idnits 2.17.00 (12 Aug 2021) /tmp/idnits22360/draft-ietf-extra-imap4rev2-28.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** There are 5 instances of too long lines in the document, the longest one being 6 characters in excess of 72. -- The draft header indicates that this document obsoletes RFC3501, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 10, 2021) is 464 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC3501' is mentioned on line 7356, but not defined ** Obsolete undefined reference: RFC 3501 (Obsoleted by RFC 9051) == Missing Reference: 'IMAP2' is mentioned on line 7381, but not defined == Missing Reference: 'IMAP2BIS' is mentioned on line 7370, but not defined == Missing Reference: 'IMAP-OBSOLETE' is mentioned on line 7376, but not defined == Missing Reference: 'IMAP-COMPAT' is mentioned on line 7360, but not defined == Missing Reference: 'IMAP-HISTORICAL' is mentioned on line 7365, but not defined == Missing Reference: 'RFC-822' is mentioned on line 7385, but not defined ** Obsolete undefined reference: RFC 822 (Obsoleted by RFC 2822) == Missing Reference: 'IMAP-MODEL' is mentioned on line 7304, but not defined == Missing Reference: 'IMAP-DISC' is mentioned on line 7293, but not defined == Missing Reference: 'IMAP-KEYWORDS-REG' is mentioned on line 7338, but not defined == Missing Reference: 'SMTP' is mentioned on line 7319, but not defined == Missing Reference: 'RFC7888' is mentioned on line 7285, but not defined -- Looks like a reference, but probably isn't: '1' on line 910 == Missing Reference: 'IMAP-URL' is mentioned on line 7333, but not defined == Missing Reference: 'TLS' is mentioned on line 1514, but not defined == Missing Reference: 'ANONYMOUS' is mentioned on line 7314, but not defined == Missing Reference: 'CERT-555316' is mentioned on line 7251, but not defined == Missing Reference: 'RFC7162' is mentioned on line 7644, but not defined == Missing Reference: 'UIDVALIDITY 3857529045' is mentioned on line 3345, but not defined == Missing Reference: 'UIDNEXT 4392' is mentioned on line 1808, but not defined == Missing Reference: 'RFC2193' is mentioned on line 7256, but not defined == Missing Reference: 'RFC3348' is mentioned on line 7676, but not defined ** Obsolete undefined reference: RFC 3348 (Obsoleted by RFC 5258) == Missing Reference: 'RFC4314' is mentioned on line 7326, but not defined == Missing Reference: 'UIDNEXT 2' is mentioned on line 3346, but not defined == Missing Reference: 'UIDVALIDITY 1' is mentioned on line 3418, but not defined == Missing Reference: 'CHARSET-REG' is mentioned on line 7348, but not defined == Missing Reference: 'IMAP-I18N' is mentioned on line 7298, but not defined == Missing Reference: 'HEADER' is mentioned on line 3948, but not defined == Missing Reference: 'BADCHARSET UTF-8' is mentioned on line 3998, but not defined == Missing Reference: 'UID' is mentioned on line 4421, but not defined == Missing Reference: 'RFC2087' is mentioned on line 7330, but not defined ** Obsolete undefined reference: RFC 2087 (Obsoleted by RFC 9208) == Missing Reference: 'IMAP-MAILBOX-NAME-ATTRS-REG' is mentioned on line 7343, but not defined == Missing Reference: 'RFC4422' is mentioned on line 6307, but not defined == Missing Reference: 'IMAP4' is mentioned on line 6396, but not defined == Missing Reference: 'IMAP-TLS' is mentioned on line 7389, but not defined == Missing Reference: 'RFC6186' is mentioned on line 7274, but not defined == Missing Reference: 'RFCXXXX' is mentioned on line 7072, but not defined == Missing Reference: 'RFC5465' is mentioned on line 7270, but not defined == Missing Reference: 'RFC5256' is mentioned on line 7265, but not defined == Missing Reference: 'RFC8474' is mentioned on line 7648, but not defined == Missing Reference: 'IMAP-UTF-8' is mentioned on line 7407, but not defined == Missing Reference: 'RFC3516' is mentioned on line 7504, but not defined ** Downref: Normative reference to an Informational RFC: RFC 2152 (ref. 'UTF-7') ** Downref: Normative reference to an Informational RFC: RFC 2683 (ref. 'IMAP-IMPLEMENTATION') ** Downref: Normative reference to an Informational RFC: RFC 2180 (ref. 'IMAP-MULTIACCESS') Summary: 9 errors (**), 0 flaws (~~), 43 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov, Ed. 3 Internet-Draft Isode Ltd 4 Obsoletes: 3501 (if approved) B. Leiba, Ed. 5 Intended status: Standards Track Futurewei Technologies 6 Expires: August 14, 2021 February 10, 2021 8 Internet Message Access Protocol (IMAP) - Version 4rev2 9 draft-ietf-extra-imap4rev2-28 11 Abstract 13 The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) 14 allows a client to access and manipulate electronic mail messages on 15 a server. IMAP4rev2 permits manipulation of mailboxes (remote 16 message folders) in a way that is functionally equivalent to local 17 folders. IMAP4rev2 also provides the capability for an offline 18 client to resynchronize with the server. 20 IMAP4rev2 includes operations for creating, deleting, and renaming 21 mailboxes, checking for new messages, permanently removing messages, 22 setting and clearing flags, RFC 5322, RFC 2045 and RFC 2231 parsing, 23 searching, and selective fetching of message attributes, texts, and 24 portions thereof. Messages in IMAP4rev2 are accessed by the use of 25 numbers. These numbers are either message sequence numbers or unique 26 identifiers. 28 IMAP4rev2 does not specify a means of posting mail; this function is 29 handled by a mail submission protocol such as the one specified in 30 RFC 6409. 32 Status of This Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at https://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on August 14, 2021. 49 Copyright Notice 51 Copyright (c) 2021 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (https://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 This document may contain material from IETF Documents or IETF 65 Contributions published or made publicly available before November 66 10, 2008. The person(s) controlling the copyright in some of this 67 material may not have granted the IETF Trust the right to allow 68 modifications of such material outside the IETF Standards Process. 69 Without obtaining an adequate license from the person(s) controlling 70 the copyright in such materials, this document may not be modified 71 outside the IETF Standards Process, and derivative works of it may 72 not be created outside the IETF Standards Process, except to format 73 it for publication as an RFC or to translate it into languages other 74 than English. 76 Table of Contents 78 1. How to Read This Document . . . . . . . . . . . . . . . . . . 5 79 1.1. Organization of This Document . . . . . . . . . . . . . . 5 80 1.2. Conventions Used in This Document . . . . . . . . . . . . 5 81 1.3. Special Notes to Implementors . . . . . . . . . . . . . . 6 82 2. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 7 83 2.1. Link Level . . . . . . . . . . . . . . . . . . . . . . . 7 84 2.2. Commands and Responses . . . . . . . . . . . . . . . . . 7 85 2.2.1. Client Protocol Sender and Server Protocol Receiver . 7 86 2.2.2. Server Protocol Sender and Client Protocol Receiver . 8 87 2.3. Message Attributes . . . . . . . . . . . . . . . . . . . 9 88 2.3.1. Message Numbers . . . . . . . . . . . . . . . . . . . 9 89 2.3.2. Flags Message Attribute . . . . . . . . . . . . . . . 12 90 2.3.3. Internal Date Message Attribute . . . . . . . . . . . 14 91 2.3.4. [RFC-5322] Size Message Attribute . . . . . . . . . . 14 92 2.3.5. Envelope Structure Message Attribute . . . . . . . . 14 93 2.3.6. Body Structure Message Attribute . . . . . . . . . . 14 94 2.4. Message Texts . . . . . . . . . . . . . . . . . . . . . . 14 95 3. State and Flow Diagram . . . . . . . . . . . . . . . . . . . 14 96 3.1. Not Authenticated State . . . . . . . . . . . . . . . . . 15 97 3.2. Authenticated State . . . . . . . . . . . . . . . . . . . 15 98 3.3. Selected State . . . . . . . . . . . . . . . . . . . . . 15 99 3.4. Logout State . . . . . . . . . . . . . . . . . . . . . . 15 100 4. Data Formats . . . . . . . . . . . . . . . . . . . . . . . . 17 101 4.1. Atom . . . . . . . . . . . . . . . . . . . . . . . . . . 17 102 4.1.1. Sequence set and UID set . . . . . . . . . . . . . . 17 103 4.2. Number . . . . . . . . . . . . . . . . . . . . . . . . . 17 104 4.3. String . . . . . . . . . . . . . . . . . . . . . . . . . 17 105 4.3.1. 8-bit and Binary Strings . . . . . . . . . . . . . . 18 106 4.4. Parenthesized List . . . . . . . . . . . . . . . . . . . 19 107 4.5. NIL . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 108 5. Operational Considerations . . . . . . . . . . . . . . . . . 20 109 5.1. Mailbox Naming . . . . . . . . . . . . . . . . . . . . . 20 110 5.1.1. Mailbox Hierarchy Naming . . . . . . . . . . . . . . 21 111 5.1.2. Namespaces . . . . . . . . . . . . . . . . . . . . . 21 112 5.2. Mailbox Size and Message Status Updates . . . . . . . . . 23 113 5.3. Response when no Command in Progress . . . . . . . . . . 23 114 5.4. Autologout Timer . . . . . . . . . . . . . . . . . . . . 23 115 5.5. Multiple Commands in Progress (Command Pipelining) . . . 24 116 6. Client Commands . . . . . . . . . . . . . . . . . . . . . . . 25 117 6.1. Client Commands - Any State . . . . . . . . . . . . . . . 26 118 6.1.1. CAPABILITY Command . . . . . . . . . . . . . . . . . 26 119 6.1.2. NOOP Command . . . . . . . . . . . . . . . . . . . . 27 120 6.1.3. LOGOUT Command . . . . . . . . . . . . . . . . . . . 27 121 6.2. Client Commands - Not Authenticated State . . . . . . . . 28 122 6.2.1. STARTTLS Command . . . . . . . . . . . . . . . . . . 28 123 6.2.2. AUTHENTICATE Command . . . . . . . . . . . . . . . . 30 124 6.2.3. LOGIN Command . . . . . . . . . . . . . . . . . . . . 33 125 6.3. Client Commands - Authenticated State . . . . . . . . . . 34 126 6.3.1. ENABLE Command . . . . . . . . . . . . . . . . . . . 34 127 6.3.2. SELECT Command . . . . . . . . . . . . . . . . . . . 36 128 6.3.3. EXAMINE Command . . . . . . . . . . . . . . . . . . . 38 129 6.3.4. CREATE Command . . . . . . . . . . . . . . . . . . . 39 130 6.3.5. DELETE Command . . . . . . . . . . . . . . . . . . . 40 131 6.3.6. RENAME Command . . . . . . . . . . . . . . . . . . . 42 132 6.3.7. SUBSCRIBE Command . . . . . . . . . . . . . . . . . . 45 133 6.3.8. UNSUBSCRIBE Command . . . . . . . . . . . . . . . . . 45 134 6.3.9. LIST Command . . . . . . . . . . . . . . . . . . . . 46 135 6.3.10. NAMESPACE Command . . . . . . . . . . . . . . . . . . 64 136 6.3.11. STATUS Command . . . . . . . . . . . . . . . . . . . 68 137 6.3.12. APPEND Command . . . . . . . . . . . . . . . . . . . 69 138 6.3.13. IDLE Command . . . . . . . . . . . . . . . . . . . . 72 139 6.4. Client Commands - Selected State . . . . . . . . . . . . 74 140 6.4.1. CLOSE Command . . . . . . . . . . . . . . . . . . . . 75 141 6.4.2. UNSELECT Command . . . . . . . . . . . . . . . . . . 75 142 6.4.3. EXPUNGE Command . . . . . . . . . . . . . . . . . . . 76 143 6.4.4. SEARCH Command . . . . . . . . . . . . . . . . . . . 76 144 6.4.5. FETCH Command . . . . . . . . . . . . . . . . . . . . 88 145 6.4.6. STORE Command . . . . . . . . . . . . . . . . . . . . 93 146 6.4.7. COPY Command . . . . . . . . . . . . . . . . . . . . 94 147 6.4.8. MOVE Command . . . . . . . . . . . . . . . . . . . . 95 148 6.4.9. UID Command . . . . . . . . . . . . . . . . . . . . . 97 149 6.5. Client Commands - Experimental/Expansion . . . . . . . . 99 150 7. Server Responses . . . . . . . . . . . . . . . . . . . . . . 99 151 7.1. Server Responses - Generic Status Responses . . . . . . . 100 152 7.1.1. OK Response . . . . . . . . . . . . . . . . . . . . . 109 153 7.1.2. NO Response . . . . . . . . . . . . . . . . . . . . . 109 154 7.1.3. BAD Response . . . . . . . . . . . . . . . . . . . . 109 155 7.1.4. PREAUTH Response . . . . . . . . . . . . . . . . . . 110 156 7.1.5. BYE Response . . . . . . . . . . . . . . . . . . . . 110 157 7.2. Server Responses - Server Status . . . . . . . . . . . . 111 158 7.2.1. ENABLED Response . . . . . . . . . . . . . . . . . . 111 159 7.2.2. CAPABILITY Response . . . . . . . . . . . . . . . . . 111 160 7.3. Server Responses - Mailbox Status . . . . . . . . . . . . 113 161 7.3.1. LIST Response . . . . . . . . . . . . . . . . . . . . 113 162 7.3.2. NAMESPACE Response . . . . . . . . . . . . . . . . . 117 163 7.3.3. STATUS Response . . . . . . . . . . . . . . . . . . . 117 164 7.3.4. ESEARCH Response . . . . . . . . . . . . . . . . . . 117 165 7.3.5. FLAGS Response . . . . . . . . . . . . . . . . . . . 119 166 7.4. Server Responses - Mailbox Size . . . . . . . . . . . . . 119 167 7.4.1. EXISTS Response . . . . . . . . . . . . . . . . . . . 119 168 7.5. Server Responses - Message Status . . . . . . . . . . . . 119 169 7.5.1. EXPUNGE Response . . . . . . . . . . . . . . . . . . 119 170 7.5.2. FETCH Response . . . . . . . . . . . . . . . . . . . 120 171 7.6. Server Responses - Command Continuation Request . . . . . 126 172 8. Sample IMAP4rev2 connection . . . . . . . . . . . . . . . . . 127 173 9. Formal Syntax . . . . . . . . . . . . . . . . . . . . . . . . 128 174 10. Author's Note . . . . . . . . . . . . . . . . . . . . . . . . 146 175 11. Security Considerations . . . . . . . . . . . . . . . . . . . 146 176 11.1. TLS related Security Considerations . . . . . . . . . . 147 177 11.2. STARTTLS command versa use of Implicit TLS port . . . . 147 178 11.3. Client handling of unsolicited responses not suitable 179 for the current connection state . . . . . . . . . . . . 148 180 11.4. COPYUID and APPENDUID response codes . . . . . . . . . . 148 181 11.5. LIST command and Other Users' namespace . . . . . . . . 149 182 11.6. Other Security Considerations . . . . . . . . . . . . . 149 183 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 150 184 12.1. Updates to IMAP4 Capabilities registry . . . . . . . . . 150 185 12.2. GSSAPI/SASL service name . . . . . . . . . . . . . . . . 151 186 12.3. LIST Selection Options, LIST Return Options, LIST 187 extended data items . . . . . . . . . . . . . . . . . . 151 188 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes . . 151 189 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 151 190 13.1. Normative References . . . . . . . . . . . . . . . . . . 151 191 13.2. Informative References (related protocols) . . . . . . . 155 192 13.3. Informative References (historical aspects of IMAP and 193 related protocols) . . . . . . . . . . . . . . . . . . . 157 194 Appendix A. Backward compatibility with IMAP4rev1 . . . . . . . 158 195 A.1. Mailbox International Naming Convention for compatibility 196 with IMAP4rev1 . . . . . . . . . . . . . . . . . . . . . 158 197 Appendix B. Backward compatibility with BINARY extension . . . . 160 198 Appendix C. Backward compatibility with LIST-EXTENDED extension 160 199 Appendix D. 63 bit body part and message sizes . . . . . . . . . 160 200 Appendix E. Changes from RFC 3501 / IMAP4rev1 . . . . . . . . . 161 201 Appendix F. Other Recommended IMAP Extensions . . . . . . . . . 163 202 Appendix G. Acknowledgement . . . . . . . . . . . . . . . . . . 163 203 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 204 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 169 206 1. How to Read This Document 208 1.1. Organization of This Document 210 This document is written from the point of view of the implementor of 211 an IMAP4rev2 client or server. Beyond the protocol overview in 212 section 2, it is not optimized for someone trying to understand the 213 operation of the protocol. The material in sections 3 through 5 214 provides the general context and definitions with which IMAP4rev2 215 operates. 217 Sections 6, 7, and 9 describe the IMAP commands, responses, and 218 syntax, respectively. The relationships among these are such that it 219 is almost impossible to understand any of them separately. In 220 particular, do not attempt to deduce command syntax from the command 221 section alone; instead refer to the Formal Syntax (Section 9). 223 1.2. Conventions Used in This Document 225 "Conventions" are basic principles or procedures. Document 226 conventions are noted in this section. 228 In examples, "C:" and "S:" indicate lines sent by the client and 229 server respectively. Note that each line includes the terminating 230 CRLF. 232 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 233 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 234 "OPTIONAL" in this document are to be interpreted as described in BCP 235 14 [RFC2119] [RFC8174] when, and only when, they appear in all 236 capitals, as shown here. 238 The word "can" (not "may") is used to refer to a possible 239 circumstance or situation, as opposed to an optional facility of the 240 protocol. 242 "User" is used to refer to a human user, whereas "client" refers to 243 the software being run by the user. 245 "Connection" refers to the entire sequence of client/server 246 interaction from the initial establishment of the network connection 247 until its termination. 249 "Session" refers to the sequence of client/server interaction from 250 the time that a mailbox is selected (SELECT or EXAMINE command) until 251 the time that selection ends (SELECT or EXAMINE of another mailbox, 252 CLOSE command, UNSELECT command, or connection termination). 254 The term "Implicit TLS" refers to the automatic negotiation of TLS 255 whenever a TCP connection is made on a particular TCP port that is 256 used exclusively by that server for TLS connections. The term 257 "Implicit TLS" is intended to contrast with the use of STARTTLS 258 command in IMAP that is used by the client and the server to 259 explicitly negotiate TLS on an established cleartext TCP connection. 261 Characters are 8-bit UTF-8 (of which 7-bit US-ASCII is a subset) 262 unless otherwise specified. Other character sets are indicated using 263 a "CHARSET", as described in [MIME-IMT] and defined in [CHARSET]. 264 CHARSETs have important additional semantics in addition to defining 265 character set; refer to these documents for more detail. 267 There are several protocol conventions in IMAP. These refer to 268 aspects of the specification which are not strictly part of the IMAP 269 protocol, but reflect generally-accepted practice. Implementations 270 need to be aware of these conventions, and avoid conflicts whether or 271 not they implement the convention. For example, "&" may not be used 272 as a hierarchy delimiter since it conflicts with the Mailbox 273 International Naming Convention, and other uses of "&" in mailbox 274 names are impacted as well. 276 1.3. Special Notes to Implementors 278 Implementors of the IMAP protocol are strongly encouraged to read the 279 IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in 280 conjunction with this document, to help understand the intricacies of 281 this protocol and how best to build an interoperable product. 283 IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1 284 [RFC3501], the [IMAP2] and unpublished IMAP2bis [IMAP2BIS] protocols. 285 IMAP4rev2 is largely compatible with the IMAP4rev1 protocol described 286 in RFC 3501 and the IMAP4 protocol described in RFC 1730; the 287 exception being in certain facilities added in RFC 1730 and RFC 3501 288 that proved problematic and were subsequently removed or replaced by 289 better alternatives. In the course of the evolution of IMAP4rev2, 290 some aspects in the earlier protocols have become obsolete. Obsolete 291 commands, responses, and data formats which an IMAP4rev2 292 implementation can encounter when used with an earlier implementation 293 are described in Appendix E, Appendix A and [IMAP-OBSOLETE]. 294 IMAP4rev2 supports 63bit body part and message sizes. IMAP4rev2 295 compatibility with BINARY and LIST-EXTENDED IMAP extensions are 296 described in Appendix B and Appendix C respectively. 298 Other compatibility issues with IMAP2bis, the most common variant of 299 the earlier protocol, are discussed in [IMAP-COMPAT]. A full 300 discussion of compatibility issues with rare (and presumed extinct) 301 variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is 302 primarily of historical interest. 304 IMAP was originally developed for the older [RFC-822] standard, and 305 as a consequence, "RFC822.SIZE" fetch item in IMAP incorporates 306 "RFC822" in its name. "RFC822" should be interpreted as a reference 307 to the updated [RFC-5322] standard. 309 2. Protocol Overview 311 2.1. Link Level 313 The IMAP4rev2 protocol assumes a reliable data stream such as that 314 provided by TCP. When TCP is used, an IMAP4rev2 server listens on 315 port 143 (cleartext port) or port 993 (Implicit TLS port). 317 2.2. Commands and Responses 319 An IMAP4rev2 connection consists of the establishment of a client/ 320 server network connection, an initial greeting from the server, and 321 client/server interactions. These client/server interactions consist 322 of a client command, server data, and a server completion result 323 response. 325 All interactions transmitted by client and server are in the form of 326 lines, that is, strings that end with a CRLF. The protocol receiver 327 of an IMAP4rev2 client or server is either reading a line, or is 328 reading a sequence of octets with a known count followed by a line. 330 2.2.1. Client Protocol Sender and Server Protocol Receiver 332 The client command begins an operation. Each client command is 333 prefixed with an identifier (typically a short alphanumeric string, 334 e.g., A0001, A0002, etc.) called a "tag". A different tag is 335 generated by the client for each command. More formally: the client 336 SHOULD generate a unique tag for every command, but a server MUST 337 accept tag reuse. 339 Clients MUST follow the syntax outlined in this specification 340 strictly. It is a syntax error to send a command with missing or 341 extraneous spaces or arguments. 343 There are two cases in which a line from the client does not 344 represent a complete command. In one case, a command argument is 345 quoted with an octet count (see the description of literal in 346 Section 4.3); in the other case, the command arguments require server 347 feedback (see the AUTHENTICATE command in Section 6.2.2). In either 348 case, the server sends a command continuation request response if it 349 is ready for the octets (if appropriate) and the remainder of the 350 command. This response is prefixed with the token "+". 352 Note: If, instead, the server detected an error in the command, it 353 sends a BAD completion response with a tag matching the command 354 (as described below) to reject the command and prevent the client 355 from sending any more of the command. 357 It is also possible for the server to send a completion response 358 for some other command (if multiple commands are in progress), or 359 untagged data. In either case, the command continuation request 360 is still pending; the client takes the appropriate action for the 361 response, and reads another response from the server. In all 362 cases, the client MUST send a complete command (including 363 receiving all command continuation request responses and sending 364 command continuations for the command) before initiating a new 365 command. 367 The protocol receiver of an IMAP4rev2 server reads a command line 368 from the client, parses the command and its arguments, and transmits 369 server data and a server command completion result response. 371 2.2.2. Server Protocol Sender and Client Protocol Receiver 373 Data transmitted by the server to the client and status responses 374 that do not indicate command completion are prefixed with the token 375 "*", and are called untagged responses. 377 Server data MAY be sent as a result of a client command, or MAY be 378 sent unilaterally by the server. There is no syntactic difference 379 between server data that resulted from a specific command and server 380 data that were sent unilaterally. 382 The server completion result response indicates the success or 383 failure of the operation. It is tagged with the same tag as the 384 client command which began the operation. Thus, if more than one 385 command is in progress, the tag in a server completion response 386 identifies the command to which the response applies. There are 387 three possible server completion responses: OK (indicating success), 388 NO (indicating failure), or BAD (indicating a protocol error such as 389 unrecognized command or command syntax error). 391 Servers SHOULD enforce the syntax outlined in this specification 392 strictly. Any client command with a protocol syntax error, including 393 (but not limited to) missing or extraneous spaces or arguments, 394 SHOULD be rejected, and the client given a BAD server completion 395 response. 397 The protocol receiver of an IMAP4rev2 client reads a response line 398 from the server. It then takes action on the response based upon the 399 first token of the response, which can be a tag, a "*", or a "+". 401 A client MUST be prepared to accept any server response at all times. 402 This includes server data that was not requested. Server data SHOULD 403 be remembered (cached), so that the client can reference its 404 remembered copy rather than sending a command to the server to 405 request the data. In the case of certain server data, the data MUST 406 be remembered, as specified elsewhere in this document. 408 This topic is discussed in greater detail in the Server Responses 409 section. 411 2.3. Message Attributes 413 In addition to message text, each message has several attributes 414 associated with it. These attributes can be retrieved individually 415 or in conjunction with other attributes or message texts. 417 2.3.1. Message Numbers 419 Messages in IMAP4rev2 are accessed by one of two numbers; the unique 420 identifier (UID) or the message sequence number. 422 2.3.1.1. Unique Identifier (UID) Message Attribute 424 A UID is an unsigned non-zero 32-bit value assigned to each message, 425 which when used with the unique identifier validity value (see below) 426 forms a 64-bit value that MUST NOT refer to any other message in the 427 mailbox or any subsequent mailbox with the same name forever. Unique 428 identifiers are assigned in a strictly ascending fashion in the 429 mailbox; as each message is added to the mailbox it is assigned a 430 higher UID than the message(s) which were added previously. Unlike 431 message sequence numbers, unique identifiers are not necessarily 432 contiguous. 434 The unique identifier of a message MUST NOT change during the 435 session, and SHOULD NOT change between sessions. Any change of 436 unique identifiers between sessions MUST be detectable using the 437 UIDVALIDITY mechanism discussed below. Persistent unique identifiers 438 are required for a client to resynchronize its state from a previous 439 session with the server (e.g., disconnected or offline access clients 440 [IMAP-MODEL]); this is discussed further in [IMAP-DISC]. 442 Associated with every mailbox are two 32-bit unsigned non-zero values 443 which aid in unique identifier handling: the next unique identifier 444 value (UIDNEXT) and the unique identifier validity value 445 (UIDVALIDITY). 447 The next unique identifier value is the predicted value that will be 448 assigned to a new message in the mailbox. Unless the unique 449 identifier validity also changes (see below), the next unique 450 identifier value MUST have the following two characteristics. First, 451 the next unique identifier value MUST NOT change unless new messages 452 are added to the mailbox; and second, the next unique identifier 453 value MUST change whenever new messages are added to the mailbox, 454 even if those new messages are subsequently expunged. 456 Note: The next unique identifier value is intended to provide a 457 means for a client to determine whether any messages have been 458 delivered to the mailbox since the previous time it checked this 459 value. It is not intended to provide any guarantee that any 460 message will have this unique identifier. A client can only 461 assume, at the time that it obtains the next unique identifier 462 value, that messages arriving after that time will have a UID 463 greater than or equal to that value. 465 The unique identifier validity value is sent in a UIDVALIDITY 466 response code in an OK untagged response at mailbox selection time. 467 If unique identifiers from an earlier session fail to persist in this 468 session, the unique identifier validity value MUST be greater than 469 the one used in the earlier session. A good UIDVALIDITY value to use 470 is a 32-bit representation of the current date/time when the value is 471 assigned: this ensures that the value is unique and always increases. 472 Another possible alternative is a global counter that gets 473 incremented every time a mailbox is created. 475 Note: Ideally, unique identifiers SHOULD persist at all times. 476 Although this specification recognizes that failure to persist can 477 be unavoidable in certain server environments, it strongly 478 encourages message store implementation techniques that avoid this 479 problem. For example: 481 1. Unique identifiers MUST be strictly ascending in the mailbox 482 at all times. If the physical message store is re-ordered by 483 a non-IMAP agent, this requires that the unique identifiers in 484 the mailbox be regenerated, since the former unique 485 identifiers are no longer strictly ascending as a result of 486 the re-ordering. 488 2. If the message store has no mechanism to store unique 489 identifiers, it must regenerate unique identifiers at each 490 session, and each session must have a unique UIDVALIDITY 491 value. 493 3. If the mailbox is deleted/renamed and a new mailbox with the 494 same name is created at a later date, the server must either 495 keep track of unique identifiers from the previous instance of 496 the mailbox, or it must assign a new UIDVALIDITY value to the 497 new instance of the mailbox. 499 4. The combination of mailbox name, UIDVALIDITY, and UID must 500 refer to a single immutable (or expunged) message on that 501 server forever. In particular, the internal date, [RFC-5322] 502 size, envelope, body structure, and message texts (all 503 BODY[...] fetch data items) MUST never change. This does not 504 include message numbers, nor does it include attributes that 505 can be set by a STORE command (e.g., FLAGS). When a message 506 is expunged, its UID MUST NOT be reused under the same 507 UIDVALIDITY value. 509 2.3.1.2. Message Sequence Number Message Attribute 511 A Message Sequence Number is a relative position from 1 to the number 512 of messages in the mailbox. This position MUST be ordered by 513 ascending unique identifier. As each new message is added, it is 514 assigned a message sequence number that is 1 higher than the number 515 of messages in the mailbox before that new message was added. 517 Message sequence numbers can be reassigned during the session. For 518 example, when a message is permanently removed (expunged) from the 519 mailbox, the message sequence number for all subsequent messages is 520 decremented. The number of messages in the mailbox is also 521 decremented. Similarly, a new message can be assigned a message 522 sequence number that was once held by some other message prior to an 523 expunge. 525 In addition to accessing messages by relative position in the 526 mailbox, message sequence numbers can be used in mathematical 527 calculations. For example, if an untagged "11 EXISTS" is received, 528 and previously an untagged "8 EXISTS" was received, three new 529 messages have arrived with message sequence numbers of 9, 10, and 11. 530 Another example, if message 287 in a 523 message mailbox has UID 531 12345, there are exactly 286 messages which have lesser UIDs and 236 532 messages which have greater UIDs. 534 2.3.2. Flags Message Attribute 536 A message has associated with it a list of zero or more named tokens, 537 known as "flags". A flag is set by its addition to this list, and is 538 cleared by its removal. There are two types of flags in IMAP4rev2: 539 system flags, and keywords. A flag of either type can also be 540 permanent or session-only. 542 A system flag is a flag name that is pre-defined in this 543 specification and begins with "\". Certain system flags (\Deleted 544 and \Seen) have special semantics described elsewhere in this 545 document. The currently-defined system flags are: 547 \Seen Message has been read 549 \Answered Message has been answered 551 \Flagged Message is "flagged" for urgent/special attention 553 \Deleted Message is "deleted" for removal by later EXPUNGE 555 \Draft Message has not completed composition (marked as a draft). 557 \Recent This flag was in use in IMAP4rev1 and is now deprecated. 559 A keyword is defined by the server implementation. Keywords do not 560 begin with "\". Servers MAY permit the client to define new keywords 561 in the mailbox (see the description of the PERMANENTFLAGS response 562 code for more information). Some keywords that start with "$" are 563 also defined in this specification. 565 This document defines several keywords that were not originally 566 defined in RFC 3501, but which were found to be useful by client 567 implementations. These keywords SHOULD be supported (i.e. allowed in 568 SEARCH, allowed and preserved in APPEND, COPY, MOVE commands) by 569 server implementations: 571 $Forwarded Message has been forwarded to another email address, 572 embedded within or attached to a new message. An email client 573 sets this keyword when it successfully forwards the message to 574 another email address. Typical usage of this keyword is to show a 575 different (or additional) icon for a message that has been 576 forwarded. Once set, the flag SHOULD NOT be cleared. 578 $MDNSent Message Disposition Notification [RFC8098] was generated 579 and sent for this message. See [RFC3503] for more details on how 580 this keyword is used and for requirements on clients and servers. 582 $Junk The user (or a delivery agent on behalf of the user) may 583 choose to mark a message as definitely containing junk ($Junk; see 584 also the related keyword $NotJunk). The $Junk keyword can be used 585 to mark (and potentially move/delete messages later), group or 586 hide undesirable messages. See [IMAP-KEYWORDS-REG] for more 587 information. 589 $NotJunk The user (or a delivery agent on behalf of the user) may 590 choose to mark a message as definitely not containing junk 591 ($NotJunk; see also the related keyword $Junk). The $NotJunk 592 keyword can be used to mark, group or show messages that the user 593 wants to see. See [IMAP-KEYWORDS-REG] for more information. 595 $Phishing The $Phishing keyword can be used by a delivery agent to 596 mark a message as highly likely to be a phishing email. An email 597 that's determined to be a phishing email by the delivery agent 598 should also be considered a junk email and have the appropriate 599 junk filtering applied, including setting the $Junk flag and 600 placing in the \Junk special-use mailbox (see Section 7.3.1) if 601 available. 602 If both the $Phishing flag and the $Junk flag are set, the user 603 agent should display an additional warning message to the user. 604 Additionally the user agent may display a warning when clicking on 605 any hyperlinks within the message. 606 The requirement for both $Phishing and $Junk to be set before a 607 user agent displays a warning is for better backwards 608 compatibility with existing clients that understand the $Junk flag 609 but not the $Phishing flag. This is so that when an unextended 610 client removes the $Junk flag, an extended client will also show 611 the correct state. See [IMAP-KEYWORDS-REG] for more information. 613 $Junk and $NotJunk are mutually exclusive. If more than one of them 614 is set for a message, the client MUST treat this as if none of them 615 is set and SHOULD unset both of them on the IMAP server. 617 Other registered keywords can be found in the "IMAP and JMAP 618 Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be 619 registered in this registry using the procedure specified in 620 [RFC5788]. 622 A flag can be permanent or session-only on a per-flag basis. 623 Permanent flags are those which the client can add or remove from the 624 message flags permanently; that is, concurrent and subsequent 625 sessions will see any change in permanent flags. Changes to session 626 flags are valid only in that session. 628 2.3.3. Internal Date Message Attribute 630 An Internal Date message attribute is the internal date and time of 631 the message on the server. This is not the date and time in the 632 [RFC-5322] header, but rather a date and time which reflects when the 633 message was received. In the case of messages delivered via [SMTP], 634 this is the date and time of final delivery of the message as defined 635 by [SMTP]. In the case of messages delivered by the IMAP4rev2 COPY 636 or MOVE command, this SHOULD be the internal date and time of the 637 source message. In the case of messages delivered by the IMAP4rev2 638 APPEND command, this SHOULD be the date and time as specified in the 639 APPEND command description. All other cases are implementation 640 defined. 642 2.3.4. [RFC-5322] Size Message Attribute 644 An RFC 5322 size is the number of octets in the message, as expressed 645 in [RFC-5322] format. 647 2.3.5. Envelope Structure Message Attribute 649 An Envelope Structure is a parsed representation of the [RFC-5322] 650 header of the message. Note that the IMAP Envelope structure is not 651 the same as an [SMTP] envelope. 653 2.3.6. Body Structure Message Attribute 655 A Body Structure is a parsed representation of the [MIME-IMB] body 656 structure information of the message. 658 2.4. Message Texts 660 In addition to being able to fetch the full [RFC-5322] text of a 661 message, IMAP4rev2 permits the fetching of portions of the full 662 message text. Specifically, it is possible to fetch the [RFC-5322] 663 message header, [RFC-5322] message body, a [MIME-IMB] body part, or a 664 [MIME-IMB] header. 666 3. State and Flow Diagram 668 Once the connection between client and server is established, an 669 IMAP4rev2 connection is in one of four states. The initial state is 670 identified in the server greeting. Most commands are only valid in 671 certain states. It is a protocol error for the client to attempt a 672 command while the connection is in an inappropriate state, and the 673 server will respond with a BAD or NO (depending upon server 674 implementation) command completion result. 676 3.1. Not Authenticated State 678 In the not authenticated state, the client MUST supply authentication 679 credentials before most commands will be permitted. This state is 680 entered when a connection starts unless the connection has been pre- 681 authenticated. 683 3.2. Authenticated State 685 In the authenticated state, the client is authenticated and MUST 686 select a mailbox to access before commands that affect messages will 687 be permitted. This state is entered when a pre-authenticated 688 connection starts, when acceptable authentication credentials have 689 been provided, after an error in selecting a mailbox, or after a 690 successful CLOSE or UNSELECT command. 692 3.3. Selected State 694 In a selected state, a mailbox has been selected to access. This 695 state is entered when a mailbox has been successfully selected. 697 3.4. Logout State 699 In the logout state, the connection is being terminated. This state 700 can be entered as a result of a client request (via the LOGOUT 701 command) or by unilateral action on the part of either the client or 702 server. 704 If the client requests the logout state, the server MUST send an 705 untagged BYE response and a tagged OK response to the LOGOUT command 706 before the server closes the connection; and the client MUST read the 707 tagged OK response to the LOGOUT command before the client closes the 708 connection. 710 A server SHOULD NOT unilaterally close the connection without sending 711 an untagged BYE response that contains the reason for having done so. 712 A client SHOULD NOT unilaterally close the connection, and instead 713 SHOULD issue a LOGOUT command. If the server detects that the client 714 has unilaterally closed the connection, the server MAY omit the 715 untagged BYE response and simply close its connection. 717 +----------------------+ 718 |connection established| 719 +----------------------+ 720 || 721 \/ 722 +--------------------------------------+ 723 | server greeting | 724 +--------------------------------------+ 725 || (1) || (2) || (3) 726 \/ || || 727 +-----------------+ || || 728 |Not Authenticated| || || 729 +-----------------+ || || 730 || (7) || (4) || || 731 || \/ \/ || 732 || +----------------+ || 733 || | Authenticated |<=++ || 734 || +----------------+ || || 735 || || (7) || (5) || (6) || 736 || || \/ || || 737 || || +--------+ || || 738 || || |Selected|==++ || 739 || || +--------+ || 740 || || || (7) || 741 \/ \/ \/ \/ 742 +--------------------------------------+ 743 | Logout | 744 +--------------------------------------+ 745 || 746 \/ 747 +-------------------------------+ 748 |both sides close the connection| 749 +-------------------------------+ 751 (1) connection without pre-authentication (OK greeting) 752 (2) pre-authenticated connection (PREAUTH greeting) 753 (3) rejected connection (BYE greeting) 754 (4) successful LOGIN or AUTHENTICATE command 755 (5) successful SELECT or EXAMINE command 756 (6) CLOSE or UNSELECT command, unsolicited CLOSED 757 response code or failed SELECT or EXAMINE command 758 (7) LOGOUT command, server shutdown, or connection closed 760 4. Data Formats 762 IMAP4rev2 uses textual commands and responses. Data in IMAP4rev2 can 763 be in one of several forms: atom, number, string, parenthesized list, 764 or NIL. Note that a particular data item may take more than one 765 form; for example, a data item defined as using "astring" syntax may 766 be either an atom or a string. 768 4.1. Atom 770 An atom consists of one or more non-special characters. 772 4.1.1. Sequence set and UID set 774 A set of messages can be referenced by a sequence set containing 775 either message sequence numbers or unique identifiers. See Section 9 776 for details. Sequence sets can contain ranges (e.g. "5:50"), an 777 enumeration of specific message sequence numbers/unique identifiers, 778 a special symbol "*", or a combination of the above. Note that a 779 sequence set never mixes message sequence numbers and unique 780 identifiers in the same representation. 782 A "UID set" is similar to the sequence set of unique identifiers; 783 however, the "*" value for a sequence number is not permitted. 785 4.2. Number 787 A number consists of one or more digit characters, and represents a 788 numeric value. 790 4.3. String 792 A string is in one of three forms: synchronizing literal, non- 793 synchronizing literal or quoted string. The synchronizing literal 794 form is the general form of string. The non-synchronizing literal 795 form is also the general form, but has length limitation. The quoted 796 string form is an alternative that avoids the overhead of processing 797 a literal at the cost of limitations of characters which may be used. 799 When the distinction between synchronizing and non-synchronizing 800 literals is not important, this document only uses the term 801 "literal". 803 A synchronizing literal is a sequence of zero or more octets 804 (including CR and LF), prefix-quoted with an octet count in the form 805 of an open brace ("{"), the number of octets, close brace ("}"), and 806 CRLF. In the case of synchronizing literals transmitted from server 807 to client, the CRLF is immediately followed by the octet data. In 808 the case of synchronizing literals transmitted from client to server, 809 the client MUST wait to receive a command continuation request 810 (described later in this document) before sending the octet data (and 811 the remainder of the command). 813 The non-synchronizing literal is an alternative form of synchronizing 814 literal, and it may appear in communication from client to server 815 instead of the synchonizing form of literal. The non-synchronizing 816 literal form MUST NOT be sent from server to client. The non- 817 synchronizing literal is distinguished from the synchronizing literal 818 by having a plus ("+") between the octet count and the closing brace 819 ("}"). The server does not generate a command continuation request 820 in response to a non-synchronizing literal, and clients are not 821 required to wait before sending the octets of a non- synchronizing 822 literal. Unless specified otherwise in an IMAP extension, non- 823 synchronizing literals MUST NOT be larger than 4096 octets. Any 824 literal larger than 4096 bytes MUST be sent as a synchronizing 825 literal. (Non-synchronizing literals defined in this document are 826 the same as non-synchronizing literals defined by the LITERAL- 827 extension from [RFC7888]. See that document for details on how to 828 handle invalid non-synchronizing literals longer than 4096 octets and 829 for interaction with other IMAP extensions.) 831 A quoted string is a sequence of zero or more Unicode characters, 832 excluding CR and LF, encoded in UTF-8, with double quote (<">) 833 characters at each end. 835 The empty string is represented as "" (a quoted string with zero 836 characters between double quotes), as {0} followed by CRLF (a 837 synchronizing literal with an octet count of 0) or as {0+} followed 838 by CRLF (a non-synchronizing literal with an octet count of 0). 840 Note: Even if the octet count is 0, a client transmitting a 841 synchronizing literal MUST wait to receive a command continuation 842 request. 844 4.3.1. 8-bit and Binary Strings 846 8-bit textual and binary mail is supported through the use of a 847 [MIME-IMB] content transfer encoding. IMAP4rev2 implementations MAY 848 transmit 8-bit or multi-octet characters in literals, but SHOULD do 849 so only when the [CHARSET] is identified. 851 IMAP4rev2 is compatible with [I18N-HDRS]. As a result, the 852 identified charset for header-field values with 8-bit content is 853 UTF-8 [UTF-8]. IMAP4rev2 implementations MUST accept and MAY 854 transmit [UTF-8] text in quoted-strings as long as the string does 855 not contain NUL, CR, or LF. This differs from IMAP4rev1 856 implementations. 858 Although a BINARY content transfer encoding is defined, unencoded 859 binary strings are not permitted, unless returned in a in 860 response to BINARY.PEEK[]<> or 861 BINARY[]<> FETCH data item. A "binary 862 string" is any string with NUL characters. A string with an 863 excessive amount of CTL characters MAY also be considered to be 864 binary. Unless returned in response to BINARY.PEEK[...]/BINARY[...] 865 FETCH, client and server implementations MUST encode binary data into 866 a textual form, such as BASE64, before transmitting the data. 868 4.4. Parenthesized List 870 Data structures are represented as a "parenthesized list"; a sequence 871 of data items, delimited by space, and bounded at each end by 872 parentheses. A parenthesized list can contain other parenthesized 873 lists, using multiple levels of parentheses to indicate nesting. 875 The empty list is represented as () -- a parenthesized list with no 876 members. 878 4.5. NIL 880 The special form "NIL" represents the non-existence of a particular 881 data item that is represented as a string or parenthesized list, as 882 distinct from the empty string "" or the empty parenthesized list (). 884 Note: NIL is never used for any data item which takes the form of 885 an atom. For example, a mailbox name of "NIL" is a mailbox named 886 NIL as opposed to a non-existent mailbox name. This is because 887 mailbox uses "astring" syntax which is an atom or a string. 888 Conversely, an addr-name of NIL is a non-existent personal name, 889 because addr-name uses "nstring" syntax which is NIL or a string, 890 but never an atom. 892 Examples: 894 The following LIST response: 896 * LIST () "/" NIL 898 is equivalent to: 900 * LIST () "/" "NIL" 902 as LIST response ABNF is using "astring" for mailbox name. 904 However, the following response 906 * FETCH 1 (BODY[1] NIL) 908 is not equivalent to: 910 * FETCH 1 (BODY[1] "NIL") 912 The former means absence of the body part, while the latter 913 means that it contains literal sequence of characters "NIL". 915 5. Operational Considerations 917 The following rules are listed here to ensure that all IMAP4rev2 918 implementations interoperate properly. 920 5.1. Mailbox Naming 922 In IMAP4rev2, Mailbox names are encoded in Net-Unicode [NET-UNICODE] 923 (this differs from IMAP4rev1). Client implementations MAY attempt to 924 create Net-Unicode mailbox names, and MUST interpret any 8-bit 925 mailbox names returned by LIST as [NET-UNICODE]. Server 926 implementations MUST prohibit the creation of 8-bit mailbox names 927 that do not comply with Net-Unicode. However, servers MAY accept a 928 de-normalized UTF-8 mailbox name and convert it to Unicode 929 normalization form "NFC" (as per Net-Unicode requirements) prior to 930 mailbox creation. Servers that choose to accept such de-normalized 931 UTF-8 mailbox names MUST accept them in all IMAP commands that have a 932 mailbox name parameter. In particular SELECT must open the 933 same mailbox that was successfully created with CREATE , even 934 if is a de-normalized UTF-8 mailbox name. 936 The case-insensitive mailbox name INBOX is a special name reserved to 937 mean "the primary mailbox for this user on this server". (Note that 938 this special name may not exist on some servers for some users, for 939 example if the user has no access to personal namespace.) The 940 interpretation of all other names is implementation-dependent. 942 In particular, this specification takes no position on case 943 sensitivity in non-INBOX mailbox names. Some server implementations 944 are fully case-sensitive in ASCII range; others preserve case of a 945 newly-created name but otherwise are case-insensitive; and yet others 946 coerce names to a particular case. Client implementations must be 947 able to interact with any of these. 949 There are certain client considerations when creating a new mailbox 950 name: 952 1. Any character which is one of the atom-specials (see the Formal 953 Syntax in Section 9) will require that the mailbox name be 954 represented as a quoted string or literal. 956 2. CTL and other non-graphic characters are difficult to represent 957 in a user interface and are best avoided. Servers MAY refuse to 958 create mailbox names containing Unicode CTL characters. 960 3. Although the list-wildcard characters ("%" and "*") are valid in 961 a mailbox name, it is difficult to use such mailbox names with 962 the LIST command due to the conflict with wildcard 963 interpretation. 965 4. Usually, a character (determined by the server implementation) is 966 reserved to delimit levels of hierarchy. 968 5. Two characters, "#" and "&", have meanings by convention, and 969 should be avoided except when used in that convention. See 970 Section 5.1.2.1 and Appendix A.1 respectively. 972 5.1.1. Mailbox Hierarchy Naming 974 If it is desired to export hierarchical mailbox names, mailbox names 975 MUST be left-to-right hierarchical using a single character to 976 separate levels of hierarchy. The same hierarchy separator character 977 is used for all levels of hierarchy within a single name. 979 5.1.2. Namespaces 981 Personal Namespace: A namespace that the server considers within the 982 personal scope of the authenticated user on a particular connection. 983 Typically, only the authenticated user has access to mailboxes in 984 their Personal Namespace. It is the part of the namespace that 985 belongs to the user that is allocated for mailboxes. If an INBOX 986 exists for a user, it MUST appear within the user's personal 987 namespace. In the typical case, there SHOULD be only one Personal 988 Namespace per user on a server. 990 Other Users' Namespace: A namespace that consists of mailboxes from 991 the Personal Namespaces of other users. To access mailboxes in the 992 Other Users' Namespace, the currently authenticated user MUST be 993 explicitly granted access rights. For example, it is common for a 994 manager to grant to their administrative support staff access rights 995 to their mailbox. In the typical case, there SHOULD be only one 996 Other Users' Namespace per user on a server. 998 Shared Namespace: A namespace that consists of mailboxes that are 999 intended to be shared amongst users and do not exist within a user's 1000 Personal Namespace. 1002 The namespaces a server uses MAY differ on a per-user basis. 1004 5.1.2.1. Historic Mailbox Namespace Naming Convention 1006 By convention, the first hierarchical element of any mailbox name 1007 which begins with "#" identifies the "namespace" of the remainder of 1008 the name. This makes it possible to disambiguate between different 1009 types of mailbox stores, each of which have their own namespaces. 1011 For example, implementations which offer access to USENET 1012 newsgroups MAY use the "#news" namespace to partition the USENET 1013 newsgroup namespace from that of other mailboxes. Thus, the 1014 comp.mail.misc newsgroup would have a mailbox name of 1015 "#news.comp.mail.misc", and the name "comp.mail.misc" can refer to 1016 a different object (e.g., a user's private mailbox). 1018 Namespaces that include the "#" character are not IMAP URL [IMAP-URL] 1019 friendly requiring the "#" character to be represented as %23 when 1020 within URLs. As such, server implementors MAY instead consider using 1021 namespace prefixes that do not contain the "#" character. 1023 5.1.2.2. Common namespace models 1025 The previous version of this protocol did not define a default server 1026 namespace. Two common namespace models have evolved: 1028 The "Personal Mailbox" model, in which the default namespace that is 1029 presented consists of only the user's personal mailboxes. To access 1030 shared mailboxes, the user must use an escape mechanism to reach 1031 another namespace. 1033 The "Complete Hierarchy" model, in which the default namespace that 1034 is presented includes the user's personal mailboxes along with any 1035 other mailboxes they have access to. 1037 5.2. Mailbox Size and Message Status Updates 1039 At any time, a server can send data that the client did not request. 1040 Sometimes, such behavior is required by this specification and/or 1041 extensions. For example, agents other than the server MAY add 1042 messages to the mailbox (e.g., new message delivery), change the 1043 flags of the messages in the mailbox (e.g., simultaneous access to 1044 the same mailbox by multiple agents), or even remove messages from 1045 the mailbox. A server MUST send mailbox size updates automatically 1046 if a mailbox size change is observed during the processing of a 1047 command. A server SHOULD send message flag updates automatically, 1048 without requiring the client to request such updates explicitly. 1050 Special rules exist for server notification of a client about the 1051 removal of messages to prevent synchronization errors; see the 1052 description of the EXPUNGE response (Section 7.5.1) for more detail. 1053 In particular, it is NOT permitted to send an EXISTS response that 1054 would reduce the number of messages in the mailbox; only the EXPUNGE 1055 response can do this. 1057 Regardless of what implementation decisions a client makes on 1058 remembering data from the server, a client implementation MUST 1059 remember mailbox size updates. It MUST NOT assume that any command 1060 after the initial mailbox selection will return the size of the 1061 mailbox. 1063 5.3. Response when no Command in Progress 1065 Server implementations are permitted to send an untagged response 1066 (except for EXPUNGE) while there is no command in progress. Server 1067 implementations that send such responses MUST deal with flow control 1068 considerations. Specifically, they MUST either (1) verify that the 1069 size of the data does not exceed the underlying transport's available 1070 window size, or (2) use non-blocking writes. 1072 5.4. Autologout Timer 1074 If a server has an inactivity autologout timer that applies to 1075 sessions after authentication, the duration of that timer MUST be at 1076 least 30 minutes. The receipt of any command from the client during 1077 that interval resets the autologout timer. 1079 Note that this specification doesn't have any restrictions on 1080 autologout timer used before successful client authentication. In 1081 particular, servers are allowed to use shortened pre-authentication 1082 timer to protect themselves from Denial of Service attacks. 1084 5.5. Multiple Commands in Progress (Command Pipelining) 1086 The client MAY send another command without waiting for the 1087 completion result response of a command, subject to ambiguity rules 1088 (see below) and flow control constraints on the underlying data 1089 stream. Similarly, a server MAY begin processing another command 1090 before processing the current command to completion, subject to 1091 ambiguity rules. However, any command continuation request responses 1092 and command continuations MUST be negotiated before any subsequent 1093 command is initiated. 1095 The exception is if an ambiguity would result because of a command 1096 that would affect the results of other commands. If the server 1097 detects a possible ambiguity, it MUST execute commands to completion 1098 in the order given by the client. 1100 The most obvious example of ambiguity is when a command would affect 1101 the results of another command, e.g., a FETCH of a message's flags 1102 and a STORE of that same message's flags. 1104 A non-obvious ambiguity occurs with commands that permit an untagged 1105 EXPUNGE response (commands other than FETCH, STORE, and SEARCH), 1106 since an untagged EXPUNGE response can invalidate sequence numbers in 1107 a subsequent command. This is not a problem for FETCH, STORE, or 1108 SEARCH commands because servers are prohibited from sending EXPUNGE 1109 responses while any of those commands are in progress. Therefore, if 1110 the client sends any command other than FETCH, STORE, or SEARCH, it 1111 MUST wait for the completion result response before sending a command 1112 with message sequence numbers. 1114 Note: EXPUNGE responses are permitted while UID FETCH, UID STORE, 1115 and UID SEARCH are in progress. If the client sends a UID 1116 command, it MUST wait for a completion result response before 1117 sending a command which uses message sequence numbers (this may 1118 include UID SEARCH). Any message sequence numbers in an argument 1119 to UID SEARCH are associated with messages prior to the effect of 1120 any untagged EXPUNGE returned by the UID SEARCH. 1122 For example, the following non-waiting command sequences are invalid: 1124 FETCH + NOOP + STORE 1126 STORE + COPY + FETCH 1128 COPY + COPY 1130 The following are examples of valid non-waiting command sequences: 1132 FETCH + STORE + SEARCH + NOOP 1134 STORE + COPY + EXPUNGE 1136 UID SEARCH + UID SEARCH may be valid or invalid as a non-waiting 1137 command sequence, depending upon whether or not the second UID 1138 SEARCH contains message sequence numbers. 1140 Use of SEARCH result variable (see Section 6.4.4.1) creates direct 1141 dependency between two commands. See Section 6.4.4.2 for more 1142 considerations about pipelining such dependent commands. 1144 6. Client Commands 1146 IMAP4rev2 commands are described in this section. Commands are 1147 organized by the state in which the command is permitted. Commands 1148 which are permitted in multiple states are listed in the minimum 1149 permitted state (for example, commands valid in authenticated and 1150 selected state are listed in the authenticated state commands). 1152 Command arguments, identified by "Arguments:" in the command 1153 descriptions below, are described by function, not by syntax. The 1154 precise syntax of command arguments is described in the Formal Syntax 1155 (Section 9). 1157 Some commands cause specific server responses to be returned; these 1158 are identified by "Responses:" in the command descriptions below. 1159 See the response descriptions in the Responses section (Section 7) 1160 for information on these responses, and the Formal Syntax (Section 9) 1161 for the precise syntax of these responses. It is possible for server 1162 data to be transmitted as a result of any command. Thus, commands 1163 that do not specifically require server data specify "no specific 1164 responses for this command" instead of "none". 1166 The "Result:" in the command description refers to the possible 1167 tagged status responses to a command, and any special interpretation 1168 of these status responses. 1170 The state of a connection is only changed by successful commands 1171 which are documented as changing state. A rejected command (BAD 1172 response) never changes the state of the connection or of the 1173 selected mailbox. A failed command (NO response) generally does not 1174 change the state of the connection or of the selected mailbox; the 1175 exception being the SELECT and EXAMINE commands. 1177 6.1. Client Commands - Any State 1179 The following commands are valid in any state: CAPABILITY, NOOP, and 1180 LOGOUT. 1182 6.1.1. CAPABILITY Command 1184 Arguments: none 1186 Responses: REQUIRED untagged response: CAPABILITY 1188 Result: OK - capability completed 1189 BAD - arguments invalid 1191 The CAPABILITY command requests a listing of capabilities (e.g. 1192 extensions and/or modifications of server behaviour) that the server 1193 supports. The server MUST send a single untagged CAPABILITY response 1194 with "IMAP4rev2" as one of the listed capabilities before the 1195 (tagged) OK response. 1197 A capability name which begins with "AUTH=" indicates that the server 1198 supports that particular authentication mechanism as defined in 1199 [SASL]. All such names are, by definition, part of this 1200 specification. 1202 Other capability names refer to extensions, revisions, or amendments 1203 to this specification. See the documentation of the CAPABILITY 1204 response in Section 7.2.2 for additional information. If IMAP4rev1 1205 capability is not advertised, no capabilities, beyond the base 1206 IMAP4rev2 set defined in this specification, are enabled without 1207 explicit client action to invoke the capability. If both IMAP4rev1 1208 and IMAP4rev2 capabilities are advertised, no capabilities, beyond 1209 the base IMAP4rev1 set specified in RFC 3501, are enabled without 1210 explicit client action to invoke the capability. 1212 Client and server implementations MUST implement the STARTTLS 1213 Section 6.2.1, LOGINDISABLED, and AUTH=PLAIN (described in [PLAIN]) 1214 capabilities. See the Security Considerations (Section 11) for 1215 important information. 1217 Unless specified otherwise, all registered extensions to IMAP4rev1 1218 are also valid extensions to IMAP4rev2. 1220 Example: C: abcd CAPABILITY 1221 S: * CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI 1222 LOGINDISABLED 1223 S: abcd OK CAPABILITY completed 1224 C: efgh STARTTLS 1225 S: efgh OK STARTLS completed 1226 1227 C: ijkl CAPABILITY 1228 S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN 1229 S: ijkl OK CAPABILITY completed 1231 6.1.2. NOOP Command 1233 Arguments: none 1235 Responses: no specific responses for this command (but see below) 1237 Result: OK - noop completed 1238 BAD - command unknown or arguments invalid 1240 The NOOP command always succeeds. It does nothing. 1242 Since any command can return a status update as untagged data, the 1243 NOOP command can be used as a periodic poll for new messages or 1244 message status updates during a period of inactivity (the IDLE 1245 command Section 6.3.13 should be used instead of NOOP if real-time 1246 updates to mailbox state are desirable). The NOOP command can also 1247 be used to reset any inactivity autologout timer on the server. 1249 Example: C: a002 NOOP 1250 S: a002 OK NOOP completed 1251 . . . 1252 C: a047 NOOP 1253 S: * 22 EXPUNGE 1254 S: * 23 EXISTS 1255 S: * 14 FETCH (UID 1305 FLAGS (\Seen \Deleted)) 1256 S: a047 OK NOOP completed 1258 6.1.3. LOGOUT Command 1260 Arguments: none 1262 Responses: REQUIRED untagged response: BYE 1264 Result: OK - logout completed 1265 BAD - command unknown or arguments invalid 1267 The LOGOUT command informs the server that the client is done with 1268 the connection. The server MUST send a BYE untagged response before 1269 the (tagged) OK response, and then close the network connection. 1271 Example: C: A023 LOGOUT 1272 S: * BYE IMAP4rev2 Server logging out 1273 S: A023 OK LOGOUT completed 1274 (Server and client then close the connection) 1276 6.2. Client Commands - Not Authenticated State 1278 In the not authenticated state, the AUTHENTICATE or LOGIN command 1279 establishes authentication and enters the authenticated state. The 1280 AUTHENTICATE command provides a general mechanism for a variety of 1281 authentication techniques, privacy protection, and integrity 1282 checking; whereas the LOGIN command uses a traditional user name and 1283 plaintext password pair and has no means of establishing privacy 1284 protection or integrity checking. 1286 The STARTTLS command is an alternative form of establishing session 1287 privacy protection and integrity checking, but does not by itself 1288 establish authentication or enter the authenticated state. 1290 Server implementations MAY allow access to certain mailboxes without 1291 establishing authentication. This can be done by means of the 1292 ANONYMOUS [SASL] authenticator described in [ANONYMOUS]. An older 1293 convention is a LOGIN command using the userid "anonymous"; in this 1294 case, a password is required although the server may choose to accept 1295 any password. The restrictions placed on anonymous users are 1296 implementation-dependent. 1298 Once authenticated (including as anonymous), it is not possible to 1299 re-enter not authenticated state. 1301 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1302 the following commands are valid in the not authenticated state: 1303 STARTTLS, AUTHENTICATE and LOGIN. See the Security Considerations 1304 (Section 11) for important information about these commands. 1306 6.2.1. STARTTLS Command 1308 Arguments: none 1310 Responses: no specific response for this command 1312 Result: OK - starttls completed, begin TLS negotiation 1313 NO - TLS negotiation can't be initiated, due to server 1314 configuration error 1315 BAD - STARTTLS received after a successful TLS 1316 negotiation or arguments invalid 1318 A TLS [TLS-1.3] negotiation begins immediately after the CRLF at the 1319 end of the tagged OK response from the server. Once a client issues 1320 a STARTTLS command, it MUST NOT issue further commands until a server 1321 response is seen and the TLS negotiation is complete. Some past 1322 server implementation incorrectly implemented STARTTLS processing and 1323 are known to contain STARTTLS plaintext command injection 1324 vulnerability [CERT-555316]. In order to avoid this vulnerability, 1325 server implementations MUST do one of the following If any data is 1326 received in the same TCP buffer after the CRLF that starts the 1327 STARTTLS command: 1329 1. Extra data from the TCP buffer is interpreted as beginning of the 1330 TLS handshake. (If the data is in cleartext, this will result in 1331 the TLS handshake failing.) 1333 2. Extra data from the TCP buffer is thrown away. 1335 Note that the first option is friendlier to clients that pipeline 1336 beginning of STARTTLS command with TLS handshake data. 1338 After successful TLS negotiation the server remains in the non- 1339 authenticated state, even if client credentials are supplied during 1340 the TLS negotiation. This does not preclude an authentication 1341 mechanism such as EXTERNAL (defined in [SASL]) from using client 1342 identity determined by the TLS negotiation. 1344 Once TLS has been started, the client MUST discard cached information 1345 about server capabilities and SHOULD re-issue the CAPABILITY command. 1346 This is necessary to protect against man-in- the-middle attacks which 1347 alter the capabilities list prior to STARTTLS. The server MAY 1348 advertise different capabilities, and in particular SHOULD NOT 1349 advertise the STARTTLS capability, after a successful STARTTLS 1350 command. 1352 Example: C: a001 CAPABILITY 1353 S: * CAPABILITY IMAP4rev2 STARTTLS LOGINDISABLED 1354 S: a001 OK CAPABILITY completed 1355 C: a002 STARTTLS 1356 S: a002 OK Begin TLS negotiation now 1357 1358 C: a003 CAPABILITY 1359 S: * CAPABILITY IMAP4rev2 AUTH=PLAIN 1360 S: a003 OK CAPABILITY completed 1361 C: a004 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q= 1362 S: a004 OK Success (tls protection) 1364 6.2.2. AUTHENTICATE Command 1366 Arguments: SASL authentication mechanism name 1367 OPTIONAL initial response 1369 Responses: continuation data can be requested 1371 Result: OK - authenticate completed, now in authenticated state 1372 NO - authenticate failure: unsupported authentication 1373 mechanism, credentials rejected 1374 BAD - command unknown or arguments invalid, 1375 authentication exchange cancelled 1377 The AUTHENTICATE command indicates a [SASL] authentication mechanism 1378 to the server. If the server supports the requested authentication 1379 mechanism, it performs an authentication protocol exchange to 1380 authenticate and identify the client. It MAY also negotiate an 1381 OPTIONAL security layer for subsequent protocol interactions. If the 1382 requested authentication mechanism is not supported, the server 1383 SHOULD reject the AUTHENTICATE command by sending a tagged NO 1384 response. 1386 The AUTHENTICATE command supports the optional "initial response" 1387 feature defined in Section 5.1 of [SASL]. The client doesn't need to 1388 use it. If a SASL mechanism supports "initial response", but it is 1389 not specified by the client, the server handles this as specified in 1390 Section 3 of [SASL]. 1392 The service name specified by this protocol's profile of [SASL] is 1393 "imap". 1395 The authentication protocol exchange consists of a series of server 1396 challenges and client responses that are specific to the 1397 authentication mechanism. A server challenge consists of a command 1398 continuation request response with the "+" token followed by a BASE64 1399 encoded (see Section 4 of [RFC4648]) string. The client response 1400 consists of a single line consisting of a BASE64 encoded string. If 1401 the client wishes to cancel an authentication exchange, it issues a 1402 line consisting of a single "*". If the server receives such a 1403 response, or if it receives an invalid BASE64 string (e.g. 1404 characters outside the BASE64 alphabet, or non-terminal "="), it MUST 1405 reject the AUTHENTICATE command by sending a tagged BAD response. 1407 As with any other client response, the initial response MUST be 1408 encoded as BASE64. It also MUST be transmitted outside of a quoted 1409 string or literal. To send a zero-length initial response, the 1410 client MUST send a single pad character ("="). This indicates that 1411 the response is present, but is a zero-length string. 1413 When decoding the BASE64 data in the initial response, decoding 1414 errors MUST be treated as in any normal SASL client response, i.e. 1415 with a tagged BAD response. In particular, the server should check 1416 for any characters not explicitly allowed by the BASE64 alphabet, as 1417 well as any sequence of BASE64 characters that contains the pad 1418 character ('=') anywhere other than the end of the string (e.g., 1419 "=AAA" and "AAA=BBB" are not allowed). 1421 If the client uses an initial response with a SASL mechanism that 1422 does not support an initial response, the server MUST reject the 1423 command with a tagged BAD response. 1425 If a security layer is negotiated through the [SASL] authentication 1426 exchange, it takes effect immediately following the CRLF that 1427 concludes the authentication exchange for the client, and the CRLF of 1428 the tagged OK response for the server. 1430 While client and server implementations MUST implement the 1431 AUTHENTICATE command itself, it is not required to implement any 1432 authentication mechanisms other than the PLAIN mechanism described in 1433 [PLAIN]. Also, an authentication mechanism is not required to 1434 support any security layers. 1436 Note: a server implementation MUST implement a configuration in 1437 which it does NOT permit any plaintext password mechanisms, unless 1438 either the STARTTLS command has been negotiated, TLS has been 1439 negotiated on an Implicit TLS port, or some other mechanism that 1440 protects the session from password snooping has been provided. 1441 Server sites SHOULD NOT use any configuration which permits a 1442 plaintext password mechanism without such a protection mechanism 1443 against password snooping. Client and server implementations 1444 SHOULD implement additional [SASL] mechanisms that do not use 1445 plaintext passwords, such the GSSAPI mechanism described in 1446 [RFC4752], the SCRAM-SHA-256/SCRAM-SHA-256-PLUS [SCRAM-SHA-256] 1447 mechanisms and/or EXTERNAL [SASL] mechanism for mutual TLS 1448 authentication. (Note that SASL framework allows creation of SASL 1449 mechanisms that support 2FA (2-factor authentication), however 1450 none are fully ready to be recommended by this document.) 1452 Servers and clients can support multiple authentication mechanisms. 1453 The server SHOULD list its supported authentication mechanisms in the 1454 response to the CAPABILITY command so that the client knows which 1455 authentication mechanisms to use. 1457 A server MAY include a CAPABILITY response code in the tagged OK 1458 response of a successful AUTHENTICATE command in order to send 1459 capabilities automatically. It is unnecessary for a client to send a 1460 separate CAPABILITY command if it recognizes these automatic 1461 capabilities. This should only be done if a security layer was not 1462 negotiated by the AUTHENTICATE command, because the tagged OK 1463 response as part of an AUTHENTICATE command is not protected by 1464 encryption/integrity checking. [SASL] requires the client to re- 1465 issue a CAPABILITY command in this case. The server MAY advertise 1466 different capabilities after a successful AUTHENTICATE command. 1468 If an AUTHENTICATE command fails with a NO response, the client MAY 1469 try another authentication mechanism by issuing another AUTHENTICATE 1470 command. It MAY also attempt to authenticate by using the LOGIN 1471 command (see Section 6.2.3 for more detail). In other words, the 1472 client MAY request authentication types in decreasing order of 1473 preference, with the LOGIN command as a last resort. 1475 The authorization identity passed from the client to the server 1476 during the authentication exchange is interpreted by the server as 1477 the user name whose privileges the client is requesting. 1479 Example: S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI] 1480 Capabilities 1481 C: A001 AUTHENTICATE GSSAPI 1482 S: + 1483 C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw 1484 MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0 1485 b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW 1486 Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA 1487 cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX 1488 AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y 1489 C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb 1490 I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi 1491 vd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpAL 1492 pHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9n 1493 FdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdE 1494 NKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhx 1495 O6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTB 1496 vCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg== 1497 S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC 1498 AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0 1499 uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg== 1500 C: 1501 S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe 1502 ceP2CWY0SR0fAQAgAAQEBAQ= 1503 C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP 1504 wkhbfa2QteAQAgAG1yYwE= 1505 S: A001 OK GSSAPI authentication successful 1507 The following example demonstrates use of initial response 1509 Example: 1510 S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI 1511 LOGINDISABLED] Server ready 1512 C: A01 STARTTLS 1513 S: A01 OK STARTLS completed 1514 1515 C: A02 CAPABILITY 1516 S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN 1517 S: A02 OK CAPABILITY completed 1518 C: A03 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q= 1519 S: A03 OK Success (tls protection) 1521 Note: The line breaks within server challenges and client responses 1522 are for editorial clarity and are not in real authenticators. 1524 6.2.3. LOGIN Command 1526 Arguments: user name 1527 password 1529 Responses: no specific responses for this command 1531 Result: OK - login completed, now in authenticated state 1532 NO - login failure: user name or password rejected 1533 BAD - command unknown or arguments invalid 1535 The LOGIN command identifies the client to the server and carries the 1536 plaintext password authenticating this user. The LOGIN command 1537 SHOULD NOT be used except as a last resort (after attempting and 1538 failing to authenticate using the AUTHENTICATE command one or more 1539 times), and it is recommended that client implementations have a 1540 means to disable any automatic use of the LOGIN command. 1542 A server MAY include a CAPABILITY response code in the tagged OK 1543 response to a successful LOGIN command in order to send capabilities 1544 automatically. It is unnecessary for a client to send a separate 1545 CAPABILITY command if it recognizes these automatic capabilities. 1547 Example: C: a001 LOGIN SMITH SESAME 1548 S: a001 OK LOGIN completed 1550 Note: Use of the LOGIN command over an insecure network (such as the 1551 Internet) is a security risk, because anyone monitoring network 1552 traffic can obtain plaintext passwords. For that reason clients MUST 1553 NOT use LOGIN on unsecure networks. 1555 Unless either the client is accessing IMAP service on Implicit TLS 1556 port [RFC8314], the STARTTLS command has been negotiated or some 1557 other mechanism that protects the session from password snooping has 1558 been provided, a server implementation MUST implement a configuration 1559 in which it advertises the LOGINDISABLED capability and does NOT 1560 permit the LOGIN command. Server sites SHOULD NOT use any 1561 configuration which permits the LOGIN command without such a 1562 protection mechanism against password snooping. A client 1563 implementation MUST NOT send a LOGIN command if the LOGINDISABLED 1564 capability is advertised. 1566 6.3. Client Commands - Authenticated State 1568 In the authenticated state, commands that manipulate mailboxes as 1569 atomic entities are permitted. Of these commands, the SELECT and 1570 EXAMINE commands will select a mailbox for access and enter the 1571 selected state. 1573 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 1574 the following commands are valid in the authenticated state: ENABLE, 1575 SELECT, EXAMINE, NAMESPACE, CREATE, DELETE, RENAME, SUBSCRIBE, 1576 UNSUBSCRIBE, LIST, STATUS, APPEND and IDLE. 1578 6.3.1. ENABLE Command 1580 Arguments: capability names 1582 Responses: no specific responses for this command 1584 Result: OK - Relevant capabilities enabled 1585 BAD - No arguments, or syntax error in an argument 1587 Several IMAP extensions allow the server to return unsolicited 1588 responses specific to these extensions in certain circumstances. 1589 However, servers cannot send those unsolicited responses (with the 1590 exception of response codes (see Section 7.1) included in tagged or 1591 untagged OK/NO/BAD responses, which can always be sent) until they 1592 know that the clients support such extensions and thus won't choke on 1593 the extension response data. 1595 The ENABLE command provides an explicit indication from the client 1596 that it supports particular extensions. It is designed such that the 1597 client can send a simple constant string with the extensions it 1598 supports, and the server will enable the shared subset that both 1599 support. 1601 The ENABLE command takes a list of capability names, and requests the 1602 server to enable the named extensions. Once enabled using ENABLE, 1603 each extension remains active until the IMAP connection is closed. 1604 For each argument, the server does the following: 1606 o If the argument is not an extension known to the server, the 1607 server MUST ignore the argument. 1609 o If the argument is an extension known to the server, and it is not 1610 specifically permitted to be enabled using ENABLE, the server MUST 1611 ignore the argument. (Note that knowing about an extension 1612 doesn't necessarily imply supporting that extension.) 1614 o If the argument is an extension that is supported by the server 1615 and that needs to be enabled, the server MUST enable the extension 1616 for the duration of the connection. Note that once an extension 1617 is enabled, there is no way to disable it. 1619 If the ENABLE command is successful, the server MUST send an untagged 1620 ENABLED response Section 7.2.1, which includes all enabled extensions 1621 as specified above. The ENABLED response is sent even if no 1622 extensions were enabled. 1624 Clients SHOULD only include extensions that need to be enabled by the 1625 server. For example, a client can enable IMAP4rev2 specific 1626 behaviour when both IMAP4rev1 and IMAP4rev2 are advertised in the 1627 CAPABILITY response. Future RFCs may add to this list. 1629 The ENABLE command is only valid in the authenticated state, before 1630 any mailbox is selected. Clients MUST NOT issue ENABLE once they 1631 SELECT/EXAMINE a mailbox; however, server implementations don't have 1632 to check that no mailbox is selected or was previously selected 1633 during the duration of a connection. 1635 The ENABLE command can be issued multiple times in a session. It is 1636 additive; i.e., "ENABLE a b", followed by "ENABLE c" is the same as a 1637 single command "ENABLE a b c". When multiple ENABLE commands are 1638 issued, each corresponding ENABLED response SHOULD only contain 1639 extensions enabled by the corresponding ENABLE command, i.e. for the 1640 above example, the ENABLED response to "ENABLE c" should not contain 1641 "a" or "b". 1643 There are no limitations on pipelining ENABLE. For example, it is 1644 possible to send ENABLE and then immediately SELECT, or a LOGIN 1645 immediately followed by ENABLE. 1647 The server MUST NOT change the CAPABILITY list as a result of 1648 executing ENABLE; i.e., a CAPABILITY command issued right after an 1649 ENABLE command MUST list the same capabilities as a CAPABILITY 1650 command issued before the ENABLE command. This is demonstrated in 1651 the following example. Note that below "X-GOOD-IDEA" is a fictitious 1652 extension capability that can be ENABLEd. 1654 C: t1 CAPABILITY 1655 S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA 1656 S: t1 OK foo 1657 C: t2 ENABLE CONDSTORE X-GOOD-IDEA 1658 S: * ENABLED X-GOOD-IDEA 1659 S: t2 OK foo 1660 C: t3 CAPABILITY 1661 S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA 1662 S: t3 OK foo again 1664 In the following example, the client enables CONDSTORE extension 1665 [RFC7162]: 1667 C: a1 ENABLE CONDSTORE 1668 S: * ENABLED CONDSTORE 1669 S: a1 OK Conditional Store enabled 1671 6.3.1.1. Note to Designers of Extensions That May Use the ENABLE 1672 Command 1674 Designers of IMAP extensions are discouraged from creating extensions 1675 that require ENABLE unless there is no good alternative design. 1676 Specifically, extensions that cause potentially incompatible behavior 1677 changes to deployed server responses (and thus benefit from ENABLE) 1678 have a higher complexity cost than extensions that do not. 1680 6.3.2. SELECT Command 1682 Arguments: mailbox name 1684 Responses: REQUIRED untagged responses: FLAGS, EXISTS 1685 REQUIRED OK untagged responses: PERMANENTFLAGS, 1686 UIDNEXT, UIDVALIDITY 1687 REQUIRED untagged response: LIST 1689 Result: OK - select completed, now in selected state 1690 NO - select failure, now in authenticated state: no 1691 such mailbox, can't access mailbox 1692 BAD - command unknown or arguments invalid 1694 The SELECT command selects a mailbox so that messages in the mailbox 1695 can be accessed. Before returning an OK to the client, the server 1696 MUST send the following untagged data to the client. (The order of 1697 individual responses is not important.) Note that earlier versions 1698 of this protocol (e.g. IMAP2bis) only required the FLAGS and EXISTS 1699 untagged data; consequently, client implementations SHOULD implement 1700 default behavior for missing data as discussed with the individual 1701 item. 1703 FLAGS Defined flags in the mailbox. See the description of the 1704 FLAGS response in Section 7.3.5 for more detail. 1706 EXISTS The number of messages in the mailbox. See the 1707 description of the EXISTS response in Section 7.4.1 for more 1708 detail. 1710 LIST The server MUST return a LIST response with the mailbox name. 1711 If the server allows de-normalized UTF-8 mailbox names (see 1712 Section 5.1) and the supplied mailbox name differs from the 1713 normalized version, the server MUST return LIST with the OLDNAME 1714 extended data item. See Section 6.3.9.7 for more details. 1716 OK [PERMANENTFLAGS ()] A list of message flags that 1717 the client can change permanently. If this is missing, the client 1718 should assume that all flags can be changed permanently. 1720 OK [UIDNEXT ] The next unique identifier value. Refer to 1721 Section 2.3.1.1 for more information. 1723 OK [UIDVALIDITY ] The unique identifier validity value. Refer to 1724 Section 2.3.1.1 for more information. 1726 Only one mailbox can be selected at a time in a connection; 1727 simultaneous access to multiple mailboxes requires multiple 1728 connections. The SELECT command automatically deselects any 1729 currently selected mailbox before attempting the new selection. 1730 Consequently, if a mailbox is selected and a SELECT command that 1731 fails is attempted, no mailbox is selected. When deselecting a 1732 selected mailbox, the server MUST return an untagged OK response with 1733 the "[CLOSED]" response code when the currently selected mailbox is 1734 closed (see Paragraph 10). 1736 If the client is permitted to modify the mailbox, the server SHOULD 1737 prefix the text of the tagged OK response with the "[READ-WRITE]" 1738 response code. 1740 If the client is not permitted to modify the mailbox but is permitted 1741 read access, the mailbox is selected as read-only, and the server 1742 MUST prefix the text of the tagged OK response to SELECT with the 1743 "[READ-ONLY]" response code. Read-only access through SELECT differs 1744 from the EXAMINE command in that certain read-only mailboxes MAY 1745 permit the change of permanent state on a per-user (as opposed to 1746 global) basis. Netnews messages marked in a server-based .newsrc 1747 file are an example of such per-user permanent state that can be 1748 modified with read-only mailboxes. 1750 Example: C: A142 SELECT INBOX 1751 S: * 172 EXISTS 1752 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1753 S: * OK [UIDNEXT 4392] Predicted next UID 1754 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1755 S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited 1756 S: * LIST () "/" INBOX 1757 S: A142 OK [READ-WRITE] SELECT completed 1759 Example: C: A142 SELECT INBOX 1760 S: * 172 EXISTS 1761 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1762 S: * OK [UIDNEXT 4392] Predicted next UID 1763 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1764 S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited 1765 S: A142 OK [READ-WRITE] SELECT completed 1766 [...some time later...] 1767 C: A143 SELECT Drafts 1768 S: * OK [CLOSED] Previous mailbox is now closed 1769 S: * 5 EXISTS 1770 S: * OK [UIDVALIDITY 9877410381] UIDs valid 1771 S: * OK [UIDNEXT 102] Predicted next UID 1772 S: * LIST () "/" Drafts 1773 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1774 S: * OK [PERMANENTFLAGS (\Deleted \Seen \Answered 1775 \Flagged \Draft \*)] System flags and keywords allowed 1776 S: A143 OK [READ-WRITE] SELECT completed 1778 Note that IMAP4rev1 compliant servers can also send the untagged 1779 RECENT response which was deprecated in IMAP4rev2. E.g. "* 0 1780 RECENT". Pure IMAP4rev2 clients are advised to ignore the untagged 1781 RECENT response. 1783 6.3.3. EXAMINE Command 1785 Arguments: mailbox name 1787 Responses: REQUIRED untagged responses: FLAGS, EXISTS 1788 REQUIRED OK untagged responses: PERMANENTFLAGS, 1789 UIDNEXT, UIDVALIDITY 1790 REQUIRED untagged response: LIST 1792 Result: OK - examine completed, now in selected state 1793 NO - examine failure, now in authenticated state: no 1794 such mailbox, can't access mailbox BAD - command unknown 1795 or arguments invalid 1797 The EXAMINE command is identical to SELECT and returns the same 1798 output; however, the selected mailbox is identified as read-only. No 1799 changes to the permanent state of the mailbox, including per-user 1800 state, are permitted. 1802 The text of the tagged OK response to the EXAMINE command MUST begin 1803 with the "[READ-ONLY]" response code. 1805 Example: C: A932 EXAMINE blurdybloop 1806 S: * 17 EXISTS 1807 S: * OK [UIDVALIDITY 3857529045] UIDs valid 1808 S: * OK [UIDNEXT 4392] Predicted next UID 1809 S: * LIST () "/" blurdybloop 1810 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 1811 S: * OK [PERMANENTFLAGS ()] No permanent flags permitted 1812 S: A932 OK [READ-ONLY] EXAMINE completed 1814 6.3.4. CREATE Command 1816 Arguments: mailbox name 1818 Responses: OPTIONAL untagged response: LIST 1820 Result: OK - create completed 1821 NO - create failure: can't create mailbox with that name 1822 BAD - command unknown or arguments invalid 1824 The CREATE command creates a mailbox with the given name. An OK 1825 response is returned only if a new mailbox with that name has been 1826 created. It is an error to attempt to create INBOX or a mailbox with 1827 a name that refers to an extant mailbox. Any error in creation will 1828 return a tagged NO response. If a client attempts to create a UTF-8 1829 mailbox name that is not a valid Net-Unicode name, the server MUST 1830 reject the creation or convert the name to Net-Unicode prior to 1831 creating the mailbox. If the server decides to convert (normalize) 1832 the name, it SHOULD return an untagged LIST with OLDNAME extended 1833 data item, with the OLDNAME value being the supplied mailbox name and 1834 the name parameter being the normalized mailbox name. (See 1835 Section 6.3.9.7 for more details.) 1837 Mailboxes created in one IMAP session MAY be announced to other IMAP 1838 sessions using unsolicited LIST response. If the server 1839 automatically subscribes a mailbox when it is created, then the 1840 unsolicited LIST response for each affected subscribed mailbox name 1841 MUST include the \Subscribed attribute. 1843 If the mailbox name is suffixed with the server's hierarchy separator 1844 character (as returned from the server by a LIST command), this is a 1845 declaration that the client intends to create mailbox names under 1846 this name in the hierarchy. Server implementations that do not 1847 require this declaration MUST ignore the declaration. In any case, 1848 the name created is without the trailing hierarchy delimiter. 1850 If the server's hierarchy separator character appears elsewhere in 1851 the name, the server SHOULD create any superior hierarchical names 1852 that are needed for the CREATE command to be successfully completed. 1853 In other words, an attempt to create "foo/bar/zap" on a server in 1854 which "/" is the hierarchy separator character SHOULD create foo/ and 1855 foo/bar/ if they do not already exist. 1857 If a new mailbox is created with the same name as a mailbox which was 1858 deleted, its unique identifiers MUST be greater than any unique 1859 identifiers used in the previous incarnation of the mailbox unless 1860 the new incarnation has a different unique identifier validity value. 1861 See the description of the UID command in Section 6.4.9 for more 1862 detail. 1864 Example: C: A003 CREATE owatagusiam/ 1865 S: A003 OK CREATE completed 1866 C: A004 CREATE owatagusiam/blurdybloop 1867 S: A004 OK CREATE completed 1868 C: A005 CREATE NonNormalized 1869 S: * LIST () "/" "Normalized" ("OLDNAME" ("NonNormalized")) 1870 S: A005 OK CREATE completed 1872 (in the last example imagine that "NonNormalized" is 1873 a non NFC normalized Unicode mailbox name and that 1874 "Normalized" is its NFC normalized version.) 1876 Note: The interpretation of this example depends on whether "/" 1877 was returned as the hierarchy separator from LIST. If "/" is the 1878 hierarchy separator, a new level of hierarchy named "owatagusiam" 1879 with a member called "blurdybloop" is created. Otherwise, two 1880 mailboxes at the same hierarchy level are created. 1882 6.3.5. DELETE Command 1884 Arguments: mailbox name 1886 Responses: OPTIONAL untagged response: LIST 1888 Result: OK - delete completed 1889 NO - delete failure: can't delete mailbox with that name 1890 BAD - command unknown or arguments invalid 1892 The DELETE command permanently removes the mailbox with the given 1893 name. A tagged OK response is returned only if the mailbox has been 1894 deleted. It is an error to attempt to delete INBOX or a mailbox name 1895 that does not exist. 1897 The DELETE command MUST NOT remove inferior hierarchical names. For 1898 example, if a mailbox "foo" has an inferior "foo.bar" (assuming "." 1899 is the hierarchy delimiter character), removing "foo" MUST NOT remove 1900 "foo.bar". It is an error to attempt to delete a name that has 1901 inferior hierarchical names and also has the \Noselect mailbox name 1902 attribute (see the description of the LIST response (Section 7.3.1) 1903 for more details). 1905 It is permitted to delete a name that has inferior hierarchical names 1906 and does not have the \Noselect mailbox name attribute. If the 1907 server implementation does not permit deleting the name while 1908 inferior hierarchical names exists then it SHOULD disallow the DELETE 1909 command by returning a tagged NO response. The NO response SHOULD 1910 include the HASCHILDREN response code. Alternatively the server MAY 1911 allow the DELETE command, but sets the \Noselect mailbox name 1912 attribute for that name. 1914 If the server returns OK response, all messages in that mailbox are 1915 removed by the DELETE command. 1917 The value of the highest-used unique identifier of the deleted 1918 mailbox MUST be preserved so that a new mailbox created with the same 1919 name will not reuse the identifiers of the former incarnation, unless 1920 the new incarnation has a different unique identifier validity value. 1921 See the description of the UID command in Section 6.4.9 for more 1922 detail. 1924 If the server decides to convert (normalize) the mailbox name, it 1925 SHOULD return an untagged LIST with the "\NonExistent" attribute and 1926 OLDNAME extended data item, with the OLDNAME value being the supplied 1927 mailbox name and the name parameter being the normalized mailbox 1928 name. (See Section 6.3.9.7 for more details.) 1930 Mailboxes deleted in one IMAP session MAY be announced to other IMAP 1931 sessions using unsolicited LIST response, containing the 1932 "\NonExistent" attribute. 1934 Example: C: A682 LIST "" * 1935 S: * LIST () "/" blurdybloop 1936 S: * LIST (\Noselect) "/" foo 1937 S: * LIST () "/" foo/bar 1938 S: A682 OK LIST completed 1939 C: A683 DELETE blurdybloop 1940 S: A683 OK DELETE completed 1941 C: A684 DELETE foo 1942 S: A684 NO Name "foo" has inferior hierarchical names 1943 C: A685 DELETE foo/bar 1944 S: A685 OK DELETE Completed 1945 C: A686 LIST "" * 1946 S: * LIST (\Noselect) "/" foo 1947 S: A686 OK LIST completed 1948 C: A687 DELETE foo 1949 S: A687 OK DELETE Completed 1951 Example: C: A82 LIST "" * 1952 S: * LIST () "." blurdybloop 1953 S: * LIST () "." foo 1954 S: * LIST () "." foo.bar 1955 S: A82 OK LIST completed 1956 C: A83 DELETE blurdybloop 1957 S: A83 OK DELETE completed 1958 C: A84 DELETE foo 1959 S: A84 OK DELETE Completed 1960 C: A85 LIST "" * 1961 S: * LIST () "." foo.bar 1962 S: A85 OK LIST completed 1963 C: A86 LIST "" % 1964 S: * LIST (\Noselect) "." foo 1965 S: A86 OK LIST completed 1967 6.3.6. RENAME Command 1969 Arguments: existing mailbox name 1970 new mailbox name 1972 Responses: OPTIONAL untagged response: LIST 1974 Result: OK - rename completed 1975 NO - rename failure: can't rename mailbox with that name, 1976 can't rename to mailbox with that name 1977 BAD - command unknown or arguments invalid 1979 The RENAME command changes the name of a mailbox. A tagged OK 1980 response is returned only if the mailbox has been renamed. It is an 1981 error to attempt to rename from a mailbox name that does not exist or 1982 to a mailbox name that already exists. Any error in renaming will 1983 return a tagged NO response. 1985 If the name has inferior hierarchical names, then the inferior 1986 hierarchical names MUST also be renamed. For example, a rename of 1987 "foo" to "zap" will rename "foo/bar" (assuming "/" is the hierarchy 1988 delimiter character) to "zap/bar". 1990 If the server's hierarchy separator character appears in the new 1991 mailbox name, the server SHOULD create any superior hierarchical 1992 names that are needed for the RENAME command to complete 1993 successfully. In other words, an attempt to rename "foo/bar/zap" to 1994 baz/rag/zowie on a server in which "/" is the hierarchy separator 1995 character in the corresponding namespace SHOULD create baz/ and baz/ 1996 rag/ if they do not already exist. 1998 The value of the highest-used unique identifier of the old mailbox 1999 name MUST be preserved so that a new mailbox created with the same 2000 name will not reuse the identifiers of the former incarnation, unless 2001 the new incarnation has a different unique identifier validity value. 2002 See the description of the UID command in Section 6.4.9 for more 2003 detail. 2005 Renaming INBOX is permitted (i.e. it doesn't result in a tagged BAD 2006 response), and has special behavior. (Note that some servers 2007 disallow renaming INBOX by returning a tagged NO response, so clients 2008 need to be able to handle such RENAME failing). It moves all 2009 messages in INBOX to a new mailbox with the given name, leaving INBOX 2010 empty. If the server implementation supports inferior hierarchical 2011 names of INBOX, these are unaffected by a rename of INBOX. 2013 If the server allows creation of mailboxes with names that are not 2014 valid Net-Unicode names, the server normalizes both the existing 2015 mailbox name parameter and the new mailbox name parameter. If the 2016 normalized version of any of these 2 parameters differs from the 2017 corresponding supplied version, the server SHOULD return an untagged 2018 LIST response with OLDNAME extended data item, with the OLDNAME value 2019 being the supplied existing mailbox name and the name parameter being 2020 the normalized new mailbox name (see Section 6.3.9.7). This would 2021 allow the client to correlate the supplied name with the normalized 2022 name. 2024 Mailboxes renamed in one IMAP session MAY be announced to other IMAP 2025 sessions using unsolicited LIST response with OLDNAME extended data 2026 item. 2028 In both of the above cases: if the server automatically subscribes a 2029 mailbox when it is renamed, then the unsolicited LIST response for 2030 each affected subscribed mailbox name MUST include the \Subscribed 2031 attribute. No unsolicited LIST responses need to be sent for 2032 children mailboxes, if any. When INBOX is successfully renamed, a 2033 new INBOX is assumed to be created. No unsolicited LIST responses 2034 need to be sent for INBOX in this case. 2036 Examples: C: A682 LIST "" * 2037 S: * LIST () "/" blurdybloop 2038 S: * LIST (\Noselect) "/" foo 2039 S: * LIST () "/" foo/bar 2040 S: A682 OK LIST completed 2041 C: A683 RENAME blurdybloop sarasoop 2042 S: A683 OK RENAME completed 2043 C: A684 RENAME foo zowie 2044 S: A684 OK RENAME Completed 2045 C: A685 LIST "" * 2046 S: * LIST () "/" sarasoop 2047 S: * LIST (\Noselect) "/" zowie 2048 S: * LIST () "/" zowie/bar 2049 S: A685 OK LIST completed 2051 C: Z432 LIST "" * 2052 S: * LIST () "." INBOX 2053 S: * LIST () "." INBOX.bar 2054 S: Z432 OK LIST completed 2055 C: Z433 RENAME INBOX old-mail 2056 S: Z433 OK RENAME completed 2057 C: Z434 LIST "" * 2058 S: * LIST () "." INBOX 2059 S: * LIST () "." INBOX.bar 2060 S: * LIST () "." old-mail 2061 S: Z434 OK LIST completed 2063 Note that renaming a mailbox doesn't update subscription information 2064 on the original name. To keep subscription information in sync, the 2065 following sequence of commands can be used: 2067 C: 1001 RENAME X Y 2068 C: 1002 SUBSCRIBE Y 2069 C: 1003 UNSUBSCRIBE X 2071 Note that the above sequence of commands doesn't account for updating 2072 subscription for any children mailboxes of mailbox X. 2074 6.3.7. SUBSCRIBE Command 2076 Arguments: mailbox 2078 Responses: no specific responses for this command 2080 Result: OK - subscribe completed 2081 NO - subscribe failure: can't subscribe to that name 2082 BAD - command unknown or arguments invalid 2084 The SUBSCRIBE command adds the specified mailbox name to the server's 2085 set of "active" or "subscribed" mailboxes as returned by the LIST 2086 (SUBSCRIBED) command. This command returns a tagged OK response if 2087 the subscription is successful or if the mailbox is already 2088 subscribed. 2090 A server MAY validate the mailbox argument to SUBSCRIBE to verify 2091 that it exists. However, it SHOULD NOT unilaterally remove an 2092 existing mailbox name from the subscription list even if a mailbox by 2093 that name no longer exists. 2095 Note: This requirement is because a server site can choose to 2096 routinely remove a mailbox with a well-known name (e.g., "system- 2097 alerts") after its contents expire, with the intention of 2098 recreating it when new contents are appropriate. 2100 Example: C: A002 SUBSCRIBE #news.comp.mail.mime 2101 S: A002 OK SUBSCRIBE completed 2103 6.3.8. UNSUBSCRIBE Command 2105 Arguments: mailbox name 2107 Responses: no specific responses for this command 2109 Result: OK - unsubscribe completed 2110 NO - unsubscribe failure: can't unsubscribe that name 2111 BAD - command unknown or arguments invalid 2113 The UNSUBSCRIBE command removes the specified mailbox name from the 2114 server's set of "active" or "subscribed" mailboxes as returned by the 2115 LIST (SUBSCRIBED) command. This command returns a tagged OK response 2116 if the unsubscription is successful or if the mailbox is not 2117 subscribed. 2119 Example: C: A002 UNSUBSCRIBE #news.comp.mail.mime 2120 S: A002 OK UNSUBSCRIBE completed 2122 6.3.9. LIST Command 2124 Arguments (basic): reference name 2125 mailbox name with possible wildcards 2127 Arguments (extended): selection options (OPTIONAL) 2128 reference name 2129 mailbox patterns 2130 return options (OPTIONAL) 2132 Responses: untagged responses: LIST 2134 Result: OK - list completed 2135 NO - list failure: can't list that reference or mailbox 2136 name 2137 BAD - command unknown or arguments invalid 2139 The LIST command returns a subset of mailbox names from the complete 2140 set of all mailbox names available to the client. Zero or more 2141 untagged LIST responses are returned, containing the name attributes, 2142 hierarchy delimiter, name, and possible extension information; see 2143 the description of the LIST response (Section 7.3.1) for more detail. 2145 The LIST command SHOULD return its data quickly, without undue delay. 2146 For example, it should not go to excess trouble to calculate the 2147 \Marked or \Unmarked status or perform other processing; if each name 2148 requires 1 second of processing, then a list of 1200 names would take 2149 20 minutes! 2151 The extended LIST command, originally introduced in [RFC5258], 2152 provides capabilities beyond that of the original IMAP LIST command. 2153 The extended syntax is being used if one or more of the following 2154 conditions is true: 2156 1. if the first word after the command name begins with a 2157 parenthesis ("LIST selection options"); 2159 2. if the second word after the command name begins with a 2160 parenthesis; 2162 3. if the LIST command has more than 2 parameters ("LIST return 2163 options") 2165 An empty ("" string) reference name argument indicates that the 2166 mailbox name is interpreted as by SELECT. The returned mailbox names 2167 MUST match the supplied mailbox name pattern(s). A non-empty 2168 reference name argument is the name of a mailbox or a level of 2169 mailbox hierarchy, and indicates the context in which the mailbox 2170 name is interpreted. Clients SHOULD use the empty reference 2171 argument. 2173 In the basic syntax only, an empty ("" string) mailbox name argument 2174 is a special request to return the hierarchy delimiter and the root 2175 name of the name given in the reference. The value returned as the 2176 root MAY be the empty string if the reference is non-rooted or is an 2177 empty string. In all cases, a hierarchy delimiter (or NIL if there 2178 is no hierarchy) is returned. This permits a client to get the 2179 hierarchy delimiter (or find out that the mailbox names are flat) 2180 even when no mailboxes by that name currently exist. 2182 In the extended syntax, any mailbox name arguments that are empty 2183 strings are ignored. There is no special meaning for empty mailbox 2184 names when the extended syntax is used. 2186 The reference and mailbox name arguments are interpreted into a 2187 canonical form that represents an unambiguous left-to-right 2188 hierarchy. The returned mailbox names will be in the interpreted 2189 form, that we call "canonical LIST pattern" later in this document. 2190 To define the term "canonical LIST pattern" formally: it refers to 2191 the canonical pattern constructed internally by the server from the 2192 reference and mailbox name arguments. 2194 Note: The interpretation of the reference argument is 2195 implementation-defined. It depends upon whether the server 2196 implementation has a concept of the "current working directory" 2197 and leading "break out characters", which override the current 2198 working directory. 2200 For example, on a server which exports a UNIX or NT filesystem, 2201 the reference argument contains the current working directory, and 2202 the mailbox name argument would contain the name as interpreted in 2203 the current working directory. 2205 If a server implementation has no concept of break out characters, 2206 the canonical form is normally the reference name appended with 2207 the mailbox name. Note that if the server implements the 2208 namespace convention (Section 5.1.2.1), "#" is a break out 2209 character and must be treated as such. 2211 If the reference argument is not a level of mailbox hierarchy 2212 (that is, it is a \NoInferiors name), and/or the reference 2213 argument does not end with the hierarchy delimiter, it is 2214 implementation-dependent how this is interpreted. For example, a 2215 reference of "foo/bar" and mailbox name of "rag/baz" could be 2216 interpreted as "foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/ 2217 baz". A client SHOULD NOT use such a reference argument except at 2218 the explicit request of the user. A hierarchical browser MUST NOT 2219 make any assumptions about server interpretation of the reference 2220 unless the reference is a level of mailbox hierarchy AND ends with 2221 the hierarchy delimiter. 2223 Any part of the reference argument that is included in the 2224 interpreted form SHOULD prefix the interpreted form. It SHOULD also 2225 be in the same form as the reference name argument. This rule 2226 permits the client to determine if the returned mailbox name is in 2227 the context of the reference argument, or if something about the 2228 mailbox argument overrode the reference argument. Without this rule, 2229 the client would have to have knowledge of the server's naming 2230 semantics including what characters are "breakouts" that override a 2231 naming context. 2233 Here are some examples of how references 2234 and mailbox names might be interpreted on a UNIX-based 2235 server: 2237 Reference Mailbox Name Interpretation 2238 ------------ ------------ -------------- 2239 ~smith/Mail/ foo.* ~smith/Mail/foo.* 2240 archive/ % archive/% 2241 #news. comp.mail.* #news.comp.mail.* 2242 ~smith/Mail/ /usr/doc/foo /usr/doc/foo 2243 archive/ ~fred/Mail/* ~fred/Mail/* 2245 The first three examples demonstrate interpretations in 2246 the context of the reference argument. Note that 2247 "~smith/Mail" SHOULD NOT be transformed into something 2248 like "/u2/users/smith/Mail", or it would be impossible 2249 for the client to determine that the interpretation was 2250 in the context of the reference. 2252 The character "*" is a wildcard, and matches zero or more characters 2253 at this position. The character "%" is similar to "*", but it does 2254 not match a hierarchy delimiter. If the "%" wildcard is the last 2255 character of a mailbox name argument, matching levels of hierarchy 2256 are also returned. If these levels of hierarchy are not also 2257 selectable mailboxes, they are returned with the \Noselect mailbox 2258 name attribute (see the description of the LIST response 2259 (Section 7.3.1) for more details). 2261 Any syntactically valid pattern that is not accepted by a server for 2262 any reason MUST be silently ignored. I.e. it results in no LIST 2263 responses and the LIST command still returns tagged OK response. 2265 Selection options tell the server to limit the mailbox names that are 2266 selected by the LIST operation. If selection options are used, the 2267 mailboxes returned are those that match both the list of canonical 2268 LIST patterns and the selection options. Unless a particular 2269 selection option provides special rules, the selection options are 2270 cumulative: a mailbox that matches the mailbox patterns is selected 2271 only if it also matches all of the selection options. (An example of 2272 a selection option with special rules is the RECURSIVEMATCH option.) 2274 Return options control what information is returned for each matched 2275 mailbox. Return options MUST NOT cause the server to report 2276 information about additional mailbox names other than those that 2277 match the canonical LIST patterns and selection options. If no 2278 return options are specified, the client is only expecting 2279 information about mailbox attributes. The server MAY return other 2280 information about the matched mailboxes, and clients MUST be able to 2281 handle that situation. 2283 Initial selection options and return options are defined in the 2284 following subsections, and new ones will also be defined in 2285 extensions. Initial options defined in this document MUST be 2286 supported. Each non-initial option will be enabled by a capability 2287 string (one capability may enable multiple options), and a client 2288 MUST NOT send an option for which the server has not advertised 2289 support. A server MUST respond to options it does not recognize with 2290 a BAD response. The client SHOULD NOT specify any option more than 2291 once; however, if the client does this, the server MUST act as if it 2292 received the option only once. The order in which options are 2293 specified by the client is not significant. 2295 In general, each selection option except RECURSIVEMATCH will have a 2296 corresponding return option with the same name. The REMOTE selection 2297 option is an anomaly in this regard, and does not have a 2298 corresponding return option. That is because it expands, rather than 2299 restricts, the set of mailboxes that are returned. Future extensions 2300 to this specification should keep this parallelism in mind and define 2301 a pair of corresponding selection and return options. 2303 Server implementations are permitted to "hide" otherwise accessible 2304 mailboxes from the wildcard characters, by preventing certain 2305 characters or names from matching a wildcard in certain situations. 2306 For example, a UNIX-based server might restrict the interpretation of 2307 "*" so that an initial "/" character does not match. 2309 The special name INBOX is included in the output from LIST, if INBOX 2310 is supported by this server for this user and if the uppercase string 2311 "INBOX" matches the interpreted reference and mailbox name arguments 2312 with wildcards as described above. The criteria for omitting INBOX 2313 is whether SELECT INBOX will return failure; it is not relevant 2314 whether the user's real INBOX resides on this or some other server. 2316 6.3.9.1. LIST Selection Options 2318 The selection options defined in this specification are as follows: 2320 SUBSCRIBED - causes the LIST command to list subscribed names, 2321 rather than the existing mailboxes. This will often be a subset 2322 of the actual mailboxes. It's also possible for this list to 2323 contain the names of mailboxes that don't exist. In any case, the 2324 list MUST include exactly those mailbox names that match the 2325 canonical list pattern and are subscribed to. 2327 This option defines a mailbox attribute, "\Subscribed", that 2328 indicates that a mailbox name is subscribed to. The "\Subscribed" 2329 attribute MUST be supported and MUST be accurately computed when 2330 the SUBSCRIBED selection option is specified. 2332 Note that the SUBSCRIBED selection option implies the SUBSCRIBED 2333 return option (see below). 2335 REMOTE - causes the LIST command to show remote mailboxes as well as 2336 local ones, as described in [RFC2193]. This option is intended to 2337 replace the RLIST command and, in conjunction with the SUBSCRIBED 2338 selection option, the RLSUB command. Servers that don't support 2339 the concept of remote mailboxes just ignore this option. 2341 This option defines a mailbox attribute, "\Remote", that indicates 2342 that a mailbox is a remote mailbox. The "\Remote" attribute MUST 2343 be accurately computed when the REMOTE option is specified. 2345 The REMOTE selection option has no interaction with other options. 2346 Its effect is to tell the server to apply the other options, if 2347 any, to remote mailboxes, in addition to local ones. In 2348 particular, it has no interaction with RECURSIVEMATCH (see below). 2349 A request for (REMOTE RECURSIVEMATCH) is invalid, because a 2350 request for (RECURSIVEMATCH) is also invalid. A request for 2351 (REMOTE RECURSIVEMATCH SUBSCRIBED) is asking for all subscribed 2352 mailboxes, both local and remote. 2354 RECURSIVEMATCH - this option forces the server to return information 2355 about parent mailboxes that don't match other selection options, 2356 but have some submailboxes that do. Information about children is 2357 returned in the CHILDINFO extended data item, as described in 2358 Section 6.3.9.6. 2360 Note 1: In order for a parent mailbox to be returned, it still has 2361 to match the canonical LIST pattern. 2363 Note 2: When returning the CHILDINFO extended data item, it 2364 doesn't matter whether or not the submailbox matches the canonical 2365 LIST pattern. See also example 9 in Section 6.3.9.8. 2367 The RECURSIVEMATCH option MUST NOT occur as the only selection 2368 option (or only with REMOTE), as it only makes sense when other 2369 selection options are also used. The server MUST return BAD 2370 tagged response in such case. 2372 Note that even if the RECURSIVEMATCH option is specified, the 2373 client MUST still be able to handle a case when a CHILDINFO 2374 extended data item is returned and there are no submailboxes that 2375 meet the selection criteria of the subsequent LIST command, as 2376 they can be deleted/renamed after the LIST response was sent, but 2377 before the client had a chance to access them. 2379 6.3.9.2. LIST Return Options 2381 The return options defined in this specification are as follows: 2383 SUBSCRIBED - causes the LIST command to return subscription state 2384 for all matching mailbox names. The "\Subscribed" attribute MUST 2385 be supported and MUST be accurately computed when the SUBSCRIBED 2386 return option is specified. Further, all other mailbox attributes 2387 MUST be accurately computed (this differs from the behavior of the 2388 obsolete LSUB command from RFC 3501). Note that the above 2389 requirements don't override the requirement for the LIST command 2390 to return results quickly (see Section 6.3.9), i.e. server 2391 implementations need to compute results quickly and accurately. 2392 For example, server implementors might need to create quick access 2393 indices. 2395 CHILDREN - requests mailbox child information as originally proposed 2396 in [RFC3348]. See Section 6.3.9.5, below, for details. 2398 STATUS - requests STATUS response for each matching mailbox. 2400 This option takes STATUS data items as parameters. For each 2401 selectable mailbox matching the list pattern and selection 2402 options, the server MUST return an untagged LIST response 2403 followed by an untagged STATUS response containing the 2404 information requested in the STATUS return option, except for 2405 some cases described below. 2407 If an attempted STATUS for a listed mailbox fails because the 2408 mailbox can't be selected (e.g., if the "l" ACL right [RFC4314] 2409 is granted to the mailbox and the "r" right is not granted, or 2410 due to a race condition between LIST and STATUS changing the 2411 mailbox to \NoSelect), the STATUS response MUST NOT be returned 2412 and the LIST response MUST include the \NoSelect attribute. 2413 This means the server may have to buffer the LIST reply until 2414 it has successfully looked up the necessary STATUS information. 2416 If the server runs into unexpected problems while trying to 2417 look up the STATUS information, it MAY drop the corresponding 2418 STATUS reply. In such a situation, the LIST command would 2419 still return a tagged OK reply. 2421 6.3.9.3. General Principles for Returning LIST Responses 2423 This section outlines several principles that can be used by server 2424 implementations of this document to decide whether a LIST response 2425 should be returned, as well as how many responses and what kind of 2426 information they may contain. 2428 1. At most one LIST response should be returned for each mailbox 2429 name that matches the canonical LIST pattern. Server 2430 implementors must not assume that clients will be able to 2431 assemble mailbox attributes and other information returned in 2432 multiple LIST responses. 2434 2. There are only two reasons for including a matching mailbox name 2435 in the responses to the LIST command (note that the server is 2436 allowed to return unsolicited responses at any time, and such 2437 responses are not governed by this rule): 2439 A. The mailbox name also satisfies the selection criteria. 2441 B. The mailbox name doesn't satisfy the selection criteria, but 2442 it has at least one descendant mailbox name that satisfies 2443 the selection criteria and that doesn't match the canonical 2444 LIST pattern. 2446 For more information on this case, see the CHILDINFO extended 2447 data item described in Section 6.3.9.6. Note that the 2448 CHILDINFO extended data item can only be returned when the 2449 RECURSIVEMATCH selection option is specified. 2451 3. Attributes returned in the same LIST response are treated 2452 additively. For example, the following response 2454 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2456 means that the "Fruit/Peach" mailbox doesn't exist, but it is 2457 subscribed. 2459 6.3.9.4. Additional LIST-related Requirements on Clients 2461 All clients MUST treat a LIST attribute with a stronger meaning as 2462 implying any attribute that can be inferred from it. (See 2463 Section 7.3.1 for the list of currently defined attributes). For 2464 example, the client must treat the presence of the \NoInferiors 2465 attribute as if the \HasNoChildren attribute was also sent by the 2466 server. 2468 The following table summarizes inference rules. 2470 +--------------------+-------------------+ 2471 | returned attribute | implied attribute | 2472 +--------------------+-------------------+ 2473 | \NoInferiors | \HasNoChildren | 2474 | \NonExistent | \NoSelect | 2475 +--------------------+-------------------+ 2477 6.3.9.5. The CHILDREN Return Option 2479 The CHILDREN return option is simply an indication that the client 2480 wants information about whether or not mailboxes contain children 2481 mailboxes; a server MAY provide it even if the option is not 2482 specified. 2484 Many IMAP4 clients present to the user a hierarchical view of the 2485 mailboxes that a user has access to. Rather than initially 2486 presenting to the user the entire mailbox hierarchy, it is often 2487 preferable to show to the user a collapsed outline list of the 2488 mailbox hierarchy (particularly if there is a large number of 2489 mailboxes). The user can then expand the collapsed outline hierarchy 2490 as needed. It is common to include within the collapsed hierarchy a 2491 visual clue (such as a ''+'') to indicate that there are child 2492 mailboxes under a particular mailbox. When the visual clue is 2493 clicked, the hierarchy list is expanded to show the child mailboxes. 2494 The CHILDREN return option provides a mechanism for a client to 2495 efficiently determine whether a particular mailbox has children, 2496 without issuing a LIST "" * or a LIST "" % for each mailbox name. 2497 The CHILDREN return option defines two new attributes that MUST be 2498 returned within a LIST response: \HasChildren and \HasNoChildren. 2499 Although these attributes MAY be returned in response to any LIST 2500 command, the CHILDREN return option is provided to indicate that the 2501 client particularly wants this information. If the CHILDREN return 2502 option is present, the server MUST return these attributes even if 2503 their computation is expensive. 2505 \HasChildren 2507 The presence of this attribute indicates that the mailbox has 2508 child mailboxes. A server SHOULD NOT set this attribute if 2509 there are child mailboxes and the user does not have permission 2510 to access any of them. In this case, \HasNoChildren SHOULD be 2511 used. In many cases, however, a server may not be able to 2512 efficiently compute whether a user has access to any child 2513 mailbox. Note that even though the \HasChildren attribute for a 2514 mailbox must be correct at the time of processing of the 2515 mailbox, a client must be prepared to deal with a situation when 2516 a mailbox is marked with the \HasChildren attribute, but no 2517 child mailbox appears in the response to the LIST command. This 2518 might happen, for example, due to children mailboxes being 2519 deleted or made inaccessible to the user (using access control) 2520 by another client before the server is able to list them. 2522 \HasNoChildren 2524 The presence of this attribute indicates that the mailbox has NO 2525 child mailboxes that are accessible to the currently 2526 authenticated user. 2528 It is an error for the server to return both a \HasChildren and a 2529 \HasNoChildren attribute in the same LIST response. 2531 Note: the \HasNoChildren attribute should not be confused with the 2532 the \NoInferiors attribute, which indicates that no child mailboxes 2533 exist now and none can be created in the future. 2535 6.3.9.6. CHILDINFO Extended Data Item 2537 The CHILDINFO extended data item MUST NOT be returned unless the 2538 client has specified the RECURSIVEMATCH selection option. 2540 The CHILDINFO extended data item in a LIST response describes the 2541 selection criteria that has caused it to be returned and indicates 2542 that the mailbox has at least one descendant mailbox that matches the 2543 selection criteria. 2545 Note: Some servers allow for mailboxes to exist without requiring 2546 their parent to exist. For example, a mailbox "Customers/ABC" can 2547 exist while the mailbox "Customers" does not. As CHILDINFO extended 2548 data item is not allowed if the RECURSIVEMATCH selection option is 2549 not specified, such servers SHOULD use the "\NonExistent 2550 \HasChildren" attribute pair to signal to the client that there is a 2551 descendant mailbox that matches the selection criteria. See example 2552 11 in Section 6.3.9.8. 2554 The returned selection criteria allow the client to distinguish a 2555 solicited response from an unsolicited one, as well as to distinguish 2556 among solicited responses caused by multiple pipelined LIST commands 2557 that specify different criteria. 2559 Servers SHOULD only return a non-matching mailbox name along with 2560 CHILDINFO if at least one matching child is not also being returned. 2561 That is, servers SHOULD suppress redundant CHILDINFO responses. 2563 Examples 8 and 10 in Section 6.3.9.8 demonstrate the difference 2564 between present CHILDINFO extended data item and the "\HasChildren" 2565 attribute. 2567 The following table summarizes interaction between the "\NonExistent" 2568 attribute and CHILDINFO (the first column indicates whether the 2569 parent mailbox exists): 2571 +--------+-------------+------------------+-------------------------+ 2572 | exists | meets the | has a child that | returned | 2573 | | selection | meets the | IMAP4rev2/LIST-EXTENDED | 2574 | | criteria | selection | attributes and | 2575 | | | criteria | CHILDINFO | 2576 +--------+-------------+------------------+-------------------------+ 2577 | no | no | no | no LIST response | 2578 | | | | returned | 2579 | yes | no | no | no LIST response | 2580 | | | | returned | 2581 | no | yes | no | (\NonExistent ) | 2582 | yes | yes | no | () | 2583 | no | no | yes | (\NonExistent) + | 2584 | | | | CHILDINFO | 2585 | yes | no | yes | () + CHILDINFO | 2586 | no | yes | yes | (\NonExistent ) + | 2587 | | | | CHILDINFO | 2588 | yes | yes | yes | () + CHILDINFO | 2589 +--------+-------------+------------------+-------------------------+ 2591 where is one or more attributes that correspond to the 2592 selection criteria; for example, for the SUBSCRIBED option the 2593 is \Subscribed. 2595 6.3.9.7. OLDNAME Extended Data Item 2597 The OLDNAME extended data item is included when a mailbox name is 2598 created (with CREATE command), renamed (with RENAME command) or 2599 deleted (with DELETE command). (When a mailbox is deleted the 2600 "\NonExistent" attribute is also included.) IMAP extensions can 2601 specify other conditions when OLDNAME extended data item should be 2602 included. 2604 If the server allows de-normalized mailbox names (see Section 5.1) in 2605 SELECT/EXAMINE, CREATE, RENAME or DELETE, it SHOULD return an 2606 unsolicited LIST response that includes OLDNAME extended data item, 2607 whenever the supplied mailbox name differs from the resulting 2608 normalized mailbox name. From the client point of view this is 2609 indistinguishable from another user renaming or deleting the mailbox, 2610 as specified in the previous paragraph. 2612 A deleted mailbox can be announced like this: 2614 S: * LIST (\NonExistent) "." "INBOX.DeletedMailbox" 2616 Example of a renamed mailbox: 2618 S: * LIST () "/" "NewMailbox" ("OLDNAME" ("OldMailbox")) 2620 6.3.9.8. LIST Command Examples 2622 This example shows some uses of the basic LIST command: 2624 Example: C: A101 LIST "" "" 2625 S: * LIST (\Noselect) "/" "" 2626 S: A101 OK LIST Completed 2627 C: A102 LIST #news.comp.mail.misc "" 2628 S: * LIST (\Noselect) "." #news. 2629 S: A102 OK LIST Completed 2630 C: A103 LIST /usr/staff/jones "" 2631 S: * LIST (\Noselect) "/" / 2632 S: A103 OK LIST Completed 2633 C: A202 LIST ~/Mail/ % 2634 S: * LIST (\Noselect) "/" ~/Mail/foo 2635 S: * LIST () "/" ~/Mail/meetings 2636 S: A202 OK LIST completed 2638 Extended examples: 2640 1: The first example shows the complete local hierarchy that will 2641 be used for the other examples. 2643 C: A01 LIST "" "*" 2644 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2645 S: * LIST () "/" "Fruit" 2646 S: * LIST () "/" "Fruit/Apple" 2647 S: * LIST () "/" "Fruit/Banana" 2648 S: * LIST () "/" "Tofu" 2649 S: * LIST () "/" "Vegetable" 2650 S: * LIST () "/" "Vegetable/Broccoli" 2651 S: * LIST () "/" "Vegetable/Corn" 2652 S: A01 OK done 2654 2: In the next example, we will see the subscribed mailboxes. This 2655 is similar to, but not equivalent with now deprecated, (see [RFC3501] for more details on LSUB command). Note 2657 that the mailbox called "Fruit/Peach" is subscribed to, but does 2658 not actually exist (perhaps it was deleted while still 2659 subscribed). The "Fruit" mailbox is not subscribed to, but it 2660 has two subscribed children. The "Vegetable" mailbox is 2661 subscribed and has two children; one of them is subscribed as 2662 well. 2664 C: A02 LIST (SUBSCRIBED) "" "*" 2665 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2666 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2667 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2668 S: * LIST (\Subscribed) "/" "Vegetable" 2669 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2670 S: A02 OK done 2672 3: The next example shows the use of the CHILDREN option. The 2673 client, without having to list the second level of hierarchy, 2674 now knows which of the top-level mailboxes have submailboxes 2675 (children) and which do not. Note that it's not necessary for 2676 the server to return the \HasNoChildren attribute for the inbox, 2677 because the \NoInferiors attribute already implies that, and has 2678 a stronger meaning. 2680 C: A03 LIST () "" "%" RETURN (CHILDREN) 2681 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2682 S: * LIST (\HasChildren) "/" "Fruit" 2683 S: * LIST (\HasNoChildren) "/" "Tofu" 2684 S: * LIST (\HasChildren) "/" "Vegetable" 2685 S: A03 OK done 2687 4: In this example, we see more mailboxes that reside on another 2688 server. This is similar to the command . 2690 C: A04 LIST (REMOTE) "" "%" RETURN (CHILDREN) 2691 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2692 S: * LIST (\HasChildren) "/" "Fruit" 2693 S: * LIST (\HasNoChildren) "/" "Tofu" 2694 S: * LIST (\HasChildren) "/" "Vegetable" 2695 S: * LIST (\Remote \HasNoChildren) "/" "Bread" 2696 S: * LIST (\HasChildren \Remote) "/" "Meat" 2697 S: A04 OK done 2699 5: The following example also requests the server to include 2700 mailboxes that reside on another server. The server returns 2701 information about all mailboxes that are subscribed. This is 2702 similar to the command (see [RFC2193] for more 2703 details on RLSUB). We also see the use of two selection 2704 options. 2706 C: A05 LIST (REMOTE SUBSCRIBED) "" "*" 2707 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2708 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2709 S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach" 2710 S: * LIST (\Subscribed) "/" "Vegetable" 2711 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2712 S: * LIST (\Remote \Subscribed) "/" "Bread" 2713 S: A05 OK done 2715 6: The following example requests the server to include mailboxes 2716 that reside on another server. The server is asked to return 2717 subscription information for all returned mailboxes. This is 2718 different from the example above. 2720 Note that the output of this command is not a superset of the 2721 output in the previous example, as it doesn't include LIST 2722 response for the non-existent "Fruit/Peach". 2724 C: A06 LIST (REMOTE) "" "*" RETURN (SUBSCRIBED) 2725 S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox" 2726 S: * LIST () "/" "Fruit" 2727 S: * LIST () "/" "Fruit/Apple" 2728 S: * LIST (\Subscribed) "/" "Fruit/Banana" 2729 S: * LIST () "/" "Tofu" 2730 S: * LIST (\Subscribed) "/" "Vegetable" 2731 S: * LIST (\Subscribed) "/" "Vegetable/Broccoli" 2732 S: * LIST () "/" "Vegetable/Corn" 2733 S: * LIST (\Remote \Subscribed) "/" "Bread" 2734 S: * LIST (\Remote) "/" "Meat" 2735 S: A06 OK done 2737 7: The following example demonstrates the difference between the 2738 \HasChildren attribute and the CHILDINFO extended data item. 2740 Let's assume there is the following hierarchy: 2742 C: C01 LIST "" "*" 2743 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2744 S: * LIST () "/" "Foo" 2745 S: * LIST () "/" "Foo/Bar" 2746 S: * LIST () "/" "Foo/Baz" 2747 S: * LIST () "/" "Moo" 2748 S: C01 OK done 2750 If the client asks RETURN (CHILDREN), it will get this: 2752 C: CA3 LIST "" "%" RETURN (CHILDREN) 2753 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2754 S: * LIST (\HasChildren) "/" "Foo" 2755 S: * LIST (\HasNoChildren) "/" "Moo" 2756 S: CA3 OK done 2758 A) Let's also assume that the mailbox "Foo/Baz" is the only 2759 subscribed mailbox. Then we get this result: 2761 C: C02 LIST (SUBSCRIBED) "" "*" 2762 S: * LIST (\Subscribed) "/" "Foo/Baz" 2763 S: C02 OK done 2765 Now, if the client issues , the server 2766 will return no mailboxes (as the mailboxes "Moo", "Foo", and 2767 "Inbox" are NOT subscribed). However, if the client issues 2768 this: 2770 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2771 S: * LIST () "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2772 S: C04 OK done 2774 (i.e., the mailbox "Foo" is not subscribed, but it has a child 2775 that is.) 2777 A1) If the mailbox "Foo" had also been subscribed, the last 2778 command would return this: 2780 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2781 S: * LIST (\Subscribed) "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2782 S: C04 OK done 2784 or even this: 2786 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2787 S: * LIST (\Subscribed \HasChildren) "/" "Foo" ("CHILDINFO" 2788 ("SUBSCRIBED")) 2789 S: C04 OK done 2791 A2) If we assume instead that the mailbox "Foo" is not part of 2792 the original hierarchy and is not subscribed, the last command 2793 will give this result: 2795 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" 2796 S: * LIST (\NonExistent) "/" "Foo" ("CHILDINFO" ("SUBSCRIBED")) 2797 S: C04 OK done 2799 B) Now, let's assume that no mailbox is subscribed. In this 2800 case, the command will 2801 return no responses, as there are no subscribed children (even 2802 though "Foo" has children). 2804 C) And finally, suppose that only the mailboxes "Foo" and "Moo" 2805 are subscribed. In that case, we see this result: 2807 C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" RETURN (CHILDREN) 2808 S: * LIST (\HasChildren \Subscribed) "/" "Foo" 2809 S: * LIST (\HasNoChildren \Subscribed) "/" "Moo" 2810 S: C04 OK done 2812 (which means that the mailbox "Foo" has children, but none of 2813 them is subscribed). 2815 8: The following example demonstrates that the CHILDINFO extended 2816 data item is returned whether or not children mailboxes match 2817 the canonical LIST pattern. 2819 Let's assume there is the following hierarchy: 2821 C: D01 LIST "" "*" 2822 S: * LIST (\Marked \NoInferiors) "/" "inbox" 2823 S: * LIST () "/" "foo2" 2824 S: * LIST () "/" "foo2/bar1" 2825 S: * LIST () "/" "foo2/bar2" 2826 S: * LIST () "/" "baz2" 2827 S: * LIST () "/" "baz2/bar2" 2828 S: * LIST () "/" "baz2/bar22" 2829 S: * LIST () "/" "baz2/bar222" 2830 S: * LIST () "/" "eps2" 2831 S: * LIST () "/" "eps2/mamba" 2832 S: * LIST () "/" "qux2/bar2" 2833 S: D01 OK done 2834 And that the following mailboxes are subscribed: 2836 C: D02 LIST (SUBSCRIBED) "" "*" 2837 S: * LIST (\Subscribed) "/" "foo2/bar1" 2838 S: * LIST (\Subscribed) "/" "foo2/bar2" 2839 S: * LIST (\Subscribed) "/" "baz2/bar2" 2840 S: * LIST (\Subscribed) "/" "baz2/bar22" 2841 S: * LIST (\Subscribed) "/" "baz2/bar222" 2842 S: * LIST (\Subscribed) "/" "eps2" 2843 S: * LIST (\Subscribed) "/" "eps2/mamba" 2844 S: * LIST (\Subscribed) "/" "qux2/bar2" 2845 S: D02 OK done 2847 The client issues the following command first: 2849 C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*2" 2850 S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED")) 2851 S: * LIST (\Subscribed) "/" "foo2/bar2" 2852 S: * LIST (\Subscribed) "/" "baz2/bar2" 2853 S: * LIST (\Subscribed) "/" "baz2/bar22" 2854 S: * LIST (\Subscribed) "/" "baz2/bar222" 2855 S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED")) 2856 S: * LIST (\Subscribed) "/" "qux2/bar2" 2857 S: D03 OK done 2859 and the server may also include (but this would violate a SHOULD 2860 NOT in Section 3.5, because CHILDINFO is redundant) 2862 S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED")) 2863 S: * LIST (\NonExistent) "/" "qux2" ("CHILDINFO" ("SUBSCRIBED")) 2865 The CHILDINFO extended data item is returned for mailboxes 2866 "foo2", "baz2", and "eps2", because all of them have subscribed 2867 children, even though for the mailbox "foo2" only one of the two 2868 subscribed children matches the pattern, for the mailbox "baz2" 2869 all the subscribed children match the pattern, and for the 2870 mailbox "eps2" none of the subscribed children matches the 2871 pattern. 2873 Note that if the client issues 2875 C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*" 2876 S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED")) 2877 S: * LIST (\Subscribed) "/" "foo2/bar1" 2878 S: * LIST (\Subscribed) "/" "foo2/bar2" 2879 S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED")) 2880 S: * LIST (\Subscribed) "/" "baz2/bar2" 2881 S: * LIST (\Subscribed) "/" "baz2/bar22" 2882 S: * LIST (\Subscribed) "/" "baz2/bar222" 2883 S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED")) 2884 S: * LIST (\Subscribed) "/" "eps2/mamba" 2885 S: * LIST (\Subscribed) "/" "qux2/bar2" 2886 S: D03 OK done 2888 The LIST responses for mailboxes "foo2", "baz2", and "eps2" 2889 still have the CHILDINFO extended data item, even though this 2890 information is redundant and the client can determine it by 2891 itself. 2893 9: The following example shows usage of extended syntax for mailbox 2894 pattern. It also demonstrates that the presence of the 2895 CHILDINFO extended data item doesn't necessarily imply 2896 \HasChildren. 2898 C: a1 LIST "" ("foo") 2899 S: * LIST () "/" foo 2900 S: a1 OK done 2902 C: a2 LIST (SUBSCRIBED) "" "foo/*" 2903 S: * LIST (\Subscribed \NonExistent) "/" foo/bar 2904 S: a2 OK done 2906 C: a3 LIST (SUBSCRIBED RECURSIVEMATCH) "" foo RETURN (CHILDREN) 2907 S: * LIST (\HasNoChildren) "/" foo ("CHILDINFO" ("SUBSCRIBED")) 2908 S: a3 OK done 2910 10: The following example shows how a server that supports missing 2911 mailbox hierarchy elements can signal to a client that didn't 2912 specify the RECURSIVEMATCH selection option that there is a 2913 child mailbox that matches the selection criteria. 2915 C: a1 LIST (REMOTE) "" * 2916 S: * LIST () "/" music/rock 2917 S: * LIST (\Remote) "/" also/jazz 2918 S: a1 OK done 2920 C: a2 LIST () "" % 2921 S: * LIST (\NonExistent \HasChildren) "/" music 2922 S: a2 OK done 2924 C: a3 LIST (REMOTE) "" % 2925 S: * LIST (\NonExistent \HasChildren) "/" music 2926 S: * LIST (\NonExistent \HasChildren) "/" also 2927 S: a3 OK done 2929 C: a3.1 LIST "" (% music/rock) 2930 S: * LIST () "/" music/rock 2931 S: a3.1 OK done 2933 Because "music/rock" is the only mailbox under "music", there's 2934 no need for the server to also return "music". However clients 2935 must handle both cases. 2937 11: The following examples show use of STATUS return option. 2939 C: A01 LIST "" % RETURN (STATUS (MESSAGES UNSEEN)) 2940 S: * LIST () "." "INBOX" 2941 S: * STATUS "INBOX" (MESSAGES 17 UNSEEN 16) 2942 S: * LIST () "." "foo" 2943 S: * STATUS "foo" (MESSAGES 30 UNSEEN 29) 2944 S: * LIST (\NoSelect) "." "bar" 2945 S: A01 OK List completed. 2947 The "bar" mailbox isn't selectable, so it has no STATUS reply. 2949 C: A02 LIST (SUBSCRIBED RECURSIVEMATCH) "" % RETURN (STATUS 2950 (MESSAGES)) 2951 S: * LIST (\Subscribed) "." "INBOX" 2952 S: * STATUS "INBOX" (MESSAGES 17) 2953 S: * LIST () "." "foo" (CHILDINFO ("SUBSCRIBED")) 2954 S: A02 OK List completed. 2956 The LIST reply for "foo" is returned because it has matching 2957 children, but no STATUS reply is returned because "foo" itself 2958 doesn't match the selection criteria. 2960 6.3.10. NAMESPACE Command 2962 Arguments: none 2964 Responses: REQUIRED untagged responses: NAMESPACE 2966 Result: OK - command completed 2967 NO - Can't complete the command 2968 BAD - arguments invalid 2970 The NAMESPACE command causes a single untagged NAMESPACE response to 2971 be returned. The untagged NAMESPACE response contains the prefix and 2972 hierarchy delimiter to the server's Personal Namespace(s), Other 2973 Users' Namespace(s), and Shared Namespace(s) that the server wishes 2974 to expose. The response will contain a NIL for any namespace class 2975 that is not available. The namespace-response-extensions ABNF non 2976 terminal is defined for extensibility and MAY be included in the 2977 NAMESPACE response. 2979 Example 1: 2981 In this example a server supports a single personal namespace. No 2982 leading prefix is used on personal mailboxes and "/" is the hierarchy 2983 delimiter. 2985 C: A001 NAMESPACE 2986 S: * NAMESPACE (("" "/")) NIL NIL 2987 S: A001 OK NAMESPACE command completed 2989 Example 2: 2991 A user logged on anonymously to a server. No personal mailboxes are 2992 associated with the anonymous user and the user does not have access 2993 to the Other Users' Namespace. No prefix is required to access 2994 shared mailboxes and the hierarchy delimiter is "." 2996 C: A001 NAMESPACE 2997 S: * NAMESPACE NIL NIL (("" ".")) 2998 S: A001 OK NAMESPACE command completed 3000 Example 3: 3002 A server that contains a Personal Namespace and a single Shared 3003 Namespace. 3005 C: A001 NAMESPACE 3006 S: * NAMESPACE (("" "/")) NIL (("Public Folders/" "/")) 3007 S: A001 OK NAMESPACE command completed 3009 Example 4: 3011 A server that contains a Personal Namespace, Other Users' Namespace 3012 and multiple Shared Namespaces. Note that the hierarchy delimiter 3013 used within each namespace can be different. 3015 C: A001 NAMESPACE 3016 S: * NAMESPACE (("" "/")) (("~" "/")) (("#shared/" "/") 3017 ("#public/" "/")("#ftp/" "/")("#news." ".")) 3018 S: A001 OK NAMESPACE command completed 3020 The prefix string allows a client to do things such as automatically 3021 creating personal mailboxes or LISTing all available mailboxes within 3022 a namespace. 3024 Example 5: 3026 A server that supports only the Personal Namespace, with a leading 3027 prefix of INBOX to personal mailboxes and a hierarchy delimiter of 3028 "." 3030 C: A001 NAMESPACE 3031 S: * NAMESPACE (("INBOX." ".")) NIL NIL 3032 S: A001 OK NAMESPACE command completed 3034 < Automatically create a mailbox to store sent items.> 3036 C: A002 CREATE "INBOX.Sent Mail" 3037 S: A002 OK CREATE command completed 3039 Although typically a server will support only a single Personal 3040 Namespace, and a single Other User's Namespace, circumstances exist 3041 where there MAY be multiples of these, and a client MUST be prepared 3042 for them. If a client is configured such that it is required to 3043 create a certain mailbox, there can be circumstances where it is 3044 unclear which Personal Namespaces it should create the mailbox in. 3045 In these situations a client SHOULD let the user select which 3046 namespaces to create the mailbox in or just use the first personal 3047 namespace. 3049 Example 6: 3051 In this example, a server supports two Personal Namespaces. In 3052 addition to the regular Personal Namespace, the user has an 3053 additional personal namespace to allow access to mailboxes in an MH 3054 format mailstore. 3056 The client is configured to save a copy of all mail sent by the user 3057 into a mailbox called 'Sent Mail'. Furthermore, after a message is 3058 deleted from a mailbox, the client is configured to move that message 3059 to a mailbox called 'Deleted Items'. 3061 Note that this example demonstrates how some extension parameters can 3062 be passed to further describe the #mh namespace. See the fictitious 3063 "X-PARAM" extension parameter. 3065 C: A001 NAMESPACE 3066 S: * NAMESPACE (("" "/")("#mh/" "/" "X-PARAM" 3067 ("FLAG1" "FLAG2"))) NIL NIL 3068 S: A001 OK NAMESPACE command completed 3070 < It is desired to keep only one copy of sent mail. 3071 It is unclear which Personal Namespace the client 3072 should use to create the 'Sent Mail' mailbox. 3073 The user is prompted to select a namespace and only 3074 one 'Sent Mail' mailbox is created. > 3076 C: A002 CREATE "Sent Mail" 3077 S: A002 OK CREATE command completed 3079 < The client is designed so that it keeps two 3080 'Deleted Items' mailboxes, one for each namespace. > 3082 C: A003 CREATE "Delete Items" 3083 S: A003 OK CREATE command completed 3085 C: A004 CREATE "#mh/Deleted Items" 3086 S: A004 OK CREATE command completed 3088 The next level of hierarchy following the Other Users' Namespace 3089 prefix SHOULD consist of , where is a user name 3090 as per the LOGIN or AUTHENTICATE command. 3092 A client can construct a LIST command by appending a "%" to the Other 3093 Users' Namespace prefix to discover the Personal Namespaces of other 3094 users that are available to the currently authenticated user. 3096 In response to such a LIST command, a server SHOULD NOT return user 3097 names that have not granted access to their personal mailboxes to the 3098 user in question. 3100 A server MAY return a LIST response containing only the names of 3101 users that have explicitly granted access to the user in question. 3103 Alternatively, a server MAY return NO to such a LIST command, 3104 requiring that a user name be included with the Other Users' 3105 Namespace prefix before listing any other user's mailboxes. 3107 Example 7: 3109 A server that supports providing a list of other user's mailboxes 3110 that are accessible to the currently logged on user. 3112 C: A001 NAMESPACE 3113 S: * NAMESPACE (("" "/")) (("Other Users/" "/")) NIL 3114 S: A001 OK NAMESPACE command completed 3116 C: A002 LIST "" "Other Users/%" 3117 S: * LIST () "/" "Other Users/Mike" 3118 S: * LIST () "/" "Other Users/Karen" 3119 S: * LIST () "/" "Other Users/Matthew" 3120 S: * LIST () "/" "Other Users/Tesa" 3121 S: A002 OK LIST command completed 3123 Example 8: 3125 A server that does not support providing a list of other user's 3126 mailboxes that are accessible to the currently logged on user. The 3127 mailboxes are listable if the client includes the name of the other 3128 user with the Other Users' Namespace prefix. 3130 C: A001 NAMESPACE 3131 S: * NAMESPACE (("" "/")) (("#Users/" "/")) NIL 3132 S: A001 OK NAMESPACE command completed 3134 < In this example, the currently logged on user has access to 3135 the Personal Namespace of user Mike, but the server chose to 3136 suppress this information in the LIST response. However, 3137 by appending the user name Mike (received through user input) 3138 to the Other Users' Namespace prefix, the client is able 3139 to get a listing of the personal mailboxes of user Mike. > 3141 C: A002 LIST "" "#Users/%" 3142 S: A002 NO The requested item could not be found. 3144 C: A003 LIST "" "#Users/Mike/%" 3145 S: * LIST () "/" "#Users/Mike/INBOX" 3146 S: * LIST () "/" "#Users/Mike/Foo" 3147 S: A003 OK LIST command completed. 3149 A prefix string might not contain a hierarchy delimiter, because in 3150 some cases it is not needed as part of the prefix. 3152 Example 9: 3154 A server that allows access to the Other Users' Namespace by 3155 prefixing the others' mailboxes with a '~' followed by , 3156 where is a user name as per the LOGIN or AUTHENTICATE 3157 command. 3159 C: A001 NAMESPACE 3160 S: * NAMESPACE (("" "/")) (("~" "/")) NIL 3161 S: A001 OK NAMESPACE command completed 3163 < List the mailboxes for user mark > 3165 C: A002 LIST "" "~mark/%" 3166 S: * LIST () "/" "~mark/INBOX" 3167 S: * LIST () "/" "~mark/foo" 3168 S: A002 OK LIST command completed 3170 6.3.11. STATUS Command 3172 Arguments: mailbox name 3173 status data item names 3175 Responses: REQUIRED untagged responses: STATUS 3177 Result: OK - status completed 3178 NO - status failure: no status for that name 3179 BAD - command unknown or arguments invalid 3181 The STATUS command requests the status of the indicated mailbox. It 3182 does not change the currently selected mailbox, nor does it affect 3183 the state of any messages in the queried mailbox. 3185 The STATUS command provides an alternative to opening a second 3186 IMAP4rev2 connection and doing an EXAMINE command on a mailbox to 3187 query that mailbox's status without deselecting the current mailbox 3188 in the first IMAP4rev2 connection. 3190 Unlike the LIST command, the STATUS command is not guaranteed to be 3191 fast in its response. Under certain circumstances, it can be quite 3192 slow. In some implementations, the server is obliged to open the 3193 mailbox read-only internally to obtain certain status information. 3194 Also unlike the LIST command, the STATUS command does not accept 3195 wildcards. 3197 Note: The STATUS command is intended to access the status of 3198 mailboxes other than the currently selected mailbox. Because the 3199 STATUS command can cause the mailbox to be opened internally, and 3200 because this information is available by other means on the 3201 selected mailbox, the STATUS command SHOULD NOT be used on the 3202 currently selected mailbox. However, servers MUST be able to 3203 execute STATUS command on the selected mailbox. (This might also 3204 implicitly happen when STATUS return option is used in a LIST 3205 command). 3207 The STATUS command MUST NOT be used as a "check for new messages 3208 in the selected mailbox" operation (refer to Section 7 and 3209 Section 7.4.1 for more information about the proper method for new 3210 message checking). 3212 STATUS SIZE (see below) can take a significant amount of time, 3213 depending upon server implementation. Clients should use STATUS 3214 SIZE cautiously. 3216 The currently defined status data items that can be requested are: 3218 MESSAGES The number of messages in the mailbox. 3220 UIDNEXT The next unique identifier value of the mailbox. Refer to 3221 Section 2.3.1.1 for more information. 3223 UIDVALIDITY The unique identifier validity value of the mailbox. 3224 Refer to Section 2.3.1.1 for more information. 3226 UNSEEN The number of messages which do not have the \Seen flag set. 3228 DELETED The number of messages which have the \Deleted flag set. 3230 SIZE The total size of the mailbox in octets. This is not strictly 3231 required to be an exact value, but it MUST be equal to or greater 3232 than the sum of the values of the RFC822.SIZE FETCH message data 3233 items (see Section 6.4.5) of all messages in the mailbox. 3235 Example: C: A042 STATUS blurdybloop (UIDNEXT MESSAGES) 3236 S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 3237 S: A042 OK STATUS completed 3239 6.3.12. APPEND Command 3241 Arguments: mailbox name 3242 OPTIONAL flag parenthesized list 3243 OPTIONAL date/time string 3244 message literal 3246 Responses: OPTIONAL untagged response: LIST 3247 Result: OK - append completed 3248 NO - append error: can't append to that mailbox, error 3249 in flags or date/time or message text 3250 BAD - command unknown or arguments invalid 3252 The APPEND command appends the literal argument as a new message to 3253 the end of the specified destination mailbox. This argument SHOULD 3254 be in the format of an [RFC-5322] or [I18N-HDRS] message. 8-bit 3255 characters are permitted in the message. A server implementation 3256 that is unable to preserve 8-bit data properly MUST be able to 3257 reversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB] 3258 content transfer encoding. 3260 Note: There may be exceptions, e.g., draft messages, in which 3261 required [RFC-5322] header fields are omitted in the message 3262 literal argument to APPEND. The full implications of doing so 3263 must be understood and carefully weighed. 3265 If a flag parenthesized list is specified, the flags SHOULD be set in 3266 the resulting message; otherwise, the flag list of the resulting 3267 message is set to empty by default. 3269 If a date-time is specified, the internal date SHOULD be set in the 3270 resulting message; otherwise, the internal date of the resulting 3271 message is set to the current date and time by default. 3273 If the append is unsuccessful for any reason, the mailbox MUST be 3274 restored to its state before the APPEND attempt (other than possibly 3275 keeping the changed mailbox's UIDNEXT value); no partial appending is 3276 permitted. 3278 If the destination mailbox does not exist, a server MUST return an 3279 error, and MUST NOT automatically create the mailbox. Unless it is 3280 certain that the destination mailbox can not be created, the server 3281 MUST send the response code "[TRYCREATE]" as the prefix of the text 3282 of the tagged NO response. This gives a hint to the client that it 3283 can attempt a CREATE command and retry the APPEND if the CREATE is 3284 successful. 3286 On successful completion of an APPEND, the server returns an 3287 APPENDUID response code (see Section 7.1), unless specified otherwise 3288 below. 3290 In the case of a mailbox that has permissions set so that the client 3291 can APPEND to the mailbox, but not SELECT or EXAMINE it, the server 3292 MUST NOT send an APPENDUID response code as it would disclose 3293 information about the mailbox. 3295 In the case of a mailbox that has UIDNOTSTICKY status (see 3296 Section 7.1), the server MAY omit the APPENDUID response code as it 3297 is not meaningful. 3299 If the mailbox is currently selected, the normal new message actions 3300 SHOULD occur. Specifically, the server SHOULD notify the client 3301 immediately via an untagged EXISTS response. If the server does not 3302 do so, the client MAY issue a NOOP command after one or more APPEND 3303 commands. 3305 If the server decides to convert (normalize) the mailbox name, it 3306 SHOULD return an untagged LIST with OLDNAME extended data item, with 3307 the OLDNAME value being the supplied mailbox name and the name 3308 parameter being the normalized mailbox name. (See Section 6.3.9.7 3309 for more details.) 3311 Example: C: A003 APPEND saved-messages (\Seen) {326} 3312 S: + Ready for literal data 3313 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 3314 C: From: Fred Foobar 3315 C: Subject: afternoon meeting 3316 C: To: mooch@owatagu.siam.edu.example 3317 C: Message-Id: 3318 C: MIME-Version: 1.0 3319 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 3320 C: 3321 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 3322 C: 3323 S: A003 OK APPEND completed 3325 Example: C: A003 APPEND saved-messages (\Seen) {297+} 3326 C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) 3327 C: From: Fred Foobar 3328 C: Subject: afternoon meeting 3329 C: To: mooch@example.com 3330 C: Message-Id: 3331 C: MIME-Version: 1.0 3332 C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 3333 C: 3334 C: Hello Joe, do you think we can meet at 3:30 tomorrow? 3335 C: 3336 S: A003 OK [APPENDUID 38505 3955] APPEND completed 3337 C: A004 COPY 2:4 meeting 3338 S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done 3339 C: A005 UID COPY 305:310 meeting 3340 S: A005 OK No matching messages, so nothing copied 3341 C: A006 COPY 2 funny 3342 S: A006 OK Done 3343 C: A007 SELECT funny 3344 S: * 1 EXISTS 3345 S: * OK [UIDVALIDITY 3857529045] Validity session-only 3346 S: * OK [UIDNEXT 2] Predicted next UID 3347 S: * NO [UIDNOTSTICKY] Non-persistent UIDs 3348 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 3349 S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited 3350 S: * LIST () "." funny 3351 S: A007 OK [READ-WRITE] SELECT completed 3353 In this example, A003 and A004 demonstrate successful appending and 3354 copying to a mailbox that returns the UIDs assigned to the messages. 3355 A005 is an example in which no messages were copied; this is because 3356 in A003, we see that message 2 had UID 304, and message 3 had UID 3357 319; therefore, UIDs 305 through 310 do not exist (refer to 3358 Section 2.3.1.1 for further explanation). A006 is an example of a 3359 message being copied that did not return a COPYUID; and, as expected, 3360 A007 shows that the mail store containing that mailbox does not 3361 support persistent UIDs. 3363 Note: The APPEND command is not used for message delivery, because 3364 it does not provide a mechanism to transfer [SMTP] envelope 3365 information. 3367 6.3.13. IDLE Command 3369 Arguments: none 3371 Responses: continuation data will be requested; the client sends the 3372 continuation data "DONE" to end the command 3374 Result: OK - IDLE completed after client sent "DONE" 3375 NO - failure: the server will not allow the IDLE command 3376 at this time 3377 BAD - command unknown or arguments invalid 3379 Without the IDLE command a client would need to poll the server for 3380 changes to the selected mailbox (new mail, deletions, flag changes). 3381 It's often more desirable to have the server transmit updates to the 3382 client in real time. This allows a user to see new mail immediately. 3383 The IDLE command allows a client to tell the server that it's ready 3384 to accept such real-time updates. 3386 The IDLE command is sent from the client to the server when the 3387 client is ready to accept unsolicited update messages. The server 3388 requests a response to the IDLE command using the continuation ("+") 3389 response. The IDLE command remains active until the client responds 3390 to the continuation, and as long as an IDLE command is active, the 3391 server is now free to send untagged EXISTS, EXPUNGE, FETCH, and other 3392 responses at any time. If the server chooses to send unsolicited 3393 FETCH responses, they MUST include UID FETCH item. 3395 The IDLE command is terminated by the receipt of a "DONE" 3396 continuation from the client; such response satisfies the server's 3397 continuation request. At that point, the server MAY send any 3398 remaining queued untagged responses and then MUST immediately send 3399 the tagged response to the IDLE command and prepare to process other 3400 commands. As for other commands, the processing of any new command 3401 may cause the sending of unsolicited untagged responses, subject to 3402 the ambiguity limitations. The client MUST NOT send a command while 3403 the server is waiting for the DONE, since the server will not be able 3404 to distinguish a command from a continuation. 3406 The server MAY consider a client inactive if it has an IDLE command 3407 running, and if such a server has an inactivity timeout it MAY log 3408 the client off implicitly at the end of its timeout period. Because 3409 of that, clients using IDLE are advised to terminate the IDLE and re- 3410 issue it at least every 29 minutes to avoid being logged off. This 3411 still allows a client to receive immediate mailbox updates even 3412 though it need only "poll" at half hour intervals. 3414 Example: C: A001 SELECT INBOX 3415 S: * FLAGS (\Deleted \Seen \Flagged) 3416 S: * OK [PERMANENTFLAGS (\Deleted \Seen \Flagged)] Limited 3417 S: * 3 EXISTS 3418 S: * OK [UIDVALIDITY 1] 3419 S: * LIST () "/" INBOX 3420 S: A001 OK [READ-WRITE] SELECT completed 3421 C: A002 IDLE 3422 S: + idling 3423 ...time passes; new mail arrives... 3424 S: * 4 EXISTS 3425 C: DONE 3426 S: A002 OK IDLE terminated 3427 ...another client expunges message 2 now... 3428 C: A003 FETCH 4 ALL 3429 S: * 4 FETCH (...) 3430 S: A003 OK FETCH completed 3431 C: A004 IDLE 3432 S: * 2 EXPUNGE 3433 S: * 3 EXISTS 3434 S: + idling 3435 ...time passes; another client expunges message 3... 3436 S: * 3 EXPUNGE 3437 S: * 2 EXISTS 3438 ...time passes; new mail arrives... 3439 S: * 3 EXISTS 3440 C: DONE 3441 S: A004 OK IDLE terminated 3442 C: A005 FETCH 3 ALL 3443 S: * 3 FETCH (...) 3444 S: A005 OK FETCH completed 3445 C: A006 IDLE 3447 6.4. Client Commands - Selected State 3449 In the selected state, commands that manipulate messages in a mailbox 3450 are permitted. 3452 In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT), 3453 and the authenticated state commands (SELECT, EXAMINE, NAMESPACE, 3454 CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, STATUS, and 3455 APPEND), the following commands are valid in the selected state: 3456 CLOSE, UNSELECT, EXPUNGE, SEARCH, FETCH, STORE, COPY, MOVE, and UID. 3458 6.4.1. CLOSE Command 3460 Arguments: none 3462 Responses: no specific responses for this command 3464 Result: OK - close completed, now in authenticated state 3465 BAD - command unknown or arguments invalid 3467 The CLOSE command permanently removes all messages that have the 3468 \Deleted flag set from the currently selected mailbox, and returns to 3469 the authenticated state from the selected state. No untagged EXPUNGE 3470 responses are sent. 3472 No messages are removed, and no error is given, if the mailbox is 3473 selected by an EXAMINE command or is otherwise selected read-only. 3475 Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUT command 3476 MAY be issued without previously issuing a CLOSE command. The 3477 SELECT, EXAMINE, and LOGOUT commands implicitly close the currently 3478 selected mailbox without doing an expunge. However, when many 3479 messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECT sequence is 3480 considerably faster than an EXPUNGE-LOGOUT or EXPUNGE-SELECT because 3481 no untagged EXPUNGE responses (which the client would probably 3482 ignore) are sent. 3484 Example: C: A341 CLOSE 3485 S: A341 OK CLOSE completed 3487 6.4.2. UNSELECT Command 3489 Arguments: none 3491 Responses: no specific responses for this command 3493 Result: OK - unselect completed, now in authenticated state 3494 BAD - no mailbox selected, or argument supplied but none 3495 permitted 3497 The UNSELECT command frees session's resources associated with the 3498 selected mailbox and returns the server to the authenticated state. 3499 This command performs the same actions as CLOSE, except that no 3500 messages are permanently removed from the currently selected mailbox. 3502 Example: C: A342 UNSELECT 3503 S: A342 OK Unselect completed 3505 6.4.3. EXPUNGE Command 3507 Arguments: none 3509 Responses: untagged responses: EXPUNGE 3511 Result: OK - expunge completed 3512 NO - expunge failure: can't expunge (e.g., permission 3513 denied) 3514 BAD - command unknown or arguments invalid 3516 The EXPUNGE command permanently removes all messages that have the 3517 \Deleted flag set from the currently selected mailbox. Before 3518 returning an OK to the client, an untagged EXPUNGE response is sent 3519 for each message that is removed. 3521 Example: C: A202 EXPUNGE 3522 S: * 3 EXPUNGE 3523 S: * 3 EXPUNGE 3524 S: * 5 EXPUNGE 3525 S: * 8 EXPUNGE 3526 S: A202 OK EXPUNGE completed 3528 Note: In this example, messages 3, 4, 7, and 11 had the \Deleted flag 3529 set. See the description of the EXPUNGE response (Section 7.5.1) for 3530 further explanation. 3532 6.4.4. SEARCH Command 3534 Arguments: OPTIONAL result specifier 3535 OPTIONAL [CHARSET] specification 3536 searching criteria (one or more) 3538 Responses: OPTIONAL untagged response: ESEARCH 3540 Result: OK - search completed 3541 NO - search error: can't search that [CHARSET] or 3542 criteria 3543 BAD - command unknown or arguments invalid 3545 The SEARCH command searches the mailbox for messages that match the 3546 given searching criteria. 3548 The SEARCH command may contain result options. Result options 3549 control what kind of information is returned about messages matching 3550 the search criteria in an untagged ESEARCH response. If no result 3551 option is specified or empty list of options is specified "()", ALL 3552 is assumed (see below). The order of individual options is 3553 arbitrary. Individual options may contain parameters enclosed in 3554 parentheses. (However, if an option has a mandatory parameter, which 3555 can always be represented as a number or a sequence-set, the option 3556 parameter does not need the enclosing parentheses. See the Formal 3557 Syntax (Section 9) for more details). If an option has parameters, 3558 they consist of atoms and/or strings and/or lists in a specific 3559 order. Any options not defined by extensions that the server 3560 supports MUST be rejected with a BAD response. 3562 This document specifies the following result options: 3564 MIN 3566 Return the lowest message number/UID that satisfies the SEARCH 3567 criteria. 3569 If the SEARCH results in no matches, the server MUST NOT 3570 include the MIN result option in the ESEARCH response; however, 3571 it still MUST send the ESEARCH response. 3573 MAX 3575 Return the highest message number/UID that satisfies the SEARCH 3576 criteria. 3578 If the SEARCH results in no matches, the server MUST NOT 3579 include the MAX result option in the ESEARCH response; however, 3580 it still MUST send the ESEARCH response. 3582 ALL 3584 Return all message numbers/UIDs that satisfy the SEARCH 3585 criteria using the sequence-set syntax. Note, the client MUST 3586 NOT assume that messages/UIDs will be listed in any particular 3587 order. 3589 If the SEARCH results in no matches, the server MUST NOT 3590 include the ALL result option in the ESEARCH response; however, 3591 it still MUST send the ESEARCH response. 3593 COUNT Return the number of messages that satisfy the SEARCH 3594 criteria. This result option MUST always be included in the 3595 ESEARCH response. 3597 SAVE 3599 This option tells the server to remember the result of the 3600 SEARCH or UID SEARCH command (as well as any command based on 3601 SEARCH, e.g., SORT and THREAD [RFC5256]>) and store it in an 3602 internal variable that we will reference as the "search result 3603 variable". The client can use the "$" marker to reference the 3604 content of this internal variable. The "$" marker can be used 3605 instead of message sequence or UID sequence in order to 3606 indicate that the server should substitute it with the list of 3607 messages from the search result variable. Thus, the client can 3608 use the result of the latest remembered SEARCH command as a 3609 parameter to another command. See Section 6.4.4.1 for details 3610 on how the value of the search result variable is determined, 3611 how it is affected by other commands executed, and how SAVE 3612 return option interacts with other return options. 3614 In absence of any other SEARCH result option, the SAVE result 3615 option also suppresses any ESEARCH response that would have 3616 been otherwise returned by the SEARCH command. 3618 Note: future extensions to this document can allow servers to return 3619 multiple ESEARCH responses for a single extended SEARCH command. 3620 However all options specified above MUST result in a single ESEARCH 3621 response if used by themselves or in combination. This guarantee 3622 simplifies processing in IMAP4rev2 clients. Future SEARCH extensions 3623 that relax this restriction will have to describe how results from 3624 multiple ESEARCH responses are to be combined. 3626 Searching criteria consist of one or more search keys. 3628 When multiple keys are specified, the result is the intersection (AND 3629 function) of all the messages that match those keys. For example, 3630 the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers to all 3631 deleted messages from Smith with INTERNALDATE greater than February 3632 1, 1994. A search key can also be a parenthesized list of one or 3633 more search keys (e.g., for use with the OR and NOT keys). 3635 Server implementations MAY exclude [MIME-IMB] body parts with 3636 terminal content media types other than TEXT and MESSAGE from 3637 consideration in SEARCH matching. 3639 The OPTIONAL [CHARSET] specification consists of the word "CHARSET" 3640 followed by a registered [CHARSET] [CHARSET-REG]. It indicates the 3641 [CHARSET] of the strings that appear in the search criteria. 3642 [MIME-IMB] content transfer encodings, and [MIME-HDRS] strings in 3643 [RFC-5322]/[MIME-IMB] headers, MUST be decoded before comparing text. 3644 Servers MUST support US-ASCII and UTF-8 charsets; other [CHARSET]s 3645 MAY be supported. Clients SHOULD use UTF-8. Note that if "CHARSET" 3646 is not provided IMAP4rev2 servers MUST assume UTF-8, so selecting 3647 CHARSET UTF-8 is redundant. It is permitted for improved 3648 compatibility with existing IMAP4rev1 clients. 3650 If the server does not support the specified [CHARSET], it MUST 3651 return a tagged NO response (not a BAD). This response SHOULD 3652 contain the BADCHARSET response code, which MAY list the [CHARSET]s 3653 supported by the server. 3655 In all search keys that use strings and unless specified otherwise, a 3656 message matches the key if the string is a substring of the 3657 associated text. The matching SHOULD be case-insensitive for 3658 characters within ASCII range. Consider using [IMAP-I18N] for 3659 language-sensitive case-insensitive searching. Note that the empty 3660 string is a substring; this is useful when doing a HEADER search in 3661 order to test for a header field presence in the message. 3663 The defined search keys are as follows. Refer to the Formal Syntax 3664 section for the precise syntactic definitions of the arguments. 3666 Messages with message sequence numbers corresponding 3667 to the specified message sequence number set. 3669 ALL All messages in the mailbox; the default initial key for ANDing. 3671 ANSWERED Messages with the \Answered flag set. 3673 BCC Messages that contain the specified string in the 3674 envelope structure's BCC field. 3676 BEFORE Messages whose internal date (disregarding time and 3677 timezone) is earlier than the specified date. 3679 BODY Messages that contain the specified string in the body 3680 of the message. Unlike TEXT (see below), this doesn't match any 3681 header fields. Servers are allowed to implement flexible matching 3682 for this search key, for example matching "swim" to both "swam" 3683 and "swum" in English language text or only doing full word 3684 matching (where "swim" will not match "swimming"). 3686 CC Messages that contain the specified string in the 3687 envelope structure's CC field. 3689 DELETED Messages with the \Deleted flag set. 3691 DRAFT Messages with the \Draft flag set. 3693 FLAGGED Messages with the \Flagged flag set. 3695 FROM Messages that contain the specified string in the 3696 envelope structure's FROM field. 3698 HEADER Messages that have a header field with 3699 the specified field-name (as defined in [RFC-5322]) and that 3700 contains the specified string in the text of the header field 3701 (what comes after the colon). If the string to search is zero- 3702 length, this matches all messages that have a header field with 3703 the specified field-name regardless of the contents. Servers 3704 should use substring search for this SEARCH item, as clients can 3705 use it for automatic processing not initiated by end users. For 3706 example this can be used for searching for Message-ID or Content- 3707 Type header field values that need to be exact, or for searches in 3708 header fields that the IMAP server might not know anything about. 3710 KEYWORD Messages with the specified keyword flag set. 3712 LARGER Messages with an [RFC-5322] size larger than the 3713 specified number of octets. 3715 NOT Messages that do not match the specified search 3716 key. 3718 ON Messages whose internal date (disregarding time and 3719 timezone) is within the specified date. 3721 OR Messages that match either search 3722 key. 3724 SEEN Messages that have the \Seen flag set. 3726 SENTBEFORE Messages whose [RFC-5322] Date: header field 3727 (disregarding time and timezone) is earlier than the specified 3728 date. 3730 SENTON Messages whose [RFC-5322] Date: header field 3731 (disregarding time and timezone) is within the specified date. 3733 SENTSINCE Messages whose [RFC-5322] Date: header field 3734 (disregarding time and timezone) is within or later than the 3735 specified date. 3737 SINCE Messages whose internal date (disregarding time and 3738 timezone) is within or later than the specified date. 3740 SMALLER Messages with an [RFC-5322] size smaller than the 3741 specified number of octets. 3743 SUBJECT Messages that contain the specified string in the 3744 envelope structure's SUBJECT field. 3746 TEXT Messages that contain the specified string in the 3747 header (including MIME header fields) or body of the message. 3748 Servers are allowed to implement flexible matching for this search 3749 key, for example matching "swim" to both "swam" and "swum" in 3750 English language text or only doing full word matching (where 3751 "swim" will not match "swimming"). 3753 TO Messages that contain the specified string in the 3754 envelope structure's TO field. 3756 UID Messages with unique identifiers corresponding to 3757 the specified unique identifier set. Sequence set ranges are 3758 permitted. 3760 UNANSWERED Messages that do not have the \Answered flag set. 3762 UNDELETED Messages that do not have the \Deleted flag set. 3764 UNDRAFT Messages that do not have the \Draft flag set. 3766 UNFLAGGED Messages that do not have the \Flagged flag set. 3768 UNKEYWORD Messages that do not have the specified keyword 3769 flag set. 3771 UNSEEN Messages that do not have the \Seen flag set. 3773 Example: C: A282 SEARCH RETURN (MIN COUNT) FLAGGED 3774 SINCE 1-Feb-1994 NOT FROM "Smith" 3775 S: * ESEARCH (TAG "A282") MIN 2 COUNT 3 3776 S: A282 OK SEARCH completed 3778 Example: C: A283 SEARCH RETURN () FLAGGED 3779 SINCE 1-Feb-1994 NOT FROM "Smith" 3780 S: * ESEARCH (TAG "A283") ALL 2,10:11 3781 S: A283 OK SEARCH completed 3783 Example: C: A284 SEARCH TEXT "string not in mailbox" 3784 S: * ESEARCH (TAG "A284") 3785 S: A284 OK SEARCH completed 3786 C: A285 SEARCH CHARSET UTF-8 TEXT {6} 3787 S: + Ready for literal text 3788 C: XXXXXX 3789 S: * ESEARCH (TAG "A285") ALL 43 3790 S: A285 OK SEARCH completed 3792 Note: Since this document is restricted to 7-bit ASCII text, it is 3793 not possible to show actual UTF-8 data. The "XXXXXX" is a 3794 placeholder for what would be 6 octets of 8-bit data in an actual 3795 transaction. 3797 The following example demonstrates finding the first unseen message 3798 in the mailbox: 3800 Example: C: A284 SEARCH RETURN (MIN) UNSEEN 3801 S: * ESEARCH (TAG "A284") MIN 4 3802 S: A284 OK SEARCH completed 3804 The following example demonstrates that if the ESEARCH UID indicator 3805 is present, all data in the ESEARCH response is referring to UIDs; 3806 for example, the MIN result specifier will be followed by a UID. 3808 Example: C: A285 UID SEARCH RETURN (MIN MAX) 1:5000 3809 S: * ESEARCH (TAG "A285") UID MIN 7 MAX 3800 3810 S: A285 OK SEARCH completed 3812 The following example demonstrates returning the number of deleted 3813 messages: 3815 Example: C: A286 SEARCH RETURN (COUNT) DELETED 3816 S: * ESEARCH (TAG "A286") COUNT 15 3817 S: A286 OK SEARCH completed 3819 6.4.4.1. SAVE result option and SEARCH result variable 3821 Upon successful completion of a SELECT or an EXAMINE command (after 3822 the tagged OK response), the current search result variable is reset 3823 to the empty sequence. 3825 A successful SEARCH command with the SAVE result option sets the 3826 value of the search result variable to the list of messages found in 3827 the SEARCH command. For example, if no messages were found, the 3828 search result variable will contain the empty sequence. 3830 Any of the following SEARCH commands MUST NOT change the search 3831 result variable: 3833 a SEARCH command that caused the server to return the BAD tagged 3834 response, 3836 a SEARCH command with no SAVE result option that caused the server 3837 to return NO tagged response, 3839 a successful SEARCH command with no SAVE result option. 3841 A SEARCH command with the SAVE result option that caused the server 3842 to return the NO tagged response sets the value of the search result 3843 variable to the empty sequence. 3845 When a message listed in the search result variable is EXPUNGEd, it 3846 is automatically removed from the list. Implementors are reminded 3847 that if the server stores the list as a list of message numbers, it 3848 MUST automatically adjust them when notifying the client about 3849 expunged messages, as described in Section 7.5.1. 3851 If the server decides to send a new UIDVALIDITY value while the 3852 mailbox is opened, this causes resetting of the search variable to 3853 the empty sequence. 3855 Note that even if the "$" marker contains the empty sequence of 3856 messages, it must be treated by all commands accepting message sets 3857 as parameters as a valid, but non-matching list of messages. For 3858 example, the "FETCH $" command would return a tagged OK response and 3859 no FETCH responses. See also the Example 5 in Section 6.4.4.4. 3861 The SAVE result option doesn't change whether the server would return 3862 items corresponding to MIN, MAX, ALL, or COUNT result options. 3864 When the SAVE result option is combined with the MIN or MAX result 3865 option, and both ALL and COUNT result options are absent, the 3866 corresponding MIN/MAX is returned (if the search result is not 3867 empty), but the "$" marker would contain a single message as returned 3868 in the MIN/MAX return item. 3870 If the SAVE result option is combined with both MIN and MAX result 3871 options, and both ALL and COUNT result options are absent, the "$" 3872 marker would contain zero, one or two messages as returned in the 3873 MIN/MAX return items. 3875 If the SAVE result option is combined with the ALL and/or COUNT 3876 result option(s), the "$" marker would always contain all messages 3877 found by the SEARCH or UID SEARCH command. 3879 The following table summarizes the additional requirement on ESEARCH 3880 server implementations described in this section. 3882 +------------------------------+--------------------+ 3883 | Combination of Result option | "$" marker value | 3884 +------------------------------+--------------------+ 3885 | SAVE MIN | MIN | 3886 | SAVE MAX | MAX | 3887 | SAVE MIN MAX | MIN & MAX | 3888 | SAVE * [m] | all found messages | 3889 +------------------------------+--------------------+ 3891 where '*' means "ALL" and/or "COUNT", and '[m]' means optional "MIN" 3892 and/or "MAX" 3894 Implementation note: server implementors should note that "$" can 3895 reference IMAP message sequences or UID sequences, depending on the 3896 context where it is used. For example, the "$" marker can be set as 3897 a result of a SEARCH (SAVE) command and used as a parameter to a UID 3898 FETCH command (which accepts a UID sequence, not a message sequence), 3899 or the "$" marker can be set as a result of a UID SEARCH (SAVE) 3900 command and used as a parameter to a FETCH command (which accepts a 3901 message sequence, not a UID sequence). Server implementations need 3902 to automatically map the "$" marker value to message numbers or UIDs, 3903 depending on context where the "$" marker is used. 3905 6.4.4.2. Multiple Commands in Progress 3907 Use of a SEARCH RETURN (SAVE) command followed by a command using the 3908 "$" marker creates direct dependency between the two commands. As 3909 directed by Section 5.5, a server MUST execute the two commands in 3910 the order they were received. 3912 A client MAY pipeline a SEARCH RETURN (SAVE) command with one or more 3913 command using the "$" marker, as long as this doesn't create an 3914 ambiguity, as described in Section 5.5. Examples 7-9 in 3915 Section 6.4.4.4 explain this in more details. 3917 6.4.4.3. Refusing to Save Search Results 3919 In some cases, the server MAY refuse to save a SEARCH (SAVE) result, 3920 for example, if an internal limit on the number of saved results is 3921 reached. In this case, the server MUST return a tagged NO response 3922 containing the NOTSAVED response code and set the search result 3923 variable to the empty sequence, as described in Section 6.4.4.1. 3925 6.4.4.4. Examples showing use of SAVE result option 3927 Only in this section: explanatory comments in examples that start 3928 with // are not part of the protocol. 3930 1) The following example demonstrates how the client can use the 3931 result of a SEARCH command to FETCH headers of interesting messages: 3933 Example 1: 3934 C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994 3935 NOT FROM "Smith" 3936 S: A282 OK SEARCH completed, result saved 3937 C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER]) 3938 S: * 2 FETCH (UID 14 ... 3939 S: * 84 FETCH (UID 100 ... 3940 S: * 882 FETCH (UID 1115 ... 3941 S: A283 OK completed 3943 The client can also pipeline the two commands: 3945 Example 2: 3946 C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994 3947 NOT FROM "Smith" 3948 C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER]) 3949 S: A282 OK SEARCH completed 3950 S: * 2 FETCH (UID 14 ... 3951 S: * 84 FETCH (UID 100 ... 3952 S: * 882 FETCH (UID 1115 ... 3953 S: A283 OK completed 3955 2) The following example demonstrates that the result of one SEARCH 3956 command can be used as input to another SEARCH command: 3958 Example 3: 3959 C: A300 SEARCH RETURN (SAVE) SINCE 1-Jan-2004 3960 NOT FROM "Smith" 3961 S: A300 OK SEARCH completed 3962 C: A301 UID SEARCH UID $ SMALLER 4096 3963 S: * ESEARCH (TAG "A301") UID ALL 17,900,901 3964 S: A301 OK completed 3966 Note that the second command in Example 3 can be replaced with: 3967 C: A301 UID SEARCH $ SMALLER 4096 3968 and the result of the command would be the same. 3970 3) The following example shows that the "$" marker can be combined 3971 with other message numbers using the OR SEARCH criterion. 3973 Example 4: 3974 C: P282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994 3975 NOT FROM "Smith" 3976 S: P282 OK SEARCH completed 3977 C: P283 SEARCH CHARSET UTF-8 (OR $ 1,3000:3021) TEXT {8+} 3978 C: YYYYYYYY 3979 S: * ESEARCH (TAG "P283") ALL 882,1102,3003,3005:3006 3980 S: P283 OK completed 3982 Note: Since this document format is restricted to 7-bit ASCII text, 3983 it is not possible to show actual UTF-8 data. The "YYYYYYYY" is a 3984 placeholder for what would be 8 octets of 8-bit data in an actual 3985 transaction. 3987 4) The following example demonstrates that a failed SEARCH sets the 3988 search result variable to the empty list. The server doesn't 3989 implement the KOI8-R charset. 3991 Example 5: 3992 C: B282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994 3993 NOT FROM "Smith" 3994 S: B282 OK SEARCH completed 3995 C: B283 SEARCH RETURN (SAVE) CHARSET KOI8-R 3996 (OR $ 1,3000:3021) TEXT {4} 3997 C: XXXX 3998 S: B283 NO [BADCHARSET UTF-8] KOI8-R is not supported 3999 //After this command the saved result variable contains 4000 //no messages. A client that wants to reissue the B283 4001 //SEARCH command with another CHARSET would have to reissue 4002 //the B282 command as well. One possible workaround for 4003 //this is to include the desired CHARSET parameter 4004 //in the earliest SEARCH RETURN (SAVE) command in a 4005 //sequence of related SEARCH commands, to cause 4006 //the earliest SEARCH in the sequence to fail. 4007 //A better approach might be to always use CHARSET UTF-8 4008 //instead. 4010 Note: Since this document format is restricted to 7-bit ASCII text, 4011 it is not possible to show actual KOI8-R data. The "XXXX" is a 4012 placeholder for what would be 4 octets of 8-bit data in an actual 4013 transaction. 4015 5) The following example demonstrates that it is not an error to use 4016 the "$" marker when it contains no messages. 4018 Example 6: 4019 C: E282 SEARCH RETURN (SAVE) SINCE 28-Oct-2006 4020 NOT FROM "Eric" 4021 C: E283 COPY $ "Other Messages" 4022 //The "$" contains no messages 4023 S: E282 OK SEARCH completed 4024 S: E283 OK COPY completed, nothing copied 4026 Example 7: 4027 C: F282 SEARCH RETURN (SAVE) KEYWORD $Junk 4028 C: F283 COPY $ "Junk" 4029 C: F284 STORE $ +FLAGS.Silent (\Deleted) 4030 S: F282 OK SEARCH completed 4031 S: F283 OK COPY completed 4032 S: F284 OK STORE completed 4034 Example 8: 4035 C: G282 SEARCH RETURN (SAVE) KEYWORD $Junk 4036 C: G283 SEARCH RETURN (ALL) SINCE 28-Oct-2006 4037 FROM "Eric" 4038 // The server can execute the two SEARCH commands 4039 // in any order, as they don't have any dependency. 4040 // For example, it may return: 4041 S: * ESEARCH (TAG "G283") ALL 3:15,27,29:103 4042 S: G283 OK SEARCH completed 4043 S: G282 OK SEARCH completed 4045 The following example demonstrates that the result of the second 4046 SEARCH RETURN (SAVE) always overrides the result of the first. 4048 Example 9: 4049 C: H282 SEARCH RETURN (SAVE) KEYWORD $Junk 4050 C: H283 SEARCH RETURN (SAVE) SINCE 28-Oct-2006 4051 FROM "Eric" 4052 S: H282 OK SEARCH completed 4053 S: H283 OK SEARCH completed 4054 // At this point "$" would contain results of H283 4056 The following example demonstrates behavioral difference for 4057 different combinations of ESEARCH result options. 4059 Example 10: 4060 C: C282 SEARCH RETURN (ALL) SINCE 12-Feb-2006 4061 NOT FROM "Smith" 4062 S: * ESEARCH (TAG "C283") ALL 2,10:15,21 4063 //$ value hasn't changed 4064 S: C282 OK SEARCH completed 4066 C: C283 SEARCH RETURN (ALL SAVE) SINCE 12-Feb-2006 4067 NOT FROM "Smith" 4068 S: * ESEARCH (TAG "C283") ALL 2,10:15,21 4069 //$ value is 2,10:15,21 4070 S: C283 OK SEARCH completed 4072 C: C284 SEARCH RETURN (SAVE MIN) SINCE 12-Feb-2006 4073 NOT FROM "Smith" 4074 S: * ESEARCH (TAG "C284") MIN 2 4075 //$ value is 2 4076 S: C284 OK SEARCH completed 4078 C: C285 SEARCH RETURN (MAX SAVE MIN) SINCE 4079 12-Feb-2006 NOT FROM "Smith" 4080 S: * ESEARCH (TAG "C285") MIN 2 MAX 21 4081 //$ value is 2,21 4082 S: C285 OK SEARCH completed 4084 C: C286 SEARCH RETURN (MAX SAVE MIN COUNT) 4085 SINCE 12-Feb-2006 NOT FROM "Smith" 4086 S: * ESEARCH (TAG "C286") MIN 2 MAX 21 COUNT 8 4087 //$ value is 2,10:15,21 4088 S: C286 OK SEARCH completed 4090 C: C286 SEARCH RETURN (ALL SAVE MIN) SINCE 4091 12-Feb-2006 NOT FROM "Smith" 4092 S: * ESEARCH (TAG "C286") MIN 2 ALL 2,10:15,21 4093 //$ value is 2,10:15,21 4094 S: C286 OK SEARCH completed 4096 6.4.5. FETCH Command 4098 Arguments: sequence set 4099 message data item names or macro 4101 Responses: untagged responses: FETCH 4103 Result: OK - fetch completed 4104 NO - fetch error: can't fetch that data 4105 BAD - command unknown or arguments invalid 4107 The FETCH command retrieves data associated with a message in the 4108 mailbox. The data items to be fetched can be either a single atom or 4109 a parenthesized list. 4111 Most data items, identified in the formal syntax (Section 9) under 4112 the msg-att-static rule, are static and MUST NOT change for any 4113 particular message. Other data items, identified in the formal 4114 syntax under the msg-att-dynamic rule, MAY change, either as a result 4115 of a STORE command or due to external events. 4117 For example, if a client receives an ENVELOPE for a message when 4118 it already knows the envelope, it can safely ignore the newly 4119 transmitted envelope. 4121 There are three macros which specify commonly-used sets of data 4122 items, and can be used instead of data items. A macro must be used 4123 by itself, and not in conjunction with other macros or data items. 4125 ALL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE) 4127 FAST Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE) 4129 FULL Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE 4130 BODY) 4132 Several data items reference "section" or "section-binary". See 4133 Section 6.4.5.1 for their detailed definition. 4135 The currently defined data items that can be fetched are: 4137 BINARY[]<> 4139 Requests that the specified section be transmitted after 4140 performing Content-Transfer-Encoding-related decoding. 4142 The argument, if present, requests that a subset of 4143 the data be returned. The semantics of a partial FETCH BINARY 4144 command are the same as for a partial FETCH BODY command, with 4145 the exception that the arguments refer to the DECODED 4146 section data. 4148 Note that this data item can only be requested for leaf (i.e. 4149 non multipart/*, non message/rfc822 and non message/global) 4150 body parts. 4152 BINARY.PEEK[]<> An alternate form of 4153 BINARY[] that does not implicitly set the \Seen 4154 flag. 4156 BINARY.SIZE[] 4158 Requests the decoded size of the section (i.e., the size to 4159 expect in response to the corresponding FETCH BINARY request). 4161 Note: client authors are cautioned that this might be an 4162 expensive operation for some server implementations. 4163 Needlessly issuing this request could result in degraded 4164 performance due to servers having to calculate the value every 4165 time the request is issued. 4167 Note that this data item can only be requested for leaf (i.e. 4168 non multipart/*, non message/rfc822 and non message/global) 4169 body parts. 4171 BODY Non-extensible form of BODYSTRUCTURE. 4173 BODY[
]<> 4175 The text of a particular body section. 4177 It is possible to fetch a substring of the designated text. 4178 This is done by appending an open angle bracket ("<"), the 4179 octet position of the first desired octet, a period, the 4180 maximum number of octets desired, and a close angle bracket 4181 (">") to the part specifier. If the starting octet is beyond 4182 the end of the text, an empty string is returned. 4184 Any partial fetch that attempts to read beyond the end of the 4185 text is truncated as appropriate. A partial fetch that starts 4186 at octet 0 is returned as a partial fetch, even if this 4187 truncation happened. 4189 Note: This means that BODY[]<0.2048> of a 1500-octet message 4190 will return BODY[]<0> with a literal of size 1500, not 4191 BODY[]. 4193 Note: A substring fetch of a HEADER.FIELDS or 4194 HEADER.FIELDS.NOT part specifier is calculated after 4195 subsetting the header. 4197 The \Seen flag is implicitly set; if this causes the flags to 4198 change, they SHOULD be included as part of the FETCH responses. 4200 BODY.PEEK[
]<> An alternate form of BODY[
] 4201 that does not implicitly set the \Seen flag. 4203 BODYSTRUCTURE The [MIME-IMB] body structure of the message. This is 4204 computed by the server by parsing the [MIME-IMB] header fields in 4205 the [RFC-5322] header and [MIME-IMB] headers. See Section 7.5.2 4206 for more details. 4208 ENVELOPE The envelope structure of the message. This is computed by 4209 the server by parsing the [RFC-5322] header into the component 4210 parts, defaulting various fields as necessary. See Section 7.5.2 4211 for more details. 4213 FLAGS The flags that are set for this message. 4215 INTERNALDATE The internal date of the message. 4217 RFC822.SIZE The [RFC-5322] size of the message. 4219 UID The unique identifier for the message. 4221 Example: C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)]) 4222 S: * 2 FETCH .... 4223 S: * 3 FETCH .... 4224 S: * 4 FETCH .... 4225 S: A654 OK FETCH completed 4227 6.4.5.1. FETCH section specification 4229 Several FETCH data items reference "section" or "section-binary". 4230 The section specification is a set of zero or more part specifiers 4231 delimited by periods. A part specifier is either a part number or 4232 one of the following: HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, MIME, 4233 and TEXT. (Non numeric part specifiers have to be the last specifier 4234 in a section specification.) An empty section specification refers 4235 to the entire message, including the header. 4237 Every message has at least one part number. Non-[MIME-IMB] messages, 4238 and non-multipart [MIME-IMB] messages with no encapsulated message, 4239 only have a part 1. 4241 Multipart messages are assigned consecutive part numbers, as they 4242 occur in the message. If a particular part is of type message or 4243 multipart, its parts MUST be indicated by a period followed by the 4244 part number within that nested multipart part. 4246 A part of type MESSAGE/RFC822 or MESSAGE/GLOBAL also has nested part 4247 numbers, referring to parts of the MESSAGE part's body. 4249 The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT part 4250 specifiers can be the sole part specifier or can be prefixed by one 4251 or more numeric part specifiers, provided that the numeric part 4252 specifier refers to a part of type MESSAGE/RFC822 or MESSAGE/GLOBAL. 4253 The MIME part specifier MUST be prefixed by one or more numeric part 4254 specifiers. 4256 The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT part specifiers 4257 refer to the [RFC-5322] header of the message or of an encapsulated 4258 [MIME-IMT] MESSAGE/RFC822 or MESSAGE/GLOBAL message. HEADER.FIELDS 4259 and HEADER.FIELDS.NOT are followed by a list of field-name (as 4260 defined in [RFC-5322]) names, and return a subset of the header. The 4261 subset returned by HEADER.FIELDS contains only those header fields 4262 with a field-name that matches one of the names in the list; 4263 similarly, the subset returned by HEADER.FIELDS.NOT contains only the 4264 header fields with a non-matching field-name. The field-matching is 4265 ASCII range case-insensitive but otherwise exact. Subsetting does 4266 not exclude the [RFC-5322] delimiting blank line between the header 4267 and the body; the blank line is included in all header fetches, 4268 except in the case of a message which has no body and no blank line. 4270 The MIME part specifier refers to the [MIME-IMB] header for this 4271 part. 4273 The TEXT part specifier refers to the text body of the message, 4274 omitting the [RFC-5322] header. 4276 Here is an example of a complex message with some of its part 4277 specifiers: 4279 HEADER ([RFC-5322] header of the message) 4280 TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4281 1 TEXT/PLAIN 4282 2 APPLICATION/OCTET-STREAM 4283 3 MESSAGE/RFC822 4284 3.HEADER ([RFC-5322] header of the message) 4285 3.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4286 3.1 TEXT/PLAIN 4287 3.2 APPLICATION/OCTET-STREAM 4288 4 MULTIPART/MIXED 4289 4.1 IMAGE/GIF 4290 4.1.MIME ([MIME-IMB] header for the IMAGE/GIF) 4291 4.2 MESSAGE/RFC822 4292 4.2.HEADER ([RFC-5322] header of the message) 4293 4.2.TEXT ([RFC-5322] text body of the message) MULTIPART/MIXED 4294 4.2.1 TEXT/PLAIN 4295 4.2.2 MULTIPART/ALTERNATIVE 4296 4.2.2.1 TEXT/PLAIN 4297 4.2.2.2 TEXT/RICHTEXT 4299 6.4.6. STORE Command 4301 Arguments: sequence set 4302 message data item name 4303 value for message data item 4305 Responses: untagged responses: FETCH 4307 Result: OK - store completed 4308 NO - store error: can't store that data 4309 BAD - command unknown or arguments invalid 4311 The STORE command alters data associated with a message in the 4312 mailbox. Normally, STORE will return the updated value of the data 4313 with an untagged FETCH response. A suffix of ".SILENT" in the data 4314 item name prevents the untagged FETCH, and the server SHOULD assume 4315 that the client has determined the updated value itself or does not 4316 care about the updated value. 4318 Note: Regardless of whether or not the ".SILENT" suffix was used, 4319 the server SHOULD send an untagged FETCH response if a change to a 4320 message's flags from an external source is observed. The intent 4321 is that the status of the flags is determinate without a race 4322 condition. 4324 The currently defined data items that can be stored are: 4326 FLAGS Replace the flags for the message with the 4327 argument. The new value of the flags is returned as if a FETCH of 4328 those flags was done. 4330 FLAGS.SILENT Equivalent to FLAGS, but without returning 4331 a new value. 4333 +FLAGS Add the argument to the flags for the message. 4334 The new value of the flags is returned as if a FETCH of those 4335 flags was done. 4337 +FLAGS.SILENT Equivalent to +FLAGS, but without 4338 returning a new value. 4340 -FLAGS Remove the argument from the flags for the 4341 message. The new value of the flags is returned as if a FETCH of 4342 those flags was done. 4344 -FLAGS.SILENT Equivalent to -FLAGS, but without 4345 returning a new value. 4347 Example: C: A003 STORE 2:4 +FLAGS (\Deleted) 4348 S: * 2 FETCH (FLAGS (\Deleted \Seen)) 4349 S: * 3 FETCH (FLAGS (\Deleted)) 4350 S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen)) 4351 S: A003 OK STORE completed 4353 6.4.7. COPY Command 4355 Arguments: sequence set 4356 mailbox name 4358 Responses: no specific responses for this command 4360 Result: OK - copy completed 4361 NO - copy error: can't copy those messages or to that 4362 name 4363 BAD - command unknown or arguments invalid 4365 The COPY command copies the specified message(s) to the end of the 4366 specified destination mailbox. The flags and internal date of the 4367 message(s) SHOULD be preserved in the copy. 4369 If the destination mailbox does not exist, a server MUST return an 4370 error. It MUST NOT automatically create the mailbox. Unless it is 4371 certain that the destination mailbox can not be created, the server 4372 MUST send the response code "[TRYCREATE]" as the prefix of the text 4373 of the tagged NO response. This gives a hint to the client that it 4374 can attempt a CREATE command and retry the COPY if the CREATE is 4375 successful. 4377 If the COPY command is unsuccessful for any reason, server 4378 implementations MUST restore the destination mailbox to its state 4379 before the COPY attempt (other than possibly incrementing UIDNEXT), 4380 i.e. partial copy MUST NOT be done. 4382 On successful completion of a COPY, the server returns a COPYUID 4383 response code (see Section 7.1). Two exception to this requirement 4384 are listed below. 4386 In the case of a mailbox that has permissions set so that the client 4387 can COPY to the mailbox, but not SELECT or EXAMINE it, the server 4388 MUST NOT send an COPYUID response code as it would disclose 4389 information about the mailbox. 4391 In the case of a mailbox that has UIDNOTSTICKY status (see 4392 Section 7.1), the server MAY omit the COPYUID response code as it is 4393 not meaningful. 4395 Example: C: A003 COPY 2:4 MEETING 4396 S: A003 OK [COPYUID 38505 304,319:320 3956:3958] COPY completed 4398 6.4.8. MOVE Command 4400 Arguments: sequence set 4401 mailbox name 4403 Responses: no specific responses for this command 4405 Result: OK - move completed 4406 NO - move error: can't move those messages or to that 4407 name 4408 BAD - command unknown or arguments invalid 4410 The MOVE command moves the specified message(s) to the end of the 4411 specified destination mailbox. The flags and internal date of the 4412 message(s) SHOULD be preserved. 4414 This means that a new message is created in the target mailbox with a 4415 new UID, the original message is removed from the source mailbox, and 4416 it appears to the client as a single action. This has the same 4417 effect for each message as this sequence: 4419 1. [UID] COPY 4421 2. [UID] STORE +FLAGS.SILENT \DELETED 4423 3. UID EXPUNGE 4425 Although the effect of the MOVE is the same as the preceding steps, 4426 the semantics are not identical: The intermediate states produced by 4427 those steps do not occur, and the response codes are different. In 4428 particular, though the COPY and EXPUNGE response codes will be 4429 returned, response codes for a STORE MUST NOT be generated and the 4430 \Deleted flag MUST NOT be set for any message. 4432 Unlike the COPY command, MOVE of a set of messages might fail partway 4433 through the set. Regardless of whether the command is successful in 4434 moving the entire set, each individual message MUST either be moved 4435 or unaffected. The server MUST leave each message in a state where 4436 it is in at least one of the source or target mailboxes (no message 4437 can be lost or orphaned). The server SHOULD NOT leave any message in 4438 both mailboxes (it would be bad for a partial failure to result in a 4439 bunch of duplicate messages). This is true even if the server 4440 returns a tagged NO response to the command. 4442 If the destination mailbox does not exist, a server MUST return an 4443 error. It MUST NOT automatically create the mailbox. Unless it is 4444 certain that the destination mailbox can not be created, the server 4445 MUST send the response code "[TRYCREATE]" as the prefix of the text 4446 of the tagged NO response. This gives a hint to the client that it 4447 can attempt a CREATE command and retry the MOVE if the CREATE is 4448 successful. 4450 Because of the similarity of MOVE to COPY, extensions that affect 4451 COPY affect MOVE in the same way. Response codes listed in 4452 Section 7.1, as well as those defined by extensions, are sent as 4453 appropriate. 4455 Servers send COPYUID in response to a MOVE or a UID MOVE (see 4456 Section 6.4.9) command. For additional information about COPYUID see 4457 Section 7.1. Note that there are several exceptions listed in 4458 Section 6.4.7 that allow servers not to return COPYUID. 4460 Servers are also REQUIRED to send the COPYUID response code in an 4461 untagged OK before sending EXPUNGE or similar responses. (Sending 4462 COPYUID in the tagged OK, as described in the UIDPLUS specification, 4463 means that clients first receive an EXPUNGE for a message and 4464 afterwards COPYUID for the same message. It can be unnecessarily 4465 difficult to process that sequence usefully.) 4467 An example: 4468 C: a UID MOVE 42:69 foo 4469 S: * OK [COPYUID 432432 42:69 1202:1229] 4470 S: * 22 EXPUNGE 4471 ...More EXPUNGE responses from the server... 4472 S: a OK Done 4474 Note that the server may send unrelated EXPUNGE responses as well, if 4475 any happen to have been expunged at the same time; this is normal 4476 IMAP operation. 4478 Note that moving a message to the currently selected mailbox (that 4479 is, where the source and target mailboxes are the same) is allowed 4480 when copying the message to the currently selected mailbox is 4481 allowed. 4483 The server may send EXPUNGE responses before the tagged response, so 4484 the client cannot safely send more commands with message sequence 4485 number arguments while the server is processing MOVE. 4487 MOVE and UID MOVE can be pipelined with other commands, but care has 4488 to be taken. Both commands modify sequence numbers and also allow 4489 unrelated EXPUNGE responses. The renumbering of other messages in 4490 the source mailbox following any EXPUNGE response can be surprising 4491 and makes it unsafe to pipeline any command that relies on message 4492 sequence numbers after a MOVE or UID MOVE. Similarly, MOVE cannot be 4493 pipelined with a command that might cause message renumbering. See 4494 Section 5.5, for more information about ambiguities as well as 4495 handling requirements for both clients and servers. 4497 6.4.9. UID Command 4499 Arguments: command name 4500 command arguments 4502 Responses: untagged responses: FETCH, ESEARCH, EXPUNGE 4504 Result: OK - UID command completed 4505 NO - UID command error 4506 BAD - command unknown or arguments invalid 4508 The UID command has three forms. In the first form, it takes as its 4509 arguments a COPY, MOVE, FETCH, or STORE command with arguments 4510 appropriate for the associated command. However, the numbers in the 4511 sequence set argument are unique identifiers instead of message 4512 sequence numbers. Sequence set ranges are permitted, but there is no 4513 guarantee that unique identifiers will be contiguous. 4515 A non-existent unique identifier is ignored without any error message 4516 generated. Thus, it is possible for a UID FETCH command to return an 4517 OK without any data or a UID COPY, UID MOVE or UID STORE to return an 4518 OK without performing any operations. 4520 In the second form, the UID command takes an EXPUNGE command with an 4521 extra parameter the specified a sequence set of UIDs to operate on. 4522 The UID EXPUNGE command permanently removes all messages that both 4523 have the \Deleted flag set and have a UID that is included in the 4524 specified sequence set from the currently selected mailbox. If a 4525 message either does not have the \Deleted flag set or has a UID that 4526 is not included in the specified sequence set, it is not affected. 4528 UID EXPUNGE is particularly useful for disconnected use clients. 4529 By using UID EXPUNGE instead of EXPUNGE when resynchronizing with 4530 the server, the client can ensure that it does not inadvertantly 4531 remove any messages that have been marked as \Deleted by other 4532 clients between the time that the client was last connected and 4533 the time the client resynchronizes. 4535 Example: C: A003 UID EXPUNGE 3000:3002 4536 S: * 3 EXPUNGE 4537 S: * 3 EXPUNGE 4538 S: * 3 EXPUNGE 4539 S: A003 OK UID EXPUNGE completed 4541 In the third form, the UID command takes a SEARCH command with SEARCH 4542 command arguments. The interpretation of the arguments is the same 4543 as with SEARCH; however, the numbers returned in a ESEARCH response 4544 for a UID SEARCH command are unique identifiers instead of message 4545 sequence numbers. Also, the corresponding ESEARCH response MUST 4546 include the UID indicator. For example, the command UID SEARCH 1:100 4547 UID 443:557 returns the unique identifiers corresponding to the 4548 intersection of two sequence sets, the message sequence number range 4549 1:100 and the UID range 443:557. 4551 Note: in the above example, the UID range 443:557 appears. The 4552 same comment about a non-existent unique identifier being ignored 4553 without any error message also applies here. Hence, even if 4554 neither UID 443 or 557 exist, this range is valid and would 4555 include an existing UID 495. 4557 Also note that a UID range of 559:* always includes the UID of the 4558 last message in the mailbox, even if 559 is higher than any 4559 assigned UID value. This is because the contents of a range are 4560 independent of the order of the range endpoints. Thus, any UID 4561 range with * as one of the endpoints indicates at least one 4562 message (the message with the highest numbered UID), unless the 4563 mailbox is empty. 4565 The number after the "*" in an untagged FETCH or EXPUNGE response is 4566 always a message sequence number, not a unique identifier, even for a 4567 UID command response. However, server implementations MUST 4568 implicitly include the UID message data item as part of any FETCH 4569 response caused by a UID command, regardless of whether a UID was 4570 specified as a message data item to the FETCH. 4572 Note: The rule about including the UID message data item as part of a 4573 FETCH response primarily applies to the UID FETCH and UID STORE 4574 commands, including a UID FETCH command that does not include UID as 4575 a message data item. Although it is unlikely that the other UID 4576 commands will cause an untagged FETCH, this rule applies to these 4577 commands as well. 4579 Example: C: A999 UID FETCH 4827313:4828442 FLAGS 4580 S: * 23 FETCH (FLAGS (\Seen) UID 4827313) 4581 S: * 24 FETCH (FLAGS (\Seen) UID 4827943) 4582 S: * 25 FETCH (FLAGS (\Seen) UID 4828442) 4583 S: A999 OK UID FETCH completed 4585 6.5. Client Commands - Experimental/Expansion 4587 Each command which is not part of this specification MUST have at 4588 least one capability name (see Section 6.1.1) associated with it. 4589 (Multiple commands can be associated with the same capability name.) 4591 Server implementations MUST NOT send any added (not specified in this 4592 specification) untagged responses, unless the client requested it by 4593 issuing the associated experimental command (specified in an 4594 extension document) or the ENABLE command (Section 6.3.1). 4596 The following example demonstrates how a client can check for 4597 presence of a fictitious XPIG-LATIN capability that adds the XPIG- 4598 LATIN command and the the XPIG-LATIN untagged response. (Note that 4599 for an extension the command name and the capability name don't have 4600 to be the same.) 4602 Example: C: a441 CAPABILITY 4603 S: * CAPABILITY IMAP4rev2 XPIG-LATIN 4604 S: a441 OK CAPABILITY completed 4605 C: A442 XPIG-LATIN 4606 S: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-lay 4607 S: A442 OK XPIG-LATIN ompleted-cay 4609 7. Server Responses 4611 Server responses are in three forms: status responses, server data, 4612 and command continuation request. The information contained in a 4613 server response, identified by "Contents:" in the response 4614 descriptions below, is described by function, not by syntax. The 4615 precise syntax of server responses is described in the Formal Syntax 4616 (Section 9). 4618 The client MUST be prepared to accept any response at all times. 4620 Status responses can be tagged or untagged. Tagged status responses 4621 indicate the completion result (OK, NO, or BAD status) of a client 4622 command, and have a tag matching the command. 4624 Some status responses, and all server data, are untagged. An 4625 untagged response is indicated by the token "*" instead of a tag. 4626 Untagged status responses indicate server greeting, or server status 4627 that does not indicate the completion of a command (for example, an 4628 impending system shutdown alert). For historical reasons, untagged 4629 server data responses are also called "unsolicited data", although 4630 strictly speaking, only unilateral server data is truly 4631 "unsolicited". 4633 Certain server data MUST be remembered by the client when it is 4634 received; this is noted in the description of that data. Such data 4635 conveys critical information which affects the interpretation of all 4636 subsequent commands and responses (e.g., updates reflecting the 4637 creation or destruction of messages). 4639 Other server data SHOULD be remembered for later reference; if the 4640 client does not need to remember the data, or if remembering the data 4641 has no obvious purpose (e.g., a SEARCH response when no SEARCH 4642 command is in progress), the data can be ignored. 4644 An example of unilateral untagged server data occurs when the IMAP 4645 connection is in the selected state. In the selected state, the 4646 server checks the mailbox for new messages as part of command 4647 execution. Normally, this is part of the execution of every command; 4648 hence, a NOOP command suffices to check for new messages. If new 4649 messages are found, the server sends untagged EXISTS response 4650 reflecting the new size of the mailbox. Server implementations that 4651 offer multiple simultaneous access to the same mailbox SHOULD also 4652 send appropriate unilateral untagged FETCH and EXPUNGE responses if 4653 another agent changes the state of any message flags or expunges any 4654 messages. 4656 Command continuation request responses use the token "+" instead of a 4657 tag. These responses are sent by the server to indicate acceptance 4658 of an incomplete client command and readiness for the remainder of 4659 the command. 4661 7.1. Server Responses - Generic Status Responses 4663 Status responses are OK, NO, BAD, PREAUTH and BYE. OK, NO, and BAD 4664 can be tagged or untagged. PREAUTH and BYE are always untagged. 4666 Status responses MAY include an OPTIONAL "response code". A response 4667 code consists of data inside square brackets in the form of an atom, 4668 possibly followed by a space and arguments. The response code 4669 contains additional information or status codes for client software 4670 beyond the OK/NO/BAD condition, and are defined when there is a 4671 specific action that a client can take based upon the additional 4672 information. 4674 The currently defined response codes are: 4676 ALERT 4678 The human-readable text contains a special alert that are 4679 presented to the user in a fashion that calls the user's 4680 attention to the message. Content of ALERT response codes 4681 received on a connection without TLS or SASL security layer 4682 confidentiality SHOULD be ignored by clients. If displayed, 4683 such alerts MUST be clearly marked as potentially suspicious. 4684 (Note that some existing clients are known to hyperlink 4685 returned text which make them very dangerous.) Alerts received 4686 after successful establishment of a TLS/SASL confidentiality 4687 layer MUST be presented to the user. 4689 ALREADYEXISTS 4691 The operation attempts to create something that already exists, 4692 such as when the CREATE or RENAME directories attempt to create 4693 a mailbox and there is already one of that name. 4695 C: o356 RENAME this that 4696 S: o356 NO [ALREADYEXISTS] Mailbox "that" already exists 4698 APPENDUID 4700 Followed by the UIDVALIDITY of the destination mailbox and the 4701 UID assigned to the appended message in the destination 4702 mailbox, indicates that the message has been appended to the 4703 destination mailbox with that UID. 4705 If the server also supports the [MULTIAPPEND] extension, and if 4706 multiple messages were appended in the APPEND command, then the 4707 second value is a UID set containing the UIDs assigned to the 4708 appended messages, in the order they were transmitted in the 4709 APPEND command. This UID set may not contain extraneous UIDs 4710 or the symbol "*". 4712 Note: the UID set form of the APPENDUID response code MUST 4713 NOT be used if only a single message was appended. In 4714 particular, a server MUST NOT send a range such as 123:123. 4715 This is because a client that does not support [MULTIAPPEND] 4716 expects only a single UID and not a UID set. 4718 UIDs are assigned in strictly ascending order in the mailbox 4719 (refer to Section 2.3.1.1); note that a range of 12:10 is 4720 exactly equivalent to 10:12 and refers to the sequence 4721 10,11,12. 4723 This response code is returned in a tagged OK response to the 4724 APPEND command. 4726 AUTHENTICATIONFAILED 4728 Authentication failed for some reason on which the server is 4729 unwilling to elaborate. Typically, this includes "unknown 4730 user" and "bad password". 4732 This is the same as not sending any response code, except that 4733 when a client sees AUTHENTICATIONFAILED, it knows that the 4734 problem wasn't, e.g., UNAVAILABLE, so there's no point in 4735 trying the same login/password again later. 4737 C: b LOGIN "fred" "foo" 4738 S: b NO [AUTHENTICATIONFAILED] Authentication failed 4740 AUTHORIZATIONFAILED 4742 Authentication succeeded in using the authentication identity, 4743 but the server cannot or will not allow the authentication 4744 identity to act as the requested authorization identity. This 4745 is only applicable when the authentication and authorization 4746 identities are different. 4748 C: c1 AUTHENTICATE PLAIN 4749 [...] 4750 S: c1 NO [AUTHORIZATIONFAILED] No such authorization-ID 4752 C: c2 AUTHENTICATE PLAIN 4753 [...] 4754 S: c2 NO [AUTHORIZATIONFAILED] Authenticator is not an admin 4756 BADCHARSET 4758 Optionally followed by a parenthesized list of charsets. A 4759 SEARCH failed because the given charset is not supported by 4760 this implementation. If the optional list of charsets is 4761 given, this lists the charsets that are supported by this 4762 implementation. 4764 CANNOT 4766 The operation violates some invariant of the server and can 4767 never succeed. 4769 C: l create "///////" 4770 S: l NO [CANNOT] Adjacent slashes are not supported 4772 CAPABILITY 4774 Followed by a list of capabilities. This can appear in the 4775 initial OK or PREAUTH response to transmit an initial 4776 capabilities list. It can also appear in tagged responses to 4777 LOGIN or AUTHENTICATE commands. This makes it unnecessary for 4778 a client to send a separate CAPABILITY command if it recognizes 4779 this response code and there was no change to the TLS and/or 4780 authentication state since it was received. 4782 CLIENTBUG 4784 The server has detected a client bug. This can accompany all 4785 of OK, NO, and BAD, depending on what the client bug is. 4787 C: k1 select "/archive/projects/experiment-iv" 4788 [...] 4789 S: k1 OK [READ-ONLY] Done 4790 C: k2 status "/archive/projects/experiment-iv" (messages) 4791 [...] 4792 S: k2 OK [CLIENTBUG] Done 4794 CLOSED 4796 The CLOSED response code has no parameters. A server return 4797 the CLOSED response code when the currently selected mailbox is 4798 closed implicitly using the SELECT/EXAMINE command on another 4799 mailbox. The CLOSED response code serves as a boundary between 4800 responses for the previously opened mailbox (which was closed) 4801 and the newly selected mailbox; all responses before the CLOSED 4802 response code relate to the mailbox that was closed, and all 4803 subsequent responses relate to the newly opened mailbox. 4805 There is no need to return the CLOSED response code on 4806 completion of the CLOSE or the UNSELECT command (or similar), 4807 whose purpose is to close the currently selected mailbox 4808 without opening a new one. 4810 CONTACTADMIN 4812 The user should contact the system administrator or support 4813 desk. 4815 C: e login "fred" "foo" 4816 S: e NO [CONTACTADMIN] 4818 COPYUID 4820 Followed by the UIDVALIDITY of the destination mailbox, a UID 4821 set containing the UIDs of the message(s) in the source mailbox 4822 that were copied to the destination mailbox, followed by 4823 another UID set containing the UIDs assigned to the copied 4824 message(s) in the destination mailbox, indicates that the 4825 message(s) have been copied to the destination mailbox with the 4826 stated UID(s). 4828 The source UID set is in the order the message(s) were copied; 4829 the destination UID set corresponds to the source UID set and 4830 is in the same order. Neither of the UID sets may contain 4831 extraneous UIDs or the symbol "*". 4833 UIDs are assigned in strictly ascending order in the mailbox 4834 (refer to Section 2.3.1.1); note that a range of 12:10 is 4835 exactly equivalent to 10:12 and refers to the sequence 4836 10,11,12. 4838 This response code is returned in a tagged OK response to the 4839 COPY/UID COPY command or in the untagged OK response to the 4840 MOVE/UID MOVE command. 4842 CORRUPTION 4844 The server discovered that some relevant data (e.g., the 4845 mailbox) are corrupt. This response code does not include any 4846 information about what's corrupt, but the server can write that 4847 to its logfiles. 4849 C: i select "/archive/projects/experiment-iv" 4850 S: i NO [CORRUPTION] Cannot open mailbox 4852 EXPIRED 4854 Either authentication succeeded or the server no longer had the 4855 necessary data; either way, access is no longer permitted using 4856 that passphrase. The client or user should get a new 4857 passphrase. 4859 C: d login "fred" "foo" 4860 S: d NO [EXPIRED] That password isn't valid any more 4862 EXPUNGEISSUED 4863 Someone else has issued an EXPUNGE for the same mailbox. The 4864 client may want to issue NOOP soon. [IMAP-MULTIACCESS] 4865 discusses this subject in depth. 4867 C: h search from maria@example.com 4868 S: * ESEARCH (TAG "h") ALL 1:3,5,8,13,21,42 4869 S: h OK [EXPUNGEISSUED] Search completed 4871 HASCHILDREN 4873 The mailbox delete operation failed because the mailbox has one 4874 or more children and the server doesn't allow deletion of 4875 mailboxes with children. 4877 C: m356 DELETE Notes 4878 S: o356 NO [HASCHILDREN] Mailbox "Notes" has children that need 4879 to be deleted first 4881 INUSE 4883 An operation has not been carried out because it involves 4884 sawing off a branch someone else is sitting on. Someone else 4885 may be holding an exclusive lock needed for this operation, or 4886 the operation may involve deleting a resource someone else is 4887 using, typically a mailbox. 4889 The operation may succeed if the client tries again later. 4891 C: g delete "/archive/projects/experiment-iv" 4892 S: g NO [INUSE] Mailbox in use 4894 LIMIT 4896 The operation ran up against an implementation limit of some 4897 kind, such as the number of flags on a single message or the 4898 number of flags used in a mailbox. 4900 C: m STORE 42 FLAGS f1 f2 f3 f4 f5 ... f250 4901 S: m NO [LIMIT] At most 32 flags in one mailbox supported 4903 NONEXISTENT 4905 The operation attempts to delete something that does not exist. 4906 Similar to ALREADYEXISTS. 4908 C: p RENAME this that 4909 S: p NO [NONEXISTENT] No such mailbox 4911 NOPERM 4913 The access control system (e.g., Access Control List (ACL), see 4914 [RFC4314]) does not permit this user to carry out an operation, 4915 such as selecting or creating a mailbox. 4917 C: f select "/archive/projects/experiment-iv" 4918 S: f NO [NOPERM] Access denied 4920 OVERQUOTA 4922 The user would be over quota after the operation. (The user 4923 may or may not be over quota already.) 4925 Note that if the server sends OVERQUOTA but doesn't support the 4926 IMAP QUOTA extension defined by [RFC2087], then there is a 4927 quota, but the client cannot find out what the quota is. 4929 C: n1 uid copy 1:* oldmail 4930 S: n1 NO [OVERQUOTA] Sorry 4932 C: n2 uid copy 1:* oldmail 4933 S: n2 OK [OVERQUOTA] You are now over your soft quota 4935 PARSE 4937 The human-readable text represents an error in parsing the 4938 [RFC-5322] header or [MIME-IMB] headers of a message in the 4939 mailbox. 4941 PERMANENTFLAGS 4943 Followed by a parenthesized list of flags, indicates which of 4944 the known flags the client can change permanently. Any flags 4945 that are in the FLAGS untagged response, but not the 4946 PERMANENTFLAGS list, can not be set permanently. The 4947 PERMANENTFLAGS list can also include the special flag \*, which 4948 indicates that it is possible to create new keywords by 4949 attempting to store those keywords in the mailbox. If the 4950 client attempts to STORE a flag that is not in the 4951 PERMANENTFLAGS list, the server will either ignore the change 4952 or store the state change for the remainder of the current 4953 session only. 4955 There is no need for a server that included the special flag \* 4956 to return a new PERMANENTFLAGS response code when a new keyword 4957 was successfully set on a message upon client request. However 4958 if the server has a limit on the number of different keywords 4959 that can be stored in a mailbox and that limit is reached, the 4960 server MUST send a new PERMANENTFLAGS response code without the 4961 special flag \*. 4963 PRIVACYREQUIRED 4965 The operation is not permitted due to a lack of data 4966 confidentiality. If Transport Layer Security (TLS) is not in 4967 use, the client could try STARTTLS (see Section 6.2.1) or 4968 alternatively reconnect on Implicit TLS port, and then repeat 4969 the operation. 4971 C: d login "fred" "foo" 4972 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 4974 C: d select inbox 4975 S: d NO [PRIVACYREQUIRED] Connection offers no privacy 4977 READ-ONLY 4979 The mailbox is selected read-only, or its access while selected 4980 has changed from read-write to read-only. 4982 READ-WRITE 4984 The mailbox is selected read-write, or its access while 4985 selected has changed from read-only to read-write. 4987 SERVERBUG 4989 The server encountered a bug in itself or violated one of its 4990 own invariants. 4992 C: j select "/archive/projects/experiment-iv" 4993 S: j NO [SERVERBUG] This should not happen 4995 TRYCREATE 4997 An APPEND, COPY or MOVE attempt is failing because the target 4998 mailbox does not exist (as opposed to some other reason). This 4999 is a hint to the client that the operation can succeed if the 5000 mailbox is first created by the CREATE command. 5002 UIDNEXT 5003 Followed by a decimal number, indicates the next unique 5004 identifier value. Refer to Section 2.3.1.1 for more 5005 information. 5007 UIDNOTSTICKY 5009 The selected mailbox is supported by a mail store that does not 5010 support persistent UIDs; that is, UIDVALIDITY will be different 5011 each time the mailbox is selected. Consequently, APPEND or 5012 COPY to this mailbox will not return an APPENDUID or COPYUID 5013 response code. 5015 This response code is returned in an untagged NO response to 5016 the SELECT command. 5018 Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores. 5019 This facility exists to support legacy mail stores in which 5020 it is technically infeasible to support persistent UIDs. 5021 This should be avoided when designing new mail stores. 5023 UIDVALIDITY 5025 Followed by a decimal number, indicates the unique identifier 5026 validity value. Refer to Section 2.3.1.1 for more information. 5028 UNAVAILABLE 5030 Temporary failure because a subsystem is down. For example, an 5031 IMAP server that uses a Lightweight Directory Access Protocol 5032 (LDAP) or Radius server for authentication might use this 5033 response code when the LDAP/Radius server is down. 5035 C: a LOGIN "fred" "foo" 5036 S: a NO [UNAVAILABLE] User's backend down for maintenance 5038 UNKNOWN-CTE 5040 The server does not know how to decode the section's Content- 5041 Transfer-Encoding. 5043 Client implementations MUST ignore response codes that they do not 5044 recognize. 5046 7.1.1. OK Response 5048 Contents: OPTIONAL response code 5049 human-readable text 5051 The OK response indicates an information message from the server. 5052 When tagged, it indicates successful completion of the associated 5053 command. The human-readable text MAY be presented to the user as an 5054 information message. The untagged form indicates an information-only 5055 message; the nature of the information MAY be indicated by a response 5056 code. 5058 The untagged form is also used as one of three possible greetings at 5059 connection startup. It indicates that the connection is not yet 5060 authenticated and that a LOGIN or an AUTHENTICATE command is needed. 5062 Example: S: * OK IMAP4rev2 server ready 5063 C: A001 LOGIN fred blurdybloop 5064 S: * OK [ALERT] System shutdown in 10 minutes 5065 S: A001 OK LOGIN Completed 5067 7.1.2. NO Response 5069 Contents: OPTIONAL response code 5070 human-readable text 5072 The NO response indicates an operational error message from the 5073 server. When tagged, it indicates unsuccessful completion of the 5074 associated command. The untagged form indicates a warning; the 5075 command can still complete successfully. The human-readable text 5076 describes the condition. 5078 Example: C: A222 COPY 1:2 owatagusiam 5079 S: * NO Disk is 98% full, please delete unnecessary data 5080 S: A222 OK COPY completed 5081 C: A223 COPY 3:200 blurdybloop 5082 S: * NO Disk is 98% full, please delete unnecessary data 5083 S: * NO Disk is 99% full, please delete unnecessary data 5084 S: A223 NO COPY failed: disk is full 5086 7.1.3. BAD Response 5088 Contents: OPTIONAL response code 5089 human-readable text 5091 The BAD response indicates an error message from the server. When 5092 tagged, it reports a protocol-level error in the client's command; 5093 the tag indicates the command that caused the error. The untagged 5094 form indicates a protocol-level error for which the associated 5095 command can not be determined; it can also indicate an internal 5096 server failure. The human-readable text describes the condition. 5098 Example: C: ...very long command line... 5099 S: * BAD Command line too long 5100 C: ...empty line... 5101 S: * BAD Empty command line 5102 C: A443 EXPUNGE 5103 S: * BAD Disk crash, attempting salvage to a new disk! 5104 S: * OK Salvage successful, no data lost 5105 S: A443 OK Expunge completed 5107 7.1.4. PREAUTH Response 5109 Contents: OPTIONAL response code 5110 human-readable text 5112 The PREAUTH response is always untagged, and is one of three possible 5113 greetings at connection startup. It indicates that the connection 5114 has already been authenticated by external means; thus no LOGIN/ 5115 AUTHENTICATE command is needed. 5117 Because PREAUTH moves the connection directly to the authenticated 5118 state, it effectively prevents the client from using the STARTTLS 5119 command Section 6.2.1. For this reason PREAUTH response SHOULD only 5120 be returned by servers on connections that are protected by TLS (such 5121 as on implicit TLS port [RFC8314]) or protected through other means 5122 such as IPSec. Clients that require mandatory TLS MUST close the 5123 connection after receiving PREAUTH response on a non protected port. 5125 Example: S: * PREAUTH IMAP4rev2 server logged in as Smith 5127 7.1.5. BYE Response 5129 Contents: OPTIONAL response code 5130 human-readable text 5132 The BYE response is always untagged, and indicates that the server is 5133 about to close the connection. The human-readable text MAY be 5134 displayed to the user in a status report by the client. The BYE 5135 response is sent under one of four conditions: 5137 1. as part of a normal logout sequence. The server will close the 5138 connection after sending the tagged OK response to the LOGOUT 5139 command. 5141 2. as a panic shutdown announcement. The server closes the 5142 connection immediately. 5144 3. as an announcement of an inactivity autologout. The server 5145 closes the connection immediately. 5147 4. as one of three possible greetings at connection startup, 5148 indicating that the server is not willing to accept a connection 5149 from this client. The server closes the connection immediately. 5151 The difference between a BYE that occurs as part of a normal LOGOUT 5152 sequence (the first case) and a BYE that occurs because of a failure 5153 (the other three cases) is that the connection closes immediately in 5154 the failure case. In all cases the client SHOULD continue to read 5155 response data from the server until the connection is closed; this 5156 will ensure that any pending untagged or completion responses are 5157 read and processed. 5159 Example: S: * BYE Autologout; idle for too long 5161 7.2. Server Responses - Server Status 5163 These responses are always untagged. This is how server status data 5164 are transmitted from the server to the client. 5166 7.2.1. ENABLED Response 5168 Contents: capability listing 5170 The ENABLED response occurs as a result of an ENABLE command. The 5171 capability listing contains a space-separated listing of capability 5172 names that the server supports and that were successfully enabled. 5173 The ENABLED response may contain no capabilities, which means that no 5174 extensions listed by the client were successfully enabled. 5176 Example: S: * ENABLED CONDSTORE QRESYNC 5178 7.2.2. CAPABILITY Response 5180 Contents: capability listing 5182 The CAPABILITY response occurs as a result of a CAPABILITY command. 5183 The capability listing contains a space-separated listing of 5184 capability names that the server supports. The capability listing 5185 MUST include the atom "IMAP4rev2", but note that it doesn't have to 5186 be the first capability listed. The order of capability names has no 5187 significance. 5189 In addition, client and server implementations MUST implement the 5190 "STARTTLS", "LOGINDISABLED", and "AUTH=PLAIN" (described in [PLAIN]) 5191 capabilities. See the Security Considerations (Section 11) for 5192 important information related to these capabilities. 5194 A capability name which begins with "AUTH=" indicates that the server 5195 supports that particular authentication mechanism [SASL]. 5197 The LOGINDISABLED capability indicates that the LOGIN command is 5198 disabled, and that the server will respond with a tagged NO response 5199 to any attempt to use the LOGIN command even if the user name and 5200 password are valid. An IMAP client MUST NOT issue the LOGIN command 5201 if the server advertises the LOGINDISABLED capability. 5203 Other capability names indicate that the server supports an 5204 extension, revision, or amendment to the IMAP4rev2 protocol. If 5205 IMAP4rev1 capability is not advertised, server responses MUST conform 5206 to this document until the client issues a command that uses the 5207 associated capability. If both IMAP4rev1 and IMAP4rev2 capabilities 5208 are advertised, server responses MUST conform to RFC 3501 until the 5209 client issues a command that uses the associated capability. (For 5210 example, the client can issue ENABLE IMAP4rev2 to enable IMAP4rev2 5211 specific behaviour). 5213 Capability names SHOULD be registered with IANA using RFC Required 5214 policy. A server SHOULD NOT offer unregistered capability names. 5216 Client implementations SHOULD NOT require any capability name other 5217 than "IMAP4rev2", and possibly "STARTTLS" and "LOGINDISABLED" (on a 5218 non implicit TLS port). Client implementations MUST ignore any 5219 unknown capability names. 5221 A server MAY send capabilities automatically, by using the CAPABILITY 5222 response code in the initial PREAUTH or OK responses, and by sending 5223 an updated CAPABILITY response code in the tagged OK response as part 5224 of a successful authentication. It is unnecessary for a client to 5225 send a separate CAPABILITY command if it recognizes these automatic 5226 capabilities and there was no change to the TLS and/or authentication 5227 state since they were received. 5229 The list of capabilities returned by a server MAY change during the 5230 connection. In particular, it is quite common for the server to 5231 change list of capabilities after successful TLS negotiation 5232 (STARTTLS command) and/or after successful authentication 5233 (AUTHENTICATE or LOGIN commands). 5235 Example: S: * CAPABILITY STARTTLS AUTH=GSSAPI IMAP4rev2 LOGINDISABLED 5236 XPIG-LATIN 5238 Note that in the above example XPIG-LATIN is a fictitious capability 5239 name. 5241 7.3. Server Responses - Mailbox Status 5243 These responses are always untagged. This is how mailbox status data 5244 are transmitted from the server to the client. Many of these 5245 responses typically result from a command with the same name. 5247 7.3.1. LIST Response 5249 Contents: name attributes 5250 hierarchy delimiter 5251 name 5252 OPTIONAL extension data 5254 The LIST response occurs as a result of a LIST command. It returns a 5255 single name that matches the LIST specification. There can be 5256 multiple LIST responses for a single LIST command. 5258 The following base mailbox name attributes are defined: 5260 \NonExistent The "\NonExistent" attribute indicates that a mailbox 5261 name does not refer to an existing mailbox. Note that this 5262 attribute is not meaningful by itself, as mailbox names that match 5263 the canonical LIST pattern but don't exist must not be returned 5264 unless one of the two conditions listed below is also satisfied: 5266 1. The mailbox name also satisfies the selection criteria (for 5267 example, it is subscribed and the "SUBSCRIBED" selection 5268 option has been specified). 5270 2. "RECURSIVEMATCH" has been specified, and the mailbox name has 5271 at least one descendant mailbox name that does not match the 5272 LIST pattern and does match the selection criteria. 5274 In practice, this means that the "\NonExistent" attribute is 5275 usually returned with one or more of "\Subscribed", "\Remote", 5276 "\HasChildren", or the CHILDINFO extended data item. 5278 The "\NonExistent" attribute implies "\NoSelect". 5280 \Noinferiors It is not possible for any child levels of hierarchy to 5281 exist under this name; no child levels exist now and none can be 5282 created in the future. 5284 \Noselect It is not possible to use this name as a selectable 5285 mailbox. 5287 \HasChildren The presence of this attribute indicates that the 5288 mailbox has child mailboxes. A server SHOULD NOT set this 5289 attribute if there are child mailboxes and the user does not have 5290 permission to access any of them. In this case, \HasNoChildren 5291 SHOULD be used. In many cases, however, a server may not be able 5292 to efficiently compute whether a user has access to any child 5293 mailbox. Note that even though the \HasChildren attribute for a 5294 mailbox must be correct at the time of processing of the mailbox, 5295 a client must be prepared to deal with a situation when a mailbox 5296 is marked with the \HasChildren attribute, but no child mailbox 5297 appears in the response to the LIST command. This might happen, 5298 for example, due to children mailboxes being deleted or made 5299 inaccessible to the user (using access control) by another client 5300 before the server is able to list them. 5302 \HasNoChildren The presence of this attribute indicates that the 5303 mailbox has NO child mailboxes that are accessible to the 5304 currently authenticated user. 5306 \Marked The mailbox has been marked "interesting" by the server; the 5307 mailbox probably contains messages that have been added since the 5308 last time the mailbox was selected. 5310 \Unmarked The mailbox does not contain any additional messages since 5311 the last time the mailbox was selected. 5313 \Subscribed The mailbox name was subscribed to using the SUBSCRIBE 5314 command. 5316 \Remote The mailbox is a remote mailbox. 5318 It is an error for the server to return both a \HasChildren and a 5319 \HasNoChildren attribute in the same LIST response. A client that 5320 encounters a LIST response with both \HasChildren and \HasNoChildren 5321 attributes present should act as if both are absent in the LIST 5322 response. 5324 Note: the \HasNoChildren attribute should not be confused with the 5325 \NoInferiors attribute, which indicates that no child mailboxes 5326 exist now and none can be created in the future. 5328 If it is not feasible for the server to determine whether or not the 5329 mailbox is "interesting", the server SHOULD NOT send either \Marked 5330 or \Unmarked. The server MUST NOT send more than one of \Marked, 5331 \Unmarked, and \Noselect for a single mailbox, and MAY send none of 5332 these. 5334 In addition to the base mailbox name attributes defined above, an 5335 IMAP server MAY also include any or all of the following attributes 5336 that denote "role" (or "special-use") of a mailbox. These attributes 5337 are included along with base attributes defined above. A given 5338 mailbox may have none, one, or more than one of these attributes. In 5339 some cases, a special use is advice to a client about what to put in 5340 that mailbox. In other cases, it's advice to a client about what to 5341 expect to find there. 5343 \All This mailbox presents all messages in the user's message store. 5344 Implementations MAY omit some messages, such as, perhaps, those in 5345 \Trash and \Junk. When this special use is supported, it is 5346 almost certain to represent a virtual mailbox. 5348 \Archive This mailbox is used to archive messages. The meaning of 5349 an "archival" mailbox is server-dependent; typically, it will be 5350 used to get messages out of the inbox, or otherwise keep them out 5351 of the user's way, while still making them accessible. 5353 \Drafts This mailbox is used to hold draft messages -- typically, 5354 messages that are being composed but have not yet been sent. In 5355 some server implementations, this might be a virtual mailbox, 5356 containing messages from other mailboxes that are marked with the 5357 "\Draft" message flag. Alternatively, this might just be advice 5358 that a client put drafts here. 5360 \Flagged This mailbox presents all messages marked in some way as 5361 "important". When this special use is supported, it is likely to 5362 represent a virtual mailbox collecting messages (from other 5363 mailboxes) that are marked with the "\Flagged" message flag. 5365 \Junk This mailbox is where messages deemed to be junk mail are 5366 held. Some server implementations might put messages here 5367 automatically. Alternatively, this might just be advice to a 5368 client-side spam filter. 5370 \Sent This mailbox is used to hold copies of messages that have been 5371 sent. Some server implementations might put messages here 5372 automatically. Alternatively, this might just be advice that a 5373 client save sent messages here. 5375 \Trash This mailbox is used to hold messages that have been deleted 5376 or marked for deletion. In some server implementations, this 5377 might be a virtual mailbox, containing messages from other 5378 mailboxes that are marked with the "\Deleted" message flag. 5379 Alternatively, this might just be advice that a client that 5380 chooses not to use the IMAP "\Deleted" model should use this as 5381 its trash location. In server implementations that strictly 5382 expect the IMAP "\Deleted" model, this special use is likely not 5383 to be supported. 5385 All of special-use attributes are OPTIONAL, and any given server or 5386 message store may support any combination of the attributes, or none 5387 at all. In most cases, there will likely be at most one mailbox with 5388 a given attribute for a given user, but in some server or message 5389 store implementations it might be possible for multiple mailboxes to 5390 have the same special-use attribute. 5392 Special-use attributes are likely to be user-specific. User Adam 5393 might share his \Sent mailbox with user Barb, but that mailbox is 5394 unlikely to also serve as Barb's \Sent mailbox. 5396 Other mailbox name attributes can be found in the "IMAP Mailbox Name 5397 Attributes" registry [IMAP-MAILBOX-NAME-ATTRS-REG]. 5399 The hierarchy delimiter is a character used to delimit levels of 5400 hierarchy in a mailbox name. A client can use it to create child 5401 mailboxes, and to search higher or lower levels of naming hierarchy. 5402 All children of a top-level hierarchy node MUST use the same 5403 separator character. A NIL hierarchy delimiter means that no 5404 hierarchy exists; the name is a "flat" name. 5406 The name represents an unambiguous left-to-right hierarchy, and MUST 5407 be valid for use as a reference in LIST command. Unless \Noselect or 5408 \NonExistent is indicated, the name MUST also be valid as an argument 5409 for commands, such as SELECT, that accept mailbox names. 5411 The name might be followed by an OPTIONAL series of extended fields, 5412 a parenthesized list of tagged data (also referred to as "extended 5413 data item"). The first element of an extended field is a string, 5414 which identifies the type of data. [RFC5258] specified requirements 5415 on string registration (which are called "tags" there; such tags are 5416 not to be confused with IMAP command tags), in particular it said 5417 that "Tags MUST be registered with IANA". This document doesn't 5418 change that. See Section 9.5 of [RFC5258] for the registration 5419 template. The server MAY return data in the extended fields that was 5420 not directly solicited by the client in the corresponding LIST 5421 command. For example, the client can enable extra extended fields by 5422 using another IMAP extension that make use of the extended LIST 5423 responses. The client MUST ignore all extended fields it doesn't 5424 recognize. 5426 Example: S: * LIST (\Noselect) "/" ~/Mail/foo 5428 Example: S: * LIST (\Marked) ":" Tables (tablecloth (("edge" "lacy") 5429 ("color" "red")) Sample "text") 5430 S: * LIST () ":" Tables:new (tablecloth ("edge" "lacy") 5431 Sample ("text" "more text")) 5433 7.3.2. NAMESPACE Response 5435 Contents: the prefix and hierarchy delimiter to the server's 5436 Personal Namespace(s), Other Users' Namespace(s), and 5437 Shared Namespace(s) 5439 The NAMESPACE response occurs as a result of a NAMESPACE command. It 5440 contains the prefix and hierarchy delimiter to the server's Personal 5441 Namespace(s), Other Users' Namespace(s), and Shared Namespace(s) that 5442 the server wishes to expose. The response will contain a NIL for any 5443 namespace class that is not available. Namespace-Response-Extensions 5444 ABNF non terminal is defined for extensibility and MAY be included in 5445 the response. 5447 Example: S: * NAMESPACE (("" "/")) (("~" "/")) NIL 5449 7.3.3. STATUS Response 5451 Contents: name 5452 status parenthesized list 5454 The STATUS response occurs as a result of an STATUS command. It 5455 returns the mailbox name that matches the STATUS specification and 5456 the requested mailbox status information. 5458 Example: S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292) 5460 7.3.4. ESEARCH Response 5462 Contents: one or more search-return-data pairs 5464 The ESEARCH response occurs as a result of a SEARCH or UID SEARCH 5465 command. 5467 The ESEARCH response starts with an optional search correlator. If 5468 it is missing, then the response was not caused by a particular IMAP 5469 command, whereas if it is present, it contains the tag of the command 5470 that caused the response to be returned. 5472 The search correlator is followed by an optional UID indicator. If 5473 this indicator is present, all data in the ESEARCH response refers to 5474 UIDs, otherwise all returned data refers to message numbers. 5476 The rest of the ESEARCH response contains one or more search data 5477 pairs. Each pair starts with unique return item name, followed by a 5478 space and the corresponding data. Search data pairs may be returned 5479 in any order. Unless specified otherwise by an extension, any return 5480 item name SHOULD appear only once in an ESEARCH response. 5482 This document specifies the following return item names: 5484 MIN 5486 Returns the lowest message number/UID that satisfies the SEARCH 5487 criteria. 5489 If the SEARCH results in no matches, the server MUST NOT 5490 include the MIN return item in the ESEARCH response; however, 5491 it still MUST send the ESEARCH response. 5493 MAX 5495 Returns the highest message number/UID that satisfies the 5496 SEARCH criteria. 5498 If the SEARCH results in no matches, the server MUST NOT 5499 include the MAX return item in the ESEARCH response; however, 5500 it still MUST send the ESEARCH response. 5502 ALL 5504 Returns all message numbers/UIDs that satisfy the SEARCH 5505 criteria using the sequence-set syntax. Note, the client MUST 5506 NOT assume that messages/UIDs will be listed in any particular 5507 order. 5509 If the SEARCH results in no matches, the server MUST NOT 5510 include the ALL return item in the ESEARCH response; however, 5511 it still MUST send the ESEARCH response. 5513 COUNT Returns the number of messages that satisfy the SEARCH 5514 criteria. This return item MUST always be included in the ESEARCH 5515 response. 5517 Example: S: * ESEARCH UID COUNT 5 ALL 4:19,21,28 5519 Example: S: * ESEARCH (TAG "a567") UID COUNT 5 ALL 4:19,21,28 5521 Example: S: * ESEARCH COUNT 5 ALL 1:17,21 5523 7.3.5. FLAGS Response 5525 Contents: flag parenthesized list 5527 The FLAGS response occurs as a result of a SELECT or EXAMINE command. 5528 The flag parenthesized list identifies the flags (at a minimum, the 5529 system-defined flags) that are applicable for this mailbox. Flags 5530 other than the system flags can also exist, depending on server 5531 implementation. 5533 The update from the FLAGS response MUST be remembered by the client. 5535 Example: S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 5537 7.4. Server Responses - Mailbox Size 5539 These responses are always untagged. This is how changes in the size 5540 of the mailbox are transmitted from the server to the client. 5541 Immediately following the "*" token is a number that represents a 5542 message count. 5544 7.4.1. EXISTS Response 5546 Contents: none 5548 The EXISTS response reports the number of messages in the mailbox. 5549 This response occurs as a result of a SELECT or EXAMINE command, and 5550 if the size of the mailbox changes (e.g., new messages). 5552 The update from the EXISTS response MUST be remembered by the client. 5554 Example: S: * 23 EXISTS 5556 7.5. Server Responses - Message Status 5558 These responses are always untagged. This is how message data are 5559 transmitted from the server to the client, often as a result of a 5560 command with the same name. Immediately following the "*" token is a 5561 number that represents a message sequence number. 5563 7.5.1. EXPUNGE Response 5565 Contents: none 5567 The EXPUNGE response reports that the specified message sequence 5568 number has been permanently removed from the mailbox. The message 5569 sequence number for each successive message in the mailbox is 5570 immediately decremented by 1, and this decrement is reflected in 5571 message sequence numbers in subsequent responses (including other 5572 untagged EXPUNGE responses). 5574 The EXPUNGE response also decrements the number of messages in the 5575 mailbox; it is not necessary to send an EXISTS response with the new 5576 value. 5578 As a result of the immediate decrement rule, message sequence numbers 5579 that appear in a set of successive EXPUNGE responses depend upon 5580 whether the messages are removed starting from lower numbers to 5581 higher numbers, or from higher numbers to lower numbers. For 5582 example, if the last 5 messages in a 9-message mailbox are expunged, 5583 a "lower to higher" server will send five untagged EXPUNGE responses 5584 for message sequence number 5, whereas a "higher to lower server" 5585 will send successive untagged EXPUNGE responses for message sequence 5586 numbers 9, 8, 7, 6, and 5. 5588 An EXPUNGE response MUST NOT be sent when no command is in progress, 5589 nor while responding to a FETCH, STORE, or SEARCH command. This rule 5590 is necessary to prevent a loss of synchronization of message sequence 5591 numbers between client and server. A command is not "in progress" 5592 until the complete command has been received; in particular, a 5593 command is not "in progress" during the negotiation of command 5594 continuation. 5596 Note: UID FETCH, UID STORE, and UID SEARCH are different commands 5597 from FETCH, STORE, and SEARCH. An EXPUNGE response MAY be sent 5598 during a UID command. 5600 The update from the EXPUNGE response MUST be remembered by the 5601 client. 5603 Example: S: * 44 EXPUNGE 5605 7.5.2. FETCH Response 5607 Contents: message data 5609 The FETCH response returns data about a message to the client. The 5610 data are pairs of data item names and their values in parentheses. 5611 This response occurs as the result of a FETCH or STORE command, as 5612 well as by unilateral server decision (e.g., flag updates). 5614 The current data items are: 5616 BINARY[]<> 5617 An or expressing the content of the 5618 specified section after removing any Content-Transfer-Encoding- 5619 related encoding. If is present it refers to the 5620 offset within the DECODED section data. 5622 If the domain of the decoded data is "8bit" and the data does 5623 not contain the NUL octet, the server SHOULD return the data in 5624 a instead of a ; this allows the client to 5625 determine if the "8bit" data contains the NUL octet without 5626 having to explicitly scan the data stream for for NULs. 5628 Messaging clients and servers have been notoriously lax in 5629 their adherence to the Internet CRLF convention for terminating 5630 lines of textual data (text/* media types) in Internet 5631 protocols. When sending data in BINARY[...] FETCH data item, 5632 servers MUST ensure that textual line-oriented sections are 5633 always transmitted using the IMAP4 CRLF line termination 5634 syntax, regardless of the underlying storage representation of 5635 the data on the server. 5637 If the server does not know how to decode the section's 5638 Content-Transfer-Encoding, it MUST fail the request and issue a 5639 "NO" response that contains the "UNKNOWN-CTE" response code. 5641 BINARY.SIZE[] 5643 The size of the section after removing any Content-Transfer- 5644 Encoding-related encoding. The value returned MUST match the 5645 size of the or that will be returned by 5646 the corresponding FETCH BINARY request. 5648 If the server does not know how to decode the section's 5649 Content-Transfer-Encoding, it MUST fail the request and issue a 5650 "NO" response that contains the "UNKNOWN-CTE" response code. 5652 BODY A form of BODYSTRUCTURE without extension data. 5654 BODY[
]<> 5656 A string expressing the body contents of the specified section. 5657 The string SHOULD be interpreted by the client according to the 5658 content transfer encoding, body type, and subtype. 5660 If the origin octet is specified, this string is a substring of 5661 the entire body contents, starting at that origin octet. This 5662 means that BODY[]<0> MAY be truncated, but BODY[] is NEVER 5663 truncated. 5665 Note: The origin octet facility MUST NOT be used by a server 5666 in a FETCH response unless the client specifically requested 5667 it by means of a FETCH of a BODY[
]<> data 5668 item. 5670 8-bit textual data is permitted if a [CHARSET] identifier is 5671 part of the body parameter parenthesized list for this section. 5672 Note that headers (part specifiers HEADER or MIME, or the 5673 header portion of a MESSAGE/RFC822 or MESSAGE/GLOBAL part), MAY 5674 be in UTF-8. Note also that the [RFC-5322] delimiting blank 5675 line between the header and the body is not affected by header 5676 line subsetting; the blank line is always included as part of 5677 header data, except in the case of a message which has no body 5678 and no blank line. 5680 Non-textual data such as binary data MUST be transfer encoded 5681 into a textual form, such as BASE64, prior to being sent to the 5682 client. To derive the original binary data, the client MUST 5683 decode the transfer encoded string. 5685 BODYSTRUCTURE 5687 A parenthesized list that describes the [MIME-IMB] body 5688 structure of a message. This is computed by the server by 5689 parsing the [MIME-IMB] header fields, defaulting various fields 5690 as necessary. 5692 For example, a simple text message of 48 lines and 2279 octets 5693 can have a body structure of: ("TEXT" "PLAIN" ("CHARSET" "US- 5694 ASCII") NIL NIL "7BIT" 2279 48) 5696 Multiple parts are indicated by parenthesis nesting. Instead 5697 of a body type as the first element of the parenthesized list, 5698 there is a sequence of one or more nested body structures. The 5699 second element of the parenthesized list is the multipart 5700 subtype (mixed, digest, parallel, alternative, etc.). 5702 For example, a two part message consisting of a text and a 5703 BASE64-encoded text attachment can have a body structure of: 5704 (("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 1152 5705 23)("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff") 5706 "<960723163407.20117h@cac.washington.edu>" "Compiler diff" 5707 "BASE64" 4554 73) "MIXED") 5709 Extension data follows the multipart subtype. Extension data 5710 is never returned with the BODY fetch, but can be returned with 5711 a BODYSTRUCTURE fetch. Extension data, if present, MUST be in 5712 the defined order. The extension data of a multipart body part 5713 are in the following order: 5715 body parameter parenthesized list A parenthesized list of 5716 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 5717 "bar" is the value of "foo", and "rag" is the value of 5718 "baz"] as defined in [MIME-IMB]. Servers SHOULD decode 5719 parameter value continuations and parameter value character 5720 sets as described in [RFC2231], for example, if the message 5721 contains parameters "baz*0", "baz*1" and "baz*2", the server 5722 should RFC2231-decode them, concatenate and return the 5723 resulting value as a parameter "baz". Similarly, if the 5724 message contains parameters "foo*0*" and "foo*1*", the 5725 server should RFC2231-decode them, convert to UTF-8, 5726 concatenate and return the resulting value as a parameter 5727 "foo*". 5729 body disposition A parenthesized list, consisting of a 5730 disposition type string, followed by a parenthesized list of 5731 disposition attribute/value pairs as defined in 5732 [DISPOSITION]. Servers SHOULD decode parameter value 5733 continuations as described in [RFC2231]. 5735 body language A string or parenthesized list giving the body 5736 language value as defined in [LANGUAGE-TAGS]. 5738 body location A string giving the body content URI as defined 5739 in [LOCATION]. 5741 Any following extension data are not yet defined in this 5742 version of the protocol. Such extension data can consist of 5743 zero or more NILs, strings, numbers, or potentially nested 5744 parenthesized lists of such data. Client implementations that 5745 do a BODYSTRUCTURE fetch MUST be prepared to accept such 5746 extension data. Server implementations MUST NOT send such 5747 extension data until it has been defined by a revision of this 5748 protocol. 5750 The basic fields of a non-multipart body part are in the 5751 following order: 5753 body type A string giving the content media type name as 5754 defined in [MIME-IMB]. 5756 body subtype A string giving the content subtype name as 5757 defined in [MIME-IMB]. 5759 body parameter parenthesized list A parenthesized list of 5760 attribute/value pairs [e.g., ("foo" "bar" "baz" "rag") where 5761 "bar" is the value of "foo" and "rag" is the value of "baz"] 5762 as defined in [MIME-IMB]. 5764 body id A string giving the Content-ID header field value as 5765 defined in Section 7 of [MIME-IMB]. 5767 body description A string giving the Content-Description 5768 header field value as defined in Section 8 of [MIME-IMB]. 5770 body encoding A string giving the content transfer encoding as 5771 defined in Section 6 of [MIME-IMB]. 5773 body size A number giving the size of the body in octets. 5774 Note that this size is the size in its transfer encoding and 5775 not the resulting size after any decoding. 5777 A body type of type MESSAGE and subtype RFC822 contains, 5778 immediately after the basic fields, the envelope structure, 5779 body structure, and size in text lines of the encapsulated 5780 message. 5782 A body type of type TEXT contains, immediately after the basic 5783 fields, the size of the body in text lines. Note that this 5784 size is the size in its content transfer encoding and not the 5785 resulting size after any decoding. 5787 Extension data follows the basic fields and the type-specific 5788 fields listed above. Extension data is never returned with the 5789 BODY fetch, but can be returned with a BODYSTRUCTURE fetch. 5790 Extension data, if present, MUST be in the defined order. 5792 The extension data of a non-multipart body part are in the 5793 following order: 5795 body MD5 A string giving the body MD5 value as defined in 5796 [MD5]. 5798 body disposition A parenthesized list with the same content 5799 and function as the body disposition for a multipart body 5800 part. 5802 body language A string or parenthesized list giving the body 5803 language value as defined in [LANGUAGE-TAGS]. 5805 body location A string giving the body content URI as defined 5806 in [LOCATION]. 5808 Any following extension data are not yet defined in this 5809 version of the protocol, and would be as described above under 5810 multipart extension data. 5812 ENVELOPE 5814 A parenthesized list that describes the envelope structure of a 5815 message. This is computed by the server by parsing the 5816 [RFC-5322] header into the component parts, defaulting various 5817 fields as necessary. 5819 The fields of the envelope structure are in the following 5820 order: date, subject, from, sender, reply-to, to, cc, bcc, in- 5821 reply-to, and message-id. The date, subject, in-reply-to, and 5822 message-id fields are strings. The from, sender, reply-to, to, 5823 cc, and bcc fields are parenthesized lists of address 5824 structures. 5826 An address structure is a parenthesized list that describes an 5827 electronic mail address. The fields of an address structure 5828 are in the following order: display name, [SMTP] at-domain-list 5829 (source route, obs-route ABNF production from [RFC-5322]), 5830 mailbox name (local-part ABNF production from [RFC-5322]), and 5831 host name. 5833 [RFC-5322] group syntax is indicated by a special form of 5834 address structure in which the host name field is NIL. If the 5835 mailbox name field is also NIL, this is an end of group marker 5836 (semi-colon in RFC 822 syntax). If the mailbox name field is 5837 non-NIL, this is a start of group marker, and the mailbox name 5838 field holds the group name phrase. 5840 If the Date, Subject, In-Reply-To, and Message-ID header fields 5841 are absent in the [RFC-5322] header, the corresponding member 5842 of the envelope is NIL; if these header fields are present but 5843 empty the corresponding member of the envelope is the empty 5844 string. 5846 Note: some servers may return a NIL envelope member in the 5847 "present but empty" case. Clients SHOULD treat NIL and 5848 empty string as identical. 5850 Note: [RFC-5322] requires that all messages have a valid 5851 Date header field. Therefore, for a well-formed message the 5852 date member in the envelope can not be NIL or the empty 5853 string. However it can be NIL for a malformed or a draft 5854 message. 5856 Note: [RFC-5322] requires that the In-Reply-To and Message- 5857 ID header fields, if present, have non-empty content. 5858 Therefore, for a well-formed message the in-reply-to and 5859 message-id members in the envelope can not be the empty 5860 string. However they can still be the empty string for a 5861 malformed message. 5863 If the From, To, Cc, and Bcc header fields are absent in the 5864 [RFC-5322] header, or are present but empty, the corresponding 5865 member of the envelope is NIL. 5867 If the Sender or Reply-To header fields are absent in the 5868 [RFC-5322] header, or are present but empty, the server sets 5869 the corresponding member of the envelope to be the same value 5870 as the from member (the client is not expected to know to do 5871 this). 5873 Note: [RFC-5322] requires that all messages have a valid 5874 From header field. Therefore, for a well-formed message the 5875 from, sender, and reply-to members in the envelope can not 5876 be NIL. However they can be NIL for a malformed or a draft 5877 message. 5879 FLAGS A parenthesized list of flags that are set for this message. 5881 INTERNALDATE A string representing the internal date of the message. 5883 RFC822.SIZE A number expressing the [RFC-5322] size of the message. 5885 UID A number expressing the unique identifier of the message. 5887 If the server chooses to send unsolicited FETCH responses, they MUST 5888 include UID FETCH item. Note that this is a new requirement when 5889 compared to RFC 3501. 5891 Example: S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827 UID 447) 5893 7.6. Server Responses - Command Continuation Request 5895 The command continuation request response is indicated by a "+" token 5896 instead of a tag. This form of response indicates that the server is 5897 ready to accept the continuation of a command from the client. The 5898 remainder of this response is a line of text. 5900 This response is used in the AUTHENTICATE command to transmit server 5901 data to the client, and request additional client data. This 5902 response is also used if an argument to any command is a 5903 synchronizing literal. 5905 The client is not permitted to send the octets of the synchronizing 5906 literal unless the server indicates that it is expected. This 5907 permits the server to process commands and reject errors on a line- 5908 by-line basis. The remainder of the command, including the CRLF that 5909 terminates a command, follows the octets of the literal. If there 5910 are any additional command arguments, the literal octets are followed 5911 by a space and those arguments. 5913 Example: C: A001 LOGIN {11} 5914 S: + Ready for additional command text 5915 C: FRED FOOBAR {7} 5916 S: + Ready for additional command text 5917 C: fat man 5918 S: A001 OK LOGIN completed 5919 C: A044 BLURDYBLOOP {102856} 5920 S: A044 BAD No such command as "BLURDYBLOOP" 5922 8. Sample IMAP4rev2 connection 5924 The following is a transcript of an IMAP4rev2 connection on a non TLS 5925 port. A long line in this sample is broken for editorial clarity. 5927 S: * OK [CAPABILITY STARTTLS AUTH=SCRAM-SHA-256 LOGINDISABLED 5928 IMAP4rev2] IMAP4rev2 Service Ready 5929 C: a000 starttls 5930 S: a000 OK Proceed with TLS negotiation 5931 5932 C: A001 AUTHENTICATE SCRAM-SHA-256 5933 biwsbj11c2VyLHI9ck9wck5HZndFYmVSV2diTkVrcU8= 5934 S: + cj1yT3ByTkdmd0ViZVJXZ2JORWtxTyVodllEcFdVYTJSYVRDQWZ1eEZJbGopaE5s 5935 RiRrMCxzPVcyMlphSjBTTlk3c29Fc1VFamI2Z1E9PSxpPTQwOTYNCg== 5936 C: Yz1iaXdzLHI9ck9wck5HZndFYmVSV2diTkVrcU8laHZZRHBXVWEyUmFUQ0FmdXhG 5937 SWxqKWhObEYkazAscD1kSHpiWmFwV0lrNGpVaE4rVXRlOXl0YWc5empmTUhnc3Ft 5938 bWl6N0FuZFZRPQ== 5939 S: + dj02cnJpVFJCaTIzV3BSUi93dHVwK21NaFVaVW4vZEI1bkxUSlJzamw5NUc0PQ== 5940 C: 5941 S: A001 OK SCRAM-SHA-256 authentication successful 5942 C: babc ENABLE IMAP4rev2 5943 S: * ENABLED IMAP4rev2 5944 S: babc OK Some capabilities enabled 5945 C: a002 select inbox 5946 S: * 18 EXISTS 5947 S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft) 5948 S: * OK [UIDVALIDITY 3857529045] UIDs valid 5949 S: * LIST () "/" INBOX ("OLDNAME" ("inbox")) 5950 S: a002 OK [READ-WRITE] SELECT completed 5951 C: a003 fetch 12 full 5952 S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700" 5953 RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)" 5954 "IMAP4rev2 WG mtg summary and minutes" 5955 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5956 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5957 (("Terry Gray" NIL "gray" "cac.washington.edu")) 5958 ((NIL NIL "imap" "cac.washington.edu")) 5959 ((NIL NIL "minutes" "CNRI.Reston.VA.US") 5960 ("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL 5961 "") 5962 BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 3028 5963 92)) 5964 S: a003 OK FETCH completed 5965 C: a004 fetch 12 body[header] 5966 S: * 12 FETCH (BODY[HEADER] {342} 5967 S: Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT) 5968 S: From: Terry Gray 5969 S: Subject: IMAP4rev2 WG mtg summary and minutes 5970 S: To: imap@cac.washington.edu 5971 S: cc: minutes@CNRI.Reston.VA.US, John Klensin 5972 S: Message-Id: 5973 S: MIME-Version: 1.0 5974 S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII 5975 S: 5976 S: ) 5977 S: a004 OK FETCH completed 5978 C: a005 store 12 +flags \deleted 5979 S: * 12 FETCH (FLAGS (\Seen \Deleted)) 5980 S: a005 OK +FLAGS completed 5981 C: a006 logout 5982 S: * BYE IMAP4rev2 server terminating connection 5983 S: a006 OK LOGOUT completed 5985 9. Formal Syntax 5987 The following syntax specification uses the Augmented Backus-Naur 5988 Form (ABNF) notation as specified in [ABNF]. 5990 In the case of alternative or optional rules in which a later rule 5991 overlaps an earlier rule, the rule which is listed earlier MUST take 5992 priority. For example, "\Seen" when parsed as a flag is the \Seen 5993 flag name and not a flag-extension, even though "\Seen" can be parsed 5994 as a flag-extension. Some, but not all, instances of this rule are 5995 noted below. 5997 Note: [ABNF] rules MUST be followed strictly; in particular: 5999 (1) Except as noted otherwise, all alphabetic characters are case- 6000 insensitive. The use of upper or lower case characters to define 6001 token strings is for editorial clarity only. Implementations MUST 6002 accept these strings in a case-insensitive fashion. 6004 (2) In all cases, SP refers to exactly one space. It is NOT 6005 permitted to substitute TAB, insert additional spaces, or 6006 otherwise treat SP as being equivalent to LWSP. 6008 (3) The ASCII NUL character, %x00, MUST NOT be used anywhere, with 6009 the exception of the OCTET production. 6011 SP = 6012 CTL = 6013 CRLF = 6014 ALPHA = 6015 DIGIT = 6016 DQUOTE = 6017 OCTET = 6019 address = "(" addr-name SP addr-adl SP addr-mailbox SP 6020 addr-host ")" 6022 addr-adl = nstring 6023 ; Holds route from [RFC-5322] obs-route if 6024 ; non-NIL 6026 addr-host = nstring 6027 ; NIL indicates [RFC-5322] group syntax. 6028 ; Otherwise, holds [RFC-5322] domain name 6030 addr-mailbox = nstring 6031 ; NIL indicates end of [RFC-5322] group; if 6032 ; non-NIL and addr-host is NIL, holds 6033 ; [RFC-5322] group name. 6034 ; Otherwise, holds [RFC-5322] local-part 6035 ; after removing [RFC-5322] quoting 6037 addr-name = nstring 6038 ; If non-NIL, holds phrase from [RFC-5322] 6039 ; mailbox after removing [RFC-5322] quoting 6041 append = "APPEND" SP mailbox [SP flag-list] [SP date-time] SP 6042 literal 6044 append-uid = uniqueid 6046 astring = 1*ASTRING-CHAR / string 6048 ASTRING-CHAR = ATOM-CHAR / resp-specials 6049 atom = 1*ATOM-CHAR 6051 ATOM-CHAR = 6053 atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards / 6054 quoted-specials / resp-specials 6056 authenticate = "AUTHENTICATE" SP auth-type [SP initial-resp] 6057 *(CRLF base64) 6059 auth-type = atom 6060 ; Defined by [SASL] 6062 base64 = *(4base64-char) [base64-terminal] 6064 base64-char = ALPHA / DIGIT / "+" / "/" 6065 ; Case-sensitive 6067 base64-terminal = (2base64-char "==") / (3base64-char "=") 6069 body = "(" (body-type-1part / body-type-mpart) ")" 6071 body-extension = nstring / number / number64 / 6072 "(" body-extension *(SP body-extension) ")" 6073 ; Future expansion. Client implementations 6074 ; MUST accept body-extension fields. Server 6075 ; implementations MUST NOT generate 6076 ; body-extension fields except as defined by 6077 ; future standard or standards-track 6078 ; revisions of this specification. 6080 body-ext-1part = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang 6081 [SP body-fld-loc *(SP body-extension)]]] 6082 ; MUST NOT be returned on non-extensible 6083 ; "BODY" fetch 6085 body-ext-mpart = body-fld-param [SP body-fld-dsp [SP body-fld-lang 6086 [SP body-fld-loc *(SP body-extension)]]] 6087 ; MUST NOT be returned on non-extensible 6088 ; "BODY" fetch 6090 body-fields = body-fld-param SP body-fld-id SP body-fld-desc SP 6091 body-fld-enc SP body-fld-octets 6093 body-fld-desc = nstring 6095 body-fld-dsp = "(" string SP body-fld-param ")" / nil 6096 body-fld-enc = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/ 6097 "QUOTED-PRINTABLE") DQUOTE) / string 6098 ; Content-Transfer-Encoding header field value. 6099 ; Defaults to "7BIT" (as per RFC 2045) 6100 ; if not present in the body part. 6102 body-fld-id = nstring 6104 body-fld-lang = nstring / "(" string *(SP string) ")" 6106 body-fld-loc = nstring 6108 body-fld-lines = number64 6110 body-fld-md5 = nstring 6112 body-fld-octets = number 6114 body-fld-param = "(" string SP string *(SP string SP string) ")" / nil 6116 body-type-1part = (body-type-basic / body-type-msg / body-type-text) 6117 [SP body-ext-1part] 6119 body-type-basic = media-basic SP body-fields 6120 ; MESSAGE subtype MUST NOT be "RFC822" or "GLOBAL" 6122 body-type-mpart = 1*body SP media-subtype 6123 [SP body-ext-mpart] 6124 ; MULTIPART body part 6126 body-type-msg = media-message SP body-fields SP envelope 6127 SP body SP body-fld-lines 6129 body-type-text = media-text SP body-fields SP body-fld-lines 6131 capability = ("AUTH=" auth-type) / atom 6132 ; New capabilities SHOULD be 6133 ; registered with IANA using 6134 ; RFC Required policy, i.e. in 6135 ; a standards-track, an experimental 6136 ; or an informational RFC. 6138 capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev2" 6139 *(SP capability) 6140 ; Servers MUST implement the STARTTLS, AUTH=PLAIN, 6141 ; and LOGINDISABLED capabilities. 6142 ; Servers which offer RFC 1730 compatibility MUST 6143 ; list "IMAP4" as the first capability. 6145 ; Servers which offer RFC 3501 compatibility MUST 6146 ; list "IMAP4rev1" as one of capabilities. 6148 CHAR = 6150 CHAR8 = %x01-ff 6151 ; any OCTET except NUL, %x00 6153 charset = atom / quoted 6155 childinfo-extended-item = "CHILDINFO" SP "(" 6156 list-select-base-opt-quoted 6157 *(SP list-select-base-opt-quoted) ")" 6158 ; Extended data item (mbox-list-extended-item) 6159 ; returned when the RECURSIVEMATCH 6160 ; selection option is specified. 6161 ; Note 1: the CHILDINFO extended data item tag can be 6162 ; returned with and without surrounding quotes, as per 6163 ; mbox-list-extended-item-tag production. 6164 ; Note 2: The selection options are always returned 6165 ; quoted, unlike their specification in 6166 ; the extended LIST command. 6168 child-mbox-flag = "\HasChildren" / "\HasNoChildren" 6169 ; attributes for CHILDREN return option, at most one 6170 ; possible per LIST response 6172 command = tag SP (command-any / command-auth / command-nonauth / 6173 command-select) CRLF 6174 ; Modal based on state 6176 command-any = "CAPABILITY" / "LOGOUT" / "NOOP" 6177 ; Valid in all states 6179 command-auth = append / create / delete / enable / examine / list / 6180 Namespace-Command / 6181 rename / select / status / subscribe / unsubscribe / 6182 idle 6183 ; Valid only in Authenticated or Selected state 6185 command-nonauth = login / authenticate / "STARTTLS" 6186 ; Valid only when in Not Authenticated state 6188 command-select = "CLOSE" / "UNSELECT" / "EXPUNGE" / copy / 6189 move / fetch / store / search / uid 6190 ; Valid only when in Selected state 6192 continue-req = "+" SP (resp-text / base64) CRLF 6193 copy = "COPY" SP sequence-set SP mailbox 6195 create = "CREATE" SP mailbox 6196 ; Use of INBOX gives a NO error 6198 date = date-text / DQUOTE date-text DQUOTE 6200 date-day = 1*2DIGIT 6201 ; Day of month 6203 date-day-fixed = (SP DIGIT) / 2DIGIT 6204 ; Fixed-format version of date-day 6206 date-month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" / 6207 "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec" 6209 date-text = date-day "-" date-month "-" date-year 6211 date-year = 4DIGIT 6213 date-time = DQUOTE date-day-fixed "-" date-month "-" date-year 6214 SP time SP zone DQUOTE 6216 delete = "DELETE" SP mailbox 6217 ; Use of INBOX gives a NO error 6219 digit-nz = %x31-39 6220 ; 1-9 6222 eitem-standard-tag = atom 6223 ; a tag for LIST extended data item defined in a Standard 6224 ; Track or Experimental RFC. 6226 eitem-vendor-tag = vendor-token "-" atom 6227 ; a vendor-specific tag for LIST extended data item 6229 enable = "ENABLE" 1*(SP capability) 6231 enable-data = "ENABLED" *(SP capability) 6233 envelope = "(" env-date SP env-subject SP env-from SP 6234 env-sender SP env-reply-to SP env-to SP env-cc SP 6235 env-bcc SP env-in-reply-to SP env-message-id ")" 6237 env-bcc = "(" 1*address ")" / nil 6239 env-cc = "(" 1*address ")" / nil 6240 env-date = nstring 6242 env-from = "(" 1*address ")" / nil 6244 env-in-reply-to = nstring 6246 env-message-id = nstring 6248 env-reply-to = "(" 1*address ")" / nil 6250 env-sender = "(" 1*address ")" / nil 6252 env-subject = nstring 6254 env-to = "(" 1*address ")" / nil 6256 esearch-response = "ESEARCH" [search-correlator] [SP "UID"] 6257 *(SP search-return-data) 6258 ; ESEARCH response replaces SEARCH response 6259 ; from IMAP4rev1. 6261 examine = "EXAMINE" SP mailbox 6263 fetch = "FETCH" SP sequence-set SP ("ALL" / "FULL" / "FAST" / 6264 fetch-att / "(" fetch-att *(SP fetch-att) ")") 6266 fetch-att = "ENVELOPE" / "FLAGS" / "INTERNALDATE" / 6267 "RFC822.SIZE" / 6268 "BODY" ["STRUCTURE"] / "UID" / 6269 "BODY" section [partial] / 6270 "BODY.PEEK" section [partial] / 6271 "BINARY" [".PEEK"] section-binary [partial] / 6272 "BINARY.SIZE" section-binary 6274 flag = "\Answered" / "\Flagged" / "\Deleted" / 6275 "\Seen" / "\Draft" / flag-keyword / flag-extension 6276 ; Does not include "\Recent" 6278 flag-extension = "\" atom 6279 ; Future expansion. Client implementations 6280 ; MUST accept flag-extension flags. Server 6281 ; implementations MUST NOT generate 6282 ; flag-extension flags except as defined by 6283 ; future standard or standards-track 6284 ; revisions of this specification. 6285 ; "\Recent" was defined in RFC 3501 6286 ; and is now deprecated. 6288 flag-fetch = flag 6290 flag-keyword = "$MDNSent" / "$Forwarded" / "$Junk" / 6291 "$NotJunk" / "$Phishing" / atom 6293 flag-list = "(" [flag *(SP flag)] ")" 6295 flag-perm = flag / "\*" 6297 greeting = "*" SP (resp-cond-auth / resp-cond-bye) CRLF 6299 header-fld-name = astring 6301 header-list = "(" header-fld-name *(SP header-fld-name) ")" 6303 idle = "IDLE" CRLF "DONE" 6305 initial-resp = (base64 / "=") 6306 ; "initial response" defined in 6307 ; Section 5.1 of [RFC4422] 6309 list = "LIST" [SP list-select-opts] SP mailbox SP mbox-or-pat 6310 [SP list-return-opts] 6312 list-mailbox = 1*list-char / string 6314 list-char = ATOM-CHAR / list-wildcards / resp-specials 6316 list-return-opt = return-option 6317 ; Note that return-option is the ABNF 6318 ; non terminal used by RFC 5258 6320 list-return-opts = "RETURN" SP 6321 "(" [list-return-opt *(SP list-return-opt)] ")" 6322 ; list return options, e.g., CHILDREN 6324 list-select-base-opt = "SUBSCRIBED" / option-extension 6325 ; options that can be used by themselves 6327 list-select-base-opt-quoted = DQUOTE list-select-base-opt DQUOTE 6329 list-select-independent-opt = "REMOTE" / option-extension 6330 ; options that do not syntactically interact with 6331 ; other options 6333 list-select-mod-opt = "RECURSIVEMATCH" / option-extension 6334 ; options that require a list-select-base-opt 6335 ; to also be present 6337 list-select-opt = list-select-base-opt / list-select-independent-opt 6338 / list-select-mod-opt 6339 ; An option registration template is described in 6340 ; Section 9.3 of this document. 6342 list-select-opts = "(" [ 6343 (*(list-select-opt SP) list-select-base-opt 6344 *(SP list-select-opt)) 6345 / (list-select-independent-opt 6346 *(SP list-select-independent-opt)) 6347 ] ")" 6348 ; Any number of options may be in any order. 6349 ; If a list-select-mod-opt appears, then a 6350 ; list-select-base-opt must also appear. 6351 ; This allows these: 6352 ; () 6353 ; (REMOTE) 6354 ; (SUBSCRIBED) 6355 ; (SUBSCRIBED REMOTE) 6356 ; (SUBSCRIBED RECURSIVEMATCH) 6357 ; (SUBSCRIBED REMOTE RECURSIVEMATCH) 6358 ; But does NOT allow these: 6359 ; (RECURSIVEMATCH) 6360 ; (REMOTE RECURSIVEMATCH) 6362 list-wildcards = "%" / "*" 6364 literal = "{" number64 ["+"] "}" CRLF *CHAR8 6365 ; represents the number of CHAR8s. 6366 ; A non-synchronizing literal is distinguished from 6367 ; a synchronizing literal by presence of the "+" 6368 ; before the closing "}". 6369 ; Non synchronizing literals are not allowed when 6370 ; sent from server to the client. 6372 literal8 = "~{" number64 "}" CRLF *OCTET 6373 ; represents the number of OCTETs 6374 ; in the response string. 6376 login = "LOGIN" SP userid SP password 6378 mailbox = "INBOX" / astring 6379 ; INBOX is case-insensitive. All case variants of 6380 ; INBOX (e.g., "iNbOx") MUST be interpreted as INBOX 6381 ; not as an astring. An astring which consists of 6382 ; the case-insensitive sequence "I" "N" "B" "O" "X" 6383 ; is considered to be INBOX and not an astring. 6384 ; Refer to section 5.1 for further 6385 ; semantic details of mailbox names. 6387 mailbox-data = "FLAGS" SP flag-list / "LIST" SP mailbox-list / 6388 esearch-response / 6389 "STATUS" SP mailbox SP "(" [status-att-list] ")" / 6390 number SP "EXISTS" / Namespace-Response 6392 mailbox-list = "(" [mbx-list-flags] ")" SP 6393 (DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailbox 6394 [SP mbox-list-extended] 6395 ; This is the list information pointed to by the ABNF 6396 ; item "mailbox-data", which is defined in [IMAP4] 6398 mbox-list-extended = "(" [mbox-list-extended-item 6399 *(SP mbox-list-extended-item)] ")" 6401 mbox-list-extended-item = mbox-list-extended-item-tag SP 6402 tagged-ext-val 6404 mbox-list-extended-item-tag = astring 6405 ; The content MUST conform to either "eitem-vendor-tag" 6406 ; or "eitem-standard-tag" ABNF productions. 6408 mbox-or-pat = list-mailbox / patterns 6410 mbx-list-flags = *(mbx-list-oflag SP) mbx-list-sflag 6411 *(SP mbx-list-oflag) / 6412 mbx-list-oflag *(SP mbx-list-oflag) 6414 mbx-list-oflag = "\Noinferiors" / child-mbox-flag / 6415 "\Subscribed" / "\Remote" / flag-extension 6416 ; Other flags; multiple possible per LIST response 6418 mbx-list-sflag = "\NonExistent" / "\Noselect" / "\Marked" / "\Unmarked" 6419 ; Selectability flags; only one per LIST response 6421 media-basic = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" / 6422 "FONT" / "MESSAGE" / "MODEL" / "VIDEO" ) DQUOTE) 6423 / string) 6424 SP media-subtype 6425 ; FONT defined in RFC 8081. 6426 ; MODEL defined in RFC 2077. 6427 ; Other top level media types 6428 ; are defined in [MIME-IMT]. 6430 media-message = DQUOTE "MESSAGE" DQUOTE SP 6431 DQUOTE ("RFC822" / "GLOBAL") DQUOTE 6432 ; Defined in [MIME-IMT] 6434 media-subtype = string 6435 ; Defined in [MIME-IMT] 6437 media-text = DQUOTE "TEXT" DQUOTE SP media-subtype 6438 ; Defined in [MIME-IMT] 6440 message-data = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att)) 6442 move = "MOVE" SP sequence-set SP mailbox 6444 msg-att = "(" (msg-att-dynamic / msg-att-static) 6445 *(SP (msg-att-dynamic / msg-att-static)) ")" 6447 msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")" 6448 ; MAY change for a message 6450 msg-att-static = "ENVELOPE" SP envelope / "INTERNALDATE" SP date-time / 6451 "RFC822.SIZE" SP number64 / 6452 "BODY" ["STRUCTURE"] SP body / 6453 "BODY" section ["<" number ">"] SP nstring / 6454 "BINARY" section-binary SP (nstring / literal8) / 6455 "BINARY.SIZE" section-binary SP number / 6456 "UID" SP uniqueid 6457 ; MUST NOT change for a message 6459 name-component = 1*UTF8-CHAR 6460 ; MUST NOT contain ".", "/", "%", or "*" 6462 namespace = nil / "(" 1*namespace-descr ")" 6464 namespace-command = "NAMESPACE" 6466 namespace-descr = "(" string SP 6467 (DQUOTE QUOTED-CHAR DQUOTE / nil) 6468 [namespace-response-extensions] ")" 6470 namespace-response-extensions = *namespace-response-extension 6472 namespace-response-extension = SP string SP 6473 "(" string *(SP string) ")" 6475 namespace-response = "NAMESPACE" SP namespace 6476 SP namespace SP namespace 6477 ; The first Namespace is the Personal Namespace(s). 6478 ; The second Namespace is the Other Users' 6479 ; Namespace(s). 6480 ; The third Namespace is the Shared Namespace(s). 6482 nil = "NIL" 6484 nstring = string / nil 6486 number = 1*DIGIT 6487 ; Unsigned 32-bit integer 6488 ; (0 <= n < 4,294,967,296) 6490 number64 = 1*DIGIT 6491 ; Unsigned 63-bit integer 6492 ; (0 <= n <= 9,223,372,036,854,775,807) 6494 nz-number = digit-nz *DIGIT 6495 ; Non-zero unsigned 32-bit integer 6496 ; (0 < n < 4,294,967,296) 6498 nz-number64 = digit-nz *DIGIT 6499 ; Unsigned 63-bit integer 6500 ; (0 < n <= 9,223,372,036,854,775,807) 6502 oldname-extended-item = "OLDNAME" SP "(" mailbox ")" 6503 ; Extended data item (mbox-list-extended-item) 6504 ; returned in a LIST response when a mailbox is 6505 ; renamed or deleted. Also returned when 6506 ; the server canonicalized the provided mailbox 6507 ; name. 6508 ; Note 1: the OLDNAME tag can be returned 6509 ; with or without surrounding quotes, as per 6510 ; mbox-list-extended-item-tag production. 6512 option-extension = (option-standard-tag / option-vendor-tag) 6513 [SP option-value] 6515 option-standard-tag = atom 6516 ; an option defined in a Standards Track or 6517 ; Experimental RFC 6519 option-val-comp = astring / 6520 option-val-comp *(SP option-val-comp) / 6521 "(" option-val-comp ")" 6523 option-value = "(" option-val-comp ")" 6525 option-vendor-tag = vendor-token "-" atom 6526 ; a vendor-specific option, non-standard 6528 partial-range = number64 ["." nz-number64] 6529 ; Copied from RFC 5092 (IMAP URL) 6530 ; and updated to support 64bit sizes. 6532 partial = "<" number64 "." nz-number64 ">" 6533 ; Partial FETCH request. 0-based offset of 6534 ; the first octet, followed by the number of octets 6535 ; in the fragment. 6537 password = astring 6539 patterns = "(" list-mailbox ")" 6540 ; [RFC5258] supports multiple patterns, 6541 ; but this document only requires one 6542 ; to be supported. 6543 ; If the server is also implementing 6544 ; [RFC5258], "patterns" syntax from that 6545 ; document must be followed. 6547 quoted = DQUOTE *QUOTED-CHAR DQUOTE 6549 QUOTED-CHAR = / 6550 "\" quoted-specials / UTF8-2 / UTF8-3 / UTF8-4 6552 quoted-specials = DQUOTE / "\" 6554 rename = "RENAME" SP mailbox SP mailbox 6555 ; Use of INBOX as a destination gives a NO error 6557 response = *(continue-req / response-data) response-done 6559 response-data = "*" SP (resp-cond-state / resp-cond-bye / 6560 mailbox-data / message-data / capability-data / 6561 enable-data) CRLF 6563 response-done = response-tagged / response-fatal 6565 response-fatal = "*" SP resp-cond-bye CRLF 6566 ; Server closes connection immediately 6568 response-tagged = tag SP resp-cond-state CRLF 6570 resp-code-apnd = "APPENDUID" SP nz-number SP append-uid 6572 resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set 6573 resp-cond-auth = ("OK" / "PREAUTH") SP resp-text 6574 ; Authentication condition 6576 resp-cond-bye = "BYE" SP resp-text 6578 resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text 6579 ; Status condition 6581 resp-specials = "]" 6583 resp-text = ["[" resp-text-code "]" SP] [text] 6585 resp-text-code = "ALERT" / 6586 "BADCHARSET" [SP "(" charset *(SP charset) ")" ] / 6587 capability-data / "PARSE" / 6588 "PERMANENTFLAGS" SP 6589 "(" [flag-perm *(SP flag-perm)] ")" / 6590 "READ-ONLY" / "READ-WRITE" / "TRYCREATE" / 6591 "UIDNEXT" SP nz-number / "UIDVALIDITY" SP nz-number / 6592 resp-code-apnd / resp-code-copy / "UIDNOTSTICKY" / 6593 "UNAVAILABLE" / "AUTHENTICATIONFAILED" / 6594 "AUTHORIZATIONFAILED" / "EXPIRED" / 6595 "PRIVACYREQUIRED" / "CONTACTADMIN" / "NOPERM" / 6596 "INUSE" / "EXPUNGEISSUED" / "CORRUPTION" / 6597 "SERVERBUG" / "CLIENTBUG" / "CANNOT" / 6598 "LIMIT" / "OVERQUOTA" / "ALREADYEXISTS" / 6599 "NONEXISTENT" / "NOTSAVED" / "HASCHILDREN" / 6600 "CLOSED" / 6601 "UNKNOWN-CTE" / 6602 atom [SP 1*] 6604 return-option = "SUBSCRIBED" / "CHILDREN" / status-option / 6605 option-extension 6607 search = "SEARCH" [search-return-opts] 6608 SP search-program 6610 search-correlator = SP "(" "TAG" SP tag-string ")" 6612 search-key = "ALL" / "ANSWERED" / "BCC" SP astring / 6613 "BEFORE" SP date / "BODY" SP astring / 6614 "CC" SP astring / "DELETED" / "FLAGGED" / 6615 "FROM" SP astring / "KEYWORD" SP flag-keyword / 6616 "ON" SP date / "SEEN" / 6617 "SINCE" SP date / "SUBJECT" SP astring / 6618 "TEXT" SP astring / "TO" SP astring / 6619 "UNANSWERED" / "UNDELETED" / "UNFLAGGED" / 6620 "UNKEYWORD" SP flag-keyword / "UNSEEN" / 6621 ; Above this line were in [IMAP2] 6622 "DRAFT" / "HEADER" SP header-fld-name SP astring / 6623 "LARGER" SP number64 / "NOT" SP search-key / 6624 "OR" SP search-key SP search-key / 6625 "SENTBEFORE" SP date / "SENTON" SP date / 6626 "SENTSINCE" SP date / "SMALLER" SP number64 / 6627 "UID" SP sequence-set / "UNDRAFT" / sequence-set / 6628 "(" search-key *(SP search-key) ")" 6630 search-modifier-name = tagged-ext-label 6632 search-mod-params = tagged-ext-val 6633 ; This non-terminal shows recommended syntax 6634 ; for future extensions. 6636 search-program = ["CHARSET" SP charset SP] 6637 search-key *(SP search-key) 6638 ; CHARSET argument to SEARCH MUST be 6639 ; registered with IANA. 6641 search-ret-data-ext = search-modifier-name SP search-return-value 6642 ; Note that not every SEARCH return option 6643 ; is required to have the corresponding 6644 ; ESEARCH return data. 6646 search-return-data = "MIN" SP nz-number / 6647 "MAX" SP nz-number / 6648 "ALL" SP sequence-set / 6649 "COUNT" SP number / 6650 search-ret-data-ext 6651 ; All return data items conform to 6652 ; search-ret-data-ext syntax. 6653 ; Note that "$" marker is not allowed 6654 ; after the ALL return data item. 6656 search-return-opts = SP "RETURN" SP "(" [search-return-opt 6657 *(SP search-return-opt)] ")" 6659 search-return-opt = "MIN" / "MAX" / "ALL" / "COUNT" / 6660 "SAVE" / 6661 search-ret-opt-ext 6662 ; conforms to generic search-ret-opt-ext 6663 ; syntax 6665 search-ret-opt-ext = search-modifier-name [SP search-mod-params] 6667 search-return-value = tagged-ext-val 6668 ; Data for the returned search option. 6670 ; A single "nz-number"/"number"/"number64" value 6671 ; can be returned as an atom (i.e., without 6672 ; quoting). A sequence-set can be returned 6673 ; as an atom as well. 6675 section = "[" [section-spec] "]" 6677 section-binary = "[" [section-part] "]" 6679 section-msgtext = "HEADER" / "HEADER.FIELDS" [".NOT"] SP header-list / 6680 "TEXT" 6681 ; top-level or MESSAGE/RFC822 or MESSAGE/GLOBAL part 6683 section-part = nz-number *("." nz-number) 6684 ; body part reference. 6685 ; Allows for accessing nested body parts. 6687 section-spec = section-msgtext / (section-part ["." section-text]) 6689 section-text = section-msgtext / "MIME" 6690 ; text other than actual body part (headers, etc.) 6692 select = "SELECT" SP mailbox 6694 seq-number = nz-number / "*" 6695 ; message sequence number (COPY, FETCH, STORE 6696 ; commands) or unique identifier (UID COPY, 6697 ; UID FETCH, UID STORE commands). 6698 ; * represents the largest number in use. In 6699 ; the case of message sequence numbers, it is 6700 ; the number of messages in a non-empty mailbox. 6701 ; In the case of unique identifiers, it is the 6702 ; unique identifier of the last message in the 6703 ; mailbox or, if the mailbox is empty, the 6704 ; mailbox's current UIDNEXT value. 6705 ; The server should respond with a tagged BAD 6706 ; response to a command that uses a message 6707 ; sequence number greater than the number of 6708 ; messages in the selected mailbox. This 6709 ; includes "*" if the selected mailbox is empty. 6711 seq-range = seq-number ":" seq-number 6712 ; two seq-number values and all values between 6713 ; these two regardless of order. 6714 ; Example: 2:4 and 4:2 are equivalent and indicate 6715 ; values 2, 3, and 4. 6716 ; Example: a unique identifier sequence range of 6717 ; 3291:* includes the UID of the last message in 6718 ; the mailbox, even if that value is less than 3291. 6720 sequence-set = (seq-number / seq-range) ["," sequence-set] 6721 ; set of seq-number values, regardless of order. 6722 ; Servers MAY coalesce overlaps and/or execute the 6723 ; sequence in any order. 6724 ; Example: a message sequence number set of 6725 ; 2,4:7,9,12:* for a mailbox with 15 messages is 6726 ; equivalent to 2,4,5,6,7,9,12,13,14,15 6727 ; Example: a message sequence number set of *:4,5:7 6728 ; for a mailbox with 10 messages is equivalent to 6729 ; 10,9,8,7,6,5,4,5,6,7 and MAY be reordered and 6730 ; overlap coalesced to be 4,5,6,7,8,9,10. 6732 sequence-set =/ seq-last-command 6733 ; Allow for "result of the last command" indicator. 6735 seq-last-command = "$" 6737 status = "STATUS" SP mailbox SP 6738 "(" status-att *(SP status-att) ")" 6740 status-att = "MESSAGES" / "UIDNEXT" / "UIDVALIDITY" / 6741 "UNSEEN" / "DELETED" / "SIZE" 6743 status-att-val = ("MESSAGES" SP number) / 6744 ("UIDNEXT" SP nz-number) / 6745 ("UIDVALIDITY" SP nz-number) / 6746 ("UNSEEN" SP number) / 6747 ("DELETED" SP number) / 6748 ("SIZE" SP number64) 6749 ; Extensions to the STATUS responses 6750 ; should extend this production. 6751 ; Extensions should use the generic 6752 ; syntax defined by tagged-ext. 6754 status-att-list = status-att-val *(SP status-att-val) 6756 status-option = "STATUS" SP "(" status-att *(SP status-att) ")" 6757 ; This ABNF production complies with 6758 ; syntax. 6760 store = "STORE" SP sequence-set SP store-att-flags 6762 store-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP 6763 (flag-list / (flag *(SP flag))) 6765 string = quoted / literal 6766 subscribe = "SUBSCRIBE" SP mailbox 6768 tag = 1* 6770 tag-string = astring 6771 ; represented as 6773 tagged-ext-label = tagged-label-fchar *tagged-label-char 6774 ; Is a valid RFC 3501 "atom". 6776 tagged-label-fchar = ALPHA / "-" / "_" / "." 6778 tagged-label-char = tagged-label-fchar / DIGIT / ":" 6780 tagged-ext-comp = astring / 6781 tagged-ext-comp *(SP tagged-ext-comp) / 6782 "(" tagged-ext-comp ")" 6783 ; Extensions that follow this general 6784 ; syntax should use nstring instead of 6785 ; astring when appropriate in the context 6786 ; of the extension. 6787 ; Note that a message set or a "number" 6788 ; can always be represented as an "atom". 6789 ; An URL should be represented as 6790 ; a "quoted" string. 6792 tagged-ext-simple = sequence-set / number / number64 6794 tagged-ext-val = tagged-ext-simple / 6795 "(" [tagged-ext-comp] ")" 6797 text = 1*(TEXT-CHAR / UTF8-2 / UTF8-3 / UTF8-4) 6798 ; Non ASCII text can only be returned 6799 ; after ENABLE IMAP4rev2 command 6801 TEXT-CHAR = 6803 time = 2DIGIT ":" 2DIGIT ":" 2DIGIT 6804 ; Hours minutes seconds 6806 uid = "UID" SP 6807 (copy / move / fetch / search / store / uid-expunge) 6808 ; Unique identifiers used instead of message 6809 ; sequence numbers 6811 uid-expunge = "EXPUNGE" SP sequence-set 6812 ; Unique identifiers used instead of message 6813 ; sequence numbers 6815 uid-set = (uniqueid / uid-range) *("," uid-set) 6817 uid-range = (uniqueid ":" uniqueid) 6818 ; two uniqueid values and all values 6819 ; between these two regards of order. 6820 ; Example: 2:4 and 4:2 are equivalent. 6822 uniqueid = nz-number 6823 ; Strictly ascending 6825 unsubscribe = "UNSUBSCRIBE" SP mailbox 6827 userid = astring 6829 UTF8-CHAR = 6831 UTF8-2 = 6833 UTF8-3 = 6835 UTF8-4 = 6837 vendor-token = "vendor." name-component 6838 ; Definition copied from RFC 2244. 6839 ; MUST be registered with IANA 6841 zone = ("+" / "-") 4DIGIT 6842 ; Signed four-digit value of hhmm representing 6843 ; hours and minutes east of Greenwich (that is, 6844 ; the amount that the given time differs from 6845 ; Universal Time). Subtracting the timezone 6846 ; from the given time will give the UT form. 6847 ; The Universal Time zone is "+0000". 6849 10. Author's Note 6851 This document is a revision or rewrite of earlier documents, and 6852 supercedes the protocol specification in those documents: RFC 3501, 6853 RFC 2060, RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and 6854 RFC 1064. 6856 11. Security Considerations 6858 IMAP4rev2 protocol transactions, including electronic mail data, are 6859 sent in the clear over the network exposing them to possible 6860 eavesdropping and manipulation unless protection is negotiated. This 6861 can be accomplished either by the use of Implicit TLS port, STARTTLS 6862 command, negotiated privacy protection in the AUTHENTICATE command, 6863 or some other protection mechanism. 6865 11.1. TLS related Security Considerations 6867 This section applies to both use of STARTTLS command and Implicit TLS 6868 port. 6870 IMAP client and server implementations MUST comply with relevant TLS 6871 recommendations from [RFC8314]. 6873 Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use 6874 of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in 6875 cases where the other party has not yet implemented TLS 1.3. 6876 Additionally, when using TLS 1.2, IMAP implementations MUST implement 6877 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite. This is 6878 important as it assures that any two compliant implementations can be 6879 configured to interoperate. Other TLS cipher suites recommended in 6880 RFC 7525 [RFC7525] are RECOMMENDED: 6881 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 6882 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 and 6883 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are 6884 OPTIONAL. Note that this is a change from section 2.1 of [IMAP-TLS]. 6886 The list of mandatory-to-implement TLS 1.3 cipher suites is described 6887 in Section 9.1 of [TLS-1.3]. 6889 During the TLS negotiation [TLS-1.3][TLS-1.2], the client MUST check 6890 its understanding of the server hostname against the server's 6891 identity as presented in the server Certificate message, in order to 6892 prevent on-path attackers attempting to masquerade as the server. 6893 This procedure is described in [RFC7817]. 6895 Both the client and server MUST check the result of the STARTTLS 6896 command and subsequent TLS ([TLS-1.3][TLS-1.2]) negotiation to see 6897 whether acceptable authentication and/or privacy was achieved. 6899 11.2. STARTTLS command versa use of Implicit TLS port 6901 For maximum backward compatibility clients MUST implement both TLS 6902 negotiation on implicit TLS port and TLS negotiation using STARTTLS 6903 command. 6905 Servers MUST implement TLS negotiation on implicit TLS port and 6906 SHOULD implement STARTTLS command on cleartext port. 6908 Some site/firewall maintainers insist on TLS site-wide and prefer not 6909 to rely on a configuration option in each higher-level protocol. For 6910 this reason, IMAP4rev2 clients SHOULD try both ports 993 and 143 (and 6911 both IPv4 and IPv6) concurrently by default, unless overridden by 6912 either user configuration or DNS SRV records [RFC6186]. Note that if 6913 a server answers on both ports, it MUST allow STARTTLS command on 6914 port 143. 6916 11.3. Client handling of unsolicited responses not suitable for the 6917 current connection state 6919 Cleartext mail transmission (whether caused by firewall configuration 6920 errors that result in TLS stripping or weak security policies in 6921 email clients that choose not to negotiate TLS in the first place) 6922 can enable injection of responses that can confuse or even cause 6923 crashes in email clients. The following measures are recommended to 6924 minimize damage from them. 6926 See Section 7.1.4 for special security considerations related to 6927 PREAUTH response. 6929 Many server responses and response codes are only meaningful in 6930 authenticated or even selected state. However, nothing prevents a 6931 server (or an on-path attacker) from sending such invalid 6932 responses in cleartext before STARTTLS/AUTHENTICATE commands are 6933 issued. Before authentication clients SHOULD ignore any responses 6934 other than CAPABILITY and server status responses (Section 7.1), 6935 as well as any response codes other than CAPABILITY. (In 6936 particular, some email clients are known to incorrectly process 6937 LIST responses received before authentication.) Clients SHOULD 6938 ignore the ALERT response code until after TLS (whether using 6939 STARTTLS or TLS negotiation on implicit TLS port) or SASL security 6940 layer with confidentiality protection has been successfully 6941 negotiated. Unless explicitly allowed by an IMAP extension, when 6942 not in selected state clients MUST ignore responses/response codes 6943 related to message and mailbox status such as FLAGS, EXIST, 6944 EXPUNGE and FETCH. 6946 11.4. COPYUID and APPENDUID response codes 6948 The COPYUID and APPENDUID response codes return information about the 6949 mailbox, which may be considered sensitive if the mailbox has 6950 permissions set that permit the client to COPY or APPEND to the 6951 mailbox, but not SELECT or EXAMINE it. 6953 Consequently, these response codes SHOULD NOT be issued if the client 6954 does not have access to SELECT or EXAMINE the mailbox. 6956 11.5. LIST command and Other Users' namespace 6958 In response to a LIST command containing an argument of the Other 6959 Users' Namespace prefix, a server SHOULD NOT list users that have not 6960 granted list access to their personal mailboxes to the currently 6961 authenticated user. Providing such a list, could compromise security 6962 by potentially disclosing confidential information of who is located 6963 on the server, or providing a starting point of a list of user 6964 accounts to attack. 6966 11.6. Other Security Considerations 6968 A server error message for an AUTHENTICATE command which fails due to 6969 invalid credentials SHOULD NOT detail why the credentials are 6970 invalid. 6972 Use of the LOGIN command sends passwords in the clear. This can be 6973 avoided by using the AUTHENTICATE command with a [SASL] mechanism 6974 that does not use plaintext passwords, by first negotiating 6975 encryption via STARTTLS or some other protection mechanism. 6977 A server implementation MUST implement a configuration that, at the 6978 time of authentication, requires: 6979 (1) The STARTTLS command has been negotiated or TLS negotiated on 6980 implicit TLS port. 6981 OR 6982 (2) Some other mechanism that protects the session from password 6983 snooping has been provided. 6984 OR 6985 (3) The following measures are in place: 6986 (a) The LOGINDISABLED capability is advertised, and [SASL] mechanisms 6987 (such as PLAIN) using plaintext passwords are NOT advertised in the 6988 CAPABILITY list. 6989 AND 6990 (b) The LOGIN command returns an error even if the password is 6991 correct. 6992 AND 6993 (c) The AUTHENTICATE command returns an error with all [SASL] 6994 mechanisms that use plaintext passwords, even if the password is 6995 correct. 6997 A server error message for a failing LOGIN command SHOULD NOT specify 6998 that the user name, as opposed to the password, is invalid. 7000 A server SHOULD have mechanisms in place to limit or delay failed 7001 AUTHENTICATE/LOGIN attempts. 7003 A server SHOULD report any authentication failure and analyze such 7004 authentication failure attempt with regard to a password brute force 7005 attack as well as a password spraying attack. Accounts with 7006 passwords that match well known passwords from spraying attacks MUST 7007 be blocked and users associated with such accounts must be requested 7008 to change their passwords. Only password with significant strength 7009 SHOULD be accepted. 7011 Additional security considerations are discussed in the section 7012 discussing the AUTHENTICATE (see Section 6.2.2) and LOGIN (see 7013 Section 6.2.3) commands. 7015 Note that the BODYSTRUCTURE FETCH data item can contain an MD5 hash 7016 taken from the Content-MD5 header field. This is used purely for 7017 message integrity check, so it is only used for detecting unintended 7018 modifications of the message. 7020 12. IANA Considerations 7022 IANA is requested to update "Service Names and Transport Protocol 7023 Port Numbers" registry as follows: 7025 1. Registration for TCP port 143 and the corresponding "imap" 7026 service name should be updated to point to this document and RFC 7027 3501. 7029 2. Registration for TCP port 993 and the corresponding "imaps" 7030 service name should be updated to point to this document, RFC 7031 8314 and RFC 3501. 7033 3. Both UDP port 143 and UDP port 993 should be marked as "Reserved" 7034 in the registry. 7036 Additional IANA actions are specified in subsection of this section. 7038 12.1. Updates to IMAP4 Capabilities registry 7040 IMAP4 capabilities are registered by publishing a standards track or 7041 IESG approved informational or experimental RFC. The registry is 7042 currently located at: https://www.iana.org/assignments/ 7043 imap4-capabilities 7045 As this specification revises the AUTH= prefix, STARTTLS and 7046 LOGINDISABLED extensions, IANA is requested to update registry 7047 entries for these 3 extensions to point to this document and RFC 7048 3501. 7050 12.2. GSSAPI/SASL service name 7052 GSSAPI/Kerberos/SASL service names are registered by publishing a 7053 standards track or IESG approved experimental RFC. The registry is 7054 currently located at: https://www.iana.org/assignments/gssapi- 7055 service-names 7057 IANA is requested to update the "imap" service name previously 7058 registered in RFC 3501, to point to both this document and RFC 3501. 7060 12.3. LIST Selection Options, LIST Return Options, LIST extended data 7061 items 7063 [RFC5258] specifies IANA registration procedures for LIST Selection 7064 Options, LIST Return Options, LIST extended data items. This 7065 document doesn't change these registration procedures. In particular 7066 LIST selection options (Section 6.3.9.1) and LIST return options 7067 (Section 6.3.9.2) are registered using the procedure specified in 7068 Section 9 of [RFC5258] (and using the registration template from 7069 Section 9.3 of [RFC5258]). LIST Extended Data Items are registered 7070 using the registration template from Section 9.6 of [RFC5258]). 7072 IANA is requested to add a reference to [RFCXXXX] for the "OLDNAME" 7073 LIST-EXTENDED extended data item entry. This is in addition to the 7074 existing reference to [RFC5465]. 7076 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes 7078 IANA is requested to update the "IMAP Mailbox Name Attributes" 7079 registry to point to this document in addition to RFC 3501. 7081 IANA is requested to update the "IMAP Response Codes" registry to 7082 point to this document in addition to RFC 3501. 7084 13. References 7086 13.1. Normative References 7088 [RFC4752] Melnikov, A., Ed., "The Kerberos V5 ("GSSAPI") Simple 7089 Authentication and Security Layer (SASL) Mechanism", 7090 RFC 4752, DOI 10.17487/RFC4752, November 2006, 7091 . 7093 [RFC5258] Leiba, B. and A. Melnikov, "Internet Message Access 7094 Protocol version 4 - LIST Command Extensions", RFC 5258, 7095 DOI 10.17487/RFC5258, June 2008, 7096 . 7098 [RFC5788] Melnikov, A. and D. Cridland, "IMAP4 Keyword Registry", 7099 RFC 5788, DOI 10.17487/RFC5788, March 2010, 7100 . 7102 [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax 7103 Specifications: ABNF", STD 68, RFC 5234, January 2008, 7104 . 7106 [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration 7107 Procedures", BCP 19, RFC 2978, October 2000, 7108 . 7110 [SCRAM-SHA-256] 7111 Hansen, T., "SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple 7112 Authentication and Security Layer (SASL) Mechanisms", 7113 RFC 7677, DOI 10.17487/RFC7677, November 2015, 7114 . 7116 [DISPOSITION] 7117 Troost, R., Dorner, S., and K. Moore, Ed., "Communicating 7118 Presentation Information in Internet Messages: The 7119 Content-Disposition Header Field", RFC 2183, August 1997, 7120 . 7122 [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and 7123 Security Layer (SASL) Mechanism", RFC 4616, August 2006, 7124 . 7126 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 7127 Requirement Levels", BCP 14, RFC 2119, 7128 DOI 10.17487/RFC2119, March 1997, 7129 . 7131 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 7132 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 7133 May 2017, . 7135 [LANGUAGE-TAGS] 7136 Alvestrand, H., "Content Language Headers", RFC 3282, May 7137 2002, . 7139 [LOCATION] 7140 Palme, J., Hopmann, A., and N. Shelness, "MIME 7141 Encapsulation of Aggregate Documents, such as HTML 7142 (MHTML)", RFC 2557, March 1999, 7143 . 7145 [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field", 7146 RFC 1864, October 1995, 7147 . 7149 [MIME-HDRS] 7150 Moore, K., "MIME (Multipurpose Internet Mail Extensions) 7151 Part Three: Message Header Extensions for Non-ASCII Text", 7152 RFC 2047, November 1996, 7153 . 7155 [MIME-IMB] 7156 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 7157 Extensions (MIME) Part One: Format of Internet Message 7158 Bodies", RFC 2045, November 1996, 7159 . 7161 [MIME-IMT] 7162 Freed, N. and N. Borenstein, "Multipurpose Internet Mail 7163 Extensions (MIME) Part Two: Media Types", RFC 2046, 7164 November 1996, . 7166 [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded 7167 Word Extensions: Character Sets, Languages, and 7168 Continuations", RFC 2231, DOI 10.17487/RFC2231, November 7169 1997, . 7171 [RFC-5322] 7172 Resnick, P., Ed., "Internet Message Format", RFC 5322, 7173 October 2008, . 7175 [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple 7176 Authentication and Security Layer (SASL)", RFC 4422, June 7177 2006, . 7179 [TLS-1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security 7180 (TLS) Protocol Version 1.2", RFC 5246, August 2008, 7181 . 7183 [TLS-1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol 7184 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 7185 . 7187 [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe 7188 Transformation Format of Unicode", RFC 2152, May 1997, 7189 . 7191 [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO 7192 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 7193 2003, . 7195 [MULTIAPPEND] 7196 Crispin, M., "Internet Message Access Protocol (IMAP) - 7197 MULTIAPPEND Extension", RFC 3502, March 2003, 7198 . 7200 [NET-UNICODE] 7201 Klensin, J. and M. Padlipsky, "Unicode Format for Network 7202 Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008, 7203 . 7205 [I18N-HDRS] 7206 Yang, A., Steele, S., and N. Freed, "Internationalized 7207 Email Headers", RFC 6532, DOI 10.17487/RFC6532, February 7208 2012, . 7210 [RFC3503] Melnikov, A., "Message Disposition Notification (MDN) 7211 profile for Internet Message Access Protocol (IMAP)", 7212 RFC 3503, DOI 10.17487/RFC3503, March 2003, 7213 . 7215 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 7216 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 7217 . 7219 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 7220 "Recommendations for Secure Use of Transport Layer 7221 Security (TLS) and Datagram Transport Layer Security 7222 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 7223 2015, . 7225 [RFC7817] Melnikov, A., "Updated Transport Layer Security (TLS) 7226 Server Identity Check Procedure for Email-Related 7227 Protocols", RFC 7817, DOI 10.17487/RFC7817, March 2016, 7228 . 7230 [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition 7231 Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098, 7232 February 2017, . 7234 [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete: 7235 Use of Transport Layer Security (TLS) for Email Submission 7236 and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018, 7237 . 7239 [IMAP-IMPLEMENTATION] 7240 Leiba, B., "IMAP4 Implementation Recommendations", 7241 RFC 2683, September 1999, 7242 . 7244 [IMAP-MULTIACCESS] 7245 Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice", 7246 RFC 2180, July 1997, 7247 . 7249 13.2. Informative References (related protocols) 7251 [CERT-555316] 7252 CERT, "Vulnerability Note VU#555316: STARTTLS plaintext 7253 command injection vulnerability", September 2011, 7254 . 7256 [RFC2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193, 7257 DOI 10.17487/RFC2193, September 1997, 7258 . 7260 [RFC3348] Gahrns, M. and R. Cheng, "The Internet Message Action 7261 Protocol (IMAP4) Child Mailbox Extension", RFC 3348, 7262 DOI 10.17487/RFC3348, July 2002, 7263 . 7265 [RFC5256] Crispin, M. and K. Murchison, "Internet Message Access 7266 Protocol - SORT and THREAD Extensions", RFC 5256, 7267 DOI 10.17487/RFC5256, June 2008, 7268 . 7270 [RFC5465] Gulbrandsen, A., King, C., and A. Melnikov, "The IMAP 7271 NOTIFY Extension", RFC 5465, DOI 10.17487/RFC5465, 7272 February 2009, . 7274 [RFC6186] Daboo, C., "Use of SRV Records for Locating Email 7275 Submission/Access Services", RFC 6186, 7276 DOI 10.17487/RFC6186, March 2011, 7277 . 7279 [RFC7162] Melnikov, A. and D. Cridland, "IMAP Extensions: Quick Flag 7280 Changes Resynchronization (CONDSTORE) and Quick Mailbox 7281 Resynchronization (QRESYNC)", RFC 7162, 7282 DOI 10.17487/RFC7162, May 2014, 7283 . 7285 [RFC7888] Melnikov, A., Ed., "IMAP4 Non-synchronizing Literals", 7286 RFC 7888, DOI 10.17487/RFC7888, May 2016, 7287 . 7289 [RFC8474] Gondwana, B., Ed., "IMAP Extension for Object 7290 Identifiers", RFC 8474, DOI 10.17487/RFC8474, September 7291 2018, . 7293 [IMAP-DISC] 7294 Melnikov, A., Ed., "Synchronization Operations for 7295 Disconnected IMAP4 Clients", RFC 4549, June 2006, 7296 . 7298 [IMAP-I18N] 7299 Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet 7300 Message Access Protocol Internationalization", RFC 5255, 7301 DOI 10.17487/RFC5255, June 2008, 7302 . 7304 [IMAP-MODEL] 7305 Crispin, M., "Distributed Electronic Mail Models in 7306 IMAP4", RFC 1733, December 1994, 7307 . 7309 [IMAP-UTF-8] 7310 Resnick, P., Ed., Newman, C., Ed., and S. Shen, Ed., "IMAP 7311 Support for UTF-8", RFC 6855, DOI 10.17487/RFC6855, March 7312 2013, . 7314 [ANONYMOUS] 7315 Zeilenga, K., "Anonymous Simple Authentication and 7316 Security Layer (SASL) Mechanism", RFC 4505, June 2006, 7317 . 7319 [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 7320 October 2008, . 7322 [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516, 7323 DOI 10.17487/RFC3516, April 2003, 7324 . 7326 [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", 7327 RFC 4314, December 2005, 7328 . 7330 [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January 7331 1997, . 7333 [IMAP-URL] 7334 Melnikov, A., Ed. and C. Newman, "IMAP URL Scheme", 7335 RFC 5092, DOI 10.17487/RFC5092, November 2007, 7336 . 7338 [IMAP-KEYWORDS-REG] 7339 IANA, "IMAP and JMAP Keywords", December 2009, 7340 . 7343 [IMAP-MAILBOX-NAME-ATTRS-REG] 7344 IANA, "IMAP Mailbox Name Attributes", June 2018, 7345 . 7348 [CHARSET-REG] 7349 IANA, "Character Set Registrations", May 2015, 7350 . 7353 13.3. Informative References (historical aspects of IMAP and related 7354 protocols) 7356 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 7357 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 7358 . 7360 [IMAP-COMPAT] 7361 Crispin, M., "IMAP4 Compatibility with IMAP2bis", 7362 RFC 2061, December 1996, 7363 . 7365 [IMAP-HISTORICAL] 7366 Crispin, M., "IMAP4 Compatibility with IMAP2 and 7367 IMAP2bis", RFC 1732, December 1994, 7368 . 7370 [IMAP2BIS] 7371 Crispin, M., "INTERACTIVE MAIL ACCESS PROTOCOL - VERSION 7372 2bis", draft-ietf-imap-imap2bis-02 (work in progress), 7373 October 1993, . 7376 [IMAP-OBSOLETE] 7377 Crispin, M., "Internet Message Access Protocol - Obsolete 7378 Syntax", RFC 2062, December 1996, 7379 . 7381 [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version 7382 2", RFC 1176, August 1990, 7383 . 7385 [RFC-822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET 7386 TEXT MESSAGES", STD 11, RFC 822, August 1982, 7387 . 7389 [IMAP-TLS] 7390 Newman, C., "Using TLS with IMAP, POP3 and ACAP", 7391 RFC 2595, June 1999, 7392 . 7394 Appendix A. Backward compatibility with IMAP4rev1 7396 An implementation that wants to remain compatible with IMAP4rev1 can 7397 advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response/ 7398 response code. While some IMAP4rev1 responses were removed in 7399 IMAP4rev2, their presence will not break IMAP4rev2-only clients. 7401 If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that 7402 wants to use IMAP4rev2 MUST issue an "ENABLE IMAP4rev2" command. 7404 Servers advertising both IMAP4rev1 and IMAP4rev2 MUST NOT generate 7405 UTF-8 quoted strings unless the client has issued "ENABLE IMAP4rev2". 7406 Consider implementation of mechanisms described or referenced in 7407 [IMAP-UTF-8] to achieve this goal. 7409 Servers advertising both IMAP4rev1 and IMAP4rev2, and clients 7410 intending to be compatible with IMAP4rev1 servers MUST be compatible 7411 with the international mailbox naming convention described in the 7412 following subsection. 7414 Also see Appendix D for special considerations for servers that 7415 support 63 bit body part/message sizes and want to advertise support 7416 for both IMAP4rev1 and IMAP4rev2. 7418 A.1. Mailbox International Naming Convention for compatibility with 7419 IMAP4rev1 7421 Support for the Mailbox International Naming Convention described in 7422 this section is not required for IMAP4rev2-only clients and servers. 7423 It is only used for backward compatibility with IMAP4rev1 7424 implementations. 7426 By convention, international mailbox names in IMAP4rev1 are specified 7427 using a modified version of the UTF-7 encoding described in [UTF-7]. 7429 Modified UTF-7 may also be usable in servers that implement an 7430 earlier version of this protocol. 7432 In modified UTF-7, printable US-ASCII characters, except for "&", 7433 represent themselves; that is, characters with octet values 0x20-0x25 7434 and 0x27-0x7e. The character "&" (0x26) is represented by the two- 7435 octet sequence "&-". 7437 All other characters (octet values 0x00-0x1f and 0x7f-0xff) are 7438 represented in modified BASE64, with a further modification from 7439 [UTF-7] that "," is used instead of "/". Modified BASE64 MUST NOT be 7440 used to represent any printing US-ASCII character which can represent 7441 itself. Only characters inside the modified BASE64 alphabet are 7442 permitted in modified BASE64 text. 7444 "&" is used to shift to modified BASE64 and "-" to shift back to US- 7445 ASCII. There is no implicit shift from BASE64 to US-ASCII, and null 7446 shifts ("-&" while in BASE64; note that "&-" while in US-ASCII means 7447 "&") are not permitted. However, all names start in US-ASCII, and 7448 MUST end in US-ASCII; that is, a name that ends with a non-ASCII 7449 ISO-10646 character MUST end with a "-"). 7451 The purpose of these modifications is to correct the following 7452 problems with UTF-7: 7454 1. UTF-7 uses the "+" character for shifting; this conflicts with 7455 the common use of "+" in mailbox names, in particular USENET 7456 newsgroup names. 7458 2. UTF-7's encoding is BASE64 which uses the "/" character; this 7459 conflicts with the use of "/" as a popular hierarchy delimiter. 7461 3. UTF-7 prohibits the unencoded usage of "\"; this conflicts with 7462 the use of "\" as a popular hierarchy delimiter. 7464 4. UTF-7 prohibits the unencoded usage of "~"; this conflicts with 7465 the use of "~" in some servers as a home directory indicator. 7467 5. UTF-7 permits multiple alternate forms to represent the same 7468 string; in particular, printable US-ASCII characters can be 7469 represented in encoded form. 7471 Although modified UTF-7 is a convention, it establishes certain 7472 requirements on server handling of any mailbox name with an embedded 7473 "&" character. In particular, server implementations MUST preserve 7474 the exact form of the modified BASE64 portion of a modified UTF-7 7475 name and treat that text as case-sensitive, even if names are 7476 otherwise case-insensitive or case-folded. 7478 Server implementations SHOULD verify that any mailbox name with an 7479 embedded "&" character, used as an argument to CREATE, is: in the 7480 correctly modified UTF-7 syntax, has no superfluous shifts, and has 7481 no encoding in modified BASE64 of any printing US-ASCII character 7482 which can represent itself. However, client implementations MUST NOT 7483 depend upon the server doing this, and SHOULD NOT attempt to create a 7484 mailbox name with an embedded "&" character unless it complies with 7485 the modified UTF-7 syntax. 7487 Server implementations which export a mail store that does not follow 7488 the modified UTF-7 convention MUST convert to modified UTF-7 any 7489 mailbox name that contains either non-ASCII characters or the "&" 7490 character. 7492 For example, here is a mailbox name which mixes English, Chinese, 7493 and Japanese text: ~peter/mail/&U,BTFw-/&ZeVnLIqe- 7495 For example, the string "&Jjo!" is not a valid mailbox name 7496 because it does not contain a shift to US-ASCII before the "!". 7497 The correct form is "&Jjo-!". The string "&U,BTFw-&ZeVnLIqe-" is 7498 not permitted because it contains a superfluous shift. The 7499 correct form is "&U,BTF2XlZyyKng-". 7501 Appendix B. Backward compatibility with BINARY extension 7503 IMAP4rev2 incorporates subset of functionality provided by the BINARY 7504 extension [RFC3516], in particular it includes additional FETCH items 7505 (BINARY, BINARY.PEEK and BINARY.SIZE), but not extensions to the 7506 APPEND command. IMAP4rev2 implementations that supports full RFC 7507 3516 functionality need to also advertise the BINARY capability in 7508 the CAPABILITY response/response code. 7510 Appendix C. Backward compatibility with LIST-EXTENDED extension 7512 IMAP4rev2 incorporates most of functionality provided by the LIST- 7513 EXTENDED extension [RFC5258]. In particular, multiple mailbox 7514 patterns syntax is not supported in IMAP4rev2, unless LIST-EXTENDED 7515 capability is also advertised in the CAPABILITY response/response 7516 code. 7518 Appendix D. 63 bit body part and message sizes 7520 IMAP4rev2 increases allowed body part and message sizes that servers 7521 can support from 32 to 63 bits. Server implementations don't have to 7522 support 63 bit long body parts/message sizes, however client 7523 implementations have to expect them. 7525 As IMAP4rev1 didn't support 63 bit long body part/message sizes, 7526 there is an interoperability issue exposed by 63 bit capable servers 7527 that are accessible by both IMAP4rev1 and IMAP4rev2 email clients. 7528 As IMAP4rev1 would be unable to retrieve full content of messages 7529 bigger than 4Gb, such servers either need to replace messages bigger 7530 that 4Gb with messages under 4Gb or hide them from IMAP4rev1 clients. 7531 This document doesn't prescribe any implementation strategy to 7532 address this issue. 7534 Appendix E. Changes from RFC 3501 / IMAP4rev1 7536 Below is the summary of changes since RFC 3501: 7538 1. Support for 64bit message and body part sizes. 7540 2. Folded in IMAP NAMESPACE (RFC 2342), UNSELECT (RFC 3691), 7541 UIDPLUS (RFC 4315), ESEARCH (RFC 4731), SEARCHRES (RFC 5182), 7542 ENABLE (RFC 5161), IDLE (RFC 2177), SASL-IR (RFC 4959), LIST- 7543 EXTENDED (RFC 5258), LIST-STATUS (RFC 5819), MOVE (RFC 6851) and 7544 LITERAL- (RFC 7888) extensions. Also folded RFC 4466 (IMAP ABNF 7545 extensions), RFC 5530 (response codes), the FETCH side of the 7546 BINARY extension (RFC 3516) and the list of new mailbox 7547 attributes from SPECIAL-USE (RFC 6154). 7549 3. Added STATUS SIZE (RFC 8438) and STATUS DELETED. 7551 4. SEARCH command now requires to return ESEARCH response (SEARCH 7552 response is now deprecated). 7554 5. Clarified which SEARCH keys have to use substring match and 7555 which don't. 7557 6. Clarified that server should decode parameter value 7558 continuations as described in [RFC2231]. This requirement was 7559 hidden in RFC 2231 itself. 7561 7. Clarified that COPYUID response code is returned for both MOVE 7562 and UID MOVE. 7564 8. Tighen requirements about COPY/MOVE commands not creating target 7565 mailbox. Also require them to return TRYCREATE response code, 7566 if the target mailbox doesn't exist and can be created. 7568 9. Added CLOSED response code from RFC 7162. SELECT/EXAMINE when a 7569 mailbox is already selected now requires a CLOSED response code 7570 to be returned. 7572 10. SELECT/EXAMINE are now required to return untagged LIST 7573 response. 7575 11. UNSEEN response code on SELECT/EXAMINE is now deprecated. 7577 12. RECENT response on SELECT/EXAMINE, \Recent flag, RECENT STATUS, 7578 SEARCH NEW items are now deprecated. 7580 13. Clarified that the server doesn't need to send a new 7581 PERMANENTFLAGS response code when a new keyword was successfully 7582 added and the server advertised \* earlier for the same mailbox. 7584 14. For future extensibility extended ABNF for tagged-ext-simple to 7585 allow for bare number64. 7587 15. Added SHOULD level requirement on IMAP servers to support 7588 $MDNSent, $Forwarded, $Junk, $NonJunk and $Phishing keywords. 7590 16. Mailbox names and message headers now allow for UTF-8. Support 7591 for Modified UTF-7 in mailbox names is not required, unless 7592 compatibility with IMAP4rev1 is desired. 7594 17. Removed the CHECK command. Clients should use NOOP instead. 7596 18. RFC822, RFC822.HEADER and RFC822.TEXT FETCH data items were 7597 deprecated. Clients should use the corresponding BODY[] 7598 variants instead. 7600 19. LSUB command was deprecated. Clients should use LIST 7601 (SUBSCRIBED) instead. 7603 20. IDLE command can now return updates not related to the currently 7604 selected mailbox state. 7606 21. All unsolicited FETCH updates are required to include UID. 7608 22. Clarified that client implementations MUST ignore response codes 7609 that they do not recognize. (Change from a SHOULD to a MUST.) 7611 23. resp-text ABNF non terminal was updated to allow for empty text. 7613 24. After ENABLE IMAP4rev2 human readable response text can include 7614 non ASCII encoded in UTF-8. 7616 25. Updated to use modern TLS-related recommendations as per RFC 7617 8314, RFC 7817, RFC 7525. 7619 26. Added warnings about use of ALERT response codes and PREAUTH 7620 response. 7622 27. Replaced DIGEST-MD5 SASL mechanism with SCRAM-SHA-256. DIGEST- 7623 MD5 was deprecated. 7625 28. Clarified that any command received from the client resets 7626 server autologout timer. 7628 29. Revised IANA registration procedure for IMAP extensions and 7629 removed "X" convention in accordance with BCP 178. 7631 30. Loosened requirements on servers when closing connections to be 7632 more aligned with existing practices. 7634 Appendix F. Other Recommended IMAP Extensions 7636 Support for the following extensions is recommended for all IMAP 7637 client and servers. While they significantly reduce bandwidth and/or 7638 number of round trips used by IMAP in certain situations, the EXTRA 7639 WG decided that requiring them as a part of IMAP4rev2 would push the 7640 bar to implement too high for new implementations. Also note that 7641 absence of any IMAP extension from this list doesn't make it somehow 7642 deficient or not recommended for use with IMAP4rev2. 7644 1. QRESYNC and CONDSTORE extensions [RFC7162]. They make 7645 discovering changes to IMAP mailboxes more efficient, at the 7646 expense of storing a bit more state. 7648 2. OBJECTID extension [RFC8474] helps with preserving IMAP client 7649 cache when messages moved/copied or mailboxes are renamed. 7651 Appendix G. Acknowledgement 7653 Earlier versions of this document were edited by Mark Crispin. 7654 Sadly, he is no longer available to help with this work. Editors of 7655 this revisions are hoping that Mark would have approved. 7657 Chris Newman has contributed text on I18N and use of UTF-8 in 7658 messages and mailbox names. 7660 Thank you to Tony Hansen for helping with the index generation. 7661 Thank you to Murray Kucherawy, Timo Sirainen, Bron Gondwana, Stephan 7662 Bosch, Robert Sparks, Arnt Gulbrandsen, Benjamin Kaduk, Daniel 7663 Migault, Roman Danyliw and Eric Vyncke for extensive feedback. 7665 This document incorporates text from RFC 4315 (by Mark Crispin), RFC 7666 4466 (by Cyrus Daboo), RFC 4731 (by Dave Cridland), RFC 5161 (by Arnt 7667 Gulbrandsen), RFC 5465 (by Arnt Gulbrandsen and Curtis King), RFC 7668 5530 (by Arnt Gulbrandsen), RFC 5819 (by Timo Sirainen), RFC 6154 (by 7669 Jamie Nicolson), RFC 8438 (by Stephan Bosch) so work done by authors/ 7670 editors of these documents is appreciated. Note that editors of this 7671 document were redacted from the above list. 7673 The CHILDREN return option was originally proposed by Mike Gahrns and 7674 Raymond Cheng in [RFC3348]. Most of the information in 7675 Section 6.3.9.5 is taken directly from their original specification 7676 [RFC3348]. 7678 Thank you to Damian Poddebniak, Fabian Ising, Hanno Boeck and 7679 Sebastian Schinzel for pointing out that the ENABLE command should be 7680 a member of "command-auth" and not "command-any" ABNF production, as 7681 well as pointing out security issues associated with ALERT, PREAUTH 7682 and other responses received before authentication. 7684 Index 7686 $ 7687 $Forwarded (predefined flag) 12 7688 $Junk (predefined flag) 13 7689 $MDNSent (predefined flag) 13 7690 $NotJunk (predefined flag) 13 7691 $Phishing (predefined flag) 13 7693 + 7694 +FLAGS 93 7695 +FLAGS.SILENT 93 7697 - 7698 -FLAGS 93 7699 -FLAGS.SILENT 93 7701 A 7702 ALERT (response code) 101 7703 ALL (fetch item) 89 7704 ALL (search key) 79 7705 ALL (search result option) 77 7706 ALL (search return item name) 118 7707 ALREADYEXISTS (response code) 101 7708 ANSWERED (search key) 79 7709 APPEND (command) 69 7710 APPENDUID (response code) 101 7711 AUTHENTICATE (command) 30 7712 AUTHENTICATIONFAILED (response code) 102 7713 AUTHORIZATIONFAILED (response code) 102 7715 B 7716 BAD (response) 109 7717 BADCHARSET (response code) 102 7718 BCC (search key) 79 7719 BEFORE (search key) 79 7720 BINARY.PEEK[]<> (fetch item) 89 7721 BINARY.SIZE[] (fetch item) 90 7722 BINARY.SIZE[] (fetch result) 121 7723 BINARY[]<> (fetch result) 120 7724 BINARY[]<> (fetch item) 89 7725 BODY (fetch item) 90 7726 BODY (fetch result) 121 7727 BODY (search key) 79 7728 BODY.PEEK[
]<> (fetch item) 90 7729 BODYSTRUCTURE (fetch item) 91 7730 BODYSTRUCTURE (fetch result) 122 7731 BODY[
]<> (fetch result) 121 7732 BODY[
]<> (fetch item) 90 7733 BYE (response) 110 7734 Body Structure (message attribute) 14 7736 C 7737 CANNOT (response code) 102 7738 CAPABILITY (command) 26 7739 CAPABILITY (response code) 103 7740 CAPABILITY (response) 111 7741 CC (search key) 79 7742 CLIENTBUG (response code) 103 7743 CLOSE (command) 75 7744 CLOSED (response code) 103 7745 CONTACTADMIN (response code) 103 7746 COPY (command) 94 7747 COPYUID (response code) 104 7748 CORRUPTION (response code) 104 7749 COUNT (search result option) 77 7750 COUNT (search return item name) 118 7751 CREATE (command) 39 7753 D 7754 DELETE (command) 40 7755 DELETED (search key) 79 7756 DELETED (status item) 69 7757 DRAFT (search key) 79 7759 E 7760 ENABLE (command) 34 7761 ENVELOPE (fetch item) 91 7762 ENVELOPE (fetch result) 125 7763 ESEARCH (response) 117 7764 EXAMINE (command) 38 7765 EXPIRED (response code) 104 7766 EXPUNGE (command) 76 7767 EXPUNGE (response) 119 7768 EXPUNGEISSUED (response code) 104 7769 Envelope Structure (message attribute) 14 7771 F 7772 FAST (fetch item) 89 7773 FETCH (command) 88 7774 FETCH (response) 120 7775 FLAGGED (search key) 79 7776 FLAGS (fetch item) 91 7777 FLAGS (fetch result) 126 7778 FLAGS (response) 119 7779 FLAGS (store command data item) 93 7780 FLAGS.SILENT (store command data item) 93 7781 FROM (search key) 79 7782 FULL (fetch item) 89 7783 Flags (message attribute) 12 7785 H 7786 HASCHILDREN (response code) 105 7787 HEADER (part specifier) 91 7788 HEADER (search key) 80 7789 HEADER.FIELDS (part specifier) 91 7790 HEADER.FIELDS.NOT (part specifier) 91 7792 I 7793 IDLE (command) 72 7794 INTERNALDATE (fetch item) 91 7795 INTERNALDATE (fetch result) 126 7796 INUSE (response code) 105 7797 Internal Date (message attribute) 14 7799 K 7800 KEYWORD (search key) 80 7801 Keyword (type of flag) 12 7803 L 7804 LARGER (search key) 80 7805 LIMIT (response code) 105 7806 LIST (command) 46 7807 LIST (response) 113 7808 LOGOUT (command) 27 7810 M 7811 MAX (search result option) 77 7812 MAX (search return item name) 118 7813 MAY (specification requirement term) 5 7814 MESSAGES (status item) 69 7815 MIME (part specifier) 92 7816 MIN (search result option) 77 7817 MIN (search return item name) 118 7818 MOVE (command) 95 7819 MUST (specification requirement term) 5 7820 MUST NOT (specification requirement term) 5 7821 Message Sequence Number (message attribute) 11 7823 N 7824 NAMESPACE (command) 64 7825 NAMESPACE (response) 117 7826 NO (response) 109 7827 NONEXISTENT (response code) 105 7828 NOOP (command) 27 7829 NOPERM (response code) 106 7830 NOT (search key) 80 7831 NOT RECOMMENDED (specification requirement term) 5 7833 O 7834 OK (response) 109 7835 ON (search key) 80 7836 OPTIONAL (specification requirement term) 5 7837 OR (search key) 80 7838 OVERQUOTA (response code) 106 7840 P 7841 PARSE (response code) 106 7842 PERMANENTFLAGS (response code) 106 7843 PREAUTH (response) 110 7844 PRIVACYREQUIRED (response code) 107 7845 Permanent Flag (class of flag) 13 7846 Predefined keywords 12 7848 R 7849 READ-ONLY (response code) 107 7850 READ-WRITE (response code) 107 7851 RECOMMENDED (specification requirement term) 5 7852 RENAME (command) 42 7853 REQUIRED (specification requirement term) 5 7854 RFC822.SIZE (fetch item) 91 7855 RFC822.SIZE (fetch result) 126 7857 S 7858 SAVE (search result option) 77 7859 SEARCH (command) 76 7860 SEEN (search key) 80 7861 SELECT (command) 36 7862 SENTBEFORE (search key) 80 7863 SENTON (search key) 80 7864 SENTSINCE (search key) 80 7865 SERVERBUG (response code) 107 7866 SHOULD (specification requirement term) 5 7867 SHOULD NOT (specification requirement term) 5 7868 SINCE (search key) 80 7869 SIZE (status item) 69 7870 SMALLER (search key) 80 7871 STARTTLS (command) 28 7872 STATUS (command) 68 7873 STATUS (response) 117 7874 STORE (command) 93 7875 SUBJECT (search key) 80 7876 SUBSCRIBE (command) 45 7877 Session Flag (class of flag) 13 7878 System Flag (type of flag) 12 7880 T 7881 TEXT (part specifier) 91 7882 TEXT (search key) 81 7883 TO (search key) 81 7884 TRYCREATE (response code) 107 7886 U 7887 UID (command) 97 7888 UID (fetch item) 91 7889 UID (fetch result) 126 7890 UID (search key) 81 7891 UIDNEXT (response code) 107 7892 UIDNEXT (status item) 69 7893 UIDNOTSTICKY (response code) 108 7894 UIDVALIDITY (response code) 108 7895 UIDVALIDITY (status item) 69 7896 UNANSWERED (search key) 81 7897 UNAVAILABLE (response code) 108 7898 UNDELETED (search key) 81 7899 UNDRAFT (search key) 81 7900 UNFLAGGED (search key) 81 7901 UNKEYWORD (search key) 81 7902 UNKNOWN-CTE (response code) 108 7903 UNSEEN (search key) 81 7904 UNSEEN (status item) 69 7905 UNSELECT (command) 75 7906 UNSUBSCRIBE (command) 45 7907 Unique Identifier (UID) (message attribute) 9 7909 [ 7910 [RFC-5322] Size (message attribute) 14 7912 \ 7913 \All (mailbox name attribute) 115 7914 \Answered (system flag) 12 7915 \Archive (mailbox name attribute) 115 7916 \Deleted (system flag) 12 7917 \Draft (system flag) 12 7918 \Drafts (mailbox name attribute) 115 7919 \Flagged (mailbox name attribute) 115 7920 \Flagged (system flag) 12 7921 \HasChildren (mailbox name attribute) 114 7922 \HasNoChildren (mailbox name attribute) 114 7923 \Junk (mailbox name attribute) 115 7924 \Marked (mailbox name attribute) 114 7925 \Noinferiors (mailbox name attribute) 113 7926 \NonExistent (mailbox name attribute) 113 7927 \Noselect (mailbox name attribute) 113 7928 \Recent (system flag) 12 7929 \Remote (mailbox name attribute) 114 7930 \Seen (system flag) 12 7931 \Sent (mailbox name attribute) 115 7932 \Subscribed (mailbox name attribute) 114 7933 \Trash (mailbox name attribute) 115 7934 \Unmarked (mailbox name attribute) 114 7936 Authors' Addresses 7938 Alexey Melnikov (editor) 7939 Isode Ltd 7940 14 Castle Mews 7941 Hampton, Middlesex TW12 2NP 7942 UK 7944 Email: Alexey.Melnikov@isode.com 7946 Barry Leiba (editor) 7947 Futurewei Technologies 7949 Phone: +1 646 827 0648 7950 Email: barryleiba@computer.org 7951 URI: http://internetmessagingtechnology.org/