qux2/bar2" 2876 S: D03 OK done 2878 The LIST responses for mailboxes "foo2", "baz2", and "eps2" 2879 still have the CHILDINFO extended data item, even though this 2880 information is redundant and the client can determine it by 2881 itself. 2883 9: The following example shows usage of extended syntax for mailbox 2884 pattern. It also demonstrates that the presence of the 2885 CHILDINFO extended data item doesn't necessarily imply 2886 \HasChildren. 2888 C: a1 LIST "" ("foo") 2889 S: * LIST () "/" foo 2890 S: a1 OK done 2892 C: a2 LIST (SUBSCRIBED) "" "foo/*" 2893 S: * LIST (\Subscribed \NonExistent) "/" foo/bar 2894 S: a2 OK done 2896 C: a3 LIST (SUBSCRIBED RECURSIVEMATCH) "" foo RETURN (CHILDREN) 2897 S: * LIST (\HasNoChildren) "/" foo ("CHILDINFO" ("SUBSCRIBED")) 2898 S: a3 OK done 2900 10: The following example shows how a server that supports missing 2901 mailbox hierarchy elements can signal to a client that didn't 2902 specify the RECURSIVEMATCH selection option that there is a 2903 child mailbox that matches the selection criteria. 2905 C: a1 LIST (REMOTE) "" * 2906 S: * LIST () "/" music/rock 2907 S: * LIST (\Remote) "/" also/jazz 2908 S: a1 OK done 2910 C: a2 LIST () "" % 2911 S: * LIST (\NonExistent \HasChildren) "/" music 2912 S: a2 OK done 2914 C: a3 LIST (REMOTE) "" % 2915 S: * LIST (\NonExistent \HasChildren) "/" music 2916 S: * LIST (\NonExistent \HasChildren) "/" also 2917 S: a3 OK done 2919 C: a3.1 LIST "" (% music/rock) 2920 S: * LIST () "/" music/rock 2921 S: a3.1 OK done 2923 Because "music/rock" is the only mailbox under "music", there's 2924 no need for the server to also return "music". However clients 2925 must handle both cases. 2927 11: The following examples show use of STATUS return option. 2929 C: A01 LIST "" % RETURN (STATUS (MESSAGES UNSEEN)) 2930 S: * LIST () "." "INBOX" 2931 S: * STATUS "INBOX" (MESSAGES 17 UNSEEN 16) 2932 S: * LIST () "." "foo" 2933 S: * STATUS "foo" (MESSAGES 30 UNSEEN 29) 2934 S: * LIST (\NoSelect) "." "bar" 2935 S: A01 OK List completed. 2937 The "bar" mailbox isn't selectable, so it has no STATUS reply. 2939 C: A02 LIST (SUBSCRIBED RECURSIVEMATCH) "" % RETURN (STATUS 2940 (MESSAGES)) 2941 S: * LIST (\Subscribed) "." "INBOX" 2942 S: * STATUS "INBOX" (MESSAGES 17) 2943 S: * LIST () "." "foo" (CHILDINFO ("SUBSCRIBED")) 2944 S: A02 OK List completed. 2946 The LIST reply for "foo" is returned because it has matching 2947 children, but no STATUS reply is returned because "foo" itself 2948 doesn't match the selection criteria. 2950 6.3.10. NAMESPACE Command 2952 Arguments: none 2954 Responses: REQUIRED untagged responses: NAMESPACE 2956 Result: OK - command completed 2957 NO - Can't complete the command 2958 BAD - arguments invalid 2960 The NAMESPACE command causes a single untagged NAMESPACE response to 2961 be returned. The untagged NAMESPACE response contains the prefix and 2962 hierarchy delimiter to the server's Personal Namespace(s), Other 2963 Users' Namespace(s), and Shared Namespace(s) that the server wishes 2964 to expose. The response will contain a NIL for any namespace class 2965 that is not available. The namespace-response-extensions ABNF non 2966 terminal is defined for extensibility and MAY be included in the 2967 NAMESPACE response. 2969 Example 1: 2971 In this example a server supports a single personal namespace. No 2972 leading prefix is used on personal mailboxes and "/" is the hierarchy 2973 delimiter. 2975 C: A001 NAMESPACE 2976 S: * NAMESPACE (("" "/")) NIL NIL 2977 S: A001 OK NAMESPACE command completed 2979 Example 2: 2981 A user logged on anonymously to a server. No personal mailboxes are 2982 associated with the anonymous user and the user does not have access 2983 to the Other Users' Namespace. No prefix is required to access 2984 shared mailboxes and the hierarchy delimiter is "." 2986 C: A001 NAMESPACE 2987 S: * NAMESPACE NIL NIL (("" ".")) 2988 S: A001 OK NAMESPACE command completed 2990 Example 3: 2992 A server that contains a Personal Namespace and a single Shared 2993 Namespace. 2995 C: A001 NAMESPACE 2996 S: * NAMESPACE (("" "/")) NIL (("Public Folders/" "/")) 2997 S: A001 OK NAMESPACE command completed 2999 Example 4: 3001 A server that contains a Personal Namespace, Other Users' Namespace 3002 and multiple Shared Namespaces. Note that the hierarchy delimiter 3003 used within each namespace can be different. 3005 C: A001 NAMESPACE 3006 S: * NAMESPACE (("" "/")) (("~" "/")) (("#shared/" "/") 3007 ("#public/" "/")("#ftp/" "/")("#news." ".")) 3008 S: A001 OK NAMESPACE command completed 3010 The prefix string allows a client to do things such as automatically 3011 creating personal mailboxes or LISTing all available mailboxes within 3012 a namespace. 3014 Example 5: 3016 A server that supports only the Personal Namespace, with a leading 3017 prefix of INBOX to personal mailboxes and a hierarchy delimiter of 3018 "." 3020 C: A001 NAMESPACE 3021 S: * NAMESPACE (("INBOX." ".")) NIL NIL 3022 S: A001 OK NAMESPACE command completed 3024 < Automatically create a mailbox to store sent items.> 3026 C: A002 CREATE "INBOX.Sent Mail" 3027 S: A002 OK CREATE command completed 3029 Although typically a server will support only a single Personal 3030 Namespace, and a single Other User's Namespace, circumstances exist 3031 where there MAY be multiples of these, and a client MUST be prepared 3032 for them. If a client is configured such that it is required to 3033 create a certain mailbox, there can be circumstances where it is 3034 unclear which Personal Namespaces it should create the mailbox in. 3035 In these situations a client SHOULD let the user select which 3036 namespaces to create the mailbox in or just use the first personal 3037 namespace. 3039 Example 6: 3041 In this example, a server supports two Personal Namespaces. In 3042 addition to the regular Personal Namespace, the user has an 3043 additional personal namespace to allow access to mailboxes in an MH 3044 format mailstore. 3046 The client is configured to save a copy of all mail sent by the user 3047 into a mailbox called 'Sent Mail'. Furthermore, after a message is 3048 deleted from a mailbox, the client is configured to move that message 3049 to a mailbox called 'Deleted Items'. 3051 Note that this example demonstrates how some extension parameters can 3052 be passed to further describe the #mh namespace. See the fictitious 3053 "X-PARAM" extension parameter. 3055 C: A001 NAMESPACE 3056 S: * NAMESPACE (("" "/")("#mh/" "/" "X-PARAM" 3057 ("FLAG1" "FLAG2"))) NIL NIL 3058 S: A001 OK NAMESPACE command completed 3060 < It is desired to keep only one copy of sent mail. 3061 It is unclear which Personal Namespace the client 3062 should use to create the 'Sent Mail' mailbox. 3063 The user is prompted to select a namespace and only 3064 one 'Sent Mail' mailbox is created. > 3066 C: A002 CREATE "Sent Mail" 3067 S: A002 OK CREATE command completed 3069 < The client is designed so that it keeps two 3070 'Deleted Items' mailboxes, one for each namespace. > 3072 C: A003 CREATE "Delete Items" 3073 S: A003 OK CREATE command completed 3075 C: A004 CREATE "#mh/Deleted Items" 3076 S: A004 OK CREATE command completed 3078 The next level of hierarchy following the Other Users' Namespace 3079 prefix SHOULD consist of , where is a user name 3080 as per the LOGIN or AUTHENTICATE command. 3082 A client can construct a LIST command by appending a "%" to the Other 3083 Users' Namespace prefix to discover the Personal Namespaces of other 3084 users that are available to the currently authenticated user. 3086 In response to such a LIST command, a server SHOULD NOT return user 3087 names that have not granted access to their personal mailboxes to the 3088 user in question. 3090 A server MAY return a LIST response containing only the names of 3091 users that have explicitly granted access to the user in question. 3093 Alternatively, a server MAY return NO to such a LIST command, 3094 requiring that a user name be included with the Other Users' 3095 Namespace prefix before listing any other user's mailboxes. 3097 Example 7: 3099 A server that supports providing a list of other user's mailboxes 3100 that are accessible to the currently logged on user. 3102 C: A001 NAMESPACE 3103 S: * NAMESPACE (("" "/")) (("Other Users/" "/")) NIL 3104 S: A001 OK NAMESPACE command completed 3106 C: A002 LIST "" "Other Users/%" 3107 S: * LIST () "/" "Other Users/Mike" 3108 S: * LIST () "/" "Other Users/Karen" 3109 S: * LIST () "/" "Other Users/Matthew" 3110 S: * LIST () "/" "Other Users/Tesa" 3111 S: A002 OK LIST command completed 3113 Example 8: 3115 A server that does not support providing a list of other user's 3116 mailboxes that are accessible to the currently logged on user. The 3117 mailboxes are listable if the client includes the name of the other 3118 user with the Other Users' Namespace prefix. 3120 C: A001 NAMESPACE 3121 S: * NAMESPACE (("" "/")) (("#Users/" "/")) NIL 3122 S: A001 OK NAMESPACE command completed 3124 < In this example, the currently logged on user has access to 3125 the Personal Namespace of user Mike, but the server chose to 3126 suppress this information in the LIST response. However, 3127 by appending the user name Mike (received through user input) 3128 to the Other Users' Namespace prefix, the client is able 3129 to get a listing of the personal mailboxes of user Mike. > 3131 C: A002 LIST "" "#Users/%" 3132 S: A002 NO The requested item could not be found. 3134 C: A003 LIST "" "#Users/Mike/%" 3135 S: * LIST () "/" "#Users/Mike/INBOX" 3136 S: * LIST () "/" "#Users/Mike/Foo" 3137 S: A003 OK LIST command completed. 3139 A prefix string might not contain a hierarchy delimiter, because in 3140 some cases it is not needed as part of the prefix. 3142 Example 9: 3144 A server that allows access to the Other Users' Namespace by 3145 prefixing the others' mailboxes with a '~' followed by , 3146 where is a user name as per the LOGIN or AUTHENTICATE 3147 command. 3149 C: A001 NAMESPACE 3150 S: * NAMESPACE (("" "/")) (("~" "/")) NIL 3151 S: A001 OK NAMESPACE command completed 3153 < List the mailboxes for user mark > 3155 C: A002 LIST "" "~mark/%" 3156 S: * LIST () "/" "~mark/INBOX" 3157 S: * LIST () "/" "~mark/foo" 3158 S: A002 OK LIST command completed 3160 6.3.11. STATUS Command 3162 Arguments: mailbox name 3163 status data item names 3165 Responses: REQUIRED untagged responses: STATUS 3167 Result: OK - status completed 3168 NO - status failure: no status for that name 3169 BAD - command unknown or arguments invalid 3171 The STATUS command requests the status of the indicated mailbox. It 3172 does not change the currently selected mailbox, nor does it affect 3173 the state of any messages in the queried mailbox. 3175 The STATUS command provides an alternative to opening a second 3176 IMAP4rev2 connection and doing an EXAMINE command on a mailbox to 3177 query that mailbox's status without deselecting the current mailbox 3178 in the first IMAP4rev2 connection. 3180 Unlike the LIST command, the STATUS command is not guaranteed to be 3181 fast in its response. Under certain circumstances, it can be quite 3182 slow. In some implementations, the server is obliged to open the 3183 mailbox read-only internally to obtain certain status information. 3184 Also unlike the LIST command, the STATUS command does not accept 3185 wildcards. 3187 Note: The STATUS command is intended to access the status of 3188 mailboxes other than the currently selected mailbox. Because the 3189 STATUS command can cause the mailbox to be opened internally, and 3190 because this information is available by other means on the 3191 selected mailbox, the STATUS command SHOULD NOT be used on the 3192 currently selected mailbox. However, servers MUST be able to 3193 execute STATUS command on the selected mailbox. (This might also 3194 implicitly happen when STATUS return option is used in a LIST 3195 command). 3197 The STATUS command MUST NOT be used as a "check for new messages 3198 in the selected mailbox" operation (refer to Section 7 and 3199 Section 7.4.1 for more information about the proper method for new 3200 message checking). 3202 STATUS SIZE (see below) can take a significant amount of time, 3203 depending upon server implementation. Clients should use STATUS 3204 SIZE cautiously. 3206 The currently defined status data items that can be requested are: 3208 MESSAGES The number of messages in the mailbox. 3210 UIDNEXT The next unique identifier value of the mailbox. Refer to 3211 Section 2.3.1.1 for more information. 3213 UIDVALIDITY The unique identifier validity value of the mailbox. 3214 Refer to Section 2.3.1.1 for more information. 3216 UNSEEN The number of messages which do not have the \Seen flag set. 3218 DELETED The number of messages which have the \Deleted flag set. 3220 SIZE The total size of the mailbox in octets. This is not strictly 3221 required to be an exact value, but it MUST be equal to or greater 3222 than the sum of the values of the RFC822.SIZE FETCH message data 3223 items (see Section 6.4.5) of all messages in the mailbox. 3225 Example: C: A042 STATUS blurdybloop (UIDNEXT MESSAGES) 3226 S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 3227 S: A042 OK STATUS completed 3229 6.3.12. APPEND Command 3231 Arguments: mailbox name 3232 OPTIONAL flag parenthesized list 3233 OPTIONAL date/time string 3234 message literal 3236 Responses: OPTIONAL untagged response: LIST 3237 Result: OK - append completed 3238 NO - append error: can't append to that mailbox, error 3239 in flags or date/time or message text 3240 BAD - command unknown or arguments invalid 3242 The APPEND command appends the literal argument as a new message to 3243 the end of the specified destination mailbox. This argument SHOULD 3244 be in the format of an [RFC-5322] or [I18N-HDRS] message. 8-bit 3245 characters are permitted in the message. A server implementation 3246 that is unable to preserve 8-bit data properly MUST be able to 3247 reversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB] 3248 content transfer encoding. 3250 Note: There may be exceptions, e.g., draft messages, in which 3251 required [RFC-5322] header fields are omitted in the message 3252 literal argument to APPEND. The full implications of doing so 3253 must be understood and carefully weighed. 3255 If a flag parenthesized list is specified, the flags SHOULD be set in 3256 the resulting message; otherwise, the flag list of the resulting 3257 message is set to empty by default. 3259 If a date-time is specified, the internal date SHOULD be set in the 3260 resulting message; otherwise, the internal date of the resulting 3261 message is set to the current date and time by default. 3263 If the append is unsuccessful for any reason, the mailbox MUST be 3264 restored to its state before the APPEND attempt (other than possibly 3265 keeping the changed mailbox's UIDNEXT value); no partial appending is 3266 permitted. 3268 If the destination mailbox does not exist, a server MUST return an 3269 error, and MUST NOT automatically create the mailbox. Unless it is 3270 certain that the destination mailbox can not be created, the server 3271 MUST send the response code "[TRYCREATE]" as the prefix of the text 3272 of the tagged NO response. This gives a hint to the client that it 3273 can attempt a CREATE command and retry the APPEND if the CREATE is 3274 successful. 3276 On successful completion of an APPEND, the server returns an 3277 APPENDUID response code (see Section 7.1), unless specified otherwise 3278 below. 3280 In the case of a mailbox that has permissions set so that the client 3281 can APPEND to the mailbox, but not SELECT or EXAMINE it, the server 3282 MUST NOT send an APPENDUID response code as it would disclose 3283 information about the mailbox. 3285 In the case of a mailbox that has UIDNOTSTICKY status (see 3286 Section 7.1), the server MAY omit the APPENDUID response code as it 3287 is not meaningful. 3289 If the mailbox is currently selected, the normal new message actions 3290 SHOULD occur. Specifically, the server SHOULD notify the client 3291 immediately via an untagged EXISTS response. If the server does not 3292 do so, the client MAY issue a NOOP command after one or more APPEND 3293 commands. 3295 If the server decides to convert (normalize) the mailbox name, it 3296 SHOULD return an untagged LIST with OLDNAME extended data item, with 3297 the OLDNAME value being the supplied mailbox name and the name 3298 parameter being the normalized mailbox name. (See Section 6.3.9.7 3299 for more details.) 3301 Example: C: A003 APPEND saved-messages (\Seen) {310} 3302 S: + Ready for literal data 3303 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 3304 C: From: Fred Foobar 3305 C: Subject: afternoon meeting 3306 C: To: mooch@owatagu.siam.edu 3307 C: Message-Id: 3308 C: MIME-Version: 1.0 3309 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 3310 C: 3311 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 3312 C: 3313 S: A003 OK APPEND completed 3315 Example: C: A003 APPEND saved-messages (\Seen) {297} 3316 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 3317 C: From: Fred Foobar 3318 C: Subject: afternoon meeting 3319 C: To: mooch@example.com 3320 C: Message-Id: 3321 C: MIME-Version: 1.0 3322 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 3323 C: 3324 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 3325 C: 3326 S: A003 OK [APPENDUID 38505 3955] APPEND completed 3327 C: A004 COPY 2:4 meeting 3328 S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done 3329 C: A005 UID COPY 305:310 meeting 3330 S: A005 OK No matching messages, so nothing copied 3331 C: A006 COPY 2 funny 3332 S: A006 OK Done 3333 C: A007 SELECT funny 3334 S: * 1 EXISTS 3335 S: * OK [UIDVALIDITY 3857529045] Validity session-only 3336 S: * OK [UIDNEXT 2] Predicted next UID 3337 S: * NO [UIDNOTSTICKY] Non-persistent UIDs 3338 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 3339 S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited 3340 S: * LIST () "." funny 3341 S: A007 OK [READ-WRITE] SELECT completed 3343 In this example, A003 and A004 demonstrate successful appending and 3344 copying to a mailbox that returns the UIDs assigned to the messages. 3345 A005 is an example in which no messages were copied; this is because 3346 in A003, we see that message 2 had UID 304, and message 3 had UID 3347 319; therefore, UIDs 305 through 310 do not exist (refer to 3348 Section 2.3.1.1 for further explanation). A006 is an example of a 3349 message being copied that did not return a COPYUID; and, as expected, 3350 A007 shows that the mail store containing that mailbox does not 3351 support persistent UIDs. 3353 Note: The APPEND command is not used for message delivery, because 3354 it does not provide a mechanism to transfer [SMTP] envelope 3355 information. 3357 6.3.13. IDLE Command 3359 Arguments: none 3361 Responses: continuation data will be requested; the client sends the 3362 continuation data "DONE" to end the command 3364 Result: OK - IDLE completed after client sent "DONE" 3365 NO - failure: the server will not allow the IDLE command 3366 at this time 3367 BAD - command unknown or arguments invalid 3369 Without the IDLE command a client would need to poll the server for 3370 changes to the selected mailbox (new mail, deletions, flag changes). 3371 It's often more desirable to have the server transmit updates to the 3372 client in real time. This allows a user to see new mail immediately. 3373 The IDLE command allows a client to tell the server that it's ready 3374 to accept such real-time updates. 3376 The IDLE command is sent from the client to the server when the 3377 client is ready to accept unsolicited update messages. The server 3378 requests a response to the IDLE command using the continuation ("+") 3379 response. The IDLE command remains active until the client responds 3380 to the continuation, and as long as an IDLE command is active, the 3381 server is now free to send untagged EXISTS, EXPUNGE, FETCH, and other 3382 responses at any time. If the server chooses to send unsolicited 3383 FETCH responses, they MUST include UID FETCH item. 3385 The IDLE command is terminated by the receipt of a "DONE" 3386 continuation from the client; such response satisfies the server's 3387 continuation request. At that point, the server MAY send any 3388 remaining queued untagged responses and then MUST immediately send 3389 the tagged response to the IDLE command and prepare to process other 3390 commands. As for other commands, the processing of any new command 3391 may cause the sending of unsolicited untagged responses, subject to 3392 the ambiguity limitations. The client MUST NOT send a command while 3393 the server is waiting for the DONE, since the server will not be able 3394 to distinguish a command from a continuation. 3396 The server MAY consider a client inactive if it has an IDLE command 3397 running, and if such a server has an inactivity timeout it MAY log 3398 the client off implicitly at the end of its timeout period. Because 3399 of that, clients using IDLE are advised to terminate the IDLE and re- 3400 issue it at least every 29 minutes to avoid being logged off. This 3401 still allows a client to receive immediate mailbox updates even 3402 though it need only "poll" at half hour intervals. 3404 Example: C: A001 SELECT INBOX 3405 S: * FLAGS (\Deleted \Seen \Flagged) 3406 S: * OK [PERMANENTFLAGS (\Deleted \Seen \Flagged)] Limited 3407 S: * 3 EXISTS 3408 S: * OK [UIDVALIDITY 1] 3409 S: * LIST () "/" INBOX 3410 S: A001 OK [READ-WRITE] SELECT completed 3411 C: A002 IDLE 3412 S: + idling 3413 ...time passes; new mail arrives... 3414 S: * 4 EXISTS 3415 C: DONE 3416 S: A002 OK IDLE terminated 3417 ...another client expunges message 2 now... 3418 C: A003 FETCH 4 ALL 3419 S: * 4 FETCH (...) 3420 S: A003 OK FETCH completed 3421 C: A004 IDLE 3422 S: * 2 EXPUNGE 3423 S: * 3 EXISTS 3424 S: + idling 3425 ...time passes; another client expunges message 3... 3426 S: * 3 EXPUNGE 3427 S: * 2 EXISTS 3428 ...time passes; new mail arrives... 3429 S: * 3 EXISTS 3430 C: DONE 3431 S: A004 OK IDLE terminated 3432 C: A005 FETCH 3 ALL 3433 S: * 3 FETCH (...) 3434 S: A005 OK FETCH completed 3435 C: A006 IDLE 3437 6.4. Client Commands - Selected State 3439 In the selected state, commands that manipulate messages in a mailbox 3440 are permitted. 3442 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 3443 and the authenticated state commands (SELECT, EXAMINE, NAMESPACE, 3444 CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, STATUS, and 3445 APPEND), the following commands are valid in the selected state: 3446 CLOSE, UNSELECT, EXPUNGE, SEARCH, FETCH, STORE, COPY, MOVE, and UID. 3448 6.4.1. CLOSE Command 3450 Arguments: none 3452 Responses: no specific responses for this command 3454 Result: OK - close completed, now in authenticated state 3455 BAD - command unknown or arguments invalid 3457 The CLOSE command permanently removes all messages that have the 3458 \Deleted flag set from the currently selected mailbox, and returns to 3459 the authenticated state from the selected state. No untagged EXPUNGE 3460 responses are sent. 3462 No messages are removed, and no error is given, if the mailbox is 3463 selected by an EXAMINE command or is otherwise selected read-only. 3465 Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUT command 3466 MAY be issued without previously issuing a CLOSE command. The 3467 SELECT, EXAMINE, and LOGOUT commands implicitly close the currently 3468 selected mailbox without doing an expunge. However, when many 3469 messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECT sequence is 3470 considerably faster than an EXPUNGE-LOGOUT or EXPUNGE-SELECT because 3471 no untagged EXPUNGE responses (which the client would probably 3472 ignore) are sent. 3474 Example: C: A341 CLOSE 3475 S: A341 OK CLOSE completed 3477 6.4.2. UNSELECT Command 3479 Arguments: none 3481 Responses: no specific responses for this command 3483 Result: OK - unselect completed, now in authenticated state 3484 BAD - no mailbox selected, or argument supplied but none 3485 permitted 3487 The UNSELECT command frees session's resources associated with the 3488 selected mailbox and returns the server to the authenticated state. 3489 This command performs the same actions as CLOSE, except that no 3490 messages are permanently removed from the currently selected mailbox. 3492 Example: C: A342 UNSELECT 3493 S: A342 OK Unselect completed 3495 6.4.3. EXPUNGE Command 3497 Arguments: none 3499 Responses: untagged responses: EXPUNGE 3501 Result: OK - expunge completed 3502 NO - expunge failure: can't expunge (e.g., permission 3503 denied) 3504 BAD - command unknown or arguments invalid 3506 The EXPUNGE command permanently removes all messages that have the 3507 \Deleted flag set from the currently selected mailbox. Before 3508 returning an OK to the client, an untagged EXPUNGE response is sent 3509 for each message that is removed. 3511 Example: C: A202 EXPUNGE 3512 S: * 3 EXPUNGE 3513 S: * 3 EXPUNGE 3514 S: * 5 EXPUNGE 3515 S: * 8 EXPUNGE 3516 S: A202 OK EXPUNGE completed 3518 Note: In this example, messages 3, 4, 7, and 11 had the \Deleted flag 3519 set. See the description of the EXPUNGE response (Section 7.5.1) for 3520 further explanation. 3522 6.4.4. SEARCH Command 3524 Arguments: OPTIONAL result specifier 3525 OPTIONAL [CHARSET] specification 3526 searching criteria (one or more) 3528 Responses: OPTIONAL untagged response: ESEARCH 3530 Result: OK - search completed 3531 NO - search error: can't search that [CHARSET] or 3532 criteria 3533 BAD - command unknown or arguments invalid 3535 The SEARCH command searches the mailbox for messages that match the 3536 given searching criteria. 3538 The SEARCH command may contain result options. Result options 3539 control what kind of information is returned about messages matching 3540 the search criteria in an untagged ESEARCH response. If no result 3541 option is specified or empty list of options is specified "()", ALL 3542 is assumed (see below). The order of individual options is 3543 arbitrary. Individual options may contain parameters enclosed in 3544 parentheses. (However, if an option has a mandatory parameter, which 3545 can always be represented as a number or a sequence-set, the option 3546 parameter does not need the enclosing parentheses. See the Formal 3547 Syntax (Section 9) for more details). If an option has parameters, 3548 they consist of atoms and/or strings and/or lists in a specific 3549 order. Any options not defined by extensions that the server 3550 supports MUST be rejected with a BAD response. 3552 This document specifies the following result options: 3554 MIN 3556 Return the lowest message number/UID that satisfies the SEARCH 3557 criteria. 3559 If the SEARCH results in no matches, the server MUST NOT 3560 include the MIN result option in the ESEARCH response; however, 3561 it still MUST send the ESEARCH response. 3563 MAX 3565 Return the highest message number/UID that satisfies the SEARCH 3566 criteria. 3568 If the SEARCH results in no matches, the server MUST NOT 3569 include the MAX result option in the ESEARCH response; however, 3570 it still MUST send the ESEARCH response. 3572 ALL 3574 Return all message numbers/UIDs that satisfy the SEARCH 3575 criteria using the sequence-set syntax. Note, the client MUST 3576 NOT assume that messages/UIDs will be listed in any particular 3577 order. 3579 If the SEARCH results in no matches, the server MUST NOT 3580 include the ALL result option in the ESEARCH response; however, 3581 it still MUST send the ESEARCH response. 3583 COUNT Return the number of messages that satisfy the SEARCH 3584 criteria. This result option MUST always be included in the 3585 ESEARCH response. 3587 SAVE 3589 This option tells the server to remember the result of the 3590 SEARCH or UID SEARCH command (as well as any command based on 3591 SEARCH, e.g., SORT and THREAD [RFC5256]>) and store it in an 3592 internal variable that we will reference as the "search result 3593 variable". The client can use the "$" marker to reference the 3594 content of this internal variable. The "$" marker can be used 3595 instead of message sequence or UID sequence in order to 3596 indicate that the server should substitute it with the list of 3597 messages from the search result variable. Thus, the client can 3598 use the result of the latest remembered SEARCH command as a 3599 parameter to another command. See Section 6.4.4.1 for details 3600 on how the value of the search result variable is determined, 3601 how it is affected by other commands executed, and how SAVE 3602 return option interacts with other return options. 3604 In absence of any other SEARCH result option, the SAVE result 3605 option also suppresses any ESEARCH response that would have 3606 been otherwise returned by the SEARCH command. 3608 Note: future extensions to this document can allow servers to return 3609 multiple ESEARCH responses for a single extended SEARCH command. 3610 However all options specified above MUST result in a single ESEARCH 3611 response if used by themselves or in combination. This guaranty 3612 simplifies processing in IMAP4rev2 clients. Future SEARCH extensions 3613 that relax this restriction will have to describe how results from 3614 multiple ESEARCH responses are to be combined. 3616 Searching criteria consist of one or more search keys. 3618 When multiple keys are specified, the result is the intersection (AND 3619 function) of all the messages that match those keys. For example, 3620 the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers to all 3621 deleted messages from Smith with INTERNALDATE greater than February 3622 1, 1994. A search key can also be a parenthesized list of one or 3623 more search keys (e.g., for use with the OR and NOT keys). 3625 Server implementations MAY exclude [MIME-IMB] body parts with 3626 terminal content media types other than TEXT and MESSAGE from 3627 consideration in SEARCH matching. 3629 The OPTIONAL [CHARSET] specification consists of the word "CHARSET" 3630 followed by a registered [CHARSET] [CHARSET-REG]. It indicates the 3631 [CHARSET] of the strings that appear in the search criteria. 3632 [MIME-IMB] content transfer encodings, and [MIME-HDRS] strings in 3633 [RFC-5322]/[MIME-IMB] headers, MUST be decoded before comparing text. 3634 Servers MUST support US-ASCII and UTF-8 charsets; other [CHARSET]s 3635 MAY be supported. Clients SHOULD use UTF-8. Note that if "CHARSET" 3636 is not provided IMAP4rev2 server MUST assume UTF-8, so selecting 3637 CHARSET UTF-8 is redundant. It is permitted for improved 3638 compatibility with existing IMAP4rev1 clients. 3640 If the server does not support the specified [CHARSET], it MUST 3641 return a tagged NO response (not a BAD). This response SHOULD 3642 contain the BADCHARSET response code, which MAY list the [CHARSET]s 3643 supported by the server. 3645 In all search keys that use strings and unless specified otherwise, a 3646 message matches the key if the string is a substring of the 3647 associated text. The matching SHOULD be case-insensitive for 3648 characters within ASCII range. Consider using [IMAP-I18N] for 3649 language-sensitive case-insensitive searching. Note that the empty 3650 string is a substring; this is useful when doing a HEADER search in 3651 order to test for a header field presence in the message. 3653 The defined search keys are as follows. Refer to the Formal Syntax 3654 section for the precise syntactic definitions of the arguments. 3656 Messages with message sequence numbers corresponding 3657 to the specified message sequence number set. 3659 ALL All messages in the mailbox; the default initial key for ANDing. 3661 ANSWERED Messages with the \Answered flag set. 3663 BCC Messages that contain the specified string in the 3664 envelope structure's BCC field. 3666 BEFORE Messages whose internal date (disregarding time and 3667 timezone) is earlier than the specified date. 3669 BODY Messages that contain the specified string in the body 3670 of the message. Unlike TEXT (see below), this doesn't match any 3671 header fields. Servers are allowed to implement flexible matching 3672 for this search key, for example matching "swim" to both "swam" 3673 and "swum" in English language text or only doing full word 3674 matching (where "swim" will not match "swimming"). 3676 CC Messages that contain the specified string in the 3677 envelope structure's CC field. 3679 DELETED Messages with the \Deleted flag set. 3681 DRAFT Messages with the \Draft flag set. 3683 FLAGGED Messages with the \Flagged flag set. 3685 FROM Messages that contain the specified string in the 3686 envelope structure's FROM field. 3688 HEADER Messages that have a header field with 3689 the specified field-name (as defined in [RFC-5322]) and that 3690 contains the specified string in the text of the header field 3691 (what comes after the colon). If the string to search is zero- 3692 length, this matches all messages that have a header field with 3693 the specified field-name regardless of the contents. Servers 3694 should use substring search for this SEARCH item, as clients can 3695 use it for automatic processing not initiated by end users. For 3696 example this can be used for searching for Message-ID or Content- 3697 Type header field values that need to be exact, or for searches in 3698 header fields that the IMAP server might not know anything about. 3700 KEYWORD Messages with the specified keyword flag set. 3702 LARGER Messages with an [RFC-5322] size larger than the 3703 specified number of octets. 3705 NOT Messages that do not match the specified search 3706 key. 3708 ON Messages whose internal date (disregarding time and 3709 timezone) is within the specified date. 3711 OR Messages that match either search 3712 key. 3714 SEEN Messages that have the \Seen flag set. 3716 SENTBEFORE Messages whose [RFC-5322] Date: header field 3717 (disregarding time and timezone) is earlier than the specified 3718 date. 3720 SENTON Messages whose [RFC-5322] Date: header field 3721 (disregarding time and timezone) is within the specified date. 3723 SENTSINCE Messages whose [RFC-5322] Date: header field 3724 (disregarding time and timezone) is within or later than the 3725 specified date. 3727 SINCE Messages whose internal date (disregarding time and 3728 timezone) is within or later than the specified date. 3730 SMALLER Messages with an [RFC-5322] size smaller than the 3731 specified number of octets. 3733 SUBJECT Messages that contain the specified string in the 3734 envelope structure's SUBJECT field. 3736 TEXT Messages that contain the specified string in the 3737 header (including MIME header fields) or body of the message. 3738 Servers are allowed to implement flexible matching for this search 3739 key, for example matching "swim" to both "swam" and "swum" in 3740 English language text or only doing full word matching (where 3741 "swim" will not match "swimming"). 3743 TO Messages that contain the specified string in the 3744 envelope structure's TO field. 3746 UID Messages with unique identifiers corresponding to 3747 the specified unique identifier set. Sequence set ranges are 3748 permitted. 3750 UNANSWERED Messages that do not have the \Answered flag set. 3752 UNDELETED Messages that do not have the \Deleted flag set. 3754 UNDRAFT Messages that do not have the \Draft flag set. 3756 UNFLAGGED Messages that do not have the \Flagged flag set. 3758 UNKEYWORD Messages that do not have the specified keyword 3759 flag set. 3761 UNSEEN Messages that do not have the \Seen flag set. 3763 Example: C: A282 SEARCH RETURN (MIN COUNT) FLAGGED 3764 SINCE 1-Feb-1994 NOT FROM "Smith" 3765 S: * ESEARCH (TAG "A282") MIN 2 COUNT 3 3766 S: A282 OK SEARCH completed 3768 Example: C: A283 SEARCH RETURN () FLAGGED 3769 SINCE 1-Feb-1994 NOT FROM "Smith" 3770 S: * ESEARCH (TAG "A283") ALL 2,10:11 3771 S: A283 OK SEARCH completed 3773 Example: C: A284 SEARCH TEXT "string not in mailbox" 3774 S: * ESEARCH (TAG "A284") 3775 S: A284 OK SEARCH completed 3776 C: A285 SEARCH CHARSET UTF-8 TEXT {6} 3777 S: + Ready for literal text 3778 C: XXXXXX 3779 S: * ESEARCH (TAG "A285") ALL 43 3780 S: A285 OK SEARCH completed 3782 Note: Since this document is restricted to 7-bit ASCII text, it is 3783 not possible to show actual UTF-8 data. The "XXXXXX" is a 3784 placeholder for what would be 6 octets of 8-bit data in an actual 3785 transaction. 3787 The following example demonstrates finding the first unseen message 3788 in the mailbox: 3790 Example: C: A284 SEARCH RETURN (MIN) UNSEEN 3791 S: * ESEARCH (TAG "A284") MIN 4 3792 S: A284 OK SEARCH completed 3794 The following example demonstrates that if the ESEARCH UID indicator 3795 is present, all data in the ESEARCH response is referring to UIDs; 3796 for example, the MIN result specifier will be followed by a UID. 3798 Example: C: A285 UID SEARCH RETURN (MIN MAX) 1:5000 3799 S: * ESEARCH (TAG "A285") UID MIN 7 MAX 3800 3800 S: A285 OK SEARCH completed 3802 The following example demonstrates returning the number of deleted 3803 messages: 3805 Example: C: A286 SEARCH RETURN (COUNT) DELETED 3806 S: * ESEARCH (TAG "A286") COUNT 15 3807 S: A286 OK SEARCH completed 3809 6.4.4.1. SAVE result option and SEARCH result variable 3811 Upon successful completion of a SELECT or an EXAMINE command (after 3812 the tagged OK response), the current search result variable is reset 3813 to the empty sequence. 3815 A successful SEARCH command with the SAVE result option sets the 3816 value of the search result variable to the list of messages found in 3817 the SEARCH command. For example, if no messages were found, the 3818 search result variable will contain the empty sequence. 3820 Any of the following SEARCH commands MUST NOT change the search 3821 result variable: 3823 a SEARCH command that caused the server to return the BAD tagged 3824 response, 3826 a SEARCH command with no SAVE result option that caused the server 3827 to return NO tagged response, 3829 a successful SEARCH command with no SAVE result option. 3831 A SEARCH command with the SAVE result option that caused the server 3832 to return the NO tagged response sets the value of the search result 3833 variable to the empty sequence. 3835 When a message listed in the search result variable is EXPUNGEd, it 3836 is automatically removed from the list. Implementors are reminded 3837 that if the server stores the list as a list of message numbers, it 3838 MUST automatically adjust them when notifying the client about 3839 expunged messages, as described in Section 7.5.1. 3841 If the server decides to send a new UIDVALIDITY value while the 3842 mailbox is opened, this causes resetting of the search variable to 3843 the empty sequence. 3845 Note that even if the "$" marker contains the empty sequence of 3846 messages, it must be treated by all commands accepting message sets 3847 as parameters as a valid, but non-matching list of messages. For 3848 example, the "FETCH $" command would return a tagged OK response and 3849 no FETCH responses. See also the Example 5 in Section 6.4.4.4. 3851 The SAVE result option doesn't change whether the server would return 3852 items corresponding to MIN, MAX, ALL, or COUNT result options. 3854 When the SAVE result option is combined with the MIN or MAX result 3855 option, and both ALL and COUNT result options are absent, the 3856 corresponding MIN/MAX is returned (if the search result is not 3857 empty), but the "$" marker would contain a single message as returned 3858 in the MIN/MAX return item. 3860 If the SAVE result option is combined with both MIN and MAX result 3861 options, and both ALL and COUNT result options are absent, the "$" 3862 marker would contain zero, one or two messages as returned in the 3863 MIN/MAX return items. 3865 If the SAVE result option is combined with the ALL and/or COUNT 3866 result option(s), the "$" marker would always contain all messages 3867 found by the SEARCH or UID SEARCH command. 3869 The following table summarizes the additional requirement on ESEARCH 3870 server implementations described in this section. 3872 +------------------------------+--------------------+ 3873 | Combination of Result option | "$" marker value | 3874 +------------------------------+--------------------+ 3875 | SAVE MIN | MIN | 3876 | SAVE MAX | MAX | 3877 | SAVE MIN MAX | MIN & MAX | 3878 | SAVE * [m] | all found messages | 3879 +------------------------------+--------------------+ 3881 where '*' means "ALL" and/or "COUNT", and '[m]' means optional "MIN" 3882 and/or "MAX" 3884 Implementation note: server implementors should note that "$" can 3885 reference IMAP message sequences or UID sequences, depending on the 3886 context where it is used. For example, the "$" marker can be set as 3887 a result of a SEARCH (SAVE) command and used as a parameter to a UID 3888 FETCH command (which accepts a UID sequence, not a message sequence), 3889 or the "$" marker can be set as a result of a UID SEARCH (SAVE) 3890 command and used as a parameter to a FETCH command (which accepts a 3891 message sequence, not a UID sequence). Server implementations need 3892 to automatically map the "$" marker value to message numbers or UIDs, 3893 depending on context where the "$" marker is used. 3895 6.4.4.2. Multiple Commands in Progress 3897 Use of a SEARCH RETURN (SAVE) command followed by a command using the 3898 "$" marker creates direct dependency between the two commands. As 3899 directed by Section 5.5, a server MUST execute the two commands in 3900 the order they were received. 3902 A client MAY pipeline a SEARCH RETURN (SAVE) command with one or more 3903 command using the "$" marker, as long as this doesn't create an 3904 ambiguity, as described in Section 5.5. Examples 7-9 in 3905 Section 6.4.4.4 explain this in more details. 3907 6.4.4.3. Refusing to Save Search Results 3909 In some cases, the server MAY refuse to save a SEARCH (SAVE) result, 3910 for example, if an internal limit on the number of saved results is 3911 reached. In this case, the server MUST return a tagged NO response 3912 containing the NOTSAVED response code and set the search result 3913 variable to the empty sequence, as described in Section 6.4.4.1. 3915 6.4.4.4. Examples showing use of SAVE result option 3917 Only in this section: explanatory comments in examples that start 3918 with // are not part of the protocol. 3920 1) The following example demonstrates how the client can use the 3921 result of a SEARCH command to FETCH headers of interesting messages: 3923 Example 1: 3924 C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994 3925 NOT FROM "Smith" 3926 S: A282 OK SEARCH completed, result saved 3927 C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER]) 3928 S: * 2 FETCH (UID 14 ... 3929 S: * 84 FETCH (UID 100 ... 3930 S: * 882 FETCH (UID 1115 ... 3931 S: A283 OK completed 3933 The client can also pipeline the two commands: 3935 Example 2: 3936 C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994 3937 NOT FROM "Smith" 3938 C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER]) 3939 S: A282 OK SEARCH completed 3940 S: * 2 FETCH (UID 14 ... 3941 S: * 84 FETCH (UID 100 ... 3942 S: * 882 FETCH (UID 1115 ... 3943 S: A283 OK completed 3945 2) The following example demonstrates that the result of one SEARCH 3946 command can be used as input to another SEARCH command: 3948 Example 3: 3949 C: A300 SEARCH RETURN (SAVE) SINCE 1-Jan-2004 3950 NOT FROM "Smith" 3951 S: A300 OK SEARCH completed 3952 C: A301 UID SEARCH UID $ SMALLER 4096 3953 S: * ESEARCH (TAG "A301") UID ALL 17,900,901 3954 S: A301 OK completed 3956 Note that the second command in Example 3 can be replaced with: 3957 C: A301 UID SEARCH $ SMALLER 4096 3958 and the result of the command would be the same. 3960 3) The following example shows that the "$" marker can be combined 3961 with other message numbers using the OR SEARCH criterion. 3963 Example 4: 3964 C: P282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994 3965 NOT FROM "Smith" 3966 S: P282 OK SEARCH completed 3967 C: P283 SEARCH CHARSET UTF-8 (OR $ 1,3000:3021) TEXT {8} 3968 C: YYYYYYYY 3969 S: * ESEARCH (TAG "P283") ALL 882,1102,3003,3005:3006 3970 S: P283 OK completed 3972 Note: Since this document format is restricted to 7-bit ASCII text, 3973 it is not possible to show actual UTF-8 data. The "YYYYYYYY" is a 3974 placeholder for what would be 8 octets of 8-bit data in an actual 3975 transaction. 3977 4) The following example demonstrates that a failed SEARCH sets the 3978 search result variable to the empty list. The server doesn't 3979 implement the KOI8-R charset. 3981 Example 5: 3982 C: B282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994 3983 NOT FROM "Smith" 3984 S: B282 OK SEARCH completed 3985 C: B283 SEARCH RETURN (SAVE) CHARSET KOI8-R 3986 (OR $ 1,3000:3021) TEXT {4} 3987 C: XXXX 3988 S: B283 NO [BADCHARSET UTF-8] KOI8-R is not supported 3989 //After this command the saved result variable contains 3990 //no messages. A client that wants to reissue the B283 3991 //SEARCH command with another CHARSET would have to reissue 3992 //the B282 command as well. One possible workaround for 3993 //this is to include the desired CHARSET parameter 3994 //in the earliest SEARCH RETURN (SAVE) command in a 3995 //sequence of related SEARCH commands, to cause 3996 //the earliest SEARCH in the sequence to fail. 3997 //A better approach might be to always use CHARSET UTF-8 3998 //instead. 4000 Note: Since this document format is restricted to 7-bit ASCII text, 4001 it is not possible to show actual KOI8-R data. The "XXXX" is a 4002 placeholder for what would be 4 octets of 8-bit data in an actual 4003 transaction. 4005 5) The following example demonstrates that it is not an error to use 4006 the "$" marker when it contains no messages. 4008 Example 6: 4009 C: E282 SEARCH RETURN (SAVE) SINCE 28-Oct-2006 4010 NOT FROM "Eric" 4011 C: E283 COPY $ "Other Messages" 4012 //The "$" contains no messages 4013 S: E282 OK SEARCH completed 4014 S: E283 OK COPY completed, nothing copied 4016 Example 7: 4017 C: F282 SEARCH RETURN (SAVE) KEYWORD $Junk 4018 C: F283 COPY $ "Junk" 4019 C: F284 STORE $ +FLAGS.Silent (\Deleted) 4020 S: F282 OK SEARCH completed 4021 S: F283 OK COPY completed 4022 S: F284 OK STORE completed 4024 Example 8: 4025 C: G282 SEARCH RETURN (SAVE) KEYWORD $Junk 4026 C: G283 SEARCH RETURN (ALL) SINCE 28-Oct-2006 4027 FROM "Eric" 4028 // The server can execute the two SEARCH commands 4029 // in any order, as they don't have any dependency. 4030 // For example, it may return: 4031 S: * ESEARCH (TAG "G283") ALL 3:15,27,29:103 4032 S: G283 OK SEARCH completed 4033 S: G282 OK SEARCH completed 4035 The following example demonstrates that the result of the second 4036 SEARCH RETURN (SAVE) always overrides the result of the first. 4038 Example 9: 4039 C: H282 SEARCH RETURN (SAVE) KEYWORD $Junk 4040 C: H283 SEARCH RETURN (SAVE) SINCE 28-Oct-2006 4041 FROM "Eric" 4042 S: H282 OK SEARCH completed 4043 S: H283 OK SEARCH completed 4044 // At this point "$" would contain results of H283 4046 The following example demonstrates behavioral difference for 4047 different combinations of ESEARCH result options. 4049 Example 10: 4050 C: C282 SEARCH RETURN (ALL) SINCE 12-Feb-2006 4051 NOT FROM "Smith" 4052 S: * ESEARCH (TAG "C283") ALL 2,10:15,21 4053 //$ value hasn't changed 4054 S: C282 OK SEARCH completed 4056 C: C283 SEARCH RETURN (ALL SAVE) SINCE 12-Feb-2006 4057 NOT FROM "Smith" 4058 S: * ESEARCH (TAG "C283") ALL 2,10:15,21 4059 //$ value is 2,10:15,21 4060 S: C283 OK SEARCH completed 4062 C: C284 SEARCH RETURN (SAVE MIN) SINCE 12-Feb-2006 4063 NOT FROM "Smith" 4064 S: * ESEARCH (TAG "C284") MIN 2 4065 //$ value is 2 4066 S: C284 OK SEARCH completed 4068 C: C285 SEARCH RETURN (MAX SAVE MIN) SINCE 4069 12-Feb-2006 NOT FROM "Smith" 4070 S: * ESEARCH (TAG "C285") MIN 2 MAX 21 4071 //$ value is 2,21 4072 S: C285 OK SEARCH completed 4074 C: C286 SEARCH RETURN (MAX SAVE MIN COUNT) 4075 SINCE 12-Feb-2006 NOT FROM "Smith" 4076 S: * ESEARCH (TAG "C286") MIN 2 MAX 21 COUNT 8 4077 //$ value is 2,10:15,21 4078 S: C286 OK SEARCH completed 4080 C: C286 SEARCH RETURN (ALL SAVE MIN) SINCE 4081 12-Feb-2006 NOT FROM "Smith" 4082 S: * ESEARCH (TAG "C286") MIN 2 ALL 2,10:15,21 4083 //$ value is 2,10:15,21 4084 S: C286 OK SEARCH completed 4086 6.4.5. FETCH Command 4088 Arguments: sequence set 4089 message data item names or macro 4091 Responses: untagged responses: FETCH 4093 Result: OK - fetch completed 4094 NO - fetch error: can't fetch that data 4095 BAD - command unknown or arguments invalid 4097 The FETCH command retrieves data associated with a message in the 4098 mailbox. The data items to be fetched can be either a single atom or 4099 a parenthesized list. 4101 Most data items, identified in the formal syntax (Section 9) under 4102 the msg-att-static rule, are static and MUST NOT change for any 4103 particular message. Other data items, identified in the formal 4104 syntax under the msg-att-dynamic rule, MAY change, either as a result 4105 of a STORE command or due to external events. 4107 For example, if a client receives an ENVELOPE for a message when 4108 it already knows the envelope, it can safely ignore the newly 4109 transmitted envelope. 4111 There are three macros which specify commonly-used sets of data 4112 items, and can be used instead of data items. A macro must be used 4113 by itself, and not in conjunction with other macros or data items. 4115 ALL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE) 4117 FAST Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE) 4119 FULL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE 4120 BODY) 4122 Several data items reference "section" or "section-binary". See 4123 Section 6.4.5.1 for their detailed definition. 4125 The currently defined data items that can be fetched are: 4127 BINARY[]<> 4129 Requests that the specified section be transmitted after 4130 performing Content-Transfer-Encoding-related decoding. 4132 The argument, if present, requests that a subset of 4133 the data be returned. The semantics of a partial FETCH BINARY 4134 command are the same as for a partial FETCH BODY command, with 4135 the exception that the arguments refer to the DECODED 4136 section data. 4138 Note that this data item can only be requested for leaf (i.e. 4139 non multipart/*, non message/rfc822 and non message/global) 4140 body parts. 4142 BINARY.PEEK[]<> An alternate form of 4143 BINARY[] that does not implicitly set the \Seen 4144 flag. 4146 BINARY.SIZE[] 4148 Requests the decoded size of the section (i.e., the size to 4149 expect in response to the corresponding FETCH BINARY request). 4151 Note: client authors are cautioned that this might be an 4152 expensive operation for some server implementations. 4153 Needlessly issuing this request could result in degraded 4154 performance due to servers having to calculate the value every 4155 time the request is issued. 4157 Note that this data item can only be requested for leaf (i.e. 4158 non multipart/*, non message/rfc822 and non message/global) 4159 body parts. 4161 BODY Non-extensible form of BODYSTRUCTURE. 4163 BODY[
]<> 4165 The text of a particular body section. 4167 It is possible to fetch a substring of the designated text. 4168 This is done by appending an open angle bracket ("<"), the 4169 octet position of the first desired octet, a period, the 4170 maximum number of octets desired, and a close angle bracket 4171 (">") to the part specifier. If the starting octet is beyond 4172 the end of the text, an empty string is returned. 4174 Any partial fetch that attempts to read beyond the end of the 4175 text is truncated as appropriate. A partial fetch that starts 4176 at octet 0 is returned as a partial fetch, even if this 4177 truncation happened. 4179 Note: This means that BODY[]<0.2048> of a 1500-octet message 4180 will return BODY[]<0> with a literal of size 1500, not 4181 BODY[]. 4183 Note: A substring fetch of a HEADER.FIELDS or 4184 HEADER.FIELDS.NOT part specifier is calculated after 4185 subsetting the header. 4187 The \Seen flag is implicitly set; if this causes the flags to 4188 change, they SHOULD be included as part of the FETCH responses. 4190 BODY.PEEK[
]<> An alternate form of BODY[
] 4191 that does not implicitly set the \Seen flag. 4193 BODYSTRUCTURE The [MIME-IMB] body structure of the message. This is 4194 computed by the server by parsing the [MIME-IMB] header fields in 4195 the [RFC-5322] header and [MIME-IMB] headers. See Section 7.5.2 4196 for more details. 4198 ENVELOPE The envelope structure of the message. This is computed by 4199 the server by parsing the [RFC-5322] header into the component 4200 parts, defaulting various fields as necessary. See Section 7.5.2 4201 for more details. 4203 FLAGS The flags that are set for this message. 4205 INTERNALDATE The internal date of the message. 4207 RFC822.SIZE The [RFC-5322] size of the message. 4209 UID The unique identifier for the message. 4211 Example: C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)]) 4212 S: * 2 FETCH .... 4213 S: * 3 FETCH .... 4214 S: * 4 FETCH .... 4215 S: A654 OK FETCH completed 4217 6.4.5.1. FETCH section specification 4219 Several FETCH data items reference "section" or "section-binary". 4220 The section specification is a set of zero or more part specifiers 4221 delimited by periods. A part specifier is either a part number or 4222 one of the following: HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, MIME, 4223 and TEXT. (Non numeric part specifiers have to be the last specifier 4224 in a section specification.) An empty section specification refers 4225 to the entire message, including the header. 4227 Every message has at least one part number. Non-[MIME-IMB] messages, 4228 and non-multipart [MIME-IMB] messages with no encapsulated message, 4229 only have a part 1. 4231 Multipart messages are assigned consecutive part numbers, as they 4232 occur in the message. If a particular part is of type message or 4233 multipart, its parts MUST be indicated by a period followed by the 4234 part number within that nested multipart part. 4236 A part of type MESSAGE/RFC822 or MESSAGE/GLOBAL also has nested part 4237 numbers, referring to parts of the MESSAGE part's body. 4239 The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT part 4240 specifiers can be the sole part specifier or can be prefixed by one 4241 or more numeric part specifiers, provided that the numeric part 4242 specifier refers to a part of type MESSAGE/RFC822 or MESSAGE/GLOBAL. 4243 The MIME part specifier MUST be prefixed by one or more numeric part 4244 specifiers. 4246 The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT part specifiers 4247 refer to the [RFC-5322] header of the message or of an encapsulated 4248 [MIME-IMT] MESSAGE/RFC822 or MESSAGE/GLOBAL message. HEADER.FIELDS 4249 and HEADER.FIELDS.NOT are followed by a list of field-name (as 4250 defined in [RFC-5322]) names, and return a subset of the header. The 4251 subset returned by HEADER.FIELDS contains only those header fields 4252 with a field-name that matches one of the names in the list; 4253 similarly, the subset returned by HEADER.FIELDS.NOT contains only the 4254 header fields with a non-matching field-name. The field-matching is 4255 ASCII range case-insensitive but otherwise exact. Subsetting does 4256 not exclude the [RFC-5322] delimiting blank line between the header 4257 and the body; the blank line is included in all header fetches, 4258 except in the case of a message which has no body and no blank line. 4260 The MIME part specifier refers to the [MIME-IMB] header for this 4261 part. 4263 The TEXT part specifier refers to the text body of the message, 4264 omitting the [RFC-5322] header. 4266 Here is an example of a complex message with some of its part 4267 specifiers: 4269 HEADER ([RFC-5322] header of the message) 4270 TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4271 1 TEXT/PLAIN 4272 2 APPLICATION/OCTET-STREAM 4273 3 MESSAGE/RFC822 4274 3.HEADER ([RFC-5322] header of the message) 4275 3.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4276 3.1 TEXT/PLAIN 4277 3.2 APPLICATION/OCTET-STREAM 4278 4 MULTIPART/MIXED 4279 4.1 IMAGE/GIF 4280 4.1.MIME ([MIME-IMB] header for the IMAGE/GIF) 4281 4.2 MESSAGE/RFC822 4282 4.2.HEADER ([RFC-5322] header of the message) 4283 4.2.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4284 4.2.1 TEXT/PLAIN 4285 4.2.2 MULTIPART/ALTERNATIVE 4286 4.2.2.1 TEXT/PLAIN 4287 4.2.2.2 TEXT/RICHTEXT 4289 6.4.6. STORE Command 4291 Arguments: sequence set 4292 message data item name 4293 value for message data item 4295 Responses: untagged responses: FETCH 4297 Result: OK - store completed 4298 NO - store error: can't store that data 4299 BAD - command unknown or arguments invalid 4301 The STORE command alters data associated with a message in the 4302 mailbox. Normally, STORE will return the updated value of the data 4303 with an untagged FETCH response. A suffix of ".SILENT" in the data 4304 item name prevents the untagged FETCH, and the server SHOULD assume 4305 that the client has determined the updated value itself or does not 4306 care about the updated value. 4308 Note: Regardless of whether or not the ".SILENT" suffix was used, 4309 the server SHOULD send an untagged FETCH response if a change to a 4310 message's flags from an external source is observed. The intent 4311 is that the status of the flags is determinate without a race 4312 condition. 4314 The currently defined data items that can be stored are: 4316 FLAGS Replace the flags for the message with the 4317 argument. The new value of the flags is returned as if a FETCH of 4318 those flags was done. 4320 FLAGS.SILENT Equivalent to FLAGS, but without returning 4321 a new value. 4323 +FLAGS Add the argument to the flags for the message. 4324 The new value of the flags is returned as if a FETCH of those 4325 flags was done. 4327 +FLAGS.SILENT Equivalent to +FLAGS, but without 4328 returning a new value. 4330 -FLAGS Remove the argument from the flags for the 4331 message. The new value of the flags is returned as if a FETCH of 4332 those flags was done. 4334 -FLAGS.SILENT Equivalent to -FLAGS, but without 4335 returning a new value. 4337 Example: C: A003 STORE 2:4 +FLAGS (\Deleted) 4338 S: * 2 FETCH (FLAGS (\Deleted \Seen)) 4339 S: * 3 FETCH (FLAGS (\Deleted)) 4340 S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen)) 4341 S: A003 OK STORE completed 4343 6.4.7. COPY Command 4345 Arguments: sequence set 4346 mailbox name 4348 Responses: no specific responses for this command 4350 Result: OK - copy completed 4351 NO - copy error: can't copy those messages or to that 4352 name 4353 BAD - command unknown or arguments invalid 4355 The COPY command copies the specified message(s) to the end of the 4356 specified destination mailbox. The flags and internal date of the 4357 message(s) SHOULD be preserved in the copy. 4359 If the destination mailbox does not exist, a server MUST return an 4360 error. It MUST NOT automatically create the mailbox. Unless it is 4361 certain that the destination mailbox can not be created, the server 4362 MUST send the response code "[TRYCREATE]" as the prefix of the text 4363 of the tagged NO response. This gives a hint to the client that it 4364 can attempt a CREATE command and retry the COPY if the CREATE is 4365 successful. 4367 If the COPY command is unsuccessful for any reason, server 4368 implementations MUST restore the destination mailbox to its state 4369 before the COPY attempt (other than possibly incrementing UIDNEXT), 4370 i.e. partial copy MUST NOT be done. 4372 On successful completion of a COPY, the server returns a COPYUID 4373 response code (see Section 7.1). Two exception to this requirement 4374 are listed below. 4376 In the case of a mailbox that has permissions set so that the client 4377 can COPY to the mailbox, but not SELECT or EXAMINE it, the server 4378 MUST NOT send an COPYUID response code as it would disclose 4379 information about the mailbox. 4381 In the case of a mailbox that has UIDNOTSTICKY status (see 4382 Section 7.1), the server MAY omit the COPYUID response code as it is 4383 not meaningful. 4385 Example: C: A003 COPY 2:4 MEETING 4386 S: A003 OK [COPYUID 38505 304,319:320 3956:3958] COPY completed 4388 6.4.8. MOVE Command 4390 Arguments: sequence set 4391 mailbox name 4393 Responses: no specific responses for this command 4395 Result: OK - move completed 4396 NO - move error: can't move those messages or to that 4397 name 4398 BAD - command unknown or arguments invalid 4400 The MOVE command moves the specified message(s) to the end of the 4401 specified destination mailbox. The flags and internal date of the 4402 message(s) SHOULD be preserved. 4404 This means that a new message is created in the target mailbox with a 4405 new UID, the original message is removed from the source mailbox, and 4406 it appears to the client as a single action. This has the same 4407 effect for each message as this sequence: 4409 1. [UID] COPY 4411 2. [UID] STORE +FLAGS.SILENT \DELETED 4413 3. UID EXPUNGE 4415 Although the effect of the MOVE is the same as the preceding steps, 4416 the semantics are not identical: The intermediate states produced by 4417 those steps do not occur, and the response codes are different. In 4418 particular, though the COPY and EXPUNGE response codes will be 4419 returned, response codes for a STORE MUST NOT be generated and the 4420 \Deleted flag MUST NOT be set for any message. 4422 Unlike the COPY command, MOVE of a set of messages might fail partway 4423 through the set. Regardless of whether the command is successful in 4424 moving the entire set, each individual message MUST either be moved 4425 or unaffected. The server MUST leave each message in a state where 4426 it is in at least one of the source or target mailboxes (no message 4427 can be lost or orphaned). The server SHOULD NOT leave any message in 4428 both mailboxes (it would be bad for a partial failure to result in a 4429 bunch of duplicate messages). This is true even if the server 4430 returns a tagged NO response to the command. 4432 If the destination mailbox does not exist, a server MUST return an 4433 error. It MUST NOT automatically create the mailbox. Unless it is 4434 certain that the destination mailbox can not be created, the server 4435 MUST send the response code "[TRYCREATE]" as the prefix of the text 4436 of the tagged NO response. This gives a hint to the client that it 4437 can attempt a CREATE command and retry the MOVE if the CREATE is 4438 successful. 4440 Because of the similarity of MOVE to COPY, extensions that affect 4441 COPY affect MOVE in the same way. Response codes listed in 4442 Section 7.1, as well as those defined by extensions, are sent as 4443 appropriate. 4445 Servers send COPYUID in response to a MOVE or a UID MOVE (see 4446 Section 6.4.9) command. For additional information about COPYUID see 4447 Section 7.1. Note that there are several exceptions listed in 4448 Section 6.4.7 that allow servers not to return COPYUID. 4450 Servers are also REQUIRED to send the COPYUID response code in an 4451 untagged OK before sending EXPUNGE or similar responses. (Sending 4452 COPYUID in the tagged OK, as described in the UIDPLUS specification, 4453 means that clients first receive an EXPUNGE for a message and 4454 afterwards COPYUID for the same message. It can be unnecessarily 4455 difficult to process that sequence usefully.) 4457 An example: 4458 C: a UID MOVE 42:69 foo 4459 S: * OK [COPYUID 432432 42:69 1202:1229] 4460 S: * 22 EXPUNGE 4461 ...More EXPUNGE responses from the server... 4462 S: a OK Done 4464 Note that the server may send unrelated EXPUNGE responses as well, if 4465 any happen to have been expunged at the same time; this is normal 4466 IMAP operation. 4468 Note that moving a message to the currently selected mailbox (that 4469 is, where the source and target mailboxes are the same) is allowed 4470 when copying the message to the currently selected mailbox is 4471 allowed. 4473 The server may send EXPUNGE responses before the tagged response, so 4474 the client cannot safely send more commands with message sequence 4475 number arguments while the server is processing MOVE. 4477 MOVE and UID MOVE can be pipelined with other commands, but care has 4478 to be taken. Both commands modify sequence numbers and also allow 4479 unrelated EXPUNGE responses. The renumbering of other messages in 4480 the source mailbox following any EXPUNGE response can be surprising 4481 and makes it unsafe to pipeline any command that relies on message 4482 sequence numbers after a MOVE or UID MOVE. Similarly, MOVE cannot be 4483 pipelined with a command that might cause message renumbering. See 4484 Section 5.5, for more information about ambiguities as well as 4485 handling requirements for both clients and servers. 4487 6.4.9. UID Command 4489 Arguments: command name 4490 command arguments 4492 Responses: untagged responses: FETCH, ESEARCH, EXPUNGE 4494 Result: OK - UID command completed 4495 NO - UID command error 4496 BAD - command unknown or arguments invalid 4498 The UID command has three forms. In the first form, it takes as its 4499 arguments a COPY, MOVE, FETCH, or STORE command with arguments 4500 appropriate for the associated command. However, the numbers in the 4501 sequence set argument are unique identifiers instead of message 4502 sequence numbers. Sequence set ranges are permitted, but there is no 4503 guarantee that unique identifiers will be contiguous. 4505 A non-existent unique identifier is ignored without any error message 4506 generated. Thus, it is possible for a UID FETCH command to return an 4507 OK without any data or a UID COPY, UID MOVE or UID STORE to return an 4508 OK without performing any operations. 4510 In the second form, the UID command takes an EXPUNGE command with an 4511 extra parameter the specified a sequence set of UIDs to operate on. 4512 The UID EXPUNGE command permanently removes all messages that both 4513 have the \Deleted flag set and have a UID that is included in the 4514 specified sequence set from the currently selected mailbox. If a 4515 message either does not have the \Deleted flag set or has a UID that 4516 is not included in the specified sequence set, it is not affected. 4518 UID EXPUNGE is particularly useful for disconnected use clients. 4519 By using UID EXPUNGE instead of EXPUNGE when resynchronizing with 4520 the server, the client can ensure that it does not inadvertantly 4521 remove any messages that have been marked as \Deleted by other 4522 clients between the time that the client was last connected and 4523 the time the client resynchronizes. 4525 Example: C: A003 UID EXPUNGE 3000:3002 4526 S: * 3 EXPUNGE 4527 S: * 3 EXPUNGE 4528 S: * 3 EXPUNGE 4529 S: A003 OK UID EXPUNGE completed 4531 In the third form, the UID command takes a SEARCH command with SEARCH 4532 command arguments. The interpretation of the arguments is the same 4533 as with SEARCH; however, the numbers returned in a ESEARCH response 4534 for a UID SEARCH command are unique identifiers instead of message 4535 sequence numbers. Also, the corresponding ESEARCH response MUST 4536 include the UID indicator. For example, the command UID SEARCH 1:100 4537 UID 443:557 returns the unique identifiers corresponding to the 4538 intersection of two sequence sets, the message sequence number range 4539 1:100 and the UID range 443:557. 4541 Note: in the above example, the UID range 443:557 appears. The 4542 same comment about a non-existent unique identifier being ignored 4543 without any error message also applies here. Hence, even if 4544 neither UID 443 or 557 exist, this range is valid and would 4545 include an existing UID 495. 4547 Also note that a UID range of 559:* always includes the UID of the 4548 last message in the mailbox, even if 559 is higher than any 4549 assigned UID value. This is because the contents of a range are 4550 independent of the order of the range endpoints. Thus, any UID 4551 range with * as one of the endpoints indicates at least one 4552 message (the message with the highest numbered UID), unless the 4553 mailbox is empty. 4555 The number after the "*" in an untagged FETCH or EXPUNGE response is 4556 always a message sequence number, not a unique identifier, even for a 4557 UID command response. However, server implementations MUST 4558 implicitly include the UID message data item as part of any FETCH 4559 response caused by a UID command, regardless of whether a UID was 4560 specified as a message data item to the FETCH. 4562 Note: The rule about including the UID message data item as part of a 4563 FETCH response primarily applies to the UID FETCH and UID STORE 4564 commands, including a UID FETCH command that does not include UID as 4565 a message data item. Although it is unlikely that the other UID 4566 commands will cause an untagged FETCH, this rule applies to these 4567 commands as well. 4569 Example: C: A999 UID FETCH 4827313:4828442 FLAGS 4570 S: * 23 FETCH (FLAGS (\Seen) UID 4827313) 4571 S: * 24 FETCH (FLAGS (\Seen) UID 4827943) 4572 S: * 25 FETCH (FLAGS (\Seen) UID 4828442) 4573 S: A999 OK UID FETCH completed 4575 6.5. Client Commands - Experimental/Expansion 4577 Each command which is not part of this specification MUST have at 4578 least one capability name (see Section 6.1.1) associated with it. 4579 (Multiple commands can be associated with the same capability name) 4581 Server implementations MUST NOT send any added (not specified in this 4582 specification) untagged responses, unless the client requested it by 4583 issuing the associated experimental command or the ENABLE command 4584 (Section 6.3.1). 4586 The following example demonstrates how a client can check for 4587 presence of a fictitious XPIG-LATIN capability that adds the XPIG- 4588 LATIN command and the the XPIG-LATIN untagged response. (Note that 4589 for an extension the command name and the capability name don't have 4590 to be the same.) 4592 Example: C: a441 CAPABILITY 4593 S: * CAPABILITY IMAP4rev2 XPIG-LATIN 4594 S: a441 OK CAPABILITY completed 4595 C: A442 XPIG-LATIN 4596 S: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-lay 4597 S: A442 OK XPIG-LATIN ompleted-cay 4599 7. Server Responses 4601 Server responses are in three forms: status responses, server data, 4602 and command continuation request. The information contained in a 4603 server response, identified by "Contents:" in the response 4604 descriptions below, is described by function, not by syntax. The 4605 precise syntax of server responses is described in the Formal Syntax 4606 (Section 9). 4608 The client MUST be prepared to accept any response at all times. 4610 Status responses can be tagged or untagged. Tagged status responses 4611 indicate the completion result (OK, NO, or BAD status) of a client 4612 command, and have a tag matching the command. 4614 Some status responses, and all server data, are untagged. An 4615 untagged response is indicated by the token "*" instead of a tag. 4616 Untagged status responses indicate server greeting, or server status 4617 that does not indicate the completion of a command (for example, an 4618 impending system shutdown alert). For historical reasons, untagged 4619 server data responses are also called "unsolicited data", although 4620 strictly speaking, only unilateral server data is truly 4621 "unsolicited". 4623 Certain server data MUST be remembered by the client when it is 4624 received; this is noted in the description of that data. Such data 4625 conveys critical information which affects the interpretation of all 4626 subsequent commands and responses (e.g., updates reflecting the 4627 creation or destruction of messages). 4629 Other server data SHOULD be remembered for later reference; if the 4630 client does not need to remember the data, or if remembering the data 4631 has no obvious purpose (e.g., a SEARCH response when no SEARCH 4632 command is in progress), the data can be ignored. 4634 An example of unilateral untagged server data occurs when the IMAP 4635 connection is in the selected state. In the selected state, the 4636 server checks the mailbox for new messages as part of command 4637 execution. Normally, this is part of the execution of every command; 4638 hence, a NOOP command suffices to check for new messages. If new 4639 messages are found, the server sends untagged EXISTS response 4640 reflecting the new size of the mailbox. Server implementations that 4641 offer multiple simultaneous access to the same mailbox SHOULD also 4642 send appropriate unilateral untagged FETCH and EXPUNGE responses if 4643 another agent changes the state of any message flags or expunges any 4644 messages. 4646 Command continuation request responses use the token "+" instead of a 4647 tag. These responses are sent by the server to indicate acceptance 4648 of an incomplete client command and readiness for the remainder of 4649 the command. 4651 7.1. Server Responses - Generic Status Responses 4653 Status responses are OK, NO, BAD, PREAUTH and BYE. OK, NO, and BAD 4654 can be tagged or untagged. PREAUTH and BYE are always untagged. 4656 Status responses MAY include an OPTIONAL "response code". A response 4657 code consists of data inside square brackets in the form of an atom, 4658 possibly followed by a space and arguments. The response code 4659 contains additional information or status codes for client software 4660 beyond the OK/NO/BAD condition, and are defined when there is a 4661 specific action that a client can take based upon the additional 4662 information. 4664 The currently defined response codes are: 4666 ALERT 4668 The human-readable text contains a special alert that are 4669 presented to the user in a fashion that calls the user's 4670 attention to the message. Content of ALERT response codes 4671 received on a connection without TLS or SASL security layer 4672 confidentiality SHOULD be ignored by clients. If displayed, 4673 such alerts MUST be clearly marked as potentially suspicious. 4674 (Note that some existing clients are known to hyperlink 4675 returned text which make them very dangerous.) Alerts received 4676 after successful establishment of a TLS/SASL confidentiality 4677 layer MUST be presented to the user. 4679 ALREADYEXISTS 4681 The operation attempts to create something that already exists, 4682 such as when the CREATE or RENAME directories attempt to create 4683 a mailbox and there is already one of that name. 4685 C: o356 RENAME this that 4686 S: o356 NO [ALREADYEXISTS] Mailbox "that" already exists 4688 APPENDUID 4690 Followed by the UIDVALIDITY of the destination mailbox and the 4691 UID assigned to the appended message in the destination 4692 mailbox, indicates that the message has been appended to the 4693 destination mailbox with that UID. 4695 If the server also supports the [MULTIAPPEND] extension, and if 4696 multiple messages were appended in the APPEND command, then the 4697 second value is a UID set containing the UIDs assigned to the 4698 appended messages, in the order they were transmitted in the 4699 APPEND command. This UID set may not contain extraneous UIDs 4700 or the symbol "*". 4702 Note: the UID set form of the APPENDUID response code MUST 4703 NOT be used if only a single message was appended. In 4704 particular, a server MUST NOT send a range such as 123:123. 4705 This is because a client that does not support [MULTIAPPEND] 4706 expects only a single UID and not a UID set. 4708 UIDs are assigned in strictly ascending order in the mailbox 4709 (refer to Section 2.3.1.1); note that a range of 12:10 is 4710 exactly equivalent to 10:12 and refers to the sequence 4711 10,11,12. 4713 This response code is returned in a tagged OK response to the 4714 APPEND command. 4716 AUTHENTICATIONFAILED 4718 Authentication failed for some reason on which the server is 4719 unwilling to elaborate. Typically, this includes "unknown 4720 user" and "bad password". 4722 This is the same as not sending any response code, except that 4723 when a client sees AUTHENTICATIONFAILED, it knows that the 4724 problem wasn't, e.g., UNAVAILABLE, so there's no point in 4725 trying the same login/password again later. 4727 C: b LOGIN "fred" "foo" 4728 S: b NO [AUTHENTICATIONFAILED] Authentication failed 4730 AUTHORIZATIONFAILED 4732 Authentication succeeded in using the authentication identity, 4733 but the server cannot or will not allow the authentication 4734 identity to act as the requested authorization identity. This 4735 is only applicable when the authentication and authorization 4736 identities are different. 4738 C: c1 AUTHENTICATE PLAIN 4739 [...] 4740 S: c1 NO [AUTHORIZATIONFAILED] No such authorization-ID 4742 C: c2 AUTHENTICATE PLAIN 4743 [...] 4744 S: c2 NO [AUTHORIZATIONFAILED] Authenticator is not an admin 4746 BADCHARSET 4748 Optionally followed by a parenthesized list of charsets. A 4749 SEARCH failed because the given charset is not supported by 4750 this implementation. If the optional list of charsets is 4751 given, this lists the charsets that are supported by this 4752 implementation. 4754 CANNOT 4756 The operation violates some invariant of the server and can 4757 never succeed. 4759 C: l create "///////" 4760 S: l NO [CANNOT] Adjacent slashes are not supported 4762 CAPABILITY 4764 Followed by a list of capabilities. This can appear in the 4765 initial OK or PREAUTH response to transmit an initial 4766 capabilities list. It can also appear in tagged responses to 4767 LOGIN or AUTHENTICATE commands. This makes it unnecessary for 4768 a client to send a separate CAPABILITY command if it recognizes 4769 this response. 4771 CLIENTBUG 4773 The server has detected a client bug. This can accompany all 4774 of OK, NO, and BAD, depending on what the client bug is. 4776 C: k1 select "/archive/projects/experiment-iv" 4777 [...] 4778 S: k1 OK [READ-ONLY] Done 4779 C: k2 status "/archive/projects/experiment-iv" (messages) 4780 [...] 4781 S: k2 OK [CLIENTBUG] Done 4783 CLOSED 4785 The CLOSED response code has no parameters. A server return 4786 the CLOSED response code when the currently selected mailbox is 4787 closed implicitly using the SELECT/EXAMINE command on another 4788 mailbox. The CLOSED response code serves as a boundary between 4789 responses for the previously opened mailbox (which was closed) 4790 and the newly selected mailbox; all responses before the CLOSED 4791 response code relate to the mailbox that was closed, and all 4792 subsequent responses relate to the newly opened mailbox. 4794 There is no need to return the CLOSED response code on 4795 completion of the CLOSE or the UNSELECT command (or similar), 4796 whose purpose is to close the currently selected mailbox 4797 without opening a new one. 4799 CONTACTADMIN 4801 The user should contact the system administrator or support 4802 desk. 4804 C: e login "fred" "foo" 4805 S: e NO [CONTACTADMIN] 4807 COPYUID 4808 Followed by the UIDVALIDITY of the destination mailbox, a UID 4809 set containing the UIDs of the message(s) in the source mailbox 4810 that were copied to the destination mailbox and containing the 4811 UIDs assigned to the copied message(s) in the destination 4812 mailbox, indicates that the message(s) have been copied to the 4813 destination mailbox with the stated UID(s). 4815 The source UID set is in the order the message(s) were copied; 4816 the destination UID set corresponds to the source UID set and 4817 is in the same order. Neither of the UID sets may contain 4818 extraneous UIDs or the symbol "*". 4820 UIDs are assigned in strictly ascending order in the mailbox 4821 (refer to Section 2.3.1.1); note that a range of 12:10 is 4822 exactly equivalent to 10:12 and refers to the sequence 4823 10,11,12. 4825 This response code is returned in a tagged OK response to the 4826 COPY/UID COPY command or in the untagged OK response to the 4827 MOVE/UID MOVE command. 4829 CORRUPTION 4831 The server discovered that some relevant data (e.g., the 4832 mailbox) are corrupt. This response code does not include any 4833 information about what's corrupt, but the server can write that 4834 to its logfiles. 4836 C: i select "/archive/projects/experiment-iv" 4837 S: i NO [CORRUPTION] Cannot open mailbox 4839 EXPIRED 4841 Either authentication succeeded or the server no longer had the 4842 necessary data; either way, access is no longer permitted using 4843 that passphrase. The client or user should get a new 4844 passphrase. 4846 C: d login "fred" "foo" 4847 S: d NO [EXPIRED] That password isn't valid any more 4849 EXPUNGEISSUED 4851 Someone else has issued an EXPUNGE for the same mailbox. The 4852 client may want to issue NOOP soon. [IMAP-MULTIACCESS] 4853 discusses this subject in depth. 4855 C: h search from fred@example.com 4856 S: * ESEARCH (TAG "h") ALL 1:3,5,8,13,21,42 4857 S: h OK [EXPUNGEISSUED] Search completed 4859 HASCHILDREN 4861 The mailbox delete operation failed because the mailbox has one 4862 or more children and the server doesn't allow deletion of 4863 mailboxes with children. 4865 C: m356 DELETE Notes 4866 S: o356 NO [HASCHILDREN] Mailbox "Notes" has children that need 4867 to be deleted first 4869 INUSE 4871 An operation has not been carried out because it involves 4872 sawing off a branch someone else is sitting on. Someone else 4873 may be holding an exclusive lock needed for this operation, or 4874 the operation may involve deleting a resource someone else is 4875 using, typically a mailbox. 4877 The operation may succeed if the client tries again later. 4879 C: g delete "/archive/projects/experiment-iv" 4880 S: g NO [INUSE] Mailbox in use 4882 LIMIT 4884 The operation ran up against an implementation limit of some 4885 kind, such as the number of flags on a single message or the 4886 number of flags used in a mailbox. 4888 C: m STORE 42 FLAGS f1 f2 f3 f4 f5 ... f250 4889 S: m NO [LIMIT] At most 32 flags in one mailbox supported 4891 NONEXISTENT 4893 The operation attempts to delete something that does not exist. 4894 Similar to ALREADYEXISTS. 4896 C: p RENAME this that 4897 S: p NO [NONEXISTENT] No such mailbox 4899 NOPERM 4901 The access control system (e.g., Access Control List (ACL), see 4902 [RFC4314] does not permit this user to carry out an operation, 4903 such as selecting or creating a mailbox. 4905 C: f select "/archive/projects/experiment-iv" 4906 S: f NO [NOPERM] Access denied 4908 OVERQUOTA 4910 The user would be over quota after the operation. (The user 4911 may or may not be over quota already.) 4913 Note that if the server sends OVERQUOTA but doesn't support the 4914 IMAP QUOTA extension defined by [RFC2087], then there is a 4915 quota, but the client cannot find out what the quota is. 4917 C: n1 uid copy 1:* oldmail 4918 S: n1 NO [OVERQUOTA] Sorry 4920 C: n2 uid copy 1:* oldmail 4921 S: n2 OK [OVERQUOTA] You are now over your soft quota 4923 PARSE 4925 The human-readable text represents an error in parsing the 4926 [RFC-5322] header or [MIME-IMB] headers of a message in the 4927 mailbox. 4929 PERMANENTFLAGS 4931 Followed by a parenthesized list of flags, indicates which of 4932 the known flags the client can change permanently. Any flags 4933 that are in the FLAGS untagged response, but not the 4934 PERMANENTFLAGS list, can not be set permanently. The 4935 PERMANENTFLAGS list can also include the special flag \*, which 4936 indicates that it is possible to create new keywords by 4937 attempting to store those keywords in the mailbox. If the 4938 client attempts to STORE a flag that is not in the 4939 PERMANENTFLAGS list, the server will either ignore the change 4940 or store the state change for the remainder of the current 4941 session only. 4943 There is no need for a server that included the special flag \* 4944 to return a new PERMANENTFLAGS response code when a new keyword 4945 was successfully set on a message upon client request. However 4946 if the server has a limit on the number of different keywords 4947 that can be stored in a mailbox and that limit is reached, the 4948 server MUST send a new PERMANENTFLAGS response code without the 4949 special flag \*. 4951 PRIVACYREQUIRED 4952 The operation is not permitted due to a lack of data 4953 confidentiality. If Transport Layer Security (TLS) is not in 4954 use, the client could try STARTTLS (see Section 6.2.1) or 4955 alternatively reconnect on Implicit TLS port, and then repeat 4956 the operation. 4958 C: d login "fred" "foo" 4959 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 4961 C: d select inbox 4962 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 4964 READ-ONLY 4966 The mailbox is selected read-only, or its access while selected 4967 has changed from read-write to read-only. 4969 READ-WRITE 4971 The mailbox is selected read-write, or its access while 4972 selected has changed from read-only to read-write. 4974 SERVERBUG 4976 The server encountered a bug in itself or violated one of its 4977 own invariants. 4979 C: j select "/archive/projects/experiment-iv" 4980 S: j NO [SERVERBUG] This should not happen 4982 TRYCREATE 4984 An APPEND, COPY or MOVE attempt is failing because the target 4985 mailbox does not exist (as opposed to some other reason). This 4986 is a hint to the client that the operation can succeed if the 4987 mailbox is first created by the CREATE command. 4989 UIDNEXT 4991 Followed by a decimal number, indicates the next unique 4992 identifier value. Refer to Section 2.3.1.1 for more 4993 information. 4995 UIDNOTSTICKY 4997 The selected mailbox is supported by a mail store that does not 4998 support persistent UIDs; that is, UIDVALIDITY will be different 4999 each time the mailbox is selected. Consequently, APPEND or 5000 COPY to this mailbox will not return an APPENDUID or COPYUID 5001 response code. 5003 This response code is returned in an untagged NO response to 5004 the SELECT command. 5006 Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores. 5007 This facility exists to support legacy mail stores in which 5008 it is technically infeasible to support persistent UIDs. 5009 This should be avoided when designing new mail stores. 5011 UIDVALIDITY 5013 Followed by a decimal number, indicates the unique identifier 5014 validity value. Refer to Section 2.3.1.1 for more information. 5016 UNAVAILABLE 5018 Temporary failure because a subsystem is down. For example, an 5019 IMAP server that uses a Lightweight Directory Access Protocol 5020 (LDAP) or Radius server for authentication might use this 5021 response code when the LDAP/Radius server is down. 5023 C: a LOGIN "fred" "foo" 5024 S: a NO [UNAVAILABLE] User's backend down for maintenance 5026 UNKNOWN-CTE 5028 The server does not know how to decode the section's Content- 5029 Transfer-Encoding. 5031 Client implementations MUST ignore response codes that they do not 5032 recognize. 5034 7.1.1. OK Response 5036 Contents: OPTIONAL response code 5037 human-readable text 5039 The OK response indicates an information message from the server. 5040 When tagged, it indicates successful completion of the associated 5041 command. The human-readable text MAY be presented to the user as an 5042 information message. The untagged form indicates an information-only 5043 message; the nature of the information MAY be indicated by a response 5044 code. 5046 The untagged form is also used as one of three possible greetings at 5047 connection startup. It indicates that the connection is not yet 5048 authenticated and that a LOGIN or an AUTHENTICATE command is needed. 5050 Example: S: * OK IMAP4rev2 server ready 5051 C: A001 LOGIN fred blurdybloop 5052 S: * OK [ALERT] System shutdown in 10 minutes 5053 S: A001 OK LOGIN Completed 5055 7.1.2. NO Response 5057 Contents: OPTIONAL response code 5058 human-readable text 5060 The NO response indicates an operational error message from the 5061 server. When tagged, it indicates unsuccessful completion of the 5062 associated command. The untagged form indicates a warning; the 5063 command can still complete successfully. The human-readable text 5064 describes the condition. 5066 Example: C: A222 COPY 1:2 owatagusiam 5067 S: * NO Disk is 98% full, please delete unnecessary data 5068 S: A222 OK COPY completed 5069 C: A223 COPY 3:200 blurdybloop 5070 S: * NO Disk is 98% full, please delete unnecessary data 5071 S: * NO Disk is 99% full, please delete unnecessary data 5072 S: A223 NO COPY failed: disk is full 5074 7.1.3. BAD Response 5076 Contents: OPTIONAL response code 5077 human-readable text 5079 The BAD response indicates an error message from the server. When 5080 tagged, it reports a protocol-level error in the client's command; 5081 the tag indicates the command that caused the error. The untagged 5082 form indicates a protocol-level error for which the associated 5083 command can not be determined; it can also indicate an internal 5084 server failure. The human-readable text describes the condition. 5086 Example: C: ...very long command line... 5087 S: * BAD Command line too long 5088 C: ...empty line... 5089 S: * BAD Empty command line 5090 C: A443 EXPUNGE 5091 S: * BAD Disk crash, attempting salvage to a new disk! 5092 S: * OK Salvage successful, no data lost 5093 S: A443 OK Expunge completed 5095 7.1.4. PREAUTH Response 5097 Contents: OPTIONAL response code 5098 human-readable text 5100 The PREAUTH response is always untagged, and is one of three possible 5101 greetings at connection startup. It indicates that the connection 5102 has already been authenticated by external means; thus no LOGIN/ 5103 AUTHENTICATE command is needed. 5105 Because PREAUTH moves the connection directly to the authenticated 5106 state, it effectively prevents the client from using the STARTTLS 5107 command Section 6.2.1. For this reason PREAUTH response SHOULD only 5108 be returned by servers on connections that are protected by TLS (such 5109 as on implicit TLS port [RFC8314]) or protected through other means 5110 such as IPSec. Clients that require mandatory TLS MUST close the 5111 connection after receiving PREAUTH response on a non protected port. 5113 Example: S: * PREAUTH IMAP4rev2 server logged in as Smith 5115 7.1.5. BYE Response 5117 Contents: OPTIONAL response code 5118 human-readable text 5120 The BYE response is always untagged, and indicates that the server is 5121 about to close the connection. The human-readable text MAY be 5122 displayed to the user in a status report by the client. The BYE 5123 response is sent under one of four conditions: 5125 1. as part of a normal logout sequence. The server will close the 5126 connection after sending the tagged OK response to the LOGOUT 5127 command. 5129 2. as a panic shutdown announcement. The server closes the 5130 connection immediately. 5132 3. as an announcement of an inactivity autologout. The server 5133 closes the connection immediately. 5135 4. as one of three possible greetings at connection startup, 5136 indicating that the server is not willing to accept a connection 5137 from this client. The server closes the connection immediately. 5139 The difference between a BYE that occurs as part of a normal LOGOUT 5140 sequence (the first case) and a BYE that occurs because of a failure 5141 (the other three cases) is that the connection closes immediately in 5142 the failure case. In all cases the client SHOULD continue to read 5143 response data from the server until the connection is closed; this 5144 will ensure that any pending untagged or completion responses are 5145 read and processed. 5147 Example: S: * BYE Autologout; idle for too long 5149 7.2. Server Responses - Server Status 5151 These responses are always untagged. This is how server and mailbox 5152 status data are transmitted from the server to the client. 5154 7.2.1. ENABLED Response 5156 Contents: capability listing 5158 The ENABLED response occurs as a result of an ENABLE command. The 5159 capability listing contains a space-separated listing of capability 5160 names that the server supports and that were successfully enabled. 5161 The ENABLED response may contain no capabilities, which means that no 5162 extensions listed by the client were successfully enabled. 5164 Example: S: * ENABLED CONDSTORE QRESYNC 5166 7.2.2. CAPABILITY Response 5168 Contents: capability listing 5170 The CAPABILITY response occurs as a result of a CAPABILITY command. 5171 The capability listing contains a space-separated listing of 5172 capability names that the server supports. The capability listing 5173 MUST include the atom "IMAP4rev2", but note that it doesn't have to 5174 be the first capability listed. The order of capability names has no 5175 significance. 5177 In addition, client and server implementations MUST implement the 5178 "STARTTLS", "LOGINDISABLED", and "AUTH=PLAIN" (described in [PLAIN]) 5179 capabilities. See the Security Considerations (Section 11) for 5180 important information related to these capabilities. 5182 A capability name which begins with "AUTH=" indicates that the server 5183 supports that particular authentication mechanism [SASL]. 5185 The LOGINDISABLED capability indicates that the LOGIN command is 5186 disabled, and that the server will respond with a tagged NO response 5187 to any attempt to use the LOGIN command even if the user name and 5188 password are valid. An IMAP client MUST NOT issue the LOGIN command 5189 if the server advertises the LOGINDISABLED capability. 5191 Other capability names indicate that the server supports an 5192 extension, revision, or amendment to the IMAP4rev2 protocol. Server 5193 responses MUST conform to this document until the client issues a 5194 command that uses the associated capability. 5196 Capability names SHOULD be registered with IANA using RFC Required 5197 policy. A server SHOULD NOT offer unregistered capability names. 5199 Client implementations SHOULD NOT require any capability name other 5200 than "IMAP4rev2", and possibly "STARTTLS" and "LOGINDISABLED" (on a 5201 non implicit TLS port). Client implementations MUST ignore any 5202 unknown capability names. 5204 A server MAY send capabilities automatically, by using the CAPABILITY 5205 response code in the initial PREAUTH or OK responses, and by sending 5206 an updated CAPABILITY response code in the tagged OK response as part 5207 of a successful authentication. It is unnecessary for a client to 5208 send a separate CAPABILITY command if it recognizes these automatic 5209 capabilities. 5211 The list of capabilities returned by a server MAY change during the 5212 connection. In particular, it is quite common for the server to 5213 change list of capabilities after successful TLS negotiation 5214 (STARTTLS command) and/or after successful authentication 5215 (AUTHENTICATE or LOGIN commands). 5217 Example: S: * CAPABILITY STARTTLS AUTH=GSSAPI IMAP4rev2 LOGINDISABLED 5218 XPIG-LATIN 5220 Note that in the above example XPIG-LATIN is a fictitious capability 5221 name. 5223 7.3. Server Responses - Mailbox Status 5225 These responses are always untagged. This is how server and mailbox 5226 status data are transmitted from the server to the client. Many of 5227 these responses typically result from a command with the same name. 5229 7.3.1. LIST Response 5231 Contents: name attributes 5232 hierarchy delimiter 5233 name 5234 OPTIONAL extension data 5236 The LIST response occurs as a result of a LIST command. It returns a 5237 single name that matches the LIST specification. There can be 5238 multiple LIST responses for a single LIST command. 5240 The following base mailbox name attributes are defined: 5242 \NonExistent The "\NonExistent" attribute indicates that a mailbox 5243 name does not refer to an existing mailbox. Note that this 5244 attribute is not meaningful by itself, as mailbox names that match 5245 the canonical LIST pattern but don't exist must not be returned 5246 unless one of the two conditions listed below is also satisfied: 5248 1. The mailbox name also satisfies the selection criteria (for 5249 example, it is subscribed and the "SUBSCRIBED" selection 5250 option has been specified). 5252 2. "RECURSIVEMATCH" has been specified, and the mailbox name has 5253 at least one descendant mailbox name that does not match the 5254 LIST pattern and does match the selection criteria. 5256 In practice, this means that the "\NonExistent" attribute is 5257 usually returned with one or more of "\Subscribed", "\Remote", 5258 "\HasChildren", or the CHILDINFO extended data item. 5260 The "\NonExistent" attribute implies "\NoSelect". 5262 \Noinferiors It is not possible for any child levels of hierarchy to 5263 exist under this name; no child levels exist now and none can be 5264 created in the future. 5266 \Noselect It is not possible to use this name as a selectable 5267 mailbox. 5269 \HasChildren The presence of this attribute indicates that the 5270 mailbox has child mailboxes. A server SHOULD NOT set this 5271 attribute if there are child mailboxes and the user does not have 5272 permission to access any of them. In this case, \HasNoChildren 5273 SHOULD be used. In many cases, however, a server may not be able 5274 to efficiently compute whether a user has access to any child 5275 mailbox. Note that even though the \HasChildren attribute for a 5276 mailbox must be correct at the time of processing of the mailbox, 5277 a client must be prepared to deal with a situation when a mailbox 5278 is marked with the \HasChildren attribute, but no child mailbox 5279 appears in the response to the LIST command. This might happen, 5280 for example, due to children mailboxes being deleted or made 5281 inaccessible to the user (using access control) by another client 5282 before the server is able to list them. 5284 \HasNoChildren The presence of this attribute indicates that the 5285 mailbox has NO child mailboxes that are accessible to the 5286 currently authenticated user. 5288 \Marked The mailbox has been marked "interesting" by the server; the 5289 mailbox probably contains messages that have been added since the 5290 last time the mailbox was selected. 5292 \Unmarked The mailbox does not contain any additional messages since 5293 the last time the mailbox was selected. 5295 \Subscribed The mailbox name was subscribed to using the SUBSCRIBE 5296 command. 5298 \Remote The mailbox is a remote mailbox. 5300 It is an error for the server to return both a \HasChildren and a 5301 \HasNoChildren attribute in the same LIST response. A client that 5302 encounters a LIST response with both \HasChildren and \HasNoChildren 5303 attributes present should act as if both are absent in the LIST 5304 response. 5306 Note: the \HasNoChildren attribute should not be confused with the 5307 \NoInferiors attribute, which indicates that no child mailboxes 5308 exist now and none can be created in the future. 5310 If it is not feasible for the server to determine whether or not the 5311 mailbox is "interesting", the server SHOULD NOT send either \Marked 5312 or \Unmarked. The server MUST NOT send more than one of \Marked, 5313 \Unmarked, and \Noselect for a single mailbox, and MAY send none of 5314 these. 5316 In addition to the base mailbox name attributes defined above, an 5317 IMAP server MAY also include any or all of the following attributes 5318 that denote "role" (or "special-use") of a mailbox. These attributes 5319 are included along with base attributes defined above. A given 5320 mailbox may have none, one, or more than one of these attributes. In 5321 some cases, a special use is advice to a client about what to put in 5322 that mailbox. In other cases, it's advice to a client about what to 5323 expect to find there. 5325 \All This mailbox presents all messages in the user's message store. 5326 Implementations MAY omit some messages, such as, perhaps, those in 5327 \Trash and \Junk. When this special use is supported, it is 5328 almost certain to represent a virtual mailbox. 5330 \Archive This mailbox is used to archive messages. The meaning of 5331 an "archival" mailbox is server-dependent; typically, it will be 5332 used to get messages out of the inbox, or otherwise keep them out 5333 of the user's way, while still making them accessible. 5335 \Drafts This mailbox is used to hold draft messages -- typically, 5336 messages that are being composed but have not yet been sent. In 5337 some server implementations, this might be a virtual mailbox, 5338 containing messages from other mailboxes that are marked with the 5339 "\Draft" message flag. Alternatively, this might just be advice 5340 that a client put drafts here. 5342 \Flagged This mailbox presents all messages marked in some way as 5343 "important". When this special use is supported, it is likely to 5344 represent a virtual mailbox collecting messages (from other 5345 mailboxes) that are marked with the "\Flagged" message flag. 5347 \Junk This mailbox is where messages deemed to be junk mail are 5348 held. Some server implementations might put messages here 5349 automatically. Alternatively, this might just be advice to a 5350 client-side spam filter. 5352 \Sent This mailbox is used to hold copies of messages that have been 5353 sent. Some server implementations might put messages here 5354 automatically. Alternatively, this might just be advice that a 5355 client save sent messages here. 5357 \Trash This mailbox is used to hold messages that have been deleted 5358 or marked for deletion. In some server implementations, this 5359 might be a virtual mailbox, containing messages from other 5360 mailboxes that are marked with the "\Deleted" message flag. 5361 Alternatively, this might just be advice that a client that 5362 chooses not to use the IMAP "\Deleted" model should use this as 5363 its trash location. In server implementations that strictly 5364 expect the IMAP "\Deleted" model, this special use is likely not 5365 to be supported. 5367 All of special-use attributes are OPTIONAL, and any given server or 5368 message store may support any combination of the attributes, or none 5369 at all. In most cases, there will likely be at most one mailbox with 5370 a given attribute for a given user, but in some server or message 5371 store implementations it might be possible for multiple mailboxes to 5372 have the same special-use attribute. 5374 Special-use attributes are likely to be user-specific. User Adam 5375 might share his \Sent mailbox with user Barb, but that mailbox is 5376 unlikely to also serve as Barb's \Sent mailbox. 5378 Other mailbox name attributes can be found in the "IMAP Mailbox Name 5379 Attributes" registry [IMAP-MAILBOX-NAME-ATTRS-REG]. 5381 The hierarchy delimiter is a character used to delimit levels of 5382 hierarchy in a mailbox name. A client can use it to create child 5383 mailboxes, and to search higher or lower levels of naming hierarchy. 5384 All children of a top-level hierarchy node MUST use the same 5385 separator character. A NIL hierarchy delimiter means that no 5386 hierarchy exists; the name is a "flat" name. 5388 The name represents an unambiguous left-to-right hierarchy, and MUST 5389 be valid for use as a reference in LIST command. Unless \Noselect or 5390 \NonExistent is indicated, the name MUST also be valid as an argument 5391 for commands, such as SELECT, that accept mailbox names. 5393 The name might be followed by an OPTIONAL series of extended fields, 5394 a parenthesized list of tagged data (also referred to as "extended 5395 data item"). The first element of an extended field is a string, 5396 which identifies the type of data. [RFC5258] specified requirements 5397 on string registration (which are called "tags" there; such tags are 5398 not to be confused with IMAP command tags), in particular it said 5399 that "Tags MUST be registered with IANA". This document doesn't 5400 change that. See Section 9.5 of [RFC5258] for the registration 5401 template. The server MAY return data in the extended fields that was 5402 not directly solicited by the client in the corresponding LIST 5403 command. For example, the client can enable extra extended fields by 5404 using another IMAP extension that make use of the extended LIST 5405 responses. The client MUST ignore all extended fields it doesn't 5406 recognize. 5408 Example: S: * LIST (\Noselect) "/" ~/Mail/foo 5410 Example: S: * LIST (\Marked) ":" Tables (tablecloth (("edge" "lacy") 5411 ("color" "red")) Sample "text") 5412 S: * LIST () ":" Tables:new (tablecloth ("edge" "lacy") 5413 Sample ("text" "more text")) 5415 7.3.2. NAMESPACE Response 5417 Contents: the prefix and hierarchy delimiter to the server's 5418 Personal Namespace(s), Other Users' Namespace(s), and 5419 Shared Namespace(s) 5421 The NAMESPACE response occurs as a result of a NAMESPACE command. It 5422 contains the prefix and hierarchy delimiter to the server's Personal 5423 Namespace(s), Other Users' Namespace(s), and Shared Namespace(s) that 5424 the server wishes to expose. The response will contain a NIL for any 5425 namespace class that is not available. Namespace-Response-Extensions 5426 ABNF non terminal is defined for extensibility and MAY be included in 5427 the response. 5429 Example: S: * NAMESPACE (("" "/")) (("~" "/")) NIL 5431 7.3.3. STATUS Response 5433 Contents: name 5434 status parenthesized list 5436 The STATUS response occurs as a result of an STATUS command. It 5437 returns the mailbox name that matches the STATUS specification and 5438 the requested mailbox status information. 5440 Example: S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 5442 7.3.4. ESEARCH Response 5444 Contents: one or more search-return-data pairs 5446 The ESEARCH response occurs as a result of a SEARCH or UID SEARCH 5447 command. 5449 The ESEARCH response starts with an optional search correlator. If 5450 it is missing, then the response was not caused by a particular IMAP 5451 command, whereas if it is present, it contains the tag of the command 5452 that caused the response to be returned. 5454 The search correlator is followed by an optional UID indicator. If 5455 this indicator is present, all data in the ESEARCH response refers to 5456 UIDs, otherwise all returned data refers to message numbers. 5458 The rest of the ESEARCH response contains one or more search data 5459 pairs. Each pair starts with unique return item name, followed by a 5460 space and the corresponding data. Search data pairs may be returned 5461 in any order. Unless specified otherwise by an extension, any return 5462 item name SHOULD appear only once in an ESEARCH response. 5464 [[TBD: describe the most common search data pairs returned.]] 5466 Example: S: * ESEARCH UID COUNT 5 ALL 4:19,21,28 5468 Example: S: * ESEARCH (TAG "a567") UID COUNT 5 ALL 4:19,21,28 5470 Example: S: * ESEARCH COUNT 5 ALL 1:17,21 5472 7.3.5. FLAGS Response 5474 Contents: flag parenthesized list 5476 The FLAGS response occurs as a result of a SELECT or EXAMINE command. 5477 The flag parenthesized list identifies the flags (at a minimum, the 5478 system-defined flags) that are applicable for this mailbox. Flags 5479 other than the system flags can also exist, depending on server 5480 implementation. 5482 The update from the FLAGS response MUST be remembered by the client. 5484 Example: S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 5486 7.4. Server Responses - Mailbox Size 5488 These responses are always untagged. This is how changes in the size 5489 of the mailbox are transmitted from the server to the client. 5490 Immediately following the "*" token is a number that represents a 5491 message count. 5493 7.4.1. EXISTS Response 5495 Contents: none 5497 The EXISTS response reports the number of messages in the mailbox. 5498 This response occurs as a result of a SELECT or EXAMINE command, and 5499 if the size of the mailbox changes (e.g., new messages). 5501 The update from the EXISTS response MUST be remembered by the client. 5503 Example: S: * 23 EXISTS 5505 7.5. Server Responses - Message Status 5507 These responses are always untagged. This is how message data are 5508 transmitted from the server to the client, often as a result of a 5509 command with the same name. Immediately following the "*" token is a 5510 number that represents a message sequence number. 5512 7.5.1. EXPUNGE Response 5514 Contents: none 5516 The EXPUNGE response reports that the specified message sequence 5517 number has been permanently removed from the mailbox. The message 5518 sequence number for each successive message in the mailbox is 5519 immediately decremented by 1, and this decrement is reflected in 5520 message sequence numbers in subsequent responses (including other 5521 untagged EXPUNGE responses). 5523 The EXPUNGE response also decrements the number of messages in the 5524 mailbox; it is not necessary to send an EXISTS response with the new 5525 value. 5527 As a result of the immediate decrement rule, message sequence numbers 5528 that appear in a set of successive EXPUNGE responses depend upon 5529 whether the messages are removed starting from lower numbers to 5530 higher numbers, or from higher numbers to lower numbers. For 5531 example, if the last 5 messages in a 9-message mailbox are expunged, 5532 a "lower to higher" server will send five untagged EXPUNGE responses 5533 for message sequence number 5, whereas a "higher to lower server" 5534 will send successive untagged EXPUNGE responses for message sequence 5535 numbers 9, 8, 7, 6, and 5. 5537 An EXPUNGE response MUST NOT be sent when no command is in progress, 5538 nor while responding to a FETCH, STORE, or SEARCH command. This rule 5539 is necessary to prevent a loss of synchronization of message sequence 5540 numbers between client and server. A command is not "in progress" 5541 until the complete command has been received; in particular, a 5542 command is not "in progress" during the negotiation of command 5543 continuation. 5545 Note: UID FETCH, UID STORE, and UID SEARCH are different commands 5546 from FETCH, STORE, and SEARCH. An EXPUNGE response MAY be sent 5547 during a UID command. 5549 The update from the EXPUNGE response MUST be remembered by the 5550 client. 5552 Example: S: * 44 EXPUNGE 5554 7.5.2. FETCH Response 5556 Contents: message data 5558 The FETCH response returns data about a message to the client. The 5559 data are pairs of data item names and their values in parentheses. 5560 This response occurs as the result of a FETCH or STORE command, as 5561 well as by unilateral server decision (e.g., flag updates). 5563 The current data items are: 5565 BINARY[]<> 5567 An or expressing the content of the 5568 specified section after removing any Content-Transfer-Encoding- 5569 related encoding. If is present it refers to the 5570 offset within the DECODED section data. 5572 If the domain of the decoded data is "8bit" and the data does 5573 not contain the NUL octet, the server SHOULD return the data in 5574 a instead of a ; this allows the client to 5575 determine if the "8bit" data contains the NUL octet without 5576 having to explicitly scan the data stream for for NULs. 5578 Messaging clients and servers have been notoriously lax in 5579 their adherence to the Internet CRLF convention for terminating 5580 lines of textual data (text/* media types) in Internet 5581 protocols. When sending data in BINARY[...] FETCH data item, 5582 servers MUST ensure that textual line-oriented sections are 5583 always transmitted using the IMAP4 CRLF line termination 5584 syntax, regardless of the underlying storage representation of 5585 the data on the server. 5587 If the server does not know how to decode the section's 5588 Content-Transfer-Encoding, it MUST fail the request and issue a 5589 "NO" response that contains the "UNKNOWN-CTE" response code. 5591 BINARY.SIZE[] 5593 The size of the section after removing any Content-Transfer- 5594 Encoding-related encoding. The value returned MUST match the 5595 size of the or that will be returned by 5596 the corresponding FETCH BINARY request. 5598 If the server does not know how to decode the section's 5599 Content-Transfer-Encoding, it MUST fail the request and issue a 5600 "NO" response that contains the "UNKNOWN-CTE" response code. 5602 BODY A form of BODYSTRUCTURE without extension data. 5604 BODY[
]<> 5606 A string expressing the body contents of the specified section. 5607 The string SHOULD be interpreted by the client according to the 5608 content transfer encoding, body type, and subtype. 5610 If the origin octet is specified, this string is a substring of 5611 the entire body contents, starting at that origin octet. This 5612 means that BODY[]<0> MAY be truncated, but BODY[] is NEVER 5613 truncated. 5615 Note: The origin octet facility MUST NOT be used by a server 5616 in a FETCH response unless the client specifically requested 5617 it by means of a FETCH of a BODY[
]<> data 5618 item. 5620 8-bit textual data is permitted if a [CHARSET] identifier is 5621 part of the body parameter parenthesized list for this section. 5622 Note that headers (part specifiers HEADER or MIME, or the 5623 header portion of a MESSAGE/RFC822 or MESSAGE/GLOBAL part), MAY 5624 be in UTF-8. Note also that the [RFC-5322] delimiting blank 5625 line between the header and the body is not affected by header 5626 line subsetting; the blank line is always included as part of 5627 header data, except in the case of a message which has no body 5628 and no blank line. 5630 Non-textual data such as binary data MUST be transfer encoded 5631 into a textual form, such as BASE64, prior to being sent to the 5632 client. To derive the original binary data, the client MUST 5633 decode the transfer encoded string. 5635 BODYSTRUCTURE 5637 A parenthesized list that describes the [MIME-IMB] body 5638 structure of a message. This is computed by the server by 5639 parsing the [MIME-IMB] header fields, defaulting various fields 5640 as necessary. 5642 For example, a simple text message of 48 lines and 2279 octets 5643 can have a body structure of: ("TEXT" "PLAIN" ("CHARSET" "US- 5644 ASCII") NIL NIL "7BIT" 2279 48) 5646 Multiple parts are indicated by parenthesis nesting. Instead 5647 of a body type as the first element of the parenthesized list, 5648 there is a sequence of one or more nested body structures. The 5649 second element of the parenthesized list is the multipart 5650 subtype (mixed, digest, parallel, alternative, etc.). 5652 For example, a two part message consisting of a text and a 5653 BASE64-encoded text attachment can have a body structure of: 5654 (("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 1152 5655 23)("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff") 5656 "<960723163407.20117h@cac.washington.edu>" "Compiler diff" 5657 "BASE64" 4554 73) "MIXED") 5659 Extension data follows the multipart subtype. Extension data 5660 is never returned with the BODY fetch, but can be returned with 5661 a BODYSTRUCTURE fetch. Extension data, if present, MUST be in 5662 the defined order. The extension data of a multipart body part 5663 are in the following order: 5665 body parameter parenthesized list A parenthesized list of 5666 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 5667 "bar" is the value of "foo", and "rag" is the value of 5668 "baz"] as defined in [MIME-IMB]. Servers SHOULD decode 5669 parameter value continuations and parameter value character 5670 sets as described in [RFC2231], for example, if the message 5671 contains parameters "baz*0", "baz*1" and "baz*2", the server 5672 should RFC2231-decode them, concatenate and return the 5673 resulting value as a parameter "baz". Similarly, if the 5674 message contains parameters "foo*0*" and "foo*1*", the 5675 server should RFC2231-decode them, convert to UTF-8, 5676 concatenate and return the resulting value as a parameter 5677 "foo*". 5679 body disposition A parenthesized list, consisting of a 5680 disposition type string, followed by a parenthesized list of 5681 disposition attribute/value pairs as defined in 5682 [DISPOSITION]. Servers SHOULD decode parameter value 5683 continuations as described in [RFC2231]. 5685 body language A string or parenthesized list giving the body 5686 language value as defined in [LANGUAGE-TAGS]. 5688 body location A string giving the body content URI as defined 5689 in [LOCATION]. 5691 Any following extension data are not yet defined in this 5692 version of the protocol. Such extension data can consist of 5693 zero or more NILs, strings, numbers, or potentially nested 5694 parenthesized lists of such data. Client implementations that 5695 do a BODYSTRUCTURE fetch MUST be prepared to accept such 5696 extension data. Server implementations MUST NOT send such 5697 extension data until it has been defined by a revision of this 5698 protocol. 5700 The basic fields of a non-multipart body part are in the 5701 following order: 5703 body type A string giving the content media type name as 5704 defined in [MIME-IMB]. 5706 body subtype A string giving the content subtype name as 5707 defined in [MIME-IMB]. 5709 body parameter parenthesized list A parenthesized list of 5710 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 5711 "bar" is the value of "foo" and "rag" is the value of "baz"] 5712 as defined in [MIME-IMB]. 5714 body id A string giving the Content-ID header field value as 5715 defined in Section 7 of [MIME-IMB]. 5717 body description A string giving the Content-Description 5718 header field value as defined in Section 8 of [MIME-IMB]. 5720 body encoding A string giving the content transfer encoding as 5721 defined in Section 6 of [MIME-IMB]. 5723 body size A number giving the size of the body in octets. 5724 Note that this size is the size in its transfer encoding and 5725 not the resulting size after any decoding. 5727 A body type of type MESSAGE and subtype RFC822 contains, 5728 immediately after the basic fields, the envelope structure, 5729 body structure, and size in text lines of the encapsulated 5730 message. 5732 A body type of type TEXT contains, immediately after the basic 5733 fields, the size of the body in text lines. Note that this 5734 size is the size in its content transfer encoding and not the 5735 resulting size after any decoding. 5737 Extension data follows the basic fields and the type-specific 5738 fields listed above. Extension data is never returned with the 5739 BODY fetch, but can be returned with a BODYSTRUCTURE fetch. 5740 Extension data, if present, MUST be in the defined order. 5742 The extension data of a non-multipart body part are in the 5743 following order: 5745 body MD5 A string giving the body MD5 value as defined in 5746 [MD5]. 5748 body disposition A parenthesized list with the same content 5749 and function as the body disposition for a multipart body 5750 part. 5752 body language A string or parenthesized list giving the body 5753 language value as defined in [LANGUAGE-TAGS]. 5755 body location A string giving the body content URI as defined 5756 in [LOCATION]. 5758 Any following extension data are not yet defined in this 5759 version of the protocol, and would be as described above under 5760 multipart extension data. 5762 ENVELOPE 5764 A parenthesized list that describes the envelope structure of a 5765 message. This is computed by the server by parsing the 5766 [RFC-5322] header into the component parts, defaulting various 5767 fields as necessary. 5769 The fields of the envelope structure are in the following 5770 order: date, subject, from, sender, reply-to, to, cc, bcc, in- 5771 reply-to, and message-id. The date, subject, in-reply-to, and 5772 message-id fields are strings. The from, sender, reply-to, to, 5773 cc, and bcc fields are parenthesized lists of address 5774 structures. 5776 An address structure is a parenthesized list that describes an 5777 electronic mail address. The fields of an address structure 5778 are in the following order: personal name, [SMTP] at-domain- 5779 list (source route, obs-route), mailbox name, and host name. 5781 [RFC-5322] group syntax is indicated by a special form of 5782 address structure in which the host name field is NIL. If the 5783 mailbox name field is also NIL, this is an end of group marker 5784 (semi-colon in RFC 822 syntax). If the mailbox name field is 5785 non-NIL, this is a start of group marker, and the mailbox name 5786 field holds the group name phrase. 5788 If the Date, Subject, In-Reply-To, and Message-ID header fields 5789 are absent in the [RFC-5322] header, the corresponding member 5790 of the envelope is NIL; if these header fields are present but 5791 empty the corresponding member of the envelope is the empty 5792 string. 5794 Note: some servers may return a NIL envelope member in the 5795 "present but empty" case. Clients SHOULD treat NIL and 5796 empty string as identical. 5798 Note: [RFC-5322] requires that all messages have a valid 5799 Date header field. Therefore, for a well-formed message the 5800 date member in the envelope can not be NIL or the empty 5801 string. However it can be NIL for a malformed or a draft 5802 message. 5804 Note: [RFC-5322] requires that the In-Reply-To and Message- 5805 ID header fields, if present, have non-empty content. 5806 Therefore, for a well-formed message the in-reply-to and 5807 message-id members in the envelope can not be the empty 5808 string. However they can still be the empty string for a 5809 malformed message. 5811 If the From, To, Cc, and Bcc header fields are absent in the 5812 [RFC-5322] header, or are present but empty, the corresponding 5813 member of the envelope is NIL. 5815 If the Sender or Reply-To header fields are absent in the 5816 [RFC-5322] header, or are present but empty, the server sets 5817 the corresponding member of the envelope to be the same value 5818 as the from member (the client is not expected to know to do 5819 this). 5821 Note: [RFC-5322] requires that all messages have a valid 5822 From header field. Therefore, for a well-formed message the 5823 from, sender, and reply-to members in the envelope can not 5824 be NIL. However they can be NIL for a malformed or a draft 5825 message. 5827 FLAGS A parenthesized list of flags that are set for this message. 5829 INTERNALDATE A string representing the internal date of the message. 5831 RFC822.SIZE A number expressing the [RFC-5322] size of the message. 5833 UID A number expressing the unique identifier of the message. 5835 If the server chooses to send unsolicited FETCH responses, they MUST 5836 include UID FETCH item. Note that this is a new requirement when 5837 compared to RFC 3501. 5839 Example: S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827) 5841 7.6. Server Responses - Command Continuation Request 5843 The command continuation request response is indicated by a "+" token 5844 instead of a tag. This form of response indicates that the server is 5845 ready to accept the continuation of a command from the client. The 5846 remainder of this response is a line of text. 5848 This response is used in the AUTHENTICATE command to transmit server 5849 data to the client, and request additional client data. This 5850 response is also used if an argument to any command is a 5851 synchronizing literal. 5853 The client is not permitted to send the octets of the synchronizing 5854 literal unless the server indicates that it is expected. This 5855 permits the server to process commands and reject errors on a line- 5856 by-line basis. The remainder of the command, including the CRLF that 5857 terminates a command, follows the octets of the literal. If there 5858 are any additional command arguments, the literal octets are followed 5859 by a space and those arguments. 5861 Example: C: A001 LOGIN {11} 5862 S: + Ready for additional command text 5863 C: FRED FOOBAR {7} 5864 S: + Ready for additional command text 5865 C: fat man 5866 S: A001 OK LOGIN completed 5867 C: A044 BLURDYBLOOP {102856} 5868 S: A044 BAD No such command as "BLURDYBLOOP" 5870 8. Sample IMAP4rev2 connection 5872 The following is a transcript of an IMAP4rev2 connection on a non TLS 5873 port. A long line in this sample is broken for editorial clarity. 5875 S: * OK [CAPABILITY STARTTLS AUTH=SCRAM-SHA-256 LOGINDISABLED 5876 IMAP4rev2] IMAP4rev2 Service Ready 5877 C: a000 starttls 5878 S: a000 OK Proceed with TLS negotiation 5879 5880 C: A001 AUTHENTICATE SCRAM-SHA-256 5881 biwsbj11c2VyLHI9ck9wck5HZndFYmVSV2diTkVrcU8= 5882 S: + cj1yT3ByTkdmd0ViZVJXZ2JORWtxTyVodllEcFdVYTJSYVRDQWZ1eEZJbGopaE5s 5883 RiRrMCxzPVcyMlphSjBTTlk3c29Fc1VFamI2Z1E9PSxpPTQwOTYNCg== 5884 C: Yz1iaXdzLHI9ck9wck5HZndFYmVSV2diTkVrcU8laHZZRHBXVWEyUmFUQ0FmdXhG 5885 SWxqKWhObEYkazAscD1kSHpiWmFwV0lrNGpVaE4rVXRlOXl0YWc5empmTUhnc3Ft 5886 bWl6N0FuZFZRPQ== 5887 S: + dj02cnJpVFJCaTIzV3BSUi93dHVwK21NaFVaVW4vZEI1bkxUSlJzamw5NUc0PQ== 5888 C: 5889 S: A001 OK SCRAM-SHA-256 authentication successful 5890 C: babc ENABLE IMAP4rev2 5891 S: * ENABLED IMAP4rev2 5892 S: babc OK Some capabilities enabled 5893 C: a002 select inbox 5894 S: * 18 EXISTS 5895 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 5896 S: * OK [UIDVALIDITY 3857529045] UIDs valid 5897 S: * LIST () "/" INBOX ("OLDNAME" ("inbox")) 5898 S: a002 OK [READ-WRITE] SELECT completed 5899 C: a003 fetch 12 full 5900 S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700" 5901 RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)" 5902 "IMAP4rev2 WG mtg summary and minutes" 5903 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5904 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5905 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5906 ((NIL NIL "imap" "cac.washington.edu")) 5907 ((NIL NIL "minutes" "CNRI.Reston.VA.US") 5908 ("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL 5909 "") 5910 BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 3028 5911 92)) 5912 S: a003 OK FETCH completed 5913 C: a004 fetch 12 body[header] 5914 S: * 12 FETCH (BODY[HEADER] {342} 5915 S: Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT) 5916 S: From: Terry Gray 5917 S: Subject: IMAP4rev2 WG mtg summary and minutes 5918 S: To: imap@cac.washington.edu 5919 S: cc: minutes@CNRI.Reston.VA.US, John Klensin 5920 S: Message-Id: 5921 S: MIME-Version: 1.0 5922 S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 5923 S: 5924 S: ) 5925 S: a004 OK FETCH completed 5926 C: a005 store 12 +flags \deleted 5927 S: * 12 FETCH (FLAGS (\Seen \Deleted)) 5928 S: a005 OK +FLAGS completed 5929 C: a006 logout 5930 S: * BYE IMAP4rev2 server terminating connection 5931 S: a006 OK LOGOUT completed 5933 9. Formal Syntax 5935 The following syntax specification uses the Augmented Backus-Naur 5936 Form (ABNF) notation as specified in [ABNF]. 5938 In the case of alternative or optional rules in which a later rule 5939 overlaps an earlier rule, the rule which is listed earlier MUST take 5940 priority. For example, "\Seen" when parsed as a flag is the \Seen 5941 flag name and not a flag-extension, even though "\Seen" can be parsed 5942 as a flag-extension. Some, but not all, instances of this rule are 5943 noted below. 5945 Note: [ABNF] rules MUST be followed strictly; in particular: 5947 (1) Except as noted otherwise, all alphabetic characters are case- 5948 insensitive. The use of upper or lower case characters to define 5949 token strings is for editorial clarity only. Implementations MUST 5950 accept these strings in a case-insensitive fashion. 5952 (2) In all cases, SP refers to exactly one space. It is NOT 5953 permitted to substitute TAB, insert additional spaces, or 5954 otherwise treat SP as being equivalent to LWSP. 5956 (3) The ASCII NUL character, %x00, MUST NOT be used anywhere, with 5957 the exception of the OCTET production. 5959 SP = 5960 CTL = 5961 CRLF = 5962 ALPHA = 5963 DIGIT = 5964 DQUOTE = 5965 OCTET = 5967 address = "(" addr-name SP addr-adl SP addr-mailbox SP 5968 addr-host ")" 5970 addr-adl = nstring 5971 ; Holds route from [RFC-5322] obs-route if 5972 ; non-NIL 5974 addr-host = nstring 5975 ; NIL indicates [RFC-5322] group syntax. 5976 ; Otherwise, holds [RFC-5322] domain name 5978 addr-mailbox = nstring 5979 ; NIL indicates end of [RFC-5322] group; if 5980 ; non-NIL and addr-host is NIL, holds 5981 ; [RFC-5322] group name. 5982 ; Otherwise, holds [RFC-5322] local-part 5983 ; after removing [RFC-5322] quoting 5985 addr-name = nstring 5986 ; If non-NIL, holds phrase from [RFC-5322] 5987 ; mailbox after removing [RFC-5322] quoting 5989 append = "APPEND" SP mailbox [SP flag-list] [SP date-time] SP 5990 literal 5992 append-uid = uniqueid 5994 astring = 1*ASTRING-CHAR / string 5996 ASTRING-CHAR = ATOM-CHAR / resp-specials 5998 atom = 1*ATOM-CHAR 6000 ATOM-CHAR = 6002 atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards / 6003 quoted-specials / resp-specials 6005 authenticate = "AUTHENTICATE" SP auth-type [SP initial-resp] 6006 *(CRLF base64) 6008 auth-type = atom 6009 ; Defined by [SASL] 6011 base64 = *(4base64-char) [base64-terminal] 6013 base64-char = ALPHA / DIGIT / "+" / "/" 6014 ; Case-sensitive 6016 base64-terminal = (2base64-char "==") / (3base64-char "=") 6018 body = "(" (body-type-1part / body-type-mpart) ")" 6020 body-extension = nstring / number / number64 / 6021 "(" body-extension *(SP body-extension) ")" 6022 ; Future expansion. Client implementations 6023 ; MUST accept body-extension fields. Server 6024 ; implementations MUST NOT generate 6025 ; body-extension fields except as defined by 6026 ; future standard or standards-track 6027 ; revisions of this specification. 6029 body-ext-1part = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang 6030 [SP body-fld-loc *(SP body-extension)]]] 6031 ; MUST NOT be returned on non-extensible 6032 ; "BODY" fetch 6034 body-ext-mpart = body-fld-param [SP body-fld-dsp [SP body-fld-lang 6035 [SP body-fld-loc *(SP body-extension)]]] 6036 ; MUST NOT be returned on non-extensible 6037 ; "BODY" fetch 6039 body-fields = body-fld-param SP body-fld-id SP body-fld-desc SP 6040 body-fld-enc SP body-fld-octets 6042 body-fld-desc = nstring 6044 body-fld-dsp = "(" string SP body-fld-param ")" / nil 6046 body-fld-enc = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/ 6047 "QUOTED-PRINTABLE") DQUOTE) / string 6048 ; Content-Transfer-Encoding header field value. 6049 ; Defaults to "7BIT" (as per RFC 2045) 6050 ; if not present in the body part. 6052 body-fld-id = nstring 6053 body-fld-lang = nstring / "(" string *(SP string) ")" 6055 body-fld-loc = nstring 6057 body-fld-lines = number64 6059 body-fld-md5 = nstring 6061 body-fld-octets = number 6063 body-fld-param = "(" string SP string *(SP string SP string) ")" / nil 6065 body-type-1part = (body-type-basic / body-type-msg / body-type-text) 6066 [SP body-ext-1part] 6068 body-type-basic = media-basic SP body-fields 6069 ; MESSAGE subtype MUST NOT be "RFC822" or "GLOBAL" 6071 body-type-mpart = 1*body SP media-subtype 6072 [SP body-ext-mpart] 6073 ; MULTIPART body part 6075 body-type-msg = media-message SP body-fields SP envelope 6076 SP body SP body-fld-lines 6078 body-type-text = media-text SP body-fields SP body-fld-lines 6080 capability = ("AUTH=" auth-type) / atom 6081 ; New capabilities MUST begin with "X" or be 6082 ; registered with IANA in 6083 ; a standards-track, an experimental 6084 ; or an informational RFC. 6086 capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev2" 6087 *(SP capability) 6088 ; Servers MUST implement the STARTTLS, AUTH=PLAIN, 6089 ; and LOGINDISABLED capabilities. 6090 ; Servers which offer RFC 1730 compatibility MUST 6091 ; list "IMAP4" as the first capability. 6092 ; Servers which offer RFC 3501 compatibility MUST 6093 ; list "IMAP4rev1" as one of capabilities. 6095 CHAR = 6097 CHAR8 = %x01-ff 6098 ; any OCTET except NUL, %x00 6100 charset = atom / quoted 6101 childinfo-extended-item = "CHILDINFO" SP "(" 6102 list-select-base-opt-quoted 6103 *(SP list-select-base-opt-quoted) ")" 6104 ; Extended data item (mbox-list-extended-item) 6105 ; returned when the RECURSIVEMATCH 6106 ; selection option is specified. 6107 ; Note 1: the CHILDINFO extended data item tag can be 6108 ; returned with and without surrounding quotes, as per 6109 ; mbox-list-extended-item-tag production. 6110 ; Note 2: The selection options are always returned 6111 ; quoted, unlike their specification in 6112 ; the extended LIST command. 6114 child-mbox-flag = "\HasChildren" / "\HasNoChildren" 6115 ; attributes for CHILDREN return option, at most one 6116 ; possible per LIST response 6118 command = tag SP (command-any / command-auth / command-nonauth / 6119 command-select) CRLF 6120 ; Modal based on state 6122 command-any = "CAPABILITY" / "LOGOUT" / "NOOP" / x-command 6123 ; Valid in all states 6125 command-auth = append / create / delete / enable / examine / list / 6126 Namespace-Command / 6127 rename / select / status / subscribe / unsubscribe / 6128 idle 6129 ; Valid only in Authenticated or Selected state 6131 command-nonauth = login / authenticate / "STARTTLS" 6132 ; Valid only when in Not Authenticated state 6134 command-select = "CLOSE" / "UNSELECT" / "EXPUNGE" / copy / 6135 move / fetch / store / search / uid 6136 ; Valid only when in Selected state 6138 continue-req = "+" SP (resp-text / base64) CRLF 6140 copy = "COPY" SP sequence-set SP mailbox 6142 create = "CREATE" SP mailbox 6143 ; Use of INBOX gives a NO error 6145 date = date-text / DQUOTE date-text DQUOTE 6147 date-day = 1*2DIGIT 6148 ; Day of month 6150 date-day-fixed = (SP DIGIT) / 2DIGIT 6151 ; Fixed-format version of date-day 6153 date-month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" / 6154 "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec" 6156 date-text = date-day "-" date-month "-" date-year 6158 date-year = 4DIGIT 6160 date-time = DQUOTE date-day-fixed "-" date-month "-" date-year 6161 SP time SP zone DQUOTE 6163 delete = "DELETE" SP mailbox 6164 ; Use of INBOX gives a NO error 6166 digit-nz = %x31-39 6167 ; 1-9 6169 eitem-standard-tag = atom 6170 ; a tag for LIST extended data item defined in a Standard 6171 ; Track or Experimental RFC. 6173 eitem-vendor-tag = vendor-token "-" atom 6174 ; a vendor-specific tag for LIST extended data item 6176 enable = "ENABLE" 1*(SP capability) 6178 enable-data = "ENABLED" *(SP capability) 6180 envelope = "(" env-date SP env-subject SP env-from SP 6181 env-sender SP env-reply-to SP env-to SP env-cc SP 6182 env-bcc SP env-in-reply-to SP env-message-id ")" 6184 env-bcc = "(" 1*address ")" / nil 6186 env-cc = "(" 1*address ")" / nil 6188 env-date = nstring 6190 env-from = "(" 1*address ")" / nil 6192 env-in-reply-to = nstring 6194 env-message-id = nstring 6196 env-reply-to = "(" 1*address ")" / nil 6197 env-sender = "(" 1*address ")" / nil 6199 env-subject = nstring 6201 env-to = "(" 1*address ")" / nil 6203 esearch-response = "ESEARCH" [search-correlator] [SP "UID"] 6204 *(SP search-return-data) 6205 ; ESEARCH response replaces SEARCH response 6206 ; from IMAP4rev1. 6208 examine = "EXAMINE" SP mailbox 6210 fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" / "FAST" / 6211 fetch-att / "(" fetch-att *(SP fetch-att) ")") 6213 fetch-att = "ENVELOPE" / "FLAGS" / "INTERNALDATE" / 6214 "RFC822.SIZE" / 6215 "BODY" ["STRUCTURE"] / "UID" / 6216 "BODY" section [partial] / 6217 "BODY.PEEK" section [partial] / 6218 "BINARY" [".PEEK"] section-binary [partial] / 6219 "BINARY.SIZE" section-binary 6221 flag = "\Answered" / "\Flagged" / "\Deleted" / 6222 "\Seen" / "\Draft" / flag-keyword / flag-extension 6223 ; Does not include "\Recent" 6225 flag-extension = "\" atom 6226 ; Future expansion. Client implementations 6227 ; MUST accept flag-extension flags. Server 6228 ; implementations MUST NOT generate 6229 ; flag-extension flags except as defined by 6230 ; future standard or standards-track 6231 ; revisions of this specification. 6232 ; "\Recent" was defined in RFC 3501 6233 ; and is now deprecated. 6235 flag-fetch = flag 6237 flag-keyword = "$MDNSent" / "$Forwarded" / "$Junk" / 6238 "$NotJunk" / "$Phishing" / atom 6240 flag-list = "(" [flag *(SP flag)] ")" 6242 flag-perm = flag / "\*" 6244 greeting = "*" SP (resp-cond-auth / resp-cond-bye) CRLF 6245 header-fld-name = astring 6247 header-list = "(" header-fld-name *(SP header-fld-name) ")" 6249 idle = "IDLE" CRLF "DONE" 6251 initial-resp = (base64 / "=") 6252 ; "initial response" defined in 6253 ; Section 5.1 of [RFC4422] 6255 list = "LIST" [SP list-select-opts] SP mailbox SP mbox-or-pat 6256 [SP list-return-opts] 6258 list-mailbox = 1*list-char / string 6260 list-char = ATOM-CHAR / list-wildcards / resp-specials 6262 list-return-opts = "RETURN" SP 6263 "(" [return-option *(SP return-option)] ")" 6264 ; list return options, e.g., CHILDREN 6266 list-select-base-opt = "SUBSCRIBED" / option-extension 6267 ; options that can be used by themselves 6269 list-select-base-opt-quoted = DQUOTE list-select-base-opt DQUOTE 6271 list-select-independent-opt = "REMOTE" / option-extension 6272 ; options that do not syntactically interact with 6273 ; other options 6275 list-select-mod-opt = "RECURSIVEMATCH" / option-extension 6276 ; options that require a list-select-base-opt 6277 ; to also be present 6279 list-select-opt = list-select-base-opt / list-select-independent-opt 6280 / list-select-mod-opt 6281 ; An option registration template is described in 6282 ; Section 9.3 of this document. 6284 list-select-opts = "(" [ 6285 (*(list-select-opt SP) list-select-base-opt 6286 *(SP list-select-opt)) 6287 / (list-select-independent-opt 6288 *(SP list-select-independent-opt)) 6289 ] ")" 6290 ; Any number of options may be in any order. 6291 ; If a list-select-mod-opt appears, then a 6292 ; list-select-base-opt must also appear. 6293 ; This allows these: 6294 ; () 6295 ; (REMOTE) 6296 ; (SUBSCRIBED) 6297 ; (SUBSCRIBED REMOTE) 6298 ; (SUBSCRIBED RECURSIVEMATCH) 6299 ; (SUBSCRIBED REMOTE RECURSIVEMATCH) 6300 ; But does NOT allow these: 6301 ; (RECURSIVEMATCH) 6302 ; (REMOTE RECURSIVEMATCH) 6304 list-wildcards = "%" / "*" 6306 literal = "{" number64 ["+"] "}" CRLF *CHAR8 6307 ; represents the number of CHAR8s. 6308 ; A non-synchronizing literal is distinguished from 6309 ; a synchronizing literal by presence of the "+" 6310 ; before the closing "}". 6311 ; Non synchronizing literals are not allowed when 6312 ; sent from server to the client. 6314 literal8 = "~{" number64 "}" CRLF *OCTET 6315 ; represents the number of OCTETs 6316 ; in the response string. 6318 login = "LOGIN" SP userid SP password 6320 mailbox = "INBOX" / astring 6321 ; INBOX is case-insensitive. All case variants of 6322 ; INBOX (e.g., "iNbOx") MUST be interpreted as INBOX 6323 ; not as an astring. An astring which consists of 6324 ; the case-insensitive sequence "I" "N" "B" "O" "X" 6325 ; is considered to be INBOX and not an astring. 6326 ; Refer to section 5.1 for further 6327 ; semantic details of mailbox names. 6329 mailbox-data = "FLAGS" SP flag-list / "LIST" SP mailbox-list / 6330 esearch-response / 6331 "STATUS" SP mailbox SP "(" [status-att-list] ")" / 6332 number SP "EXISTS" / Namespace-Response 6334 mailbox-list = "(" [mbx-list-flags] ")" SP 6335 (DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailbox 6336 [SP mbox-list-extended] 6337 ; This is the list information pointed to by the ABNF 6338 ; item "mailbox-data", which is defined in [IMAP4] 6340 mbox-list-extended = "(" [mbox-list-extended-item 6341 *(SP mbox-list-extended-item)] ")" 6343 mbox-list-extended-item = mbox-list-extended-item-tag SP 6344 tagged-ext-val 6346 mbox-list-extended-item-tag = astring 6347 ; The content MUST conform to either "eitem-vendor-tag" 6348 ; or "eitem-standard-tag" ABNF productions. 6350 mbox-or-pat = list-mailbox / patterns 6352 mbx-list-flags = *(mbx-list-oflag SP) mbx-list-sflag 6353 *(SP mbx-list-oflag) / 6354 mbx-list-oflag *(SP mbx-list-oflag) 6356 mbx-list-oflag = "\Noinferiors" / child-mbox-flag / 6357 "\Subscribed" / "\Remote" / flag-extension 6358 ; Other flags; multiple possible per LIST response 6360 mbx-list-sflag = "\NonExistent" / "\Noselect" / "\Marked" / "\Unmarked" 6361 ; Selectability flags; only one per LIST response 6363 media-basic = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" / 6364 "FONT" / "MESSAGE" / "MODEL" / "VIDEO" ) DQUOTE) 6365 / string) 6366 SP media-subtype 6367 ; Defined in [MIME-IMT]. 6368 ; FONT defined in RFC 8081. 6370 media-message = DQUOTE "MESSAGE" DQUOTE SP 6371 DQUOTE ("RFC822" / "GLOBAL") DQUOTE 6372 ; Defined in [MIME-IMT] 6374 media-subtype = string 6375 ; Defined in [MIME-IMT] 6377 media-text = DQUOTE "TEXT" DQUOTE SP media-subtype 6378 ; Defined in [MIME-IMT] 6380 message-data = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att)) 6382 move = "MOVE" SP sequence-set SP mailbox 6384 msg-att = "(" (msg-att-dynamic / msg-att-static) 6385 *(SP (msg-att-dynamic / msg-att-static)) ")" 6387 msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")" 6388 ; MAY change for a message 6390 msg-att-static = "ENVELOPE" SP envelope / "INTERNALDATE" SP date-time / 6391 "RFC822.SIZE" SP number64 / 6392 "BODY" ["STRUCTURE"] SP body / 6393 "BODY" section ["<" number ">"] SP nstring / 6394 "BINARY" section-binary SP (nstring / literal8) / 6395 "BINARY.SIZE" section-binary SP number / 6396 "UID" SP uniqueid 6397 ; MUST NOT change for a message 6399 name-component = 1*UTF8-CHAR 6400 ; MUST NOT contain ".", "/", "%", or "*" 6402 namespace = nil / "(" 1*namespace-descr ")" 6404 namespace-command = "NAMESPACE" 6406 namespace-descr = "(" string SP 6407 (DQUOTE QUOTED-CHAR DQUOTE / nil) 6408 [namespace-response-extensions] ")" 6410 namespace-response-extensions = *namespace-response-extension 6412 namespace-response-extension = SP string SP 6413 "(" string *(SP string) ")" 6415 namespace-response = "NAMESPACE" SP namespace 6416 SP namespace SP namespace 6417 ; The first Namespace is the Personal Namespace(s). 6418 ; The second Namespace is the Other Users' 6419 ; Namespace(s). 6420 ; The third Namespace is the Shared Namespace(s). 6422 nil = "NIL" 6424 nstring = string / nil 6426 number = 1*DIGIT 6427 ; Unsigned 32-bit integer 6428 ; (0 <= n < 4,294,967,296) 6430 number64 = 1*DIGIT 6431 ; Unsigned 63-bit integer 6432 ; (0 <= n <= 9,223,372,036,854,775,807) 6434 nz-number = digit-nz *DIGIT 6435 ; Non-zero unsigned 32-bit integer 6436 ; (0 < n < 4,294,967,296) 6438 nz-number64 = digit-nz *DIGIT 6439 ; Unsigned 63-bit integer 6440 ; (0 < n <= 9,223,372,036,854,775,807) 6442 oldname-extended-item = "OLDNAME" SP "(" mailbox ")" 6443 ; Extended data item (mbox-list-extended-item) 6444 ; returned in a LIST response when a mailbox is 6445 ; renamed or deleted. Also returned when 6446 ; the server canonicalized the provided mailbox 6447 ; name. 6448 ; Note 1: the OLDNAME tag can be returned 6449 ; with or without surrounding quotes, as per 6450 ; mbox-list-extended-item-tag production. 6452 option-extension = (option-standard-tag / option-vendor-tag) 6453 [SP option-value] 6455 option-standard-tag = atom 6456 ; an option defined in a Standards Track or 6457 ; Experimental RFC 6459 option-val-comp = astring / 6460 option-val-comp *(SP option-val-comp) / 6461 "(" option-val-comp ")" 6463 option-value = "(" option-val-comp ")" 6465 option-vendor-tag = vendor-token "-" atom 6466 ; a vendor-specific option, non-standard 6468 partial-range = number64 ["." nz-number64] 6469 ; Copied from RFC 5092 (IMAP URL) 6470 ; and updated to support 64bit sizes. 6472 partial = "<" number64 "." nz-number64 ">" 6473 ; Partial FETCH request. 0-based offset of 6474 ; the first octet, followed by the number of octets 6475 ; in the fragment. 6477 password = astring 6479 patterns = "(" list-mailbox ")" 6480 ; [RFC5258] supports multiple patterns, 6481 ; but this document only requires one 6482 ; to be supported. 6484 ; If the server is also implementing 6485 ; [RFC5258], "patterns" syntax from that 6486 ; document must be followed. 6488 quoted = DQUOTE *QUOTED-CHAR DQUOTE 6490 QUOTED-CHAR = / 6491 "\" quoted-specials / UTF8-2 / UTF8-3 / UTF8-4 6493 quoted-specials = DQUOTE / "\" 6495 rename = "RENAME" SP mailbox SP mailbox 6496 ; Use of INBOX as a destination gives a NO error 6498 response = *(continue-req / response-data) response-done 6500 response-data = "*" SP (resp-cond-state / resp-cond-bye / 6501 mailbox-data / message-data / capability-data / 6502 enable-data) CRLF 6504 response-done = response-tagged / response-fatal 6506 response-fatal = "*" SP resp-cond-bye CRLF 6507 ; Server closes connection immediately 6509 response-tagged = tag SP resp-cond-state CRLF 6511 resp-code-apnd = "APPENDUID" SP nz-number SP append-uid 6513 resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set 6515 resp-cond-auth = ("OK" / "PREAUTH") SP resp-text 6516 ; Authentication condition 6518 resp-cond-bye = "BYE" SP resp-text 6520 resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text 6521 ; Status condition 6523 resp-specials = "]" 6525 resp-text = ["[" resp-text-code "]" SP] [text] 6527 resp-text-code = "ALERT" / 6528 "BADCHARSET" [SP "(" charset *(SP charset) ")" ] / 6529 capability-data / "PARSE" / 6530 "PERMANENTFLAGS" SP 6531 "(" [flag-perm *(SP flag-perm)] ")" / 6533 "READ-ONLY" / "READ-WRITE" / "TRYCREATE" / 6534 "UIDNEXT" SP nz-number / "UIDVALIDITY" SP nz-number / 6535 resp-code-apnd / resp-code-copy / "UIDNOTSTICKY" / 6536 "UNAVAILABLE" / "AUTHENTICATIONFAILED" / 6537 "AUTHORIZATIONFAILED" / "EXPIRED" / 6538 "PRIVACYREQUIRED" / "CONTACTADMIN" / "NOPERM" / 6539 "INUSE" / "EXPUNGEISSUED" / "CORRUPTION" / 6540 "SERVERBUG" / "CLIENTBUG" / "CANNOT" / 6541 "LIMIT" / "OVERQUOTA" / "ALREADYEXISTS" / 6542 "NONEXISTENT" / "NOTSAVED" / "HASCHILDREN" / 6543 "CLOSED" / 6544 "UNKNOWN-CTE" / 6545 atom [SP 1*] 6547 return-option = "SUBSCRIBED" / "CHILDREN" / status-option / 6548 option-extension 6550 search = "SEARCH" [search-return-opts] 6551 SP search-program 6553 search-correlator = SP "(" "TAG" SP tag-string ")" 6555 search-key = "ALL" / "ANSWERED" / "BCC" SP astring / 6556 "BEFORE" SP date / "BODY" SP astring / 6557 "CC" SP astring / "DELETED" / "FLAGGED" / 6558 "FROM" SP astring / "KEYWORD" SP flag-keyword / 6559 "ON" SP date / "SEEN" / 6560 "SINCE" SP date / "SUBJECT" SP astring / 6561 "TEXT" SP astring / "TO" SP astring / 6562 "UNANSWERED" / "UNDELETED" / "UNFLAGGED" / 6563 "UNKEYWORD" SP flag-keyword / "UNSEEN" / 6564 ; Above this line were in [IMAP2] 6565 "DRAFT" / "HEADER" SP header-fld-name SP astring / 6566 "LARGER" SP number64 / "NOT" SP search-key / 6567 "OR" SP search-key SP search-key / 6568 "SENTBEFORE" SP date / "SENTON" SP date / 6569 "SENTSINCE" SP date / "SMALLER" SP number64 / 6570 "UID" SP sequence-set / "UNDRAFT" / sequence-set / 6571 "(" search-key *(SP search-key) ")" 6573 search-modifier-name = tagged-ext-label 6575 search-mod-params = tagged-ext-val 6576 ; This non-terminal shows recommended syntax 6577 ; for future extensions. 6579 search-program = ["CHARSET" SP charset SP] 6580 search-key *(SP search-key) 6581 ; CHARSET argument to SEARCH MUST be 6582 ; registered with IANA. 6584 search-ret-data-ext = search-modifier-name SP search-return-value 6585 ; Note that not every SEARCH return option 6586 ; is required to have the corresponding 6587 ; ESEARCH return data. 6589 search-return-data = "MIN" SP nz-number / 6590 "MAX" SP nz-number / 6591 "ALL" SP sequence-set / 6592 "COUNT" SP number / 6593 search-ret-data-ext 6594 ; All return data items conform to 6595 ; search-ret-data-ext syntax. 6596 ; Note that "$" marker is not allowed 6597 ; after the ALL return data item. 6599 search-return-opts = SP "RETURN" SP "(" [search-return-opt 6600 *(SP search-return-opt)] ")" 6602 search-return-opt = "MIN" / "MAX" / "ALL" / "COUNT" / 6603 "SAVE" / 6604 search-ret-opt-ext 6605 ; conforms to generic search-ret-opt-ext 6606 ; syntax 6608 search-ret-opt-ext = search-modifier-name [SP search-mod-params] 6610 search-return-value = tagged-ext-val 6611 ; Data for the returned search option. 6612 ; A single "nz-number"/"number"/"number64" value 6613 ; can be returned as an atom (i.e., without 6614 ; quoting). A sequence-set can be returned 6615 ; as an atom as well. 6617 section = "[" [section-spec] "]" 6619 section-binary = "[" [section-part] "]" 6621 section-msgtext = "HEADER" / "HEADER.FIELDS" [".NOT"] SP header-list / 6622 "TEXT" 6623 ; top-level or MESSAGE/RFC822 or MESSAGE/GLOBAL part 6625 section-part = nz-number *("." nz-number) 6626 ; body part reference. 6627 ; Allows for accessing nested body parts. 6629 section-spec = section-msgtext / (section-part ["." section-text]) 6631 section-text = section-msgtext / "MIME" 6632 ; text other than actual body part (headers, etc.) 6634 select = "SELECT" SP mailbox 6636 seq-number = nz-number / "*" 6637 ; message sequence number (COPY, FETCH, STORE 6638 ; commands) or unique identifier (UID COPY, 6639 ; UID FETCH, UID STORE commands). 6640 ; * represents the largest number in use. In 6641 ; the case of message sequence numbers, it is 6642 ; the number of messages in a non-empty mailbox. 6643 ; In the case of unique identifiers, it is the 6644 ; unique identifier of the last message in the 6645 ; mailbox or, if the mailbox is empty, the 6646 ; mailbox's current UIDNEXT value. 6647 ; The server should respond with a tagged BAD 6648 ; response to a command that uses a message 6649 ; sequence number greater than the number of 6650 ; messages in the selected mailbox. This 6651 ; includes "*" if the selected mailbox is empty. 6653 seq-range = seq-number ":" seq-number 6654 ; two seq-number values and all values between 6655 ; these two regardless of order. 6656 ; Example: 2:4 and 4:2 are equivalent and indicate 6657 ; values 2, 3, and 4. 6658 ; Example: a unique identifier sequence range of 6659 ; 3291:* includes the UID of the last message in 6660 ; the mailbox, even if that value is less than 3291. 6662 sequence-set = (seq-number / seq-range) ["," sequence-set] 6663 ; set of seq-number values, regardless of order. 6664 ; Servers MAY coalesce overlaps and/or execute the 6665 ; sequence in any order. 6666 ; Example: a message sequence number set of 6667 ; 2,4:7,9,12:* for a mailbox with 15 messages is 6668 ; equivalent to 2,4,5,6,7,9,12,13,14,15 6669 ; Example: a message sequence number set of *:4,5:7 6670 ; for a mailbox with 10 messages is equivalent to 6671 ; 10,9,8,7,6,5,4,5,6,7 and MAY be reordered and 6672 ; overlap coalesced to be 4,5,6,7,8,9,10. 6674 sequence-set =/ seq-last-command 6675 ; Allow for "result of the last command" indicator. 6677 seq-last-command = "$" 6679 status = "STATUS" SP mailbox SP 6680 "(" status-att *(SP status-att) ")" 6682 status-att = "MESSAGES" / "UIDNEXT" / "UIDVALIDITY" / 6683 "UNSEEN" / "DELETED" / "SIZE" 6685 status-att-val = ("MESSAGES" SP number) / 6686 ("UIDNEXT" SP nz-number) / 6687 ("UIDVALIDITY" SP nz-number) / 6688 ("UNSEEN" SP number) / 6689 ("DELETED" SP number) / 6690 ("SIZE" SP number64) 6691 ; Extensions to the STATUS responses 6692 ; should extend this production. 6693 ; Extensions should use the generic 6694 ; syntax defined by tagged-ext. 6696 status-att-list = status-att-val *(SP status-att-val) 6698 status-option = "STATUS" SP "(" status-att *(SP status-att) ")" 6699 ; This ABNF production complies with 6700 ; syntax. 6702 store = "STORE" SP sequence-set SP store-att-flags 6704 store-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP 6705 (flag-list / (flag *(SP flag))) 6707 string = quoted / literal 6709 subscribe = "SUBSCRIBE" SP mailbox 6711 tag = 1* 6713 tag-string = astring 6714 ; represented as 6716 tagged-ext-label = tagged-label-fchar *tagged-label-char 6717 ; Is a valid RFC 3501 "atom". 6719 tagged-label-fchar = ALPHA / "-" / "_" / "." 6721 tagged-label-char = tagged-label-fchar / DIGIT / ":" 6723 tagged-ext-comp = astring / 6724 tagged-ext-comp *(SP tagged-ext-comp) / 6725 "(" tagged-ext-comp ")" 6726 ; Extensions that follow this general 6727 ; syntax should use nstring instead of 6728 ; astring when appropriate in the context 6729 ; of the extension. 6730 ; Note that a message set or a "number" 6731 ; can always be represented as an "atom". 6732 ; An URL should be represented as 6733 ; a "quoted" string. 6735 tagged-ext-simple = sequence-set / number / number64 6737 tagged-ext-val = tagged-ext-simple / 6738 "(" [tagged-ext-comp] ")" 6740 text = 1*(TEXT-CHAR / UTF8-2 / UTF8-3 / UTF8-4) 6741 ; Non ASCII text can only be returned 6742 ; after ENABLE IMAP4rev2 command 6744 TEXT-CHAR = 6746 time = 2DIGIT ":" 2DIGIT ":" 2DIGIT 6747 ; Hours minutes seconds 6749 uid = "UID" SP 6750 (copy / move / fetch / search / store / uid-expunge) 6751 ; Unique identifiers used instead of message 6752 ; sequence numbers 6754 uid-expunge = "EXPUNGE" SP sequence-set 6755 ; Unique identifiers used instead of message 6756 ; sequence numbers 6758 uid-set = (uniqueid / uid-range) *("," uid-set) 6760 uid-range = (uniqueid ":" uniqueid) 6761 ; two uniqueid values and all values 6762 ; between these two regards of order. 6763 ; Example: 2:4 and 4:2 are equivalent. 6765 uniqueid = nz-number 6766 ; Strictly ascending 6768 unsubscribe = "UNSUBSCRIBE" SP mailbox 6770 userid = astring 6772 UTF8-CHAR = 6773 UTF8-2 = 6775 UTF8-3 = 6777 UTF8-4 = 6779 vendor-token = "vendor." name-component 6780 ; Definition copied from RFC 2244. 6781 ; MUST be registered with IANA 6783 x-command = "X" atom 6785 zone = ("+" / "-") 4DIGIT 6786 ; Signed four-digit value of hhmm representing 6787 ; hours and minutes east of Greenwich (that is, 6788 ; the amount that the given time differs from 6789 ; Universal Time). Subtracting the timezone 6790 ; from the given time will give the UT form. 6791 ; The Universal Time zone is "+0000". 6793 10. Author's Note 6795 This document is a revision or rewrite of earlier documents, and 6796 supercedes the protocol specification in those documents: RFC 3501, 6797 RFC 2060, RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and 6798 RFC 1064. 6800 11. Security Considerations 6802 IMAP4rev2 protocol transactions, including electronic mail data, are 6803 sent in the clear over the network exposing them to possible 6804 eavesdropping and manipulation unless protection is negotiated. This 6805 can be accomplished either by the use of Implicit TLS port, STARTTLS 6806 command, negotiated privacy protection in the AUTHENTICATE command, 6807 or some other protection mechanism. 6809 11.1. TLS related Security Considerations 6811 This section applies to both use of STARTTLS command and Implicit TLS 6812 port. 6814 IMAP client and server implementations MUST comply with relevant TLS 6815 recommendations from [RFC8314]. 6817 Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use 6818 of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in 6819 cases where the other party has not yet implemented TLS 1.3. 6820 Additionally, when using TLS 1.2, IMAP implementations MUST implement 6821 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite. This is 6822 important as it assures that any two compliant implementations can be 6823 configured to interoperate. Other TLS cipher suites recommended in 6824 RFC 7525 [RFC7525] are RECOMMENDED: 6825 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 6826 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and 6827 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are 6828 OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. 6830 The list of mandatory-to-implement TLS 1.3 cipher suites is described 6831 in Section 9.1 of [TLS-1.3]. 6833 During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check 6834 its understanding of the server hostname against the server's 6835 identity as presented in the server Certificate message, in order to 6836 prevent on-path attackers attempting to masquerade as the server. 6837 This procedure is described in [RFC7817]. 6839 Both the client and server MUST check the result of the STARTTLS 6840 command and subsequent TLS ([TLS-1.3][TLS-1.2]) negotiation to see 6841 whether acceptable authentication and/or privacy was achieved. 6843 11.2. STARTTLS command versa use of Implicit TLS port 6845 For maximum backward compatibility clients MUST implement both TLS 6846 negotiation on implicit TLS port and TLS negotiation using STARTTLS 6847 command. 6849 Servers MUST implement TLS negotiation on implicit TLS port and 6850 SHOULD implement STARTTLS command on cleartext port. 6852 Some site/firewall maintainers insist on TLS site-wide and prefer not 6853 to rely on a configuration option in each higher-level protocol. For 6854 this reason, IMAP4rev2 clients SHOULD try both ports 993 and 143 (and 6855 both IPv4 and IPv6) concurrently by default, unless overridden by 6856 either user configuration or DNS SRV records [RFC6186]. Note that if 6857 a server answers on both ports, it MUST allow STARTTLS command on 6858 port 143. 6860 11.3. Client handling of unsolicited responses not suitable for the 6861 current connection state 6863 Cleartext mail transmission (whether caused by firewall configuration 6864 errors that result in TLS stripping or weak security policies in 6865 email clients that choose not to negotiate TLS in the first place) 6866 can enable injection of responses that can confuse or even cause 6867 crashes in email clients. The following measures are recommended to 6868 minimize damage from them. 6870 See Section 7.1.4 for special security considerations related to 6871 PREAUTH response. 6873 Many server responses and response codes are only meaningful in 6874 authenticated or even selected state. However, nothing prevents a 6875 server (or an on-path attacker) from sending such invalid 6876 responses in cleartext before STARTTLS/AUTHENTICATE commands are 6877 issued. Before authentication clients SHOULD ignore any responses 6878 other than CAPABILITY and server status responses (Section 7.1), 6879 as well as any response codes other than CAPABILITY. Client 6880 SHOULD ignore the ALERT response code until after TLS has been 6881 successfully negotiated (whether using STARTTLS or TLS negotiation 6882 on implicit TLS port). Unless explicitly allowed by an IMAP 6883 extension, when not in selected state clients MUST ignore 6884 responses/response codes related to message and mailbox status 6885 such as FLAGS, EXIST, EXPUNGE and FETCH. 6887 11.4. COPYUID and APPENDUID response codes 6889 The COPYUID and APPENDUID response codes return information about the 6890 mailbox, which may be considered sensitive if the mailbox has 6891 permissions set that permit the client to COPY or APPEND to the 6892 mailbox, but not SELECT or EXAMINE it. 6894 Consequently, these response codes SHOULD NOT be issued if the client 6895 does not have access to SELECT or EXAMINE the mailbox. 6897 11.5. LIST command and Other Users' namespace 6899 In response to a LIST command containing an argument of the Other 6900 Users' Namespace prefix, a server SHOULD NOT list users that have not 6901 granted list access to their personal mailboxes to the currently 6902 authenticated user. Providing such a list, could compromise security 6903 by potentially disclosing confidential information of who is located 6904 on the server, or providing a starting point of a list of user 6905 accounts to attack. 6907 11.6. Other Security Considerations 6909 A server error message for an AUTHENTICATE command which fails due to 6910 invalid credentials SHOULD NOT detail why the credentials are 6911 invalid. 6913 Use of the LOGIN command sends passwords in the clear. This can be 6914 avoided by using the AUTHENTICATE command with a [SASL] mechanism 6915 that does not use plaintext passwords, by first negotiating 6916 encryption via STARTTLS or some other protection mechanism. 6918 A server implementation MUST implement a configuration that, at the 6919 time of authentication, requires: 6920 (1) The STARTTLS command has been negotiated or TLS negotiated on 6921 implicit TLS port. 6922 OR 6923 (2) Some other mechanism that protects the session from password 6924 snooping has been provided. 6925 OR 6926 (3) The following measures are in place: 6927 (a) The LOGINDISABLED capability is advertised, and [SASL] mechanisms 6928 (such as PLAIN) using plaintext passwords are NOT advertised in the 6929 CAPABILITY list. 6930 AND 6931 (b) The LOGIN command returns an error even if the password is 6932 correct. 6933 AND 6934 (c) The AUTHENTICATE command returns an error with all [SASL] 6935 mechanisms that use plaintext passwords, even if the password is 6936 correct. 6938 A server error message for a failing LOGIN command SHOULD NOT specify 6939 that the user name, as opposed to the password, is invalid. 6941 A server SHOULD have mechanisms in place to limit or delay failed 6942 AUTHENTICATE/LOGIN attempts. 6944 A server SHOULD report any authentication failure and analyze such 6945 authentication failure attempt with regard to a password brute force 6946 attack as well as a password spraying attack. Accounts that match 6947 password spraying attacks MUST be blocked and request to change their 6948 passwords and only password with significant strength SHOULD be 6949 accepted. 6951 Additional security considerations are discussed in the section 6952 discussing the AUTHENTICATE (see Section 6.2.2) and LOGIN (see 6953 Section 6.2.3) commands. 6955 12. IANA Considerations 6957 IANA is requested to update "Service Names and Transport Protocol 6958 Port Numbers" registry as follows: 6960 1. Registration for TCP port 143 and the corresponding "imap" 6961 service name should be updated to point to this document and RFC 6962 3501. 6964 2. Registration for TCP port 993 and the corresponding "imaps" 6965 service name should be updated to point to this document, RFC 6966 8314 and RFC 3501. 6968 3. Both UDP port 143 and UDP port 993 should be marked as "Reserved" 6969 in the registry. 6971 Additional IANA actions are specified in subsection of this section. 6973 12.1. Updates to IMAP4 Capabilities registry 6975 IMAP4 capabilities are registered by publishing a standards track or 6976 IESG approved informational or experimental RFC. The registry is 6977 currently located at: https://www.iana.org/assignments/ 6978 imap4-capabilities 6980 As this specification revises the AUTH= prefix, STARTTLS and 6981 LOGINDISABLED extensions, IANA is requested to update registry 6982 entries for these 3 extensions to point to this document and RFC 6983 3501. 6985 12.2. GSSAPI/SASL service name 6987 GSSAPI/Kerberos/SASL service names are registered by publishing a 6988 standards track or IESG approved experimental RFC. The registry is 6989 currently located at: https://www.iana.org/assignments/gssapi- 6990 service-names 6992 IANA is requested to update the "imap" service name previously 6993 registered in RFC 3501, to point to both this document and RFC 3501. 6995 12.3. LIST Selection Options, LIST Return Options, LIST extended data 6996 items 6998 [RFC5258] specifies IANA registration procedures for LIST Selection 6999 Options, LIST Return Options, LIST extended data items. This 7000 document doesn't change these registration procedures. In particular 7001 LIST selection options (Section 6.3.9.1) and LIST return options 7002 (Section 6.3.9.2) are registered using the procedure specified in 7003 Section 9 of [RFC5258] (and using the registration template from 7004 Section 9.3 of [RFC5258]). LIST Extended Data Items are registered 7005 using the registration template from Section 9.6 of [RFC5258]). 7007 IANA is requested to add a reference to [RFCXXXX] for the "OLDNAME" 7008 LIST-EXTENDED extended data item entry. This is in addition to the 7009 existing reference to [RFC5465]. 7011 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes 7013 IANA is requested to update the "IMAP Mailbox Name Attributes" 7014 registry to point to this document in addition to RFC 3501. 7016 IANA is requested to update the "IMAP Response Codes" registry to 7017 point to this document in addition to RFC 3501. 7019 13. References 7021 13.1. Normative References 7023 [RFC4752] Melnikov, A., Ed., "The Kerberos V5 ("GSSAPI") Simple 7024 Authentication and Security Layer (SASL) Mechanism", 7025 RFC 4752, DOI 10.17487/RFC4752, November 2006, 7026 . 7028 [RFC5258] Leiba, B. and A. Melnikov, "Internet Message Access 7029 Protocol version 4 - LIST Command Extensions", RFC 5258, 7030 DOI 10.17487/RFC5258, June 2008, 7031 . 7033 [RFC5788] Melnikov, A. and D. Cridland, "IMAP4 Keyword Registry", 7034 RFC 5788, DOI 10.17487/RFC5788, March 2010, 7035 . 7037 [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 7038 Specifications: ABNF", STD 68, RFC 5234, January 2008, 7039 . 7041 [ANONYMOUS] 7042 Zeilenga, K., "Anonymous Simple Authentication and 7043 Security Layer (SASL) Mechanism", RFC 4505, June 2006, 7044 . 7046 [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration 7047 Procedures", BCP 19, RFC 2978, October 2000, 7048 . 7050 [SCRAM-SHA-256] 7051 Hansen, T., "SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple 7052 Authentication and Security Layer (SASL) Mechanisms", 7053 RFC 7677, DOI 10.17487/RFC7677, November 2015, 7054 . 7056 [DISPOSITION] 7057 Troost, R., Dorner, S., and K. Moore, Ed., "Communicating 7058 Presentation Information in Internet Messages: The 7059 Content-Disposition Header Field", RFC 2183, August 1997, 7060 . 7062 [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and 7063 Security Layer (SASL) Mechanism", RFC 4616, August 2006, 7064 . 7066 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 7067 Requirement Levels", BCP 14, RFC 2119, 7068 DOI 10.17487/RFC2119, March 1997, 7069 . 7071 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 7072 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 7073 May 2017, . 7075 [LANGUAGE-TAGS] 7076 Alvestrand, H., "Content Language Headers", RFC 3282, May 7077 2002, . 7079 [LOCATION] 7080 Palme, J., Hopmann, A., and N. Shelness, "MIME 7081 Encapsulation of Aggregate Documents, such as HTML 7082 (MHTML)", RFC 2557, March 1999, 7083 . 7085 [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field", 7086 RFC 1864, October 1995, 7087 . 7089 [MIME-HDRS] 7090 Moore, K., "MIME (Multipurpose Internet Mail Extensions) 7091 Part Three: Message Header Extensions for Non-ASCII Text", 7092 RFC 2047, November 1996, 7093 . 7095 [MIME-IMB] 7096 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 7097 Extensions (MIME) Part One: Format of Internet Message 7098 Bodies", RFC 2045, November 1996, 7099 . 7101 [MIME-IMT] 7102 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 7103 Extensions (MIME) Part Two: Media Types", RFC 2046, 7104 November 1996, . 7106 [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded 7107 Word Extensions: Character Sets, Languages, and 7108 Continuations", RFC 2231, DOI 10.17487/RFC2231, November 7109 1997, . 7111 [RFC-5322] 7112 Resnick, P., Ed., "Internet Message Format", RFC 5322, 7113 October 2008, . 7115 [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple 7116 Authentication and Security Layer (SASL)", RFC 4422, June 7117 2006, . 7119 [TLS-1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security 7120 (TLS) Protocol Version 1.2", RFC 5246, August 2008, 7121 . 7123 [TLS-1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol 7124 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 7125 . 7127 [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe 7128 Transformation Format of Unicode", RFC 2152, May 1997, 7129 . 7131 [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO 7132 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 7133 2003, . 7135 [MULTIAPPEND] 7136 Crispin, M., "Internet Message Access Protocol (IMAP) - 7137 MULTIAPPEND Extension", RFC 3502, March 2003, 7138 . 7140 [NET-UNICODE] 7141 Klensin, J. and M. Padlipsky, "Unicode Format for Network 7142 Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008, 7143 . 7145 [I18N-HDRS] 7146 Yang, A., Steele, S., and N. Freed, "Internationalized 7147 Email Headers", RFC 6532, DOI 10.17487/RFC6532, February 7148 2012, . 7150 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 7151 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 7152 . 7154 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 7155 "Recommendations for Secure Use of Transport Layer 7156 Security (TLS) and Datagram Transport Layer Security 7157 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 7158 2015, . 7160 [RFC7817] Melnikov, A., "Updated Transport Layer Security (TLS) 7161 Server Identity Check Procedure for Email-Related 7162 Protocols", RFC 7817, DOI 10.17487/RFC7817, March 2016, 7163 . 7165 [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition 7166 Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098, 7167 February 2017, . 7169 [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete: 7170 Use of Transport Layer Security (TLS) for Email Submission 7171 and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018, 7172 . 7174 [IMAP-IMPLEMENTATION] 7175 Leiba, B., "IMAP4 Implementation Recommendations", 7176 RFC 2683, September 1999, 7177 . 7179 [IMAP-MULTIACCESS] 7180 Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", 7181 RFC 2180, July 1997, 7182 . 7184 13.2. Informative References (related protocols) 7186 [CERT-555316] 7187 CERT, "Vulnerability Note VU#555316: STARTTLS plaintext 7188 command injection vulnerability", September 2011, 7189 . 7191 [RFC2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, 7192 DOI 10.17487/RFC2193, September 1997, 7193 . 7195 [RFC3348] Gahrns, M. and R. Cheng, "The Internet Message Action 7196 Protocol (IMAP4) Child Mailbox Extension", RFC 3348, 7197 DOI 10.17487/RFC3348, July 2002, 7198 . 7200 [RFC3503] Melnikov, A., "Message Disposition Notification (MDN) 7201 profile for Internet Message Access Protocol (IMAP)", 7202 RFC 3503, DOI 10.17487/RFC3503, March 2003, 7203 . 7205 [RFC5256] Crispin, M. and K. Murchison, "Internet Message Access 7206 Protocol - SORT and THREAD Extensions", RFC 5256, 7207 DOI 10.17487/RFC5256, June 2008, 7208 . 7210 [RFC5465] Gulbrandsen, A., King, C., and A. Melnikov, "The IMAP 7211 NOTIFY Extension", RFC 5465, DOI 10.17487/RFC5465, 7212 February 2009, . 7214 [RFC6186] Daboo, C., "Use of SRV Records for Locating Email 7215 Submission/Access Services", RFC 6186, 7216 DOI 10.17487/RFC6186, March 2011, 7217 . 7219 [RFC7888] Melnikov, A., Ed., "IMAP4 Non-synchronizing Literals", 7220 RFC 7888, DOI 10.17487/RFC7888, May 2016, 7221 . 7223 [IMAP-DISC] 7224 Melnikov, A., Ed., "Synchronization Operations for 7225 Disconnected IMAP4 Clients", RFC 4549, June 2006, 7226 . 7228 [IMAP-I18N] 7229 Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet 7230 Message Access Protocol Internationalization", RFC 5255, 7231 DOI 10.17487/RFC5255, June 2008, 7232 . 7234 [IMAP-MODEL] 7235 Crispin, M., "Distributed Electronic Mail Models in 7236 IMAP4", RFC 1733, December 1994, 7237 . 7239 [IMAP-UTF-8] 7240 Resnick, P., Ed., Newman, C., Ed., and S. Shen, Ed., "IMAP 7241 Support for UTF-8", RFC 6855, DOI 10.17487/RFC6855, March 7242 2013, . 7244 [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 7245 October 2008, . 7247 [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516, 7248 DOI 10.17487/RFC3516, April 2003, 7249 . 7251 [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", 7252 RFC 4314, December 2005, 7253 . 7255 [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January 7256 1997, . 7258 [IMAP-URL] 7259 Melnikov, A., Ed. and C. Newman, "IMAP URL Scheme", 7260 RFC 5092, DOI 10.17487/RFC5092, November 2007, 7261 . 7263 [IMAP-KEYWORDS-REG] 7264 IANA, "IMAP and JMAP Keywords", December 2009, 7265 . 7268 [IMAP-MAILBOX-NAME-ATTRS-REG] 7269 IANA, "IMAP Mailbox Name Attributes", June 2018, 7270 . 7273 [CHARSET-REG] 7274 IANA, "Character Set Registrations", May 2015, 7275 . 7278 13.3. Informative References (historical aspects of IMAP and related 7279 protocols) 7281 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 7282 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 7283 . 7285 [IMAP-COMPAT] 7286 Crispin, M., "IMAP4 Compatibility with IMAP2bis", 7287 RFC 2061, December 1996, 7288 . 7290 [IMAP-HISTORICAL] 7291 Crispin, M., "IMAP4 Compatibility with IMAP2 and 7292 IMAP2bis", RFC 1732, December 1994, 7293 . 7295 [IMAP2BIS] 7296 Crispin, M., "INTERACTIVE MAIL ACCESS PROTOCOL - VERSION 7297 2bis", draft-ietf-imap-imap2bis-02 (work in progress), 7298 October 1993, . 7301 [IMAP-OBSOLETE] 7302 Crispin, M., "Internet Message Access Protocol - Obsolete 7303 Syntax", RFC 2062, December 1996, 7304 . 7306 [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version 7307 2", RFC 1176, August 1990, 7308 . 7310 [RFC-822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET 7311 TEXT MESSAGES", STD 11, RFC 822, August 1982, 7312 . 7314 [IMAP-TLS] 7315 Newman, C., "Using TLS with IMAP, POP3 and ACAP", 7316 RFC 2595, June 1999, 7317 . 7319 Appendix A. Backward compatibility with IMAP4rev1 7321 An implementation that wants to remain compatible with IMAP4rev1 can 7322 advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response/ 7323 response code. While some IMAP4rev1 responses were removed in 7324 IMAP4rev2, their presence will not break IMAP4rev2-only clients. 7326 If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that 7327 wants to use IMAP4rev2 MUST issue an "ENABLE IMAP4rev2" command. 7329 Servers advertising both IMAP4rev1 and IMAP4rev2 MUST NOT generate 7330 UTF-8 quoted strings unless the client has issued "ENABLE IMAP4rev2". 7331 Consider implementation of mechanisms described or referenced in 7332 [IMAP-UTF-8] to achieve this goal. 7334 Servers advertising both IMAP4rev1 and IMAP4rev2, and clients 7335 intending to be compatible with IMAP4rev1 servers MUST be compatible 7336 with the international mailbox naming convention described in the 7337 following subsection. 7339 Also see Appendix D for special considerations for servers that 7340 support 63 bit body part/message sizes and want to advertise support 7341 for both IMAP4rev1 and IMAP4rev2. 7343 A.1. Mailbox International Naming Convention for compatibility with 7344 IMAP4rev1 7346 Support for the Mailbox International Naming Convention described in 7347 this section is not required for IMAP4rev2-only clients and servers. 7348 It is only used for backward compatibility with IMAP4rev1 7349 implementations. 7351 By convention, international mailbox names in IMAP4rev1 are specified 7352 using a modified version of the UTF-7 encoding described in [UTF-7]. 7353 Modified UTF-7 may also be usable in servers that implement an 7354 earlier version of this protocol. 7356 In modified UTF-7, printable US-ASCII characters, except for "&", 7357 represent themselves; that is, characters with octet values 0x20-0x25 7358 and 0x27-0x7e. The character "&" (0x26) is represented by the two- 7359 octet sequence "&-". 7361 All other characters (octet values 0x00-0x1f and 0x7f-0xff) are 7362 represented in modified BASE64, with a further modification from 7363 [UTF-7] that "," is used instead of "/". Modified BASE64 MUST NOT be 7364 used to represent any printing US-ASCII character which can represent 7365 itself. Only characters inside the modified BASE64 alphabet are 7366 permitted in modified BASE64 text. 7368 "&" is used to shift to modified BASE64 and "-" to shift back to US- 7369 ASCII. There is no implicit shift from BASE64 to US-ASCII, and null 7370 shifts ("-&" while in BASE64; note that "&-" while in US-ASCII means 7371 "&") are not permitted. However, all names start in US-ASCII, and 7372 MUST end in US-ASCII; that is, a name that ends with a non-ASCII 7373 ISO-10646 character MUST end with a "-"). 7375 The purpose of these modifications is to correct the following 7376 problems with UTF-7: 7378 1. UTF-7 uses the "+" character for shifting; this conflicts with 7379 the common use of "+" in mailbox names, in particular USENET 7380 newsgroup names. 7382 2. UTF-7's encoding is BASE64 which uses the "/" character; this 7383 conflicts with the use of "/" as a popular hierarchy delimiter. 7385 3. UTF-7 prohibits the unencoded usage of "\"; this conflicts with 7386 the use of "\" as a popular hierarchy delimiter. 7388 4. UTF-7 prohibits the unencoded usage of "~"; this conflicts with 7389 the use of "~" in some servers as a home directory indicator. 7391 5. UTF-7 permits multiple alternate forms to represent the same 7392 string; in particular, printable US-ASCII characters can be 7393 represented in encoded form. 7395 Although modified UTF-7 is a convention, it establishes certain 7396 requirements on server handling of any mailbox name with an embedded 7397 "&" character. In particular, server implementations MUST preserve 7398 the exact form of the modified BASE64 portion of a modified UTF-7 7399 name and treat that text as case-sensitive, even if names are 7400 otherwise case-insensitive or case-folded. 7402 Server implementations SHOULD verify that any mailbox name with an 7403 embedded "&" character, used as an argument to CREATE, is: in the 7404 correctly modified UTF-7 syntax, has no superfluous shifts, and has 7405 no encoding in modified BASE64 of any printing US-ASCII character 7406 which can represent itself. However, client implementations MUST NOT 7407 depend upon the server doing this, and SHOULD NOT attempt to create a 7408 mailbox name with an embedded "&" character unless it complies with 7409 the modified UTF-7 syntax. 7411 Server implementations which export a mail store that does not follow 7412 the modified UTF-7 convention MUST convert to modified UTF-7 any 7413 mailbox name that contains either non-ASCII characters or the "&" 7414 character. 7416 For example, here is a mailbox name which mixes English, Chinese, 7417 and Japanese text: ~peter/mail/&U,BTFw-/&ZeVnLIqe- 7419 For example, the string "&Jjo!" is not a valid mailbox name 7420 because it does not contain a shift to US-ASCII before the "!". 7421 The correct form is "&Jjo-!". The string "&U,BTFw-&ZeVnLIqe-" is 7422 not permitted because it contains a superfluous shift. The 7423 correct form is "&U,BTF2XlZyyKng-". 7425 Appendix B. Backward compatibility with BINARY extension 7427 IMAP4rev2 incorporates subset of functionality provided by the BINARY 7428 extension [RFC3516], in particular it includes additional FETCH items 7429 (BINARY, BINARY.PEEK and BINARY.SIZE), but not extensions to the 7430 APPEND command. IMAP4rev2 implementations that supports full RFC 7431 3516 functionality need to also advertise the BINARY capability in 7432 the CAPABILITY response/response code. 7434 Appendix C. Backward compatibility with LIST-EXTENDED extension 7436 IMAP4rev2 incorporates most of functionality provided by the LIST- 7437 EXTENDED extension [RFC5258]. In particular, multiple mailbox 7438 patterns syntax is not supported in IMAP4rev2, unless LIST-EXTENDED 7439 capability is also advertised in the CAPABILITY response/response 7440 code. 7442 Appendix D. 63 bit body part and message sizes 7444 IMAP4rev2 increases allowed body part and message sizes that servers 7445 can support from 32 to 63 bits. Server implementations don't have to 7446 support 63 bit long body parts/message sizes, however client 7447 implementations have to expect them. 7449 As IMAP4rev1 didn't support 63 bit long body part/message sizes, 7450 there is an interoperability issue exposed by 63 bit capable servers 7451 that are accessible by both IMAP4rev1 and IMAP4rev2 email clients. 7452 As IMAP4rev1 would be unable to retrieve full content of messages 7453 bigger than 4Gb, such servers either need to replace messages bigger 7454 that 4Gb with messages under 4Gb or hide them from IMAP4rev1 clients. 7455 This document doesn't prescribe any implementation strategy to 7456 address this issue. 7458 Appendix E. Changes from RFC 3501 / IMAP4rev1 7460 Below is the summary of changes since RFC 3501: 7462 1. Support for 64bit message and body part sizes. 7464 2. Folded in IMAP NAMESPACE (RFC 2342), UNSELECT (RFC 3691), 7465 UIDPLUS (RFC 4315), ESEARCH (RFC 4731), SEARCHRES (RFC 5182), 7466 ENABLE (RFC 5161), IDLE (RFC 2177), SASL-IR (RFC 4959), LIST- 7467 EXTENDED (RFC 5258), LIST-STATUS (RFC 5819), MOVE (RFC 6851) and 7468 LITERAL- (RFC 7888) extensions. Also folded RFC 4466 (IMAP ABNF 7469 extensions), RFC 5530 (response codes), the FETCH side of the 7470 BINARY extension (RFC 3516) and the list of new mailbox 7471 attributes from SPECIAL-USE (RFC 6154). 7473 3. Added STATUS SIZE (RFC 8438) and STATUS DELETED. 7475 4. SEARCH command now requires to return ESEARCH response (SEARCH 7476 response is now deprecated). 7478 5. Clarified which SEARCH keys have to use substring match and 7479 which don't. 7481 6. Clarified that server should decode parameter value 7482 continuations as described in [RFC2231]. This requirement was 7483 hidden in RFC 2231 itself. 7485 7. Clarified that COPYUID response code is returned for both MOVE 7486 and UID MOVE. 7488 8. Tighen requirements about COPY/MOVE commands not creating target 7489 mailbox. Also require them to return TRYCREATE response code, 7490 if the target mailbox doesn't exist and can be created. 7492 9. Added CLOSED response code from RFC 7162. SELECT/EXAMINE when a 7493 mailbox is already selected now requires a CLOSED response code 7494 to be returned. 7496 10. SELECT/EXAMINE are now required to return untagged LIST 7497 response. 7499 11. UNSEEN response code on SELECT/EXAMINE is now deprecated. 7501 12. RECENT response on SELECT/EXAMINE, \Recent flag, RECENT STATUS, 7502 SEARCH NEW items are now deprecated. 7504 13. Clarified that the server doesn't need to send a new 7505 PERMANENTFLAGS response code when a new keyword was successfully 7506 added and the server advertised \* earlier for the same mailbox. 7508 14. For future extensibility extended ABNF for tagged-ext-simple to 7509 allow for bare number64. 7511 15. Added SHOULD level requirement on IMAP servers to support 7512 $MDNSent, $Forwarded, $Junk, $NonJunk and $Phishing keywords. 7514 16. Mailbox names and message headers now allow for UTF-8. Support 7515 for Modified UTF-7 in mailbox names is not required, unless 7516 compatibility with IMAP4rev1 is desired. 7518 17. Removed the CHECK command. Clients should use NOOP instead. 7520 18. RFC822, RFC822.HEADER and RFC822.TEXT FETCH data items were 7521 deprecated. Clients should use the corresponding BODY[] 7522 variants instead. 7524 19. LSUB command was deprecated. Clients should use LIST 7525 (SUBSCRIBED) instead. 7527 20. IDLE command can now return updates not related to the currently 7528 selected mailbox state. 7530 21. All unsolicited FETCH updates are required to include UID. 7532 22. Clarified that client implementations MUST ignore response codes 7533 that they do not recognize. (Change from a SHOULD to a MUST.) 7535 23. resp-text ABNF non terminal was updated to allow for empty text. 7537 24. After ENABLE IMAP4rev2 human readable response text can include 7538 non ASCII encoded in UTF-8. 7540 25. Updated to use modern TLS-related recommendations as per RFC 7541 8314, RFC 7817, RFC 7525. 7543 26. Added warnings about use of ALERT response codes and PREAUTH 7544 response. 7546 27. Replaced DIGEST-MD5 SASL mechanism with SCRAM-SHA-256. DIGEST- 7547 MD5 was deprecated. 7549 28. Clarified that any command received from the client resets 7550 server autologout timer. 7552 29. Revised IANA registration procedure for IMAP extensions and 7553 removed "X" convention. 7555 30. Loosened requirements on servers when closing connections to be 7556 more aligned with existing practices. 7558 Appendix F. Other Recommended IMAP Extensions 7560 Support for the following extensions is recommended for all IMAP 7561 client and servers. While they significantly reduce bandwidth and/or 7562 number of round trips used by IMAP in certain situations, the EXTRA 7563 WG decided that requiring them as a part of IMAP4rev2 would push the 7564 bar to implement too high for new implementations. Also note that 7565 absence of any IMAP extension from this list doesn't make it somehow 7566 deficient or not recommended for use with IMAP4rev2. 7568 1. QRESYNC and CONDSTORE extensions (RFC 7162). They make 7569 discovering changes to IMAP mailboxes more efficient, at the 7570 expense of storing a bit more state. 7572 2. OBJECTID extension (RFC 8474) helps with preserving IMAP client 7573 cache when messages moved/copied or mailboxes are renamed. 7575 Appendix G. Acknowledgement 7577 Earlier versions of this document were edited by Mark Crispin. 7578 Sadly, he is no longer available to help with this work. Editors of 7579 this revisions are hoping that Mark would have approved. 7581 Chris Newman has contributed text on I18N and use of UTF-8 in 7582 messages and mailbox names. 7584 Thank you to Tony Hansen for helping with the index generation. 7585 Thank you to Murray Kucherawy, Timo Sirainen, Bron Gondwana, Stephan 7586 Bosch, Robert Sparks, Arnt Gulbrandsen, Daniel Migault, Roman Danyliw 7587 and Eric Vyncke for extensive feedback. 7589 This document incorporates text from RFC 4315 (by Mark Crispin), RFC 7590 4466 (by Cyrus Daboo), RFC 4731 (by Dave Cridland), RFC 5161 (by Arnt 7591 Gulbrandsen), RFC 5465 (by Arnt Gulbrandsen and Curtis King), RFC 7592 5530 (by Arnt Gulbrandsen), RFC 5819 (by Timo Sirainen), RFC 6154 (by 7593 Jamie Nicolson), RFC 8438 (by Stephan Bosch) so work done by authors/ 7594 editors of these documents is appreciated. Note that editors of this 7595 document were redacted from the above list. 7597 The CHILDREN return option was originally proposed by Mike Gahrns and 7598 Raymond Cheng in [RFC3348]. Most of the information in 7599 Section 6.3.9.5 is taken directly from their original specification 7600 [RFC3348]. 7602 Thank you to Damian Poddebniak, Fabian Ising, Hanno Boeck and 7603 Sebastian Schinzel for pointing out that the ENABLE command should be 7604 a member of "command-auth" and not "command-any" ABNF production, as 7605 well as pointing out security issues associated with ALERT, PREAUTH 7606 and other responses received before authentication. 7608 Index 7610 $ 7611 $Forwarded (predefined flag) 12 7612 $Junk (predefined flag) 13 7613 $MDNSent (predefined flag) 13 7614 $NotJunk (predefined flag) 13 7615 $Phishing (predefined flag) 13 7617 + 7618 +FLAGS 93 7619 +FLAGS.SILENT 93 7621 - 7622 -FLAGS 93 7623 -FLAGS.SILENT 93 7625 A 7626 ALERT (response code) 101 7627 ALL (fetch item) 89 7628 ALL (search key) 79 7629 ALL (search result option) 77 7630 ALREADYEXISTS (response code) 101 7631 ANSWERED (search key) 79 7632 APPEND (command) 69 7633 APPENDUID (response code) 101 7634 AUTHENTICATE (command) 30 7635 AUTHENTICATIONFAILED (response code) 102 7636 AUTHORIZATIONFAILED (response code) 102 7638 B 7639 BAD (response) 109 7640 BADCHARSET (response code) 102 7641 BCC (search key) 79 7642 BEFORE (search key) 79 7643 BINARY.PEEK[]<> (fetch item) 89 7644 BINARY.SIZE[] (fetch item) 90 7645 BINARY.SIZE[] (fetch result) 120 7646 BINARY[]<> (fetch result) 119 7647 BINARY[]<> (fetch item) 89 7648 BODY (fetch item) 90 7649 BODY (fetch result) 120 7650 BODY (search key) 79 7651 BODY.PEEK[
]<> (fetch item) 90 7652 BODYSTRUCTURE (fetch item) 91 7653 BODYSTRUCTURE (fetch result) 121 7654 BODY[
]<> (fetch result) 120 7655 BODY[
]<> (fetch item) 90 7656 BYE (response) 110 7657 Body Structure (message attribute) 14 7659 C 7660 CANNOT (response code) 102 7661 CAPABILITY (command) 26 7662 CAPABILITY (response code) 103 7663 CAPABILITY (response) 111 7664 CC (search key) 79 7665 CLIENTBUG (response code) 103 7666 CLOSE (command) 75 7667 CLOSED (response code) 103 7668 CONTACTADMIN (response code) 103 7669 COPY (command) 94 7670 COPYUID (response code) 103 7671 CORRUPTION (response code) 104 7672 COUNT (search result option) 77 7673 CREATE (command) 39 7675 D 7676 DELETE (command) 40 7677 DELETED (search key) 79 7678 DELETED (status item) 69 7679 DRAFT (search key) 79 7681 E 7682 ENABLE (command) 34 7683 ENVELOPE (fetch item) 91 7684 ENVELOPE (fetch result) 123 7685 ESEARCH (response) 117 7686 EXAMINE (command) 38 7687 EXPIRED (response code) 104 7688 EXPUNGE (command) 76 7689 EXPUNGE (response) 118 7690 EXPUNGEISSUED (response code) 104 7691 Envelope Structure (message attribute) 14 7693 F 7694 FAST (fetch item) 89 7695 FETCH (command) 88 7696 FETCH (response) 119 7697 FLAGGED (search key) 79 7698 FLAGS (fetch item) 91 7699 FLAGS (fetch result) 125 7700 FLAGS (response) 117 7701 FLAGS (store command data item) 93 7702 FLAGS.SILENT (store command data item) 93 7703 FROM (search key) 79 7704 FULL (fetch item) 89 7705 Flags (message attribute) 12 7707 H 7708 HASCHILDREN (response code) 105 7709 HEADER (part specifier) 91 7710 HEADER (search key) 80 7711 HEADER.FIELDS (part specifier) 91 7712 HEADER.FIELDS.NOT (part specifier) 91 7714 I 7715 IDLE (command) 72 7716 INTERNALDATE (fetch item) 91 7717 INTERNALDATE (fetch result) 125 7718 INUSE (response code) 105 7719 Internal Date (message attribute) 14 7721 K 7722 KEYWORD (search key) 80 7723 Keyword (type of flag) 12 7725 L 7726 LARGER (search key) 80 7727 LIMIT (response code) 105 7728 LIST (command) 45 7729 LIST (response) 112 7730 LOGOUT (command) 27 7732 M 7733 MAX (search result option) 77 7734 MAY (specification requirement term) 5 7735 MESSAGES (status item) 69 7736 MIME (part specifier) 92 7737 MIN (search result option) 77 7738 MOVE (command) 95 7739 MUST (specification requirement term) 5 7740 MUST NOT (specification requirement term) 5 7741 Message Sequence Number (message attribute) 11 7743 N 7744 NAMESPACE (command) 64 7745 NAMESPACE (response) 116 7746 NO (response) 109 7747 NONEXISTENT (response code) 105 7748 NOOP (command) 27 7749 NOPERM (response code) 105 7750 NOT (search key) 80 7751 NOT RECOMMENDED (specification requirement term) 5 7753 O 7754 OK (response) 108 7755 ON (search key) 80 7756 OPTIONAL (specification requirement term) 5 7757 OR (search key) 80 7758 OVERQUOTA (response code) 106 7760 P 7761 PARSE (response code) 106 7762 PERMANENTFLAGS (response code) 106 7763 PREAUTH (response) 110 7764 PRIVACYREQUIRED (response code) 106 7765 Permanent Flag (class of flag) 13 7766 Predefined keywords 12 7768 R 7769 READ-ONLY (response code) 107 7770 READ-WRITE (response code) 107 7771 RECOMMENDED (specification requirement term) 5 7772 RENAME (command) 42 7773 REQUIRED (specification requirement term) 5 7774 RFC822.SIZE (fetch item) 91 7775 RFC822.SIZE (fetch result) 125 7777 S 7778 SAVE (search result option) 77 7779 SEARCH (command) 76 7780 SEEN (search key) 80 7781 SELECT (command) 36 7782 SENTBEFORE (search key) 80 7783 SENTON (search key) 80 7784 SENTSINCE (search key) 80 7785 SERVERBUG (response code) 107 7786 SHOULD (specification requirement term) 5 7787 SHOULD NOT (specification requirement term) 5 7788 SINCE (search key) 80 7789 SIZE (status item) 69 7790 SMALLER (search key) 80 7791 STARTTLS (command) 28 7792 STATUS (command) 68 7793 STATUS (response) 117 7794 STORE (command) 93 7795 SUBJECT (search key) 80 7796 SUBSCRIBE (command) 44 7797 Session Flag (class of flag) 13 7798 System Flag (type of flag) 12 7800 T 7801 TEXT (part specifier) 91 7802 TEXT (search key) 81 7803 TO (search key) 81 7804 TRYCREATE (response code) 107 7806 U 7807 UID (command) 97 7808 UID (fetch item) 91 7809 UID (fetch result) 125 7810 UID (search key) 81 7811 UIDNEXT (response code) 107 7812 UIDNEXT (status item) 69 7813 UIDNOTSTICKY (response code) 107 7814 UIDVALIDITY (response code) 108 7815 UIDVALIDITY (status item) 69 7816 UNANSWERED (search key) 81 7817 UNAVAILABLE (response code) 108 7818 UNDELETED (search key) 81 7819 UNDRAFT (search key) 81 7820 UNFLAGGED (search key) 81 7821 UNKEYWORD (search key) 81 7822 UNKNOWN-CTE (response code) 108 7823 UNSEEN (search key) 81 7824 UNSEEN (status item) 69 7825 UNSELECT (command) 75 7826 UNSUBSCRIBE (command) 45 7827 Unique Identifier (UID) (message attribute) 9 7829 [ 7830 [RFC-5322] Size (message attribute) 14 7832 \ 7833 \All (mailbox name attribute) 114 7834 \Answered (system flag) 12 7835 \Archive (mailbox name attribute) 114 7836 \Deleted (system flag) 12 7837 \Draft (system flag) 12 7838 \Drafts (mailbox name attribute) 115 7839 \Flagged (mailbox name attribute) 115 7840 \Flagged (system flag) 12 7841 \HasChildren (mailbox name attribute) 113 7842 \HasNoChildren (mailbox name attribute) 113 7843 \Junk (mailbox name attribute) 115 7844 \Marked (mailbox name attribute) 114 7845 \Noinferiors (mailbox name attribute) 113 7846 \NonExistent (mailbox name attribute) 113 7847 \Noselect (mailbox name attribute) 113 7848 \Recent (system flag) 12 7849 \Remote (mailbox name attribute) 114 7850 \Seen (system flag) 12 7851 \Sent (mailbox name attribute) 115 7852 \Subscribed (mailbox name attribute) 114 7853 \Trash (mailbox name attribute) 115 7854 \Unmarked (mailbox name attribute) 114 7856 Authors' Addresses 7857 Alexey Melnikov (editor) 7858 Isode Ltd 7859 14 Castle Mews 7860 Hampton, Middlesex TW12 2NP 7861 UK 7863 Email: Alexey.Melnikov@isode.com 7865 Barry Leiba (editor) 7866 Futurewei Technologies 7868 Phone: +1 646 827 0648 7869 Email: barryleiba@computer.org 7870 URI: http://internetmessagingtechnology.org/