Mail: IMAP, POP3
Intro
IMAP(Internet Message Access Protocol) and POP3(Post Office Protocol 3) both are used on the receiver end to retrieve the mails from the server.
POP3
POP3 only provides listing, retrieving and deleting mails as functions at the email server. Once the mail has been retrieved from the server using POP3, it is deleted from the server and only remains in the local scope.
IMAP
IMAP allows online management of emails on remote server directly i.e. the local changes are synchronized with the server. Unlike POP3, email remains on the server until they are deleted even after they have been retrieved by a client, making it possible for multiple clients to access the server and see the same result. IMAP also supports folder structure on the server making it easier to manage mails.
The sent emails are also copied into an IMAP folder so that the client can view the sent emails.
Authentication and Encryption
By default, client establishes connection to the server via port 143 and 110 for IMAP and POP3 respectively. For accessing the mailbox, authentication is required which is generally done through username and password. By default, the communication is in plain-text, which is not good from security perspective. The communication can be encrypted using SSL/TLS. Port 993 and 995 is generally used for encrypted communication for IMAP and POP3 respectively.
| Protocol | Port | Encryption |
|---|---|---|
| IMAP | 143 | No |
| IMAP | 993 | Yes |
| POP3 | 110 | No |
| POP3 | 995 | Yes |
Commands
IMAP Commands
| Command | Description |
|---|---|
| 1 LOGIN username password | User’s login. |
| 1 LIST “” * | Lists all directories. |
| 1 CREATE “INBOX” | Creates a mailbox with a specified name. |
| 1 DELETE “INBOX” | Deletes a mailbox. |
| 1 RENAME “ToRead” “Important” | Renames a mailbox. |
| 1 LSUB “” * | Returns a subset of names from the set of names that the User has declared as being active or subscribed. |
| 1 SELECT INBOX | Selects a mailbox so that messages in the mailbox can be accessed. |
| 1 UNSELECT INBOX | Exits the selected mailbox. |
| 1 FETCH |
Retrieves certain attributes associated with a message in the mailbox. |
| 1 CLOSE | Removes all messages with the Deleted flag set. |
| 1 LOGOUT | Closes the connection with the IMAP server. |
IMAP command tag
Each command in IMAP must have a tag. This tag is an arbitrarily chosen value that can be simple as a or complex as TRAN12. 1 in the above table signifies that the tag associated with the command is 1. We can issue multiple IMAP commands without waiting for the result. IMAP server will also send the tag in the response, which will help us to identify to which command the IMAP server is responding. Ideally they should be unique when issuing asynchronous commands.
IMAP FETCH command
Various attributes of a mail that can be passed to FETCH command are:
- BODY[section]: Retrieves a specific part of the message body identified by the section. Sections can include headers, text, HTML, attachments, etc. For example,
BODY[HEADER]retrieves only the header of the message. If whole body needs to be retrieved,BODY[]can be used. - FLAGS: Retrieves the flags associated with the message, such as \Seen, \Flagged, \Deleted, etc.
- ENVELOPE: Retrieves the envelope structure of the message, including sender, recipients, date, subject, etc.
- INTERNALDATE: Retrieves the internal date of the message, indicating when it was received by the server.
- RFC822: Retrieves the entire message in RFC822 format.
- RFC822.HEADER: Retrieves only the header of the message in RFC822 format.
- RFC822.SIZE: Retrieves the size of the message(body) in bytes.
- UID: Retrieves the unique identifier assigned to the message by the server.
- BODYSTRUCTURE: Retrieves the MIME structure of the message, including information about multipart/alternative, attachments, etc.
- BODY.PEEK[]: Similar to BODY[], but does not set the \Seen flag on the message.
> FETCH 1 all
* 1 FETCH (FLAGS (\Seen) INTERNALDATE "08-Nov-2021 23:51:24 +0000" RFC822.SIZE 167 ENVELOPE ("Wed, 03 Nov 2021 16:13:27 +0200" "Flag" (("CTO" NIL "devadmin" "inlanefreight.htb")) (("CTO" NIL "devadmin" "inlanefreight.htb")) (("CTO" NIL "devadmin" "inlanefreight.htb")) (("Robin" NIL "robin" "inlanefreight.htb")) NIL NIL NIL NIL))
Fetch command output example
Depending upon the server configuration, all will return a combination of the above attributes. In the above case, FLAGS, INTERNALDATE, RFC822.SIZE, ENVELOPE are returned.
POP3 Commands
| Command | Description |
|---|---|
| USER username | Identifies the user. |
| PASS password | Authentication of the user using its password. |
| STAT | Requests the number of saved emails from the server. |
| LIST | Requests from the server the number and size of all emails. |
| RETR id | Requests the server to deliver the requested email by ID. |
| DELE id | Requests the server to delete the requested email by ID. |
| CAPA | Requests the server to display the server capabilities. |
| RSET | Requests the server to reset the transmitted information. |
| QUIT | Closes the connection with the POP3 server. |
Connection Establish
To establish IMAP/POP3 connection from command line, curl, nc, telnet can be used in case of unencrypted communication and openssl can be used in case of encrypted communication:
curl -k 'imaps://{server_IP}' --user {username}:{password} -X {command} -v
openssl s_client -connect {server_IP}:pop3s # Instead of pop3s, port can also be specified
openssl s_client -connect {server_IP}:imaps # Instead of imaps, port can also be specified
Once the connection has been established, above IMAP/POP3 commands can be used to interact with the server.
When initiating the connection for encrypted communication, the SSL certificate in use can reveal important information such as organization name, domain, etc.
Relation between SMTP server, IMAP/POP3 server and email clients
Generally, a mail server for a domain is hosted. This machine will act as both SMTP server for sending outgoing mails and IMAP/POP3 server for receiving incoming mails. The email clients that we use such as Gmail, Outlook also issue SMTP, IMAP commands internally but makes it easier for us to use through its UI.