CS 596: Client-Server ProgrammingDoc 12, POP3 Protocol
CS 596: Client-Server Programming
Purpose: Allow PCs, Macs, etc. to download mail from server
Port number 110
POP3 uses ASCII only
Synchronous protocol
Commands to server:
Response from server:
A POP3 server may have an autologout timer
A Server must wait at least 10 minutes before timing out a client
The POP3 server on saturn times out in 2 minutes!
AUTHORIZATION
Must log in with password before entering TRANSACTION state
TRANSACTION
Client can request actions of server, get mail for example
UPDATE
Updates mail box to reflect actions taken in TRANSACTION state.
Server acknowledges connection from client with
+OK <message>
Example:
+OK UCB Pop server (version 2.1.2-R3) at saturn starting.
Valid commands: USER, PASS, APOP, QUIT
PASS must come after USER
Example:
shelly: [14]--$ telnet saturn.sdsu.edu 110
Trying 130.191.229.1...
Connected to saturn.sdsu.edu.
Escape character is ^].
+OK UCB Pop server (version 2.1.2-R3) at saturn starting.
+OK Password required for turtle
PASS secret
+OK turtle has 21 message(s) (44285 octets).
Valid commands: STAT, LIST, RETR, RSET, QUIT
Arguments:
Returns:
+OK <#messages> <sizeofmail>
Example:
STAT
+OK 22 45594
Arguments:
An optional message number
Returns:
Size of message in octets
Example:
LIST 2
+OK 2 3064
LIST
+OK 22 messages (45595 octets)
1 2980
2 3064
(messages 3 - 21 deleted to save space)
22 1290
.
Arguments:
A message number
Returns:
The message
Example:
RETR 21
+OK 825 octets
Received: from [130.191.9.18] (ebb2p9.sdsu.edu) by saturn.sdsu.edu (8.
8.8/8.8.8) with SMTP id UAA29486 for <turtle@saturn.sdsu.edu> Thu, 27 Feb 1997 6:22:19 -0800 (PST)
X-Sender: andrew@contigo.com (Unverified)
Etc.
This is a test
..
The end.
.
Arguments:
A message number to delete
Marks a message to be deleted in the UPDATE state
Arguments:
None
Returns:
A positive response
Does nothing.
Arguments:
None
Returns:
A positive response
Send POP3 server to UPDATE state
Updates mail box to reflect transactions taken during the transaction state, then logs user out.
If session ends by any method other than the QUIT command, the UPDATE state will not be reached. In this case, all changes are ignored.
Arguments:
A message number
Returns:
Top 10 lines of indicated message
Only allowed in TRANSACTION state
Arguments:
An optional message number
Returns:
A unique ID for the specified message or unique IDs for all messages if no argument was specified.
Example:
UIDL 1
+OK 1 826312760.001
Used by clients to see what message have been seen already
Arguments:
A mailbox name and a MD5 string
(MD5 == Message Digest algorithm #5)
Action:
If MD5 string is correct, move to the TRANSACTION state.
The digest is computed from the string returned by the initial welcome= response plus the users password.
Purpose:
Prevents the password from being sent over the network.
Prevents replay attacts (how?)
Why use this?
Short RFC. Only 22 pages.
Is it "Well defined"?
Is it "Complete"?
Is it "Parsable"?
Is it "Extendible"?
Is it "Available"?
How easy/hard is it to write a POP3 server?
How easy/hard is it to write a POP3 client?
Is the syntax of the protocol separated from the semantics of the protocol?