阿凡提的电视:RFC:3501 - INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1

Network Working Group                                         M. CrispinRequest for Comments: 3501                      University of WashingtonObsoletes: 2060                                               March 2003Category: Standards TrackINTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1Status of this MemoThis document specifies an Internet standards track protocol for theInternet community, and requests discussion and suggestions forimprovements.  Please refer to the current edition of the "InternetOfficial Protocol Standards" (STD 1) for the standardization stateand status of this protocol.  Distribution of this memo is unlimited.Copyright NoticeCopyright (C) The Internet Society (2003).  All Rights Reserved.AbstractThe Internet Message Access Protocol, Version 4rev1 (IMAP4rev1)allows a client to access and manipulate electronic mail messages ona server.  IMAP4rev1 permits manipulation of mailboxes (remotemessage folders) in a way that is functionally equivalent to localfolders.  IMAP4rev1 also provides the capability for an offlineclient to resynchronize with the server.IMAP4rev1 includes operations for creating, deleting, and renamingmailboxes, checking for new messages, permanently removing messages,setting and clearing flags, RFC 2822 and RFC 2045 parsing, searching,and selective fetching of message attributes, texts, and portionsthereof.  Messages in IMAP4rev1 are accessed by the use of numbers.These numbers are either message sequence numbers or uniqueidentifiers.IMAP4rev1 supports a single server.  A mechanism for accessingconfiguration information to support multiple IMAP4rev1 servers isdiscussed in RFC 2244.IMAP4rev1 does not specify a means of posting mail; this function ishandled by a mail transfer protocol such as RFC 2821.Crispin                     Standards Track                     [Page 1]RFC 3501                         IMAPv4                       March 2003Table of ContentsIMAP4rev1 Protocol Specification ................................  41.      How to Read This Document ...............................  41.1.    Organization of This Document ...........................  41.2.    Conventions Used in This Document .......................  41.3.    Special Notes to Implementors ...........................  52.      Protocol Overview .......................................  62.1.    Link Level ..............................................  62.2.    Commands and Responses ..................................  62.2.1.  Client Protocol Sender and Server Protocol Receiver .....  62.2.2.  Server Protocol Sender and Client Protocol Receiver .....  72.3.    Message Attributes ......................................  82.3.1.  Message Numbers .........................................  82.3.1.1.        Unique Identifier (UID) Message Attribute .......  82.3.1.2.        Message Sequence Number Message Attribute ....... 102.3.2.  Flags Message Attribute ................................. 112.3.3.  Internal Date Message Attribute ......................... 122.3.4.  [RFC-2822] Size Message Attribute ....................... 122.3.5.  Envelope Structure Message Attribute .................... 122.3.6.  Body Structure Message Attribute ........................ 122.4.    Message Texts ........................................... 133.      State and Flow Diagram .................................. 133.1.    Not Authenticated State ................................. 133.2.    Authenticated State ..................................... 133.3.    Selected State .......................................... 133.4.    Logout State ............................................ 144.      Data Formats ............................................ 164.1.    Atom .................................................... 164.2.    Number .................................................. 164.3.    String .................................................. 164.3.1.  8-bit and Binary Strings ................................ 174.4.    Parenthesized List ...................................... 174.5.    NIL ..................................................... 175.      Operational Considerations .............................. 185.1.    Mailbox Naming .......................................... 185.1.1.  Mailbox Hierarchy Naming ................................ 195.1.2.  Mailbox Namespace Naming Convention ..................... 195.1.3.  Mailbox International Naming Convention ................. 195.2.    Mailbox Size and Message Status Updates ................. 215.3.    Response when no Command in Progress .................... 215.4.    Autologout Timer ........................................ 225.5.    Multiple Commands in Progress ........................... 226.      Client Commands ........................................  236.1.    Client Commands - Any State ............................  246.1.1.  CAPABILITY Command .....................................  246.1.2.  NOOP Command ...........................................  256.1.3.  LOGOUT Command .........................................  26Crispin                     Standards Track                     [Page 2]RFC 3501                         IMAPv4                       March 20036.2.    Client Commands - Not Authenticated State ..............  266.2.1.  STARTTLS Command .......................................  276.2.2.  AUTHENTICATE Command ...................................  286.2.3.  LOGIN Command ..........................................  306.3.    Client Commands - Authenticated State ..................  316.3.1.  SELECT Command .........................................  326.3.2.  EXAMINE Command ........................................  346.3.3.  CREATE Command .........................................  346.3.4.  DELETE Command .........................................  356.3.5.  RENAME Command .........................................  376.3.6.  SUBSCRIBE Command ......................................  396.3.7.  UNSUBSCRIBE Command ....................................  396.3.8.  LIST Command ...........................................  406.3.9.  LSUB Command ...........................................  436.3.10. STATUS Command .........................................  446.3.11. APPEND Command .........................................  466.4.    Client Commands - Selected State .......................  476.4.1.  CHECK Command ..........................................  476.4.2.  CLOSE Command ..........................................  486.4.3.  EXPUNGE Command ........................................  496.4.4.  SEARCH Command .........................................  496.4.5.  FETCH Command ..........................................  546.4.6.  STORE Command ..........................................  586.4.7.  COPY Command ...........................................  596.4.8.  UID Command ............................................  606.5.    Client Commands - Experimental/Expansion ...............  626.5.1.  X Command ........................................  627.      Server Responses .......................................  627.1.    Server Responses - Status Responses ....................  637.1.1.  OK Response ............................................  657.1.2.  NO Response ............................................  667.1.3.  BAD Response ...........................................  667.1.4.  PREAUTH Response .......................................  677.1.5.  BYE Response ...........................................  677.2.    Server Responses - Server and Mailbox Status ...........  687.2.1.  CAPABILITY Response ....................................  687.2.2.  LIST Response ..........................................  697.2.3.  LSUB Response ..........................................  707.2.4   STATUS Response ........................................  707.2.5.  SEARCH Response ........................................  717.2.6.  FLAGS Response .........................................  717.3.    Server Responses - Mailbox Size ........................  717.3.1.  EXISTS Response ........................................  717.3.2.  RECENT Response ........................................  727.4.    Server Responses - Message Status ......................  727.4.1.  EXPUNGE Response .......................................  727.4.2.  FETCH Response .........................................  737.5.    Server Responses - Command Continuation Request ........  79Crispin                     Standards Track                     [Page 3]RFC 3501                         IMAPv4                       March 20038.      Sample IMAP4rev1 connection ............................  809.      Formal Syntax ..........................................  8110.     Author's Note ..........................................  9211.     Security Considerations ................................  9211.1.   STARTTLS Security Considerations .......................  9211.2.   Other Security Considerations ..........................  9312.     IANA Considerations ....................................  94Appendices .....................................................  95A.      References .............................................  95B.      Changes from RFC 2060 ..................................  97C.      Key Word Index ......................................... 103Author's Address ............................................... 107Full Copyright Statement ....................................... 108IMAP4rev1 Protocol Specification1.      How to Read This Document1.1.    Organization of This DocumentThis document is written from the point of view of the implementor ofan IMAP4rev1 client or server.  Beyond the protocol overview insection 2, it is not optimized for someone trying to understand theoperation of the protocol.  The material in sections 3 through 5provides the general context and definitions with which IMAP4rev1operates.Sections 6, 7, and 9 describe the IMAP commands, responses, andsyntax, respectively.  The relationships among these are such that itis almost impossible to understand any of them separately.  Inparticular, do not attempt to deduce command syntax from the commandsection alone; instead refer to the Formal Syntax section.1.2.    Conventions Used in This Document"Conventions" are basic principles or procedures.  Documentconventions are noted in this section.In examples, "C:" and "S:" indicate lines sent by the client andserver respectively.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT","SHOULD", "SHOULD NOT", "MAY", and "OPTIONAL" in this document are tobe interpreted as described in [KEYWORDS].The word "can" (not "may") is used to refer to a possiblecircumstance or situation, as opposed to an optional facility of theprotocol.Crispin                     Standards Track                     [Page 4]RFC 3501                         IMAPv4                       March 2003"User" is used to refer to a human user, whereas "client" refers tothe software being run by the user."Connection" refers to the entire sequence of client/serverinteraction from the initial establishment of the network connectionuntil its termination."Session" refers to the sequence of client/server interaction fromthe time that a mailbox is selected (SELECT or EXAMINE command) untilthe time that selection ends (SELECT or EXAMINE of another mailbox,CLOSE command, or connection termination).Characters are 7-bit US-ASCII unless otherwise specified.  Othercharacter sets are indicated using a "CHARSET", as described in[MIME-IMT] and defined in [CHARSET].  CHARSETs have importantadditional semantics in addition to defining character set; refer tothese documents for more detail.There are several protocol conventions in IMAP.  These refer toaspects of the specification which are not strictly part of the IMAPprotocol, but reflect generally-accepted practice.  Implementationsneed to be aware of these conventions, and avoid conflicts whether ornot they implement the convention.  For example, "&" may not be usedas a hierarchy delimiter since it conflicts with the MailboxInternational Naming Convention, and other uses of "&" in mailboxnames are impacted as well.1.3.    Special Notes to ImplementorsImplementors of the IMAP protocol are strongly encouraged to read theIMAP implementation recommendations document [IMAP-IMPLEMENTATION] inconjunction with this document, to help understand the intricacies ofthis protocol and how best to build an interoperable product.IMAP4rev1 is designed to be upwards compatible from the [IMAP2] andunpublished IMAP2bis protocols.  IMAP4rev1 is largely compatible withthe IMAP4 protocol described in RFC 1730; the exception being incertain facilities added in RFC 1730 that proved problematic and weresubsequently removed.  In the course of the evolution of IMAP4rev1,some aspects in the earlier protocols have become obsolete.  Obsoletecommands, responses, and data formats which an IMAP4rev1implementation can encounter when used with an earlier implementationare described in [IMAP-OBSOLETE].Other compatibility issues with IMAP2bis, the most common variant ofthe earlier protocol, are discussed in [IMAP-COMPAT].  A fulldiscussion of compatibility issues with rare (and presumed extinct)Crispin                     Standards Track                     [Page 5]RFC 3501                         IMAPv4                       March 2003variants of [IMAP2] is in [IMAP-HISTORICAL]; this document isprimarily of historical interest.IMAP was originally developed for the older [RFC-822] standard, andas a consequence several fetch items in IMAP incorporate "RFC822" intheir name.  With the exception of RFC822.SIZE, there are more modernreplacements; for example, the modern version of RFC822.HEADER isBODY.PEEK[HEADER].  In all cases, "RFC822" should be interpreted as areference to the updated [RFC-2822] standard.2.      Protocol Overview2.1.    Link LevelThe IMAP4rev1 protocol assumes a reliable data stream such as thatprovided by TCP.  When TCP is used, an IMAP4rev1 server listens onport 143.2.2.    Commands and ResponsesAn IMAP4rev1 connection consists of the establishment of aclient/server network connection, an initial greeting from theserver, and client/server interactions.  These client/serverinteractions consist of a client command, server data, and a servercompletion result response.All interactions transmitted by client and server are in the form oflines, that is, strings that end with a CRLF.  The protocol receiverof an IMAP4rev1 client or server is either reading a line, or isreading a sequence of octets with a known count followed by a line.2.2.1.  Client Protocol Sender and Server Protocol ReceiverThe client command begins an operation.  Each client command isprefixed with an identifier (typically a short alphanumeric string,e.g., A0001, A0002, etc.) called a "tag".  A different tag isgenerated by the client for each command.Clients MUST follow the syntax outlined in this specificationstrictly.  It is a syntax error to send a command with missing orextraneous spaces or arguments.There are two cases in which a line from the client does notrepresent a complete command.  In one case, a command argument isquoted with an octet count (see the description of literal in Stringunder Data Formats); in the other case, the command arguments requireserver feedback (see the AUTHENTICATE command).  In either case, theCrispin                     Standards Track                     [Page 6]RFC 3501                         IMAPv4                       March 2003server sends a command continuation request response if it is readyfor the octets (if appropriate) and the remainder of the command.This response is prefixed with the token "+".Note: If instead, the server detected an error in thecommand, it sends a BAD completion response with a tagmatching the command (as described below) to reject thecommand and prevent the client from sending any more of thecommand.It is also possible for the server to send a completionresponse for some other command (if multiple commands arein progress), or untagged data.  In either case, thecommand continuation request is still pending; the clienttakes the appropriate action for the response, and readsanother response from the server.  In all cases, the clientMUST send a complete command (including receiving allcommand continuation request responses and commandcontinuations for the command) before initiating a newcommand.The protocol receiver of an IMAP4rev1 server reads a command linefrom the client, parses the command and its arguments, and transmitsserver data and a server command completion result response.2.2.2.  Server Protocol Sender and Client Protocol ReceiverData transmitted by the server to the client and status responsesthat do not indicate command completion are prefixed with the token"*", and are called untagged responses.Server data MAY be sent as a result of a client command, or MAY besent unilaterally by the server.  There is no syntactic differencebetween server data that resulted from a specific command and serverdata that were sent unilaterally.The server completion result response indicates the success orfailure of the operation.  It is tagged with the same tag as theclient command which began the operation.  Thus, if more than onecommand is in progress, the tag in a server completion responseidentifies the command to which the response applies.  There arethree possible server completion responses: OK (indicating success),NO (indicating failure), or BAD (indicating a protocol error such asunrecognized command or command syntax error).Servers SHOULD enforce the syntax outlined in this specificationstrictly.  Any client command with a protocol syntax error, including(but not limited to) missing or extraneous spaces or arguments,Crispin                     Standards Track                     [Page 7]RFC 3501                         IMAPv4                       March 2003SHOULD be rejected, and the client given a BAD server completionresponse.The protocol receiver of an IMAP4rev1 client reads a response linefrom the server.  It then takes action on the response based upon thefirst token of the response, which can be a tag, a "*", or a "+".A client MUST be prepared to accept any server response at all times.This includes server data that was not requested.  Server data SHOULDbe recorded, so that the client can reference its recorded copyrather than sending a command to the server to request the data.  Inthe case of certain server data, the data MUST be recorded.This topic is discussed in greater detail in the Server Responsessection.2.3.    Message AttributesIn addition to message text, each message has several attributesassociated with it.  These attributes can be retrieved individuallyor in conjunction with other attributes or message texts.2.3.1.  Message NumbersMessages in IMAP4rev1 are accessed by one of two numbers; the uniqueidentifier or the message sequence number.2.3.1.1.        Unique Identifier (UID) Message AttributeA 32-bit value assigned to each message, which when used with theunique identifier validity value (see below) forms a 64-bit valuethat MUST NOT refer to any other message in the mailbox or anysubsequent mailbox with the same name forever.  Unique identifiersare assigned in a strictly ascending fashion in the mailbox; as eachmessage is added to the mailbox it is assigned a higher UID than themessage(s) which were added previously.  Unlike message sequencenumbers, unique identifiers are not necessarily contiguous.The unique identifier of a message MUST NOT change during thesession, and SHOULD NOT change between sessions.  Any change ofunique identifiers between sessions MUST be detectable using theUIDVALIDITY mechanism discussed below.  Persistent unique identifiersare required for a client to resynchronize its state from a previoussession with the server (e.g., disconnected or offline accessclients); this is discussed further in [IMAP-DISC].Crispin                     Standards Track                     [Page 8]RFC 3501                         IMAPv4                       March 2003Associated with every mailbox are two values which aid in uniqueidentifier handling: the next unique identifier value and the uniqueidentifier validity value.The next unique identifier value is the predicted value that will beassigned to a new message in the mailbox.  Unless the uniqueidentifier validity also changes (see below), the next uniqueidentifier value MUST have the following two characteristics.  First,the next unique identifier value MUST NOT change unless new messagesare added to the mailbox; and second, the next unique identifiervalue MUST change whenever new messages are added to the mailbox,even if those new messages are subsequently expunged.Note: The next unique identifier value is intended toprovide a means for a client to determine whether anymessages have been delivered to the mailbox since theprevious time it checked this value.  It is not intended toprovide any guarantee that any message will have thisunique identifier.  A client can only assume, at the timethat it obtains the next unique identifier value, thatmessages arriving after that time will have a UID greaterthan or equal to that value.The unique identifier validity value is sent in a UIDVALIDITYresponse code in an OK untagged response at mailbox selection time.If unique identifiers from an earlier session fail to persist in thissession, the unique identifier validity value MUST be greater thanthe one used in the earlier session.Note: Ideally, unique identifiers SHOULD persist at alltimes.  Although this specification recognizes that failureto persist can be unavoidable in certain serverenvironments, it STRONGLY ENCOURAGES message storeimplementation techniques that avoid this problem.  Forexample:1) Unique identifiers MUST be strictly ascending in themailbox at all times.  If the physical message store isre-ordered by a non-IMAP agent, this requires that theunique identifiers in the mailbox be regenerated, sincethe former unique identifiers are no longer strictlyascending as a result of the re-ordering.2) If the message store has no mechanism to store uniqueidentifiers, it must regenerate unique identifiers ateach session, and each session must have a uniqueUIDVALIDITY value.Crispin                     Standards Track                     [Page 9]RFC 3501                         IMAPv4                       March 20033) If the mailbox is deleted and a new mailbox with thesame name is created at a later date, the server musteither keep track of unique identifiers from theprevious instance of the mailbox, or it must assign anew UIDVALIDITY value to the new instance of themailbox.  A good UIDVALIDITY value to use in this caseis a 32-bit representation of the creation date/time ofthe mailbox.  It is alright to use a constant such as1, but only if it guaranteed that unique identifierswill never be reused, even in the case of a mailboxbeing deleted (or renamed) and a new mailbox by thesame name created at some future time.4) The combination of mailbox name, UIDVALIDITY, and UIDmust refer to a single immutable message on that serverforever.  In particular, the internal date, [RFC-2822]size, envelope, body structure, and message texts(RFC822, RFC822.HEADER, RFC822.TEXT, and all BODY[...]fetch data items) must never change.  This does notinclude message numbers, nor does it include attributesthat can be set by a STORE command (e.g., FLAGS).2.3.1.2.        Message Sequence Number Message AttributeA relative position from 1 to the number of messages in the mailbox.This position MUST be ordered by ascending unique identifier.  Aseach new message is added, it is assigned a message sequence numberthat is 1 higher than the number of messages in the mailbox beforethat new message was added.Message sequence numbers can be reassigned during the session.  Forexample, when a message is permanently removed (expunged) from themailbox, the message sequence number for all subsequent messages isdecremented.  The number of messages in the mailbox is alsodecremented.  Similarly, a new message can be assigned a messagesequence number that was once held by some other message prior to anexpunge.In addition to accessing messages by relative position in themailbox, message sequence numbers can be used in mathematicalcalculations.  For example, if an untagged "11 EXISTS" is received,and previously an untagged "8 EXISTS" was received, three newmessages have arrived with message sequence numbers of 9, 10, and 11.Another example, if message 287 in a 523 message mailbox has UID12345, there are exactly 286 messages which have lesser UIDs and 236messages which have greater UIDs.Crispin                     Standards Track                    [Page 10]RFC 3501                         IMAPv4                       March 20032.3.2.  Flags Message AttributeA list of zero or more named tokens associated with the message.  Aflag is set by its addition to this list, and is cleared by itsremoval.  There are two types of flags in IMAP4rev1.  A flag ofeither type can be permanent or session-only.A system flag is a flag name that is pre-defined in thisspecification.  All system flags begin with "\".  Certain systemflags (\Deleted and \Seen) have special semantics describedelsewhere.  The currently-defined system flags are:\SeenMessage has been read\AnsweredMessage has been answered\FlaggedMessage is "flagged" for urgent/special attention\DeletedMessage is "deleted" for removal by later EXPUNGE\DraftMessage has not completed composition (marked as a draft).\RecentMessage is "recently" arrived in this mailbox.  This sessionis the first session to have been notified about thismessage; if the session is read-write, subsequent sessionswill not see \Recent set for this message.  This flag can notbe altered by the client.If it is not possible to determine whether or not thissession is the first session to be notified about a message,then that message SHOULD be considered recent.If multiple connections have the same mailbox selectedsimultaneously, it is undefined which of these connectionswill see newly-arrived messages with \Recent set and whichwill see it without \Recent set.A keyword is defined by the server implementation.  Keywords do notbegin with "\".  Servers MAY permit the client to define new keywordsin the mailbox (see the description of the PERMANENTFLAGS responsecode for more information).Crispin                     Standards Track                    [Page 11]RFC 3501                         IMAPv4                       March 2003A flag can be permanent or session-only on a per-flag basis.Permanent flags are those which the client can add or remove from themessage flags permanently; that is, concurrent and subsequentsessions will see any change in permanent flags.  Changes to sessionflags are valid only in that session.Note: The \Recent system flag is a special case of asession flag.  \Recent can not be used as an argument in aSTORE or APPEND command, and thus can not be changed atall.2.3.3.  Internal Date Message AttributeThe internal date and time of the message on the server.  Thisis not the date and time in the [RFC-2822] header, but rather adate and time which reflects when the message was received.  Inthe case of messages delivered via [SMTP], this SHOULD be thedate and time of final delivery of the message as defined by[SMTP].  In the case of messages delivered by the IMAP4rev1 COPYcommand, this SHOULD be the internal date and time of the sourcemessage.  In the case of messages delivered by the IMAP4rev1APPEND command, this SHOULD be the date and time as specified inthe APPEND command description.  All other cases areimplementation defined.2.3.4.  [RFC-2822] Size Message AttributeThe number of octets in the message, as expressed in [RFC-2822]format.2.3.5.  Envelope Structure Message AttributeA parsed representation of the [RFC-2822] header of the message.Note that the IMAP Envelope structure is not the same as an[SMTP] envelope.2.3.6.  Body Structure Message AttributeA parsed representation of the [MIME-IMB] body structureinformation of the message.Crispin                     Standards Track                    [Page 12]RFC 3501                         IMAPv4                       March 20032.4.    Message TextsIn addition to being able to fetch the full [RFC-2822] text of amessage, IMAP4rev1 permits the fetching of portions of the fullmessage text.  Specifically, it is possible to fetch the[RFC-2822] message header, [RFC-2822] message body, a [MIME-IMB]body part, or a [MIME-IMB] header.3.      State and Flow DiagramOnce the connection between client and server is established, anIMAP4rev1 connection is in one of four states.  The initialstate is identified in the server greeting.  Most commands areonly valid in certain states.  It is a protocol error for theclient to attempt a command while the connection is in aninappropriate state, and the server will respond with a BAD orNO (depending upon server implementation) command completionresult.3.1.    Not Authenticated StateIn the not authenticated state, the client MUST supplyauthentication credentials before most commands will bepermitted.  This state is entered when a connection startsunless the connection has been pre-authenticated.3.2.    Authenticated StateIn the authenticated state, the client is authenticated and MUSTselect a mailbox to access before commands that affect messageswill be permitted.  This state is entered when apre-authenticated connection starts, when acceptableauthentication credentials have been provided, after an error inselecting a mailbox, or after a successful CLOSE command.3.3.    Selected StateIn a selected state, a mailbox has been selected to access.This state is entered when a mailbox has been successfullyselected.Crispin                     Standards Track                    [Page 13]RFC 3501                         IMAPv4                       March 20033.4.    Logout StateIn the logout state, the connection is being terminated.  Thisstate can be entered as a result of a client request (via theLOGOUT command) or by unilateral action on the part of eitherthe client or server.If the client requests the logout state, the server MUST send anuntagged BYE response and a tagged OK response to the LOGOUTcommand before the server closes the connection; and the clientMUST read the tagged OK response to the LOGOUT command beforethe client closes the connection.A server MUST NOT unilaterally close the connection withoutsending an untagged BYE response that contains the reason forhaving done so.  A client SHOULD NOT unilaterally close theconnection, and instead SHOULD issue a LOGOUT command.  If theserver detects that the client has unilaterally closed theconnection, the server MAY omit the untagged BYE response andsimply close its connection.Crispin                     Standards Track                    [Page 14]RFC 3501                         IMAPv4                       March 2003+----------------------+|connection established|+----------------------+||\/+--------------------------------------+|          server greeting             |+--------------------------------------+|| (1)       || (2)        || (3)\/           ||            ||+-----------------+    ||            |||Not Authenticated|    ||            ||+-----------------+    ||            |||| (7)   || (4)       ||            ||||       \/           \/            ||||     +----------------+           ||||     | Authenticated  |<=++       ||||     +----------------+  ||       ||||       || (7)   || (5)   || (6)   ||||       ||       \/       ||       ||||       ||    +--------+  ||       ||||       ||    |Selected|==++       ||||       ||    +--------+           ||||       ||       || (7)            ||\/       \/       \/                \/+--------------------------------------+|               Logout                 |+--------------------------------------+||\/+-------------------------------+|both sides close the connection|+-------------------------------+(1) connection without pre-authentication (OK greeting)(2) pre-authenticated connection (PREAUTH greeting)(3) rejected connection (BYE greeting)(4) successful LOGIN or AUTHENTICATE command(5) successful SELECT or EXAMINE command(6) CLOSE command, or failed SELECT or EXAMINE command(7) LOGOUT command, server shutdown, or connection closedCrispin                     Standards Track                    [Page 15]RFC 3501                         IMAPv4                       March 20034.      Data FormatsIMAP4rev1 uses textual commands and responses.  Data inIMAP4rev1 can be in one of several forms: atom, number, string,parenthesized list, or NIL.  Note that a particular data itemmay take more than one form; for example, a data item defined asusing "astring" syntax may be either an atom or a string.4.1.    AtomAn atom consists of one or more non-special characters.4.2.    NumberA number consists of one or more digit characters, andrepresents a numeric value.4.3.    StringA string is in one of two forms: either literal or quotedstring.  The literal form is the general form of string.  Thequoted string form is an alternative that avoids the overhead ofprocessing a literal at the cost of limitations of characterswhich may be used.A literal is a sequence of zero or more octets (including CR andLF), prefix-quoted with an octet count in the form of an openbrace ("{"), the number of octets, close brace ("}"), and CRLF.In the case of literals transmitted from server to client, theCRLF is immediately followed by the octet data.  In the case ofliterals transmitted from client to server, the client MUST waitto receive a command continuation request (described later inthis document) before sending the octet data (and the remainderof the command).A quoted string is a sequence of zero or more 7-bit characters,excluding CR and LF, with double quote (<">) characters at eachend.The empty string is represented as either "" (a quoted stringwith zero characters between double quotes) or as {0} followedby CRLF (a literal with an octet count of 0).Note: Even if the octet count is 0, a client transmitting aliteral MUST wait to receive a command continuation request.Crispin                     Standards Track                    [Page 16]RFC 3501                         IMAPv4                       March 20034.3.1.  8-bit and Binary Strings8-bit textual and binary mail is supported through the use of a[MIME-IMB] content transfer encoding.  IMAP4rev1 implementations MAYtransmit 8-bit or multi-octet characters in literals, but SHOULD doso only when the [CHARSET] is identified.Although a BINARY body encoding is defined, unencoded binary stringsare not permitted.  A "binary string" is any string with NULcharacters.  Implementations MUST encode binary data into a textualform, such as BASE64, before transmitting the data.  A string with anexcessive amount of CTL characters MAY also be considered to bebinary.4.4.    Parenthesized ListData structures are represented as a "parenthesized list"; a sequenceof data items, delimited by space, and bounded at each end byparentheses.  A parenthesized list can contain other parenthesizedlists, using multiple levels of parentheses to indicate nesting.The empty list is represented as () -- a parenthesized list with nomembers.4.5.    NILThe special form "NIL" represents the non-existence of a particulardata item that is represented as a string or parenthesized list, asdistinct from the empty string "" or the empty parenthesized list ().Note: NIL is never used for any data item which takes theform of an atom.  For example, a mailbox name of "NIL" is amailbox named NIL as opposed to a non-existent mailboxname.  This is because mailbox uses "astring" syntax whichis an atom or a string.  Conversely, an addr-name of NIL isa non-existent personal name, because addr-name uses"nstring" syntax which is NIL or a string, but never anatom.Crispin                     Standards Track                    [Page 17]RFC 3501                         IMAPv4                       March 20035.      Operational ConsiderationsThe following rules are listed here to ensure that all IMAP4rev1implementations interoperate properly.5.1.    Mailbox NamingMailbox names are 7-bit.  Client implementations MUST NOT attempt tocreate 8-bit mailbox names, and SHOULD interpret any 8-bit mailboxnames returned by LIST or LSUB as UTF-8.  Server implementationsSHOULD prohibit the creation of 8-bit mailbox names, and SHOULD NOTreturn 8-bit mailbox names in LIST or LSUB.  See section 5.1.3 formore information on how to represent non-ASCII mailbox names.Note: 8-bit mailbox names were undefined in earlierversions of this protocol.  Some sites used a local 8-bitcharacter set to represent non-ASCII mailbox names.  Suchusage is not interoperable, and is now formally deprecated.The case-insensitive mailbox name INBOX is a special name reserved tomean "the primary mailbox for this user on this server".  Theinterpretation of all other names is implementation-dependent.In particular, this specification takes no position on casesensitivity in non-INBOX mailbox names.  Some server implementationsare fully case-sensitive; others preserve case of a newly-createdname but otherwise are case-insensitive; and yet others coerce namesto a particular case.  Client implementations MUST interact with anyof these.  If a server implementation interprets non-INBOX mailboxnames as case-insensitive, it MUST treat names using theinternational naming convention specially as described in section5.1.3.There are certain client considerations when creating a new mailboxname:1)    Any character which is one of the atom-specials (see the FormalSyntax) will require that the mailbox name be represented as aquoted string or literal.2)    CTL and other non-graphic characters are difficult to representin a user interface and are best avoided.3)    Although the list-wildcard characters ("%" and "*") are validin a mailbox name, it is difficult to use such mailbox nameswith the LIST and LSUB commands due to the conflict withwildcard interpretation.Crispin                     Standards Track                    [Page 18]RFC 3501                         IMAPv4                       March 20034)    Usually, a character (determined by the server implementation)is reserved to delimit levels of hierarchy.5)    Two characters, "#" and "&", have meanings by convention, andshould be avoided except when used in that convention.5.1.1.  Mailbox Hierarchy NamingIf it is desired to export hierarchical mailbox names, mailbox namesMUST be left-to-right hierarchical using a single character toseparate levels of hierarchy.  The same hierarchy separator characteris used for all levels of hierarchy within a single name.5.1.2.  Mailbox Namespace Naming ConventionBy convention, the first hierarchical element of any mailbox namewhich begins with "#" identifies the "namespace" of the remainder ofthe name.  This makes it possible to disambiguate between differenttypes of mailbox stores, each of which have their own namespaces.For example, implementations which offer access to USENETnewsgroups MAY use the "#news" namespace to partition theUSENET newsgroup namespace from that of other mailboxes.Thus, the comp.mail.misc newsgroup would have a mailboxname of "#news.comp.mail.misc", and the name"comp.mail.misc" can refer to a different object (e.g., auser's private mailbox).5.1.3.  Mailbox International Naming ConventionBy convention, international mailbox names in IMAP4rev1 are specifiedusing a modified version of the UTF-7 encoding described in [UTF-7].Modified UTF-7 may also be usable in servers that implement anearlier version of this protocol.In modified UTF-7, printable US-ASCII characters, except for "&",represent themselves; that is, characters with octet values 0x20-0x25and 0x27-0x7e.  The character "&" (0x26) is represented by thetwo-octet sequence "&-".All other characters (octet values 0x00-0x1f and 0x7f-0xff) arerepresented in modified BASE64, with a further modification from[UTF-7] that "," is used instead of "/".  Modified BASE64 MUST NOT beused to represent any printing US-ASCII character which can representitself.Crispin                     Standards Track                    [Page 19]RFC 3501                         IMAPv4                       March 2003"&" is used to shift to modified BASE64 and "-" to shift back toUS-ASCII.  There is no implicit shift from BASE64 to US-ASCII, andnull shifts ("-&" while in BASE64; note that "&-" while in US-ASCIImeans "&") are not permitted.  However, all names start in US-ASCII,and MUST end in US-ASCII; that is, a name that ends with a non-ASCIIISO-10646 character MUST end with a "-").The purpose of these modifications is to correct the followingproblems with UTF-7:1) UTF-7 uses the "+" character for shifting; this conflicts withthe common use of "+" in mailbox names, in particular USENETnewsgroup names.2) UTF-7's encoding is BASE64 which uses the "/" character; thisconflicts with the use of "/" as a popular hierarchy delimiter.3) UTF-7 prohibits the unencoded usage of "\"; this conflicts withthe use of "\" as a popular hierarchy delimiter.4) UTF-7 prohibits the unencoded usage of "~"; this conflicts withthe use of "~" in some servers as a home directory indicator.5) UTF-7 permits multiple alternate forms to represent the samestring; in particular, printable US-ASCII characters can berepresented in encoded form.Although modified UTF-7 is a convention, it establishes certainrequirements on server handling of any mailbox name with anembedded "&" character.  In particular, server implementationsMUST preserve the exact form of the modified BASE64 portion of amodified UTF-7 name and treat that text as case-sensitive, even ifnames are otherwise case-insensitive or case-folded.Server implementations SHOULD verify that any mailbox name with anembedded "&" character, used as an argument to CREATE, is: in thecorrectly modified UTF-7 syntax, has no superfluous shifts, andhas no encoding in modified BASE64 of any printing US-ASCIIcharacter which can represent itself.  However, clientimplementations MUST NOT depend upon the server doing this, andSHOULD NOT attempt to create a mailbox name with an embedded "&"character unless it complies with the modified UTF-7 syntax.Server implementations which export a mail store that does notfollow the modified UTF-7 convention MUST convert to modifiedUTF-7 any mailbox name that contains either non-ASCII charactersor the "&" character.Crispin                     Standards Track                    [Page 20]RFC 3501                         IMAPv4                       March 2003For example, here is a mailbox name which mixes English,Chinese, and Japanese text:~peter/mail/&U,BTFw-/&ZeVnLIqe-For example, the string "&Jjo!" is not a valid mailboxname because it does not contain a shift to US-ASCIIbefore the "!".  The correct form is "&Jjo-!".  Thestring "&U,BTFw-&ZeVnLIqe-" is not permitted because itcontains a superfluous shift.  The correct form is"&U,BTF2XlZyyKng-".5.2.    Mailbox Size and Message Status UpdatesAt any time, a server can send data that the client did not request.Sometimes, such behavior is REQUIRED.  For example, agents other thanthe server MAY add messages to the mailbox (e.g., new messagedelivery), change the flags of the messages in the mailbox (e.g.,simultaneous access to the same mailbox by multiple agents), or evenremove messages from the mailbox.  A server MUST send mailbox sizeupdates automatically if a mailbox size change is observed during theprocessing of a command.  A server SHOULD send message flag updatesautomatically, without requiring the client to request such updatesexplicitly.Special rules exist for server notification of a client about theremoval of messages to prevent synchronization errors; see thedescription of the EXPUNGE response for more detail.  In particular,it is NOT permitted to send an EXISTS response that would reduce thenumber of messages in the mailbox; only the EXPUNGE response can dothis.Regardless of what implementation decisions a client makes onremembering data from the server, a client implementation MUST recordmailbox size updates.  It MUST NOT assume that any command after theinitial mailbox selection will return the size of the mailbox.5.3.    Response when no Command in ProgressServer implementations are permitted to send an untagged response(except for EXPUNGE) while there is no command in progress.  Serverimplementations that send such responses MUST deal with flow controlconsiderations.  Specifically, they MUST either (1) verify that thesize of the data does not exceed the underlying transport's availablewindow size, or (2) use non-blocking writes.Crispin                     Standards Track                    [Page 21]RFC 3501                         IMAPv4                       March 20035.4.    Autologout TimerIf a server has an inactivity autologout timer, the duration of thattimer MUST be at least 30 minutes.  The receipt of ANY command fromthe client during that interval SHOULD suffice to reset theautologout timer.5.5.    Multiple Commands in ProgressThe client MAY send another command without waiting for thecompletion result response of a command, subject to ambiguity rules(see below) and flow control constraints on the underlying datastream.  Similarly, a server MAY begin processing another commandbefore processing the current command to completion, subject toambiguity rules.  However, any command continuation request responsesand command continuations MUST be negotiated before any subsequentcommand is initiated.The exception is if an ambiguity would result because of a commandthat would affect the results of other commands.  Clients MUST NOTsend multiple commands without waiting if an ambiguity would result.If the server detects a possible ambiguity, it MUST execute commandsto completion in the order given by the client.The most obvious example of ambiguity is when a command would affectthe results of another command, e.g., a FETCH of a message's flagsand a STORE of that same message's flags.A non-obvious ambiguity occurs with commands that permit an untaggedEXPUNGE response (commands other than FETCH, STORE, and SEARCH),since an untagged EXPUNGE response can invalidate sequence numbers ina subsequent command.  This is not a problem for FETCH, STORE, orSEARCH commands because servers are prohibited from sending EXPUNGEresponses while any of those commands are in progress.  Therefore, ifthe client sends any command other than FETCH, STORE, or SEARCH, itMUST wait for the completion result response before sending a commandwith message sequence numbers.Note: UID FETCH, UID STORE, and UID SEARCH are differentcommands from FETCH, STORE, and SEARCH.  If the clientsends a UID command, it must wait for a completion resultresponse before sending a command with message sequencenumbers.Crispin                     Standards Track                    [Page 22]RFC 3501                         IMAPv4                       March 2003For example, the following non-waiting command sequences are invalid:FETCH + NOOP + STORESTORE + COPY + FETCHCOPY + COPYCHECK + FETCHThe following are examples of valid non-waiting command sequences:FETCH + STORE + SEARCH + CHECKSTORE + COPY + EXPUNGEUID SEARCH + UID SEARCH may be valid or invalid as a non-waitingcommand sequence, depending upon whether or not the second UIDSEARCH contains message sequence numbers.6.      Client CommandsIMAP4rev1 commands are described in this section.  Commands areorganized by the state in which the command is permitted.  Commandswhich are permitted in multiple states are listed in the minimumpermitted state (for example, commands valid in authenticated andselected state are listed in the authenticated state commands).Command arguments, identified by "Arguments:" in the commanddescriptions below, are described by function, not by syntax.  Theprecise syntax of command arguments is described in the Formal Syntaxsection.Some commands cause specific server responses to be returned; theseare identified by "Responses:" in the command descriptions below.See the response descriptions in the Responses section forinformation on these responses, and the Formal Syntax section for theprecise syntax of these responses.  It is possible for server data tobe transmitted as a result of any command.  Thus, commands that donot specifically require server data specify "no specific responsesfor this command" instead of "none".The "Result:" in the command description refers to the possibletagged status responses to a command, and any special interpretationof these status responses.The state of a connection is only changed by successful commandswhich are documented as changing state.  A rejected command (BADresponse) never changes the state of the connection or of theselected mailbox.  A failed command (NO response) generally does notchange the state of the connection or of the selected mailbox; theexception being the SELECT and EXAMINE commands.Crispin                     Standards Track                    [Page 23]RFC 3501                         IMAPv4                       March 20036.1.    Client Commands - Any StateThe following commands are valid in any state: CAPABILITY, NOOP, andLOGOUT.6.1.1.  CAPABILITY CommandArguments:  noneResponses:  REQUIRED untagged response: CAPABILITYResult:     OK - capability completedBAD - command unknown or arguments invalidThe CAPABILITY command requests a listing of capabilities that theserver supports.  The server MUST send a single untaggedCAPABILITY response with "IMAP4rev1" as one of the listedcapabilities before the (tagged) OK response.A capability name which begins with "AUTH=" indicates that theserver supports that particular authentication mechanism.  Allsuch names are, by definition, part of this specification.  Forexample, the authorization capability for an experimental"blurdybloop" authenticator would be "AUTH=XBLURDYBLOOP" and not"XAUTH=BLURDYBLOOP" or "XAUTH=XBLURDYBLOOP".Other capability names refer to extensions, revisions, oramendments to this specification.  See the documentation of theCAPABILITY response for additional information.  No capabilities,beyond the base IMAP4rev1 set defined in this specification, areenabled without explicit client action to invoke the capability.Client and server implementations MUST implement the STARTTLS,LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS])capabilities.  See the Security Considerations section forimportant information.See the section entitled "Client Commands -Experimental/Expansion" for information about the form of site orimplementation-specific capabilities.Crispin                     Standards Track                    [Page 24]RFC 3501                         IMAPv4                       March 2003Example:    C: abcd CAPABILITYS: * CAPABILITY IMAP4rev1 STARTTLS AUTH=GSSAPILOGINDISABLEDS: abcd OK CAPABILITY completedC: efgh STARTTLSS: efgh OK STARTLS completedC: ijkl CAPABILITYS: * CAPABILITY IMAP4rev1 AUTH=GSSAPI AUTH=PLAINS: ijkl OK CAPABILITY completed6.1.2.  NOOP CommandArguments:  noneResponses:  no specific responses for this command (but see below)Result:     OK - noop completedBAD - command unknown or arguments invalidThe NOOP command always succeeds.  It does nothing.Since any command can return a status update as untagged data, theNOOP command can be used as a periodic poll for new messages ormessage status updates during a period of inactivity (this is thepreferred method to do this).  The NOOP command can also be usedto reset any inactivity autologout timer on the server.Example:    C: a002 NOOPS: a002 OK NOOP completed. . .C: a047 NOOPS: * 22 EXPUNGES: * 23 EXISTSS: * 3 RECENTS: * 14 FETCH (FLAGS (\Seen \Deleted))S: a047 OK NOOP completedCrispin                     Standards Track                    [Page 25]RFC 3501                         IMAPv4                       March 20036.1.3.  LOGOUT CommandArguments:  noneResponses:  REQUIRED untagged response: BYEResult:     OK - logout completedBAD - command unknown or arguments invalidThe LOGOUT command informs the server that the client is done withthe connection.  The server MUST send a BYE untagged responsebefore the (tagged) OK response, and then close the networkconnection.Example:    C: A023 LOGOUTS: * BYE IMAP4rev1 Server logging outS: A023 OK LOGOUT completed(Server and client then close the connection)6.2.    Client Commands - Not Authenticated StateIn the not authenticated state, the AUTHENTICATE or LOGIN commandestablishes authentication and enters the authenticated state.  TheAUTHENTICATE command provides a general mechanism for a variety ofauthentication techniques, privacy protection, and integritychecking; whereas the LOGIN command uses a traditional user name andplaintext password pair and has no means of establishing privacyprotection or integrity checking.The STARTTLS command is an alternate form of establishing sessionprivacy protection and integrity checking, but does not establishauthentication or enter the authenticated state.Server implementations MAY allow access to certain mailboxes withoutestablishing authentication.  This can be done by means of theANONYMOUS [SASL] authenticator described in [ANONYMOUS].  An olderconvention is a LOGIN command using the userid "anonymous"; in thiscase, a password is required although the server may choose to acceptany password.  The restrictions placed on anonymous users areimplementation-dependent.Once authenticated (including as anonymous), it is not possible tore-enter not authenticated state.Crispin                     Standards Track                    [Page 26]RFC 3501                         IMAPv4                       March 2003In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),the following commands are valid in the not authenticated state:STARTTLS, AUTHENTICATE and LOGIN.  See the Security Considerationssection for important information about these commands.6.2.1.  STARTTLS CommandArguments:  noneResponses:  no specific response for this commandResult:     OK - starttls completed, begin TLS negotiationBAD - command unknown or arguments invalidA [TLS] negotiation begins immediately after the CRLF at the endof the tagged OK response from the server.  Once a client issues aSTARTTLS command, it MUST NOT issue further commands until aserver response is seen and the [TLS] negotiation is complete.The server remains in the non-authenticated state, even if clientcredentials are supplied during the [TLS] negotiation.  This doesnot preclude an authentication mechanism such as EXTERNAL (definedin [SASL]) from using client identity determined by the [TLS]negotiation.Once [TLS] has been started, the client MUST discard cachedinformation about server capabilities and SHOULD re-issue theCAPABILITY command.  This is necessary to protect against man-in-the-middle attacks which alter the capabilities list prior toSTARTTLS.  The server MAY advertise different capabilities afterSTARTTLS.Example:    C: a001 CAPABILITYS: * CAPABILITY IMAP4rev1 STARTTLS LOGINDISABLEDS: a001 OK CAPABILITY completedC: a002 STARTTLSS: a002 OK Begin TLS negotiation nowC: a003 CAPABILITYS: * CAPABILITY IMAP4rev1 AUTH=PLAINS: a003 OK CAPABILITY completedC: a004 LOGIN joe passwordS: a004 OK LOGIN completedCrispin                     Standards Track                    [Page 27]RFC 3501                         IMAPv4                       March 20036.2.2.  AUTHENTICATE CommandArguments:  authentication mechanism nameResponses:  continuation data can be requestedResult:     OK - authenticate completed, now in authenticated stateNO - authenticate failure: unsupported authenticationmechanism, credentials rejectedBAD - command unknown or arguments invalid,authentication exchange cancelledThe AUTHENTICATE command indicates a [SASL] authenticationmechanism to the server.  If the server supports the requestedauthentication mechanism, it performs an authentication protocolexchange to authenticate and identify the client.  It MAY alsonegotiate an OPTIONAL security layer for subsequent protocolinteractions.  If the requested authentication mechanism is notsupported, the server SHOULD reject the AUTHENTICATE command bysending a tagged NO response.The AUTHENTICATE command does not support the optional "initialresponse" feature of [SASL].  Section 5.1 of [SASL] specifies howto handle an authentication mechanism which uses an initialresponse.The service name specified by this protocol's profile of [SASL] is"imap".The authentication protocol exchange consists of a series ofserver challenges and client responses that are specific to theauthentication mechanism.  A server challenge consists of acommand continuation request response with the "+" token followedby a BASE64 encoded string.  The client response consists of asingle line consisting of a BASE64 encoded string.  If the clientwishes to cancel an authentication exchange, it issues a lineconsisting of a single "*".  If the server receives such aresponse, it MUST reject the AUTHENTICATE command by sending atagged BAD response.If a security layer is negotiated through the [SASL]authentication exchange, it takes effect immediately following theCRLF that concludes the authentication exchange for the client,and the CRLF of the tagged OK response for the server.While client and server implementations MUST implement theAUTHENTICATE command itself, it is not required to implement anyauthentication mechanisms other than the PLAIN mechanism describedCrispin                     Standards Track                    [Page 28]RFC 3501                         IMAPv4                       March 2003in [IMAP-TLS].  Also, an authentication mechanism is not requiredto support any security layers.Note: a server implementation MUST implement aconfiguration in which it does NOT permit any plaintextpassword mechanisms, unless either the STARTTLS commandhas been negotiated or some other mechanism thatprotects the session from password snooping has beenprovided.  Server sites SHOULD NOT use any configurationwhich permits a plaintext password mechanism withoutsuch a protection mechanism against password snooping.Client and server implementations SHOULD implementadditional [SASL] mechanisms that do not use plaintextpasswords, such the GSSAPI mechanism described in [SASL]and/or the [DIGEST-MD5] mechanism.Servers and clients can support multiple authenticationmechanisms.  The server SHOULD list its supported authenticationmechanisms in the response to the CAPABILITY command so that theclient knows which authentication mechanisms to use.A server MAY include a CAPABILITY response code in the tagged OKresponse of a successful AUTHENTICATE command in order to sendcapabilities automatically.  It is unnecessary for a client tosend a separate CAPABILITY command if it recognizes theseautomatic capabilities.  This should only be done if a securitylayer was not negotiated by the AUTHENTICATE command, because thetagged OK response as part of an AUTHENTICATE command is notprotected by encryption/integrity checking.  [SASL] requires theclient to re-issue a CAPABILITY command in this case.If an AUTHENTICATE command fails with a NO response, the clientMAY try another authentication mechanism by issuing anotherAUTHENTICATE command.  It MAY also attempt to authenticate byusing the LOGIN command (see section 6.2.3 for more detail).  Inother words, the client MAY request authentication types indecreasing order of preference, with the LOGIN command as a lastresort.The authorization identity passed from the client to the serverduring the authentication exchange is interpreted by the server asthe user name whose privileges the client is requesting.Crispin                     Standards Track                    [Page 29]RFC 3501                         IMAPv4                       March 2003Example:    S: * OK IMAP4rev1 ServerC: A001 AUTHENTICATE GSSAPIS: +C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBwMFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYWMud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHAcS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJXAleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0yC/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknbI0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhivd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpALpHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9nFdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdENKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhxO6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTBvCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg==S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMCAQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg==C:S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHeceP2CWY0SR0fAQAgAAQEBAQ=C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImPwkhbfa2QteAQAgAG1yYwE=S: A001 OK GSSAPI authentication successfulNote: The line breaks within server challenges and clientresponses are for editorial clarity and are not in realauthenticators.6.2.3.  LOGIN CommandArguments:  user namepasswordResponses:  no specific responses for this commandResult:     OK - login completed, now in authenticated stateNO - login failure: user name or password rejectedBAD - command unknown or arguments invalidThe LOGIN command identifies the client to the server and carriesthe plaintext password authenticating this user.Crispin                     Standards Track                    [Page 30]RFC 3501                         IMAPv4                       March 2003A server MAY include a CAPABILITY response code in the tagged OKresponse to a successful LOGIN command in order to sendcapabilities automatically.  It is unnecessary for a client tosend a separate CAPABILITY command if it recognizes theseautomatic capabilities.Example:    C: a001 LOGIN SMITH SESAMES: a001 OK LOGIN completedNote: Use of the LOGIN command over an insecure network(such as the Internet) is a security risk, because anyonemonitoring network traffic can obtain plaintext passwords.The LOGIN command SHOULD NOT be used except as a lastresort, and it is recommended that client implementationshave a means to disable any automatic use of the LOGINcommand.Unless either the STARTTLS command has been negotiated orsome other mechanism that protects the session frompassword snooping has been provided, a serverimplementation MUST implement a configuration in which itadvertises the LOGINDISABLED capability and does NOT permitthe LOGIN command.  Server sites SHOULD NOT use anyconfiguration which permits the LOGIN command without sucha protection mechanism against password snooping.  A clientimplementation MUST NOT send a LOGIN command if theLOGINDISABLED capability is advertised.6.3.    Client Commands - Authenticated StateIn the authenticated state, commands that manipulate mailboxes asatomic entities are permitted.  Of these commands, the SELECT andEXAMINE commands will select a mailbox for access and enter theselected state.In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),the following commands are valid in the authenticated state: SELECT,EXAMINE, CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, LSUB,STATUS, and APPEND.Crispin                     Standards Track                    [Page 31]RFC 3501                         IMAPv4                       March 20036.3.1.  SELECT CommandArguments:  mailbox nameResponses:  REQUIRED untagged responses: FLAGS, EXISTS, RECENTREQUIRED OK untagged responses:  UNSEEN,  PERMANENTFLAGS,UIDNEXT, UIDVALIDITYResult:     OK - select completed, now in selected stateNO - select failure, now in authenticated state: nosuch mailbox, can't access mailboxBAD - command unknown or arguments invalidThe SELECT command selects a mailbox so that messages in themailbox can be accessed.  Before returning an OK to the client,the server MUST send the following untagged data to the client.Note that earlier versions of this protocol only required theFLAGS, EXISTS, and RECENT untagged data; consequently, clientimplementations SHOULD implement default behavior for missing dataas discussed with the individual item.FLAGS       Defined flags in the mailbox.  See the descriptionof the FLAGS response for more detail. EXISTS  The number of messages in the mailbox.  See thedescription of the EXISTS response for more detail. RECENT  The number of messages with the \Recent flag set.See the description of the RECENT response for moredetail.OK [UNSEEN ]The message sequence number of the first unseenmessage in the mailbox.  If this is missing, theclient can not make any assumptions about the firstunseen message in the mailbox, and needs to issue aSEARCH command if it wants to find it.OK [PERMANENTFLAGS ()]A list of message flags that the client can changepermanently.  If this is missing, the client shouldassume that all flags can be changed permanently.OK [UIDNEXT ]The next unique identifier value.  Refer to section2.3.1.1 for more information.  If this is missing,the client can not make any assumptions about thenext unique identifier value.Crispin                     Standards Track                    [Page 32]RFC 3501                         IMAPv4                       March 2003OK [UIDVALIDITY ]The unique identifier validity value.  Refer tosection 2.3.1.1 for more information.  If this ismissing, the server does not support uniqueidentifiers.Only one mailbox can be selected at a time in a connection;simultaneous access to multiple mailboxes requires multipleconnections.  The SELECT command automatically deselects anycurrently selected mailbox before attempting the new selection.Consequently, if a mailbox is selected and a SELECT command thatfails is attempted, no mailbox is selected.If the client is permitted to modify the mailbox, the serverSHOULD prefix the text of the tagged OK response with the"[READ-WRITE]" response code.If the client is not permitted to modify the mailbox but ispermitted read access, the mailbox is selected as read-only, andthe server MUST prefix the text of the tagged OK response toSELECT with the "[READ-ONLY]" response code.  Read-only accessthrough SELECT differs from the EXAMINE command in that certainread-only mailboxes MAY permit the change of permanent state on aper-user (as opposed to global) basis.  Netnews messages marked ina server-based .newsrc file are an example of such per-userpermanent state that can be modified with read-only mailboxes.Example:    C: A142 SELECT INBOXS: * 172 EXISTSS: * 1 RECENTS: * OK [UNSEEN 12] Message 12 is first unseenS: * OK [UIDVALIDITY 3857529045] UIDs validS: * OK [UIDNEXT 4392] Predicted next UIDS: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] LimitedS: A142 OK [READ-WRITE] SELECT completedCrispin                     Standards Track                    [Page 33]RFC 3501                         IMAPv4                       March 20036.3.2.  EXAMINE CommandArguments:  mailbox nameResponses:  REQUIRED untagged responses: FLAGS, EXISTS, RECENTREQUIRED OK untagged responses:  UNSEEN,  PERMANENTFLAGS,UIDNEXT, UIDVALIDITYResult:     OK - examine completed, now in selected stateNO - examine failure, now in authenticated state: nosuch mailbox, can't access mailboxBAD - command unknown or arguments invalidThe EXAMINE command is identical to SELECT and returns the sameoutput; however, the selected mailbox is identified as read-only.No changes to the permanent state of the mailbox, includingper-user state, are permitted; in particular, EXAMINE MUST NOTcause messages to lose the \Recent flag.The text of the tagged OK response to the EXAMINE command MUSTbegin with the "[READ-ONLY]" response code.Example:    C: A932 EXAMINE blurdybloopS: * 17 EXISTSS: * 2 RECENTS: * OK [UNSEEN 8] Message 8 is first unseenS: * OK [UIDVALIDITY 3857529045] UIDs validS: * OK [UIDNEXT 4392] Predicted next UIDS: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)S: * OK [PERMANENTFLAGS ()] No permanent flags permittedS: A932 OK [READ-ONLY] EXAMINE completed6.3.3.  CREATE CommandArguments:  mailbox nameResponses:  no specific responses for this commandResult:     OK - create completedNO - create failure: can't create mailbox with that nameBAD - command unknown or arguments invalidThe CREATE command creates a mailbox with the given name.  An OKresponse is returned only if a new mailbox with that name has beencreated.  It is an error to attempt to create INBOX or a mailboxwith a name that refers to an extant mailbox.  Any error increation will return a tagged NO response.Crispin                     Standards Track                    [Page 34]RFC 3501                         IMAPv4                       March 2003If the mailbox name is suffixed with the server's hierarchyseparator character (as returned from the server by a LISTcommand), this is a declaration that the client intends to createmailbox names under this name in the hierarchy.  Serverimplementations that do not require this declaration MUST ignorethe declaration.  In any case, the name created is without thetrailing hierarchy delimiter.If the server's hierarchy separator character appears elsewhere inthe name, the server SHOULD create any superior hierarchical namesthat are needed for the CREATE command to be successfullycompleted.  In other words, an attempt to create "foo/bar/zap" ona server in which "/" is the hierarchy separator character SHOULDcreate foo/ and foo/bar/ if they do not already exist.If a new mailbox is created with the same name as a mailbox whichwas deleted, its unique identifiers MUST be greater than anyunique identifiers used in the previous incarnation of the mailboxUNLESS the new incarnation has a different unique identifiervalidity value.  See the description of the UID command for moredetail.Example:    C: A003 CREATE owatagusiam/S: A003 OK CREATE completedC: A004 CREATE owatagusiam/blurdybloopS: A004 OK CREATE completedNote: The interpretation of this example depends on whether"/" was returned as the hierarchy separator from LIST.  If"/" is the hierarchy separator, a new level of hierarchynamed "owatagusiam" with a member called "blurdybloop" iscreated.  Otherwise, two mailboxes at the same hierarchylevel are created.6.3.4.  DELETE CommandArguments:  mailbox nameResponses:  no specific responses for this commandResult:     OK - delete completedNO - delete failure: can't delete mailbox with that nameBAD - command unknown or arguments invalidCrispin                     Standards Track                    [Page 35]RFC 3501                         IMAPv4                       March 2003The DELETE command permanently removes the mailbox with the givenname.  A tagged OK response is returned only if the mailbox hasbeen deleted.  It is an error to attempt to delete INBOX or amailbox name that does not exist.The DELETE command MUST NOT remove inferior hierarchical names.For example, if a mailbox "foo" has an inferior "foo.bar"(assuming "." is the hierarchy delimiter character), removing"foo" MUST NOT remove "foo.bar".  It is an error to attempt todelete a name that has inferior hierarchical names and also hasthe \Noselect mailbox name attribute (see the description of theLIST response for more details).It is permitted to delete a name that has inferior hierarchicalnames and does not have the \Noselect mailbox name attribute.  Inthis case, all messages in that mailbox are removed, and the namewill acquire the \Noselect mailbox name attribute.The value of the highest-used unique identifier of the deletedmailbox MUST be preserved so that a new mailbox created with thesame name will not reuse the identifiers of the formerincarnation, UNLESS the new incarnation has a different uniqueidentifier validity value.  See the description of the UID commandfor more detail.Examples:   C: A682 LIST "" *S: * LIST () "/" blurdybloopS: * LIST (\Noselect) "/" fooS: * LIST () "/" foo/barS: A682 OK LIST completedC: A683 DELETE blurdybloopS: A683 OK DELETE completedC: A684 DELETE fooS: A684 NO Name "foo" has inferior hierarchical namesC: A685 DELETE foo/barS: A685 OK DELETE CompletedC: A686 LIST "" *S: * LIST (\Noselect) "/" fooS: A686 OK LIST completedC: A687 DELETE fooS: A687 OK DELETE CompletedCrispin                     Standards Track                    [Page 36]RFC 3501                         IMAPv4                       March 2003C: A82 LIST "" *S: * LIST () "." blurdybloopS: * LIST () "." fooS: * LIST () "." foo.barS: A82 OK LIST completedC: A83 DELETE blurdybloopS: A83 OK DELETE completedC: A84 DELETE fooS: A84 OK DELETE CompletedC: A85 LIST "" *S: * LIST () "." foo.barS: A85 OK LIST completedC: A86 LIST "" %S: * LIST (\Noselect) "." fooS: A86 OK LIST completed6.3.5.  RENAME CommandArguments:  existing mailbox namenew mailbox nameResponses:  no specific responses for this commandResult:     OK - rename completedNO - rename failure: can't rename mailbox with that name,can't rename to mailbox with that nameBAD - command unknown or arguments invalidThe RENAME command changes the name of a mailbox.  A tagged OKresponse is returned only if the mailbox has been renamed.  It isan error to attempt to rename from a mailbox name that does notexist or to a mailbox name that already exists.  Any error inrenaming will return a tagged NO response.If the name has inferior hierarchical names, then the inferiorhierarchical names MUST also be renamed.  For example, a rename of"foo" to "zap" will rename "foo/bar" (assuming "/" is thehierarchy delimiter character) to "zap/bar".If the server's hierarchy separator character appears in the name,the server SHOULD create any superior hierarchical names that areneeded for the RENAME command to complete successfully.  In otherwords, an attempt to rename "foo/bar/zap" to baz/rag/zowie on aserver in which "/" is the hierarchy separator character SHOULDcreate baz/ and baz/rag/ if they do not already exist.Crispin                     Standards Track                    [Page 37]RFC 3501                         IMAPv4                       March 2003The value of the highest-used unique identifier of the old mailboxname MUST be preserved so that a new mailbox created with the samename will not reuse the identifiers of the former incarnation,UNLESS the new incarnation has a different unique identifiervalidity value.  See the description of the UID command for moredetail.Renaming INBOX is permitted, and has special behavior.  It movesall messages in INBOX to a new mailbox with the given name,leaving INBOX empty.  If the server implementation supportsinferior hierarchical names of INBOX, these are unaffected by arename of INBOX.Examples:   C: A682 LIST "" *S: * LIST () "/" blurdybloopS: * LIST (\Noselect) "/" fooS: * LIST () "/" foo/barS: A682 OK LIST completedC: A683 RENAME blurdybloop sarasoopS: A683 OK RENAME completedC: A684 RENAME foo zowieS: A684 OK RENAME CompletedC: A685 LIST "" *S: * LIST () "/" sarasoopS: * LIST (\Noselect) "/" zowieS: * LIST () "/" zowie/barS: A685 OK LIST completedC: Z432 LIST "" *S: * LIST () "." INBOXS: * LIST () "." INBOX.barS: Z432 OK LIST completedC: Z433 RENAME INBOX old-mailS: Z433 OK RENAME completedC: Z434 LIST "" *S: * LIST () "." INBOXS: * LIST () "." INBOX.barS: * LIST () "." old-mailS: Z434 OK LIST completedCrispin                     Standards Track                    [Page 38]RFC 3501                         IMAPv4                       March 20036.3.6.  SUBSCRIBE CommandArguments:  mailboxResponses:  no specific responses for this commandResult:     OK - subscribe completedNO - subscribe failure: can't subscribe to that nameBAD - command unknown or arguments invalidThe SUBSCRIBE command adds the specified mailbox name to theserver's set of "active" or "subscribed" mailboxes as returned bythe LSUB command.  This command returns a tagged OK response onlyif the subscription is successful.A server MAY validate the mailbox argument to SUBSCRIBE to verifythat it exists.  However, it MUST NOT unilaterally remove anexisting mailbox name from the subscription list even if a mailboxby that name no longer exists.Note: This requirement is because a server site canchoose to routinely remove a mailbox with a well-knownname (e.g., "system-alerts") after its contents expire,with the intention of recreating it when new contentsare appropriate.Example:    C: A002 SUBSCRIBE #news.comp.mail.mimeS: A002 OK SUBSCRIBE completed6.3.7.  UNSUBSCRIBE CommandArguments:  mailbox nameResponses:  no specific responses for this commandResult:     OK - unsubscribe completedNO - unsubscribe failure: can't unsubscribe that nameBAD - command unknown or arguments invalidThe UNSUBSCRIBE command removes the specified mailbox name fromthe server's set of "active" or "subscribed" mailboxes as returnedby the LSUB command.  This command returns a tagged OK responseonly if the unsubscription is successful.Example:    C: A002 UNSUBSCRIBE #news.comp.mail.mimeS: A002 OK UNSUBSCRIBE completedCrispin                     Standards Track                    [Page 39]RFC 3501                         IMAPv4                       March 20036.3.8.  LIST CommandArguments:  reference namemailbox name with possible wildcardsResponses:  untagged responses: LISTResult:     OK - list completedNO - list failure: can't list that reference or nameBAD - command unknown or arguments invalidThe LIST command returns a subset of names from the complete setof all names available to the client.  Zero or more untagged LISTreplies are returned, containing the name attributes, hierarchydelimiter, and name; see the description of the LIST reply formore detail.The LIST command SHOULD return its data quickly, without unduedelay.  For example, it SHOULD NOT go to excess trouble tocalculate the \Marked or \Unmarked status or perform otherprocessing; if each name requires 1 second of processing, then alist of 1200 names would take 20 minutes!An empty ("" string) reference name argument indicates that themailbox name is interpreted as by SELECT.  The returned mailboxnames MUST match the supplied mailbox name pattern.  A non-emptyreference name argument is the name of a mailbox or a level ofmailbox hierarchy, and indicates the context in which the mailboxname is interpreted.An empty ("" string) mailbox name argument is a special request toreturn the hierarchy delimiter and the root name of the name givenin the reference.  The value returned as the root MAY be the emptystring if the reference is non-rooted or is an empty string.  Inall cases, a hierarchy delimiter (or NIL if there is no hierarchy)is returned.  This permits a client to get the hierarchy delimiter(or find out that the mailbox names are flat) even when nomailboxes by that name currently exist.The reference and mailbox name arguments are interpreted into acanonical form that represents an unambiguous left-to-righthierarchy.  The returned mailbox names will be in the interpretedform.Crispin                     Standards Track                    [Page 40]RFC 3501                         IMAPv4                       March 2003Note: The interpretation of the reference argument isimplementation-defined.  It depends upon whether theserver implementation has a concept of the "currentworking directory" and leading "break out characters",which override the current working directory.For example, on a server which exports a UNIX or NTfilesystem, the reference argument contains the currentworking directory, and the mailbox name argument wouldcontain the name as interpreted in the current workingdirectory.If a server implementation has no concept of break outcharacters, the canonical form is normally the referencename appended with the mailbox name.  Note that if theserver implements the namespace convention (section5.1.2), "#" is a break out character and must be treatedas such.If the reference argument is not a level of mailboxhierarchy (that is, it is a \NoInferiors name), and/orthe reference argument does not end with the hierarchydelimiter, it is implementation-dependent how this isinterpreted.  For example, a reference of "foo/bar" andmailbox name of "rag/baz" could be interpreted as"foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/baz".A client SHOULD NOT use such a reference argument exceptat the explicit request of the user.  A hierarchicalbrowser MUST NOT make any assumptions about serverinterpretation of the reference unless the reference isa level of mailbox hierarchy AND ends with the hierarchydelimiter.Any part of the reference argument that is included in theinterpreted form SHOULD prefix the interpreted form.  It SHOULDalso be in the same form as the reference name argument.  Thisrule permits the client to determine if the returned mailbox nameis in the context of the reference argument, or if something aboutthe mailbox argument overrode the reference argument.  Withoutthis rule, the client would have to have knowledge of the server'snaming semantics including what characters are "breakouts" thatoverride a naming context.Crispin                     Standards Track                    [Page 41]RFC 3501                         IMAPv4                       March 2003For example, here are some examples of how referencesand mailbox names might be interpreted on a UNIX-basedserver:Reference     Mailbox Name  Interpretation------------  ------------  --------------~smith/Mail/  foo.*         ~smith/Mail/foo.*archive/      %             archive/%#news.        comp.mail.*   #news.comp.mail.*~smith/Mail/  /usr/doc/foo  /usr/doc/fooarchive/      ~fred/Mail/*  ~fred/Mail/*The first three examples demonstrate interpretations inthe context of the reference argument.  Note that"~smith/Mail" SHOULD NOT be transformed into somethinglike "/u2/users/smith/Mail", or it would be impossiblefor the client to determine that the interpretation wasin the context of the reference.The character "*" is a wildcard, and matches zero or morecharacters at this position.  The character "%" is similar to "*",but it does not match a hierarchy delimiter.  If the "%" wildcardis the last character of a mailbox name argument, matching levelsof hierarchy are also returned.  If these levels of hierarchy arenot also selectable mailboxes, they are returned with the\Noselect mailbox name attribute (see the description of the LISTresponse for more details).Server implementations are permitted to "hide" otherwiseaccessible mailboxes from the wildcard characters, by preventingcertain characters or names from matching a wildcard in certainsituations.  For example, a UNIX-based server might restrict theinterpretation of "*" so that an initial "/" character does notmatch.The special name INBOX is included in the output from LIST, ifINBOX is supported by this server for this user and if theuppercase string "INBOX" matches the interpreted reference andmailbox name arguments with wildcards as described above.  Thecriteria for omitting INBOX is whether SELECT INBOX will returnfailure; it is not relevant whether the user's real INBOX resideson this or some other server.Crispin                     Standards Track                    [Page 42]RFC 3501                         IMAPv4                       March 2003Example:    C: A101 LIST "" ""S: * LIST (\Noselect) "/" ""S: A101 OK LIST CompletedC: A102 LIST #news.comp.mail.misc ""S: * LIST (\Noselect) "." #news.S: A102 OK LIST CompletedC: A103 LIST /usr/staff/jones ""S: * LIST (\Noselect) "/" /S: A103 OK LIST CompletedC: A202 LIST ~/Mail/ %S: * LIST (\Noselect) "/" ~/Mail/fooS: * LIST () "/" ~/Mail/meetingsS: A202 OK LIST completed6.3.9.  LSUB CommandArguments:  reference namemailbox name with possible wildcardsResponses:  untagged responses: LSUBResult:     OK - lsub completedNO - lsub failure: can't list that reference or nameBAD - command unknown or arguments invalidThe LSUB command returns a subset of names from the set of namesthat the user has declared as being "active" or "subscribed".Zero or more untagged LSUB replies are returned.  The arguments toLSUB are in the same form as those for LIST.The returned untagged LSUB response MAY contain different mailboxflags from a LIST untagged response.  If this should happen, theflags in the untagged LIST are considered more authoritative.A special situation occurs when using LSUB with the % wildcard.Consider what happens if "foo/bar" (with a hierarchy delimiter of"/") is subscribed but "foo" is not.  A "%" wildcard to LSUB mustreturn foo, not foo/bar, in the LSUB response, and it MUST beflagged with the \Noselect attribute.The server MUST NOT unilaterally remove an existing mailbox namefrom the subscription list even if a mailbox by that name nolonger exists.Crispin                     Standards Track                    [Page 43]RFC 3501                         IMAPv4                       March 2003Example:    C: A002 LSUB "#news." "comp.mail.*"S: * LSUB () "." #news.comp.mail.mimeS: * LSUB () "." #news.comp.mail.miscS: A002 OK LSUB completedC: A003 LSUB "#news." "comp.%"S: * LSUB (\NoSelect) "." #news.comp.mailS: A003 OK LSUB completed6.3.10. STATUS CommandArguments:  mailbox namestatus data item namesResponses:  untagged responses: STATUSResult:     OK - status completedNO - status failure: no status for that nameBAD - command unknown or arguments invalidThe STATUS command requests the status of the indicated mailbox.It does not change the currently selected mailbox, nor does itaffect the state of any messages in the queried mailbox (inparticular, STATUS MUST NOT cause messages to lose the \Recentflag).The STATUS command provides an alternative to opening a secondIMAP4rev1 connection and doing an EXAMINE command on a mailbox toquery that mailbox's status without deselecting the currentmailbox in the first IMAP4rev1 connection.Unlike the LIST command, the STATUS command is not guaranteed tobe fast in its response.  Under certain circumstances, it can bequite slow.  In some implementations, the server is obliged toopen the mailbox read-only internally to obtain certain statusinformation.  Also unlike the LIST command, the STATUS commanddoes not accept wildcards.Note: The STATUS command is intended to access thestatus of mailboxes other than the currently selectedmailbox.  Because the STATUS command can cause themailbox to be opened internally, and because thisinformation is available by other means on the selectedmailbox, the STATUS command SHOULD NOT be used on thecurrently selected mailbox.Crispin                     Standards Track                    [Page 44]RFC 3501                         IMAPv4                       March 2003The STATUS command MUST NOT be used as a "check for newmessages in the selected mailbox" operation (refer tosections 7, 7.3.1, and 7.3.2 for more information aboutthe proper method for new message checking).Because the STATUS command is not guaranteed to be fastin its results, clients SHOULD NOT expect to be able toissue many consecutive STATUS commands and obtainreasonable performance.The currently defined status data items that can be requested are:MESSAGESThe number of messages in the mailbox.RECENTThe number of messages with the \Recent flag set.UIDNEXTThe next unique identifier value of the mailbox.  Refer tosection 2.3.1.1 for more information.UIDVALIDITYThe unique identifier validity value of the mailbox.  Refer tosection 2.3.1.1 for more information.UNSEENThe number of messages which do not have the \Seen flag set.Example:    C: A042 STATUS blurdybloop (UIDNEXT MESSAGES)S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)S: A042 OK STATUS completedCrispin                     Standards Track                    [Page 45]RFC 3501                         IMAPv4                       March 20036.3.11. APPEND CommandArguments:  mailbox nameOPTIONAL flag parenthesized listOPTIONAL date/time stringmessage literalResponses:  no specific responses for this commandResult:     OK - append completedNO - append error: can't append to that mailbox, errorin flags or date/time or message textBAD - command unknown or arguments invalidThe APPEND command appends the literal argument as a new messageto the end of the specified destination mailbox.  This argumentSHOULD be in the format of an [RFC-2822] message.  8-bitcharacters are permitted in the message.  A server implementationthat is unable to preserve 8-bit data properly MUST be able toreversibly convert 8-bit APPEND data to 7-bit using a [MIME-IMB]content transfer encoding.Note: There MAY be exceptions, e.g., draft messages, inwhich required [RFC-2822] header lines are omitted inthe message literal argument to APPEND.  The fullimplications of doing so MUST be understood andcarefully weighed.If a flag parenthesized list is specified, the flags SHOULD be setin the resulting message; otherwise, the flag list of theresulting message is set to empty by default.  In either case, theRecent flag is also set.If a date-time is specified, the internal date SHOULD be set inthe resulting message; otherwise, the internal date of theresulting message is set to the current date and time by default.If the append is unsuccessful for any reason, the mailbox MUST berestored to its state before the APPEND attempt; no partialappending is permitted.If the destination mailbox does not exist, a server MUST return anerror, and MUST NOT automatically create the mailbox.  Unless itis certain that the destination mailbox can not be created, theserver MUST send the response code "[TRYCREATE]" as the prefix ofthe text of the tagged NO response.  This gives a hint to theclient that it can attempt a CREATE command and retry the APPENDif the CREATE is successful.Crispin                     Standards Track                    [Page 46]RFC 3501                         IMAPv4                       March 2003If the mailbox is currently selected, the normal new messageactions SHOULD occur.  Specifically, the server SHOULD notify theclient immediately via an untagged EXISTS response.  If the serverdoes not do so, the client MAY issue a NOOP command (or failingthat, a CHECK command) after one or more APPEND commands.Example:    C: A003 APPEND saved-messages (\Seen) {310}S: + Ready for literal dataC: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)C: From: Fred Foobar C: Subject: afternoon meetingC: To: mooch@owatagu.siam.eduC: Message-Id: C: MIME-Version: 1.0C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCIIC:C: Hello Joe, do you think we can meet at 3:30 tomorrow?C:S: A003 OK APPEND completedNote: The APPEND command is not used for message delivery,because it does not provide a mechanism to transfer [SMTP]envelope information.6.4.    Client Commands - Selected StateIn the selected state, commands that manipulate messages in a mailboxare permitted.In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),and the authenticated state commands (SELECT, EXAMINE, CREATE,DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, LSUB, STATUS, andAPPEND), the following commands are valid in the selected state:CHECK, CLOSE, EXPUNGE, SEARCH, FETCH, STORE, COPY, and UID.6.4.1.  CHECK CommandArguments:  noneResponses:  no specific responses for this commandResult:     OK - check completedBAD - command unknown or arguments invalidThe CHECK command requests a checkpoint of the currently selectedmailbox.  A checkpoint refers to any implementation-dependenthousekeeping associated with the mailbox (e.g., resolving theserver's in-memory state of the mailbox with the state on itsCrispin                     Standards Track                    [Page 47]RFC 3501                         IMAPv4                       March 2003disk) that is not normally executed as part of each command.  Acheckpoint MAY take a non-instantaneous amount of real time tocomplete.  If a server implementation has no such housekeepingconsiderations, CHECK is equivalent to NOOP.There is no guarantee that an EXISTS untagged response will happenas a result of CHECK.  NOOP, not CHECK, SHOULD be used for newmessage polling.Example:    C: FXXZ CHECKS: FXXZ OK CHECK Completed6.4.2.  CLOSE CommandArguments:  noneResponses:  no specific responses for this commandResult:     OK - close completed, now in authenticated stateBAD - command unknown or arguments invalidThe CLOSE command permanently removes all messages that have the\Deleted flag set from the currently selected mailbox, and returnsto the authenticated state from the selected state.  No untaggedEXPUNGE responses are sent.No messages are removed, and no error is given, if the mailbox isselected by an EXAMINE command or is otherwise selected read-only.Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUTcommand MAY be issued without previously issuing a CLOSE command.The SELECT, EXAMINE, and LOGOUT commands implicitly close thecurrently selected mailbox without doing an expunge.  However,when many messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECTsequence is considerably faster than an EXPUNGE-LOGOUT orEXPUNGE-SELECT because no untagged EXPUNGE responses (which theclient would probably ignore) are sent.Example:    C: A341 CLOSES: A341 OK CLOSE completedCrispin                     Standards Track                    [Page 48]RFC 3501                         IMAPv4                       March 20036.4.3.  EXPUNGE CommandArguments:  noneResponses:  untagged responses: EXPUNGEResult:     OK - expunge completedNO - expunge failure: can't expunge (e.g., permissiondenied)BAD - command unknown or arguments invalidThe EXPUNGE command permanently removes all messages that have the\Deleted flag set from the currently selected mailbox.  Beforereturning an OK to the client, an untagged EXPUNGE response issent for each message that is removed.Example:    C: A202 EXPUNGES: * 3 EXPUNGES: * 3 EXPUNGES: * 5 EXPUNGES: * 8 EXPUNGES: A202 OK EXPUNGE completedNote: In this example, messages 3, 4, 7, and 11 had the\Deleted flag set.  See the description of the EXPUNGEresponse for further explanation.6.4.4.  SEARCH CommandArguments:  OPTIONAL [CHARSET] specificationsearching criteria (one or more)Responses:  REQUIRED untagged response: SEARCHResult:     OK - search completedNO - search error: can't search that [CHARSET] orcriteriaBAD - command unknown or arguments invalidThe SEARCH command searches the mailbox for messages that matchthe given searching criteria.  Searching criteria consist of oneor more search keys.  The untagged SEARCH response from the servercontains a listing of message sequence numbers corresponding tothose messages that match the searching criteria.Crispin                     Standards Track                    [Page 49]RFC 3501                         IMAPv4                       March 2003When multiple keys are specified, the result is the intersection(AND function) of all the messages that match those keys.  Forexample, the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refersto all deleted messages from Smith that were placed in the mailboxsince February 1, 1994.  A search key can also be a parenthesizedlist of one or more search keys (e.g., for use with the OR and NOTkeys).Server implementations MAY exclude [MIME-IMB] body parts withterminal content media types other than TEXT and MESSAGE fromconsideration in SEARCH matching.The OPTIONAL [CHARSET] specification consists of the word"CHARSET" followed by a registered [CHARSET].  It indicates the[CHARSET] of the strings that appear in the search criteria.[MIME-IMB] content transfer encodings, and [MIME-HDRS] strings in[RFC-2822]/[MIME-IMB] headers, MUST be decoded before comparingtext in a [CHARSET] other than US-ASCII.  US-ASCII MUST besupported; other [CHARSET]s MAY be supported.If the server does not support the specified [CHARSET], it MUSTreturn a tagged NO response (not a BAD).  This response SHOULDcontain the BADCHARSET response code, which MAY list the[CHARSET]s supported by the server.In all search keys that use strings, a message matches the key ifthe string is a substring of the field.  The matching iscase-insensitive.The defined search keys are as follows.  Refer to the FormalSyntax section for the precise syntactic definitions of thearguments.Messages with message sequence numbers corresponding to thespecified message sequence number set.ALLAll messages in the mailbox; the default initial key forANDing.ANSWEREDMessages with the \Answered flag set.Crispin                     Standards Track                    [Page 50]RFC 3501                         IMAPv4                       March 2003BCC Messages that contain the specified string in the envelopestructure's BCC field.BEFORE Messages whose internal date (disregarding time and timezone)is earlier than the specified date.BODY Messages that contain the specified string in the body of themessage.CC Messages that contain the specified string in the envelopestructure's CC field.DELETEDMessages with the \Deleted flag set.DRAFTMessages with the \Draft flag set.FLAGGEDMessages with the \Flagged flag set.FROM Messages that contain the specified string in the envelopestructure's FROM field.HEADER  Messages that have a header with the specified field-name (asdefined in [RFC-2822]) and that contains the specified stringin the text of the header (what comes after the colon).  If thestring to search is zero-length, this matches all messages thathave a header line with the specified field-name regardless ofthe contents.KEYWORD Messages with the specified keyword flag set.LARGER Messages with an [RFC-2822] size larger than the specifiednumber of octets.NEWMessages that have the \Recent flag set but not the \Seen flag.This is functionally equivalent to "(RECENT UNSEEN)".Crispin                     Standards Track                    [Page 51]RFC 3501                         IMAPv4                       March 2003NOT Messages that do not match the specified search key.OLDMessages that do not have the \Recent flag set.  This isfunctionally equivalent to "NOT RECENT" (as opposed to "NOTNEW").ON Messages whose internal date (disregarding time and timezone)is within the specified date.OR  Messages that match either search key.RECENTMessages that have the \Recent flag set.SEENMessages that have the \Seen flag set.SENTBEFORE Messages whose [RFC-2822] Date: header (disregarding time andtimezone) is earlier than the specified date.SENTON Messages whose [RFC-2822] Date: header (disregarding time andtimezone) is within the specified date.SENTSINCE Messages whose [RFC-2822] Date: header (disregarding time andtimezone) is within or later than the specified date.SINCE Messages whose internal date (disregarding time and timezone)is within or later than the specified date.SMALLER Messages with an [RFC-2822] size smaller than the specifiednumber of octets.Crispin                     Standards Track                    [Page 52]RFC 3501                         IMAPv4                       March 2003SUBJECT Messages that contain the specified string in the envelopestructure's SUBJECT field.TEXT Messages that contain the specified string in the header orbody of the message.TO Messages that contain the specified string in the envelopestructure's TO field.UID Messages with unique identifiers corresponding to the specifiedunique identifier set.  Sequence set ranges are permitted.UNANSWEREDMessages that do not have the \Answered flag set.UNDELETEDMessages that do not have the \Deleted flag set.UNDRAFTMessages that do not have the \Draft flag set.UNFLAGGEDMessages that do not have the \Flagged flag set.UNKEYWORD Messages that do not have the specified keyword flag set.UNSEENMessages that do not have the \Seen flag set.Crispin                     Standards Track                    [Page 53]RFC 3501                         IMAPv4                       March 2003Example:    C: A282 SEARCH FLAGGED SINCE 1-Feb-1994 NOT FROM "Smith"S: * SEARCH 2 84 882S: A282 OK SEARCH completedC: A283 SEARCH TEXT "string not in mailbox"S: * SEARCHS: A283 OK SEARCH completedC: A284 SEARCH CHARSET UTF-8 TEXT {6}C: XXXXXXS: * SEARCH 43S: A284 OK SEARCH completedNote: Since this document is restricted to 7-bit ASCIItext, it is not possible to show actual UTF-8 data.  The"XXXXXX" is a placeholder for what would be 6 octets of8-bit data in an actual transaction.6.4.5.  FETCH CommandArguments:  sequence setmessage data item names or macroResponses:  untagged responses: FETCHResult:     OK - fetch completedNO - fetch error: can't fetch that dataBAD - command unknown or arguments invalidThe FETCH command retrieves data associated with a message in themailbox.  The data items to be fetched can be either a single atomor a parenthesized list.Most data items, identified in the formal syntax under themsg-att-static rule, are static and MUST NOT change for anyparticular message.  Other data items, identified in the formalsyntax under the msg-att-dynamic rule, MAY change, either as aresult of a STORE command or due to external events.For example, if a client receives an ENVELOPE for amessage when it already knows the envelope, it cansafely ignore the newly transmitted envelope.There are three macros which specify commonly-used sets of dataitems, and can be used instead of data items.  A macro must beused by itself, and not in conjunction with other macros or dataitems.Crispin                     Standards Track                    [Page 54]RFC 3501                         IMAPv4                       March 2003ALLMacro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE)FASTMacro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE)FULLMacro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPEBODY)The currently defined data items that can be fetched are:BODYNon-extensible form of BODYSTRUCTURE.BODY[
]<>The text of a particular body section.  The sectionspecification is a set of zero or more part specifiersdelimited by periods.  A part specifier is either a part numberor one of the following: HEADER, HEADER.FIELDS,HEADER.FIELDS.NOT, MIME, and TEXT.  An empty sectionspecification refers to the entire message, including theheader.Every message has at least one part number.  Non-[MIME-IMB]messages, and non-multipart [MIME-IMB] messages with noencapsulated message, only have a part 1.Multipart messages are assigned consecutive part numbers, asthey occur in the message.  If a particular part is of typemessage or multipart, its parts MUST be indicated by a periodfollowed by the part number within that nested multipart part.A part of type MESSAGE/RFC822 also has nested part numbers,referring to parts of the MESSAGE part's body.The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT partspecifiers can be the sole part specifier or can be prefixed byone or more numeric part specifiers, provided that the numericpart specifier refers to a part of type MESSAGE/RFC822.  TheMIME part specifier MUST be prefixed by one or more numericpart specifiers.The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT partspecifiers refer to the [RFC-2822] header of the message or ofan encapsulated [MIME-IMT] MESSAGE/RFC822 message.HEADER.FIELDS and HEADER.FIELDS.NOT are followed by a list offield-name (as defined in [RFC-2822]) names, and return aCrispin                     Standards Track                    [Page 55]RFC 3501                         IMAPv4                       March 2003subset of the header.  The subset returned by HEADER.FIELDScontains only those header fields with a field-name thatmatches one of the names in the list; similarly, the subsetreturned by HEADER.FIELDS.NOT contains only the header fieldswith a non-matching field-name.  The field-matching iscase-insensitive but otherwise exact.  Subsetting does notexclude the [RFC-2822] delimiting blank line between the headerand the body; the blank line is included in all header fetches,except in the case of a message which has no body and no blankline.The MIME part specifier refers to the [MIME-IMB] header forthis part.The TEXT part specifier refers to the text body of the message,omitting the [RFC-2822] header.Here is an example of a complex message with some of itspart specifiers:HEADER     ([RFC-2822] header of the message)TEXT       ([RFC-2822] text body of the message) MULTIPART/MIXED1          TEXT/PLAIN2          APPLICATION/OCTET-STREAM3          MESSAGE/RFC8223.HEADER   ([RFC-2822] header of the message)3.TEXT     ([RFC-2822] text body of the message) MULTIPART/MIXED3.1        TEXT/PLAIN3.2        APPLICATION/OCTET-STREAM4          MULTIPART/MIXED4.1        IMAGE/GIF4.1.MIME   ([MIME-IMB] header for the IMAGE/GIF)4.2        MESSAGE/RFC8224.2.HEADER ([RFC-2822] header of the message)4.2.TEXT   ([RFC-2822] text body of the message) MULTIPART/MIXED4.2.1      TEXT/PLAIN4.2.2      MULTIPART/ALTERNATIVE4.2.2.1    TEXT/PLAIN4.2.2.2    TEXT/RICHTEXTIt is possible to fetch a substring of the designated text.This is done by appending an open angle bracket ("<"), theoctet position of the first desired octet, a period, themaximum number of octets desired, and a close angle bracket(">") to the part specifier.  If the starting octet is beyondthe end of the text, an empty string is returned.Crispin                     Standards Track                    [Page 56]RFC 3501                         IMAPv4                       March 2003Any partial fetch that attempts to read beyond the end of thetext is truncated as appropriate.  A partial fetch that startsat octet 0 is returned as a partial fetch, even if thistruncation happened.Note: This means that BODY[]<0.2048> of a 1500-octet messagewill return BODY[]<0> with a literal of size 1500, notBODY[].Note: A substring fetch of a HEADER.FIELDS orHEADER.FIELDS.NOT part specifier is calculated aftersubsetting the header.The \Seen flag is implicitly set; if this causes the flags tochange, they SHOULD be included as part of the FETCH responses.BODY.PEEK[
]<>An alternate form of BODY[
] that does not implicitlyset the \Seen flag.BODYSTRUCTUREThe [MIME-IMB] body structure of the message.  This is computedby the server by parsing the [MIME-IMB] header fields in the[RFC-2822] header and [MIME-IMB] headers.ENVELOPEThe envelope structure of the message.  This is computed by theserver by parsing the [RFC-2822] header into the componentparts, defaulting various fields as necessary.FLAGSThe flags that are set for this message.INTERNALDATEThe internal date of the message.RFC822Functionally equivalent to BODY[], differing in the syntax ofthe resulting untagged FETCH data (RFC822 is returned).RFC822.HEADERFunctionally equivalent to BODY.PEEK[HEADER], differing in thesyntax of the resulting untagged FETCH data (RFC822.HEADER isreturned).RFC822.SIZEThe [RFC-2822] size of the message.Crispin                     Standards Track                    [Page 57]RFC 3501                         IMAPv4                       March 2003RFC822.TEXTFunctionally equivalent to BODY[TEXT], differing in the syntaxof the resulting untagged FETCH data (RFC822.TEXT is returned).UIDThe unique identifier for the message.Example:    C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)])S: * 2 FETCH ....S: * 3 FETCH ....S: * 4 FETCH ....S: A654 OK FETCH completed6.4.6.  STORE CommandArguments:  sequence setmessage data item namevalue for message data itemResponses:  untagged responses: FETCHResult:     OK - store completedNO - store error: can't store that dataBAD - command unknown or arguments invalidThe STORE command alters data associated with a message in themailbox.  Normally, STORE will return the updated value of thedata with an untagged FETCH response.  A suffix of ".SILENT" inthe data item name prevents the untagged FETCH, and the serverSHOULD assume that the client has determined the updated valueitself or does not care about the updated value.Note: Regardless of whether or not the ".SILENT" suffixwas used, the server SHOULD send an untagged FETCHresponse if a change to a message's flags from anexternal source is observed.  The intent is that thestatus of the flags is determinate without a racecondition.Crispin                     Standards Track                    [Page 58]RFC 3501                         IMAPv4                       March 2003The currently defined data items that can be stored are:FLAGS Replace the flags for the message (other than \Recent) with theargument.  The new value of the flags is returned as if a FETCHof those flags was done.FLAGS.SILENT Equivalent to FLAGS, but without returning a new value.+FLAGS Add the argument to the flags for the message.  The new valueof the flags is returned as if a FETCH of those flags was done.+FLAGS.SILENT Equivalent to +FLAGS, but without returning a new value.-FLAGS Remove the argument from the flags for the message.  The newvalue of the flags is returned as if a FETCH of those flags wasdone.-FLAGS.SILENT Equivalent to -FLAGS, but without returning a new value.Example:    C: A003 STORE 2:4 +FLAGS (\Deleted)S: * 2 FETCH (FLAGS (\Deleted \Seen))S: * 3 FETCH (FLAGS (\Deleted))S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen))S: A003 OK STORE completed6.4.7.  COPY CommandArguments:  sequence setmailbox nameResponses:  no specific responses for this commandResult:     OK - copy completedNO - copy error: can't copy those messages or to thatnameBAD - command unknown or arguments invalidCrispin                     Standards Track                    [Page 59]RFC 3501                         IMAPv4                       March 2003The COPY command copies the specified message(s) to the end of thespecified destination mailbox.  The flags and internal date of themessage(s) SHOULD be preserved, and the Recent flag SHOULD be set,in the copy.If the destination mailbox does not exist, a server SHOULD returnan error.  It SHOULD NOT automatically create the mailbox.  Unlessit is certain that the destination mailbox can not be created, theserver MUST send the response code "[TRYCREATE]" as the prefix ofthe text of the tagged NO response.  This gives a hint to theclient that it can attempt a CREATE command and retry the COPY ifthe CREATE is successful.If the COPY command is unsuccessful for any reason, serverimplementations MUST restore the destination mailbox to its statebefore the COPY attempt.Example:    C: A003 COPY 2:4 MEETINGS: A003 OK COPY completed6.4.8.  UID CommandArguments:  command namecommand argumentsResponses:  untagged responses: FETCH, SEARCHResult:     OK - UID command completedNO - UID command errorBAD - command unknown or arguments invalidThe UID command has two forms.  In the first form, it takes as itsarguments a COPY, FETCH, or STORE command with argumentsappropriate for the associated command.  However, the numbers inthe sequence set argument are unique identifiers instead ofmessage sequence numbers.  Sequence set ranges are permitted, butthere is no guarantee that unique identifiers will be contiguous.A non-existent unique identifier is ignored without any errormessage generated.  Thus, it is possible for a UID FETCH commandto return an OK without any data or a UID COPY or UID STORE toreturn an OK without performing any operations.In the second form, the UID command takes a SEARCH command withSEARCH command arguments.  The interpretation of the arguments isthe same as with SEARCH; however, the numbers returned in a SEARCHresponse for a UID SEARCH command are unique identifiers insteadCrispin                     Standards Track                    [Page 60]RFC 3501                         IMAPv4                       March 2003of message sequence numbers.  For example, the command UID SEARCH1:100 UID 443:557 returns the unique identifiers corresponding tothe intersection of two sequence sets, the message sequence numberrange 1:100 and the UID range 443:557.Note: in the above example, the UID range 443:557appears.  The same comment about a non-existent uniqueidentifier being ignored without any error message alsoapplies here.  Hence, even if neither UID 443 or 557exist, this range is valid and would include an existingUID 495.Also note that a UID range of 559:* always includes theUID of the last message in the mailbox, even if 559 ishigher than any assigned UID value.  This is because thecontents of a range are independent of the order of therange endpoints.  Thus, any UID range with * as one ofthe endpoints indicates at least one message (themessage with the highest numbered UID), unless themailbox is empty.The number after the "*" in an untagged FETCH response is always amessage sequence number, not a unique identifier, even for a UIDcommand response.  However, server implementations MUST implicitlyinclude the UID message data item as part of any FETCH responsecaused by a UID command, regardless of whether a UID was specifiedas a message data item to the FETCH.Note: The rule about including the UID message data item as partof a FETCH response primarily applies to the UID FETCH and UIDSTORE commands, including a UID FETCH command that does notinclude UID as a message data item.  Although it is unlikely thatthe other UID commands will cause an untagged FETCH, this ruleapplies to these commands as well.Example:    C: A999 UID FETCH 4827313:4828442 FLAGSS: * 23 FETCH (FLAGS (\Seen) UID 4827313)S: * 24 FETCH (FLAGS (\Seen) UID 4827943)S: * 25 FETCH (FLAGS (\Seen) UID 4828442)S: A999 OK UID FETCH completedCrispin                     Standards Track                    [Page 61]RFC 3501                         IMAPv4                       March 20036.5.    Client Commands - Experimental/Expansion6.5.1.  X CommandArguments:  implementation definedResponses:  implementation definedResult:     OK - command completedNO - failureBAD - command unknown or arguments invalidAny command prefixed with an X is an experimental command.Commands which are not part of this specification, a standard orstandards-track revision of this specification, or anIESG-approved experimental protocol, MUST use the X prefix.Any added untagged responses issued by an experimental commandMUST also be prefixed with an X.  Server implementations MUST NOTsend any such untagged responses, unless the client requested itby issuing the associated experimental command.Example:    C: a441 CAPABILITYS: * CAPABILITY IMAP4rev1 XPIG-LATINS: a441 OK CAPABILITY completedC: A442 XPIG-LATINS: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-layS: A442 OK XPIG-LATIN ompleted-cay7.      Server ResponsesServer responses are in three forms: status responses, server data,and command continuation request.  The information contained in aserver response, identified by "Contents:" in the responsedescriptions below, is described by function, not by syntax.  Theprecise syntax of server responses is described in the Formal Syntaxsection.The client MUST be prepared to accept any response at all times.Status responses can be tagged or untagged.  Tagged status responsesindicate the completion result (OK, NO, or BAD status) of a clientcommand, and have a tag matching the command.Some status responses, and all server data, are untagged.  Anuntagged response is indicated by the token "*" instead of a tag.Untagged status responses indicate server greeting, or server statusCrispin                     Standards Track                    [Page 62]RFC 3501                         IMAPv4                       March 2003that does not indicate the completion of a command (for example, animpending system shutdown alert).  For historical reasons, untaggedserver data responses are also called "unsolicited data", althoughstrictly speaking, only unilateral server data is truly"unsolicited".Certain server data MUST be recorded by the client when it isreceived; this is noted in the description of that data.  Such dataconveys critical information which affects the interpretation of allsubsequent commands and responses (e.g., updates reflecting thecreation or destruction of messages).Other server data SHOULD be recorded for later reference; if theclient does not need to record the data, or if recording the data hasno obvious purpose (e.g., a SEARCH response when no SEARCH command isin progress), the data SHOULD be ignored.An example of unilateral untagged server data occurs when the IMAPconnection is in the selected state.  In the selected state, theserver checks the mailbox for new messages as part of commandexecution.  Normally, this is part of the execution of every command;hence, a NOOP command suffices to check for new messages.  If newmessages are found, the server sends untagged EXISTS and RECENTresponses reflecting the new size of the mailbox.  Serverimplementations that offer multiple simultaneous access to the samemailbox SHOULD also send appropriate unilateral untagged FETCH andEXPUNGE responses if another agent changes the state of any messageflags or expunges any messages.Command continuation request responses use the token "+" instead of atag.  These responses are sent by the server to indicate acceptanceof an incomplete client command and readiness for the remainder ofthe command.7.1.    Server Responses - Status ResponsesStatus responses are OK, NO, BAD, PREAUTH and BYE.  OK, NO, and BADcan be tagged or untagged.  PREAUTH and BYE are always untagged.Status responses MAY include an OPTIONAL "response code".  A responsecode consists of data inside square brackets in the form of an atom,possibly followed by a space and arguments.  The response codecontains additional information or status codes for client softwarebeyond the OK/NO/BAD condition, and are defined when there is aspecific action that a client can take based upon the additionalinformation.Crispin                     Standards Track                    [Page 63]RFC 3501                         IMAPv4                       March 2003The currently defined response codes are:ALERTThe human-readable text contains a special alert that MUST bepresented to the user in a fashion that calls the user'sattention to the message.BADCHARSETOptionally followed by a parenthesized list of charsets.  ASEARCH failed because the given charset is not supported bythis implementation.  If the optional list of charsets isgiven, this lists the charsets that are supported by thisimplementation.CAPABILITYFollowed by a list of capabilities.  This can appear in theinitial OK or PREAUTH response to transmit an initialcapabilities list.  This makes it unnecessary for a client tosend a separate CAPABILITY command if it recognizes thisresponse.PARSEThe human-readable text represents an error in parsing the[RFC-2822] header or [MIME-IMB] headers of a message in themailbox.PERMANENTFLAGSFollowed by a parenthesized list of flags, indicates which ofthe known flags the client can change permanently.  Any flagsthat are in the FLAGS untagged response, but not thePERMANENTFLAGS list, can not be set permanently.  If the clientattempts to STORE a flag that is not in the PERMANENTFLAGSlist, the server will either ignore the change or store thestate change for the remainder of the current session only.The PERMANENTFLAGS list can also include the special flag \*,which indicates that it is possible to create new keywords byattempting to store those flags in the mailbox.Crispin                     Standards Track                    [Page 64]RFC 3501                         IMAPv4                       March 2003READ-ONLYThe mailbox is selected read-only, or its access while selectedhas changed from read-write to read-only.READ-WRITEThe mailbox is selected read-write, or its access whileselected has changed from read-only to read-write.TRYCREATEAn APPEND or COPY attempt is failing because the target mailboxdoes not exist (as opposed to some other reason).  This is ahint to the client that the operation can succeed if themailbox is first created by the CREATE command.UIDNEXTFollowed by a decimal number, indicates the next uniqueidentifier value.  Refer to section 2.3.1.1 for moreinformation.UIDVALIDITYFollowed by a decimal number, indicates the unique identifiervalidity value.  Refer to section 2.3.1.1 for more information.UNSEENFollowed by a decimal number, indicates the number of the firstmessage without the \Seen flag set.Additional response codes defined by particular client or serverimplementations SHOULD be prefixed with an "X" until they areadded to a revision of this protocol.  Client implementationsSHOULD ignore response codes that they do not recognize.7.1.1.  OK ResponseContents:   OPTIONAL response codehuman-readable textThe OK response indicates an information message from the server.When tagged, it indicates successful completion of the associatedcommand.  The human-readable text MAY be presented to the user asan information message.  The untagged form indicates anCrispin                     Standards Track                    [Page 65]RFC 3501                         IMAPv4                       March 2003information-only message; the nature of the information MAY beindicated by a response code.The untagged form is also used as one of three possible greetingsat connection startup.  It indicates that the connection is notyet authenticated and that a LOGIN command is needed.Example:    S: * OK IMAP4rev1 server readyC: A001 LOGIN fred blurdybloopS: * OK [ALERT] System shutdown in 10 minutesS: A001 OK LOGIN Completed7.1.2.  NO ResponseContents:   OPTIONAL response codehuman-readable textThe NO response indicates an operational error message from theserver.  When tagged, it indicates unsuccessful completion of theassociated command.  The untagged form indicates a warning; thecommand can still complete successfully.  The human-readable textdescribes the condition.Example:    C: A222 COPY 1:2 owatagusiamS: * NO Disk is 98% full, please delete unnecessary dataS: A222 OK COPY completedC: A223 COPY 3:200 blurdybloopS: * NO Disk is 98% full, please delete unnecessary dataS: * NO Disk is 99% full, please delete unnecessary dataS: A223 NO COPY failed: disk is full7.1.3.  BAD ResponseContents:   OPTIONAL response codehuman-readable textThe BAD response indicates an error message from the server.  Whentagged, it reports a protocol-level error in the client's command;the tag indicates the command that caused the error.  The untaggedform indicates a protocol-level error for which the associatedcommand can not be determined; it can also indicate an internalserver failure.  The human-readable text describes the condition.Crispin                     Standards Track                    [Page 66]RFC 3501                         IMAPv4                       March 2003Example:    C: ...very long command line...S: * BAD Command line too longC: ...empty line...S: * BAD Empty command lineC: A443 EXPUNGES: * BAD Disk crash, attempting salvage to a new disk!S: * OK Salvage successful, no data lostS: A443 OK Expunge completed7.1.4.  PREAUTH ResponseContents:   OPTIONAL response codehuman-readable textThe PREAUTH response is always untagged, and is one of threepossible greetings at connection startup.  It indicates that theconnection has already been authenticated by external means; thusno LOGIN command is needed.Example:    S: * PREAUTH IMAP4rev1 server logged in as Smith7.1.5.  BYE ResponseContents:   OPTIONAL response codehuman-readable textThe BYE response is always untagged, and indicates that the serveris about to close the connection.  The human-readable text MAY bedisplayed to the user in a status report by the client.  The BYEresponse is sent under one of four conditions:1) as part of a normal logout sequence.  The server will closethe connection after sending the tagged OK response to theLOGOUT command.2) as a panic shutdown announcement.  The server closes theconnection immediately.3) as an announcement of an inactivity autologout.  The servercloses the connection immediately.4) as one of three possible greetings at connection startup,indicating that the server is not willing to accept aconnection from this client.  The server closes theconnection immediately.Crispin                     Standards Track                    [Page 67]RFC 3501                         IMAPv4                       March 2003The difference between a BYE that occurs as part of a normalLOGOUT sequence (the first case) and a BYE that occurs because ofa failure (the other three cases) is that the connection closesimmediately in the failure case.  In all cases the client SHOULDcontinue to read response data from the server until theconnection is closed; this will ensure that any pending untaggedor completion responses are read and processed.Example:    S: * BYE Autologout; idle for too long7.2.    Server Responses - Server and Mailbox StatusThese responses are always untagged.  This is how server and mailboxstatus data are transmitted from the server to the client.  Many ofthese responses typically result from a command with the same name.7.2.1.  CAPABILITY ResponseContents:   capability listingThe CAPABILITY response occurs as a result of a CAPABILITYcommand.  The capability listing contains a space-separatedlisting of capability names that the server supports.  Thecapability listing MUST include the atom "IMAP4rev1".In addition, client and server implementations MUST implement theSTARTTLS, LOGINDISABLED, and AUTH=PLAIN (described in [IMAP-TLS])capabilities.  See the Security Considerations section forimportant information.A capability name which begins with "AUTH=" indicates that theserver supports that particular authentication mechanism.The LOGINDISABLED capability indicates that the LOGIN command isdisabled, and that the server will respond with a tagged NOresponse to any attempt to use the LOGIN command even if the username and password are valid.  An IMAP client MUST NOT issue theLOGIN command if the server advertises the LOGINDISABLEDcapability.Other capability names indicate that the server supports anextension, revision, or amendment to the IMAP4rev1 protocol.Server responses MUST conform to this document until the clientissues a command that uses the associated capability.Capability names MUST either begin with "X" or be standard orstandards-track IMAP4rev1 extensions, revisions, or amendmentsregistered with IANA.  A server MUST NOT offer unregistered orCrispin                     Standards Track                    [Page 68]RFC 3501                         IMAPv4                       March 2003non-standard capability names, unless such names are prefixed withan "X".Client implementations SHOULD NOT require any capability nameother than "IMAP4rev1", and MUST ignore any unknown capabilitynames.A server MAY send capabilities automatically, by using theCAPABILITY response code in the initial PREAUTH or OK responses,and by sending an updated CAPABILITY response code in the taggedOK response as part of a successful authentication.  It isunnecessary for a client to send a separate CAPABILITY command ifit recognizes these automatic capabilities.Example:    S: * CAPABILITY IMAP4rev1 STARTTLS AUTH=GSSAPI XPIG-LATIN7.2.2.  LIST ResponseContents:   name attributeshierarchy delimiternameThe LIST response occurs as a result of a LIST command.  Itreturns a single name that matches the LIST specification.  Therecan be multiple LIST responses for a single LIST command.Four name attributes are defined:\NoinferiorsIt is not possible for any child levels of hierarchy to existunder this name; no child levels exist now and none can becreated in the future.\NoselectIt is not possible to use this name as a selectable mailbox.\MarkedThe mailbox has been marked "interesting" by the server; themailbox probably contains messages that have been added sincethe last time the mailbox was selected.\UnmarkedThe mailbox does not contain any additional messages since thelast time the mailbox was selected.Crispin                     Standards Track                    [Page 69]RFC 3501                         IMAPv4                       March 2003If it is not feasible for the server to determine whether or notthe mailbox is "interesting", or if the name is a \Noselect name,the server SHOULD NOT send either \Marked or \Unmarked.The hierarchy delimiter is a character used to delimit levels ofhierarchy in a mailbox name.  A client can use it to create childmailboxes, and to search higher or lower levels of naminghierarchy.  All children of a top-level hierarchy node MUST usethe same separator character.  A NIL hierarchy delimiter meansthat no hierarchy exists; the name is a "flat" name.The name represents an unambiguous left-to-right hierarchy, andMUST be valid for use as a reference in LIST and LSUB commands.Unless \Noselect is indicated, the name MUST also be valid as anargument for commands, such as SELECT, that accept mailbox names.Example:    S: * LIST (\Noselect) "/" ~/Mail/foo7.2.3.  LSUB ResponseContents:   name attributeshierarchy delimiternameThe LSUB response occurs as a result of an LSUB command.  Itreturns a single name that matches the LSUB specification.  Therecan be multiple LSUB responses for a single LSUB command.  Thedata is identical in format to the LIST response.Example:    S: * LSUB () "." #news.comp.mail.misc7.2.4   STATUS ResponseContents:   namestatus parenthesized listThe STATUS response occurs as a result of an STATUS command.  Itreturns the mailbox name that matches the STATUS specification andthe requested mailbox status information.Example:    S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)Crispin                     Standards Track                    [Page 70]RFC 3501                         IMAPv4                       March 20037.2.5.  SEARCH ResponseContents:   zero or more numbersThe SEARCH response occurs as a result of a SEARCH or UID SEARCHcommand.  The number(s) refer to those messages that match thesearch criteria.  For SEARCH, these are message sequence numbers;for UID SEARCH, these are unique identifiers.  Each number isdelimited by a space.Example:    S: * SEARCH 2 3 67.2.6.  FLAGS ResponseContents:   flag parenthesized listThe FLAGS response occurs as a result of a SELECT or EXAMINEcommand.  The flag parenthesized list identifies the flags (at aminimum, the system-defined flags) that are applicable for thismailbox.  Flags other than the system flags can also exist,depending on server implementation.The update from the FLAGS response MUST be recorded by the client.Example:    S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)7.3.    Server Responses - Mailbox SizeThese responses are always untagged.  This is how changes in the sizeof the mailbox are transmitted from the server to the client.Immediately following the "*" token is a number that represents amessage count.7.3.1.  EXISTS ResponseContents:   noneThe EXISTS response reports the number of messages in the mailbox.This response occurs as a result of a SELECT or EXAMINE command,and if the size of the mailbox changes (e.g., new messages).The update from the EXISTS response MUST be recorded by theclient.Example:    S: * 23 EXISTSCrispin                     Standards Track                    [Page 71]RFC 3501                         IMAPv4                       March 20037.3.2.  RECENT ResponseContents:   noneThe RECENT response reports the number of messages with the\Recent flag set.  This response occurs as a result of a SELECT orEXAMINE command, and if the size of the mailbox changes (e.g., newmessages).Note: It is not guaranteed that the message sequencenumbers of recent messages will be a contiguous range ofthe highest n messages in the mailbox (where n is thevalue reported by the RECENT response).  Examples ofsituations in which this is not the case are: multipleclients having the same mailbox open (the first sessionto be notified will see it as recent, others willprobably see it as non-recent), and when the mailbox isre-ordered by a non-IMAP agent.The only reliable way to identify recent messages is tolook at message flags to see which have the \Recent flagset, or to do a SEARCH RECENT.The update from the RECENT response MUST be recorded by theclient.Example:    S: * 5 RECENT7.4.    Server Responses - Message StatusThese responses are always untagged.  This is how message data aretransmitted from the server to the client, often as a result of acommand with the same name.  Immediately following the "*" token is anumber that represents a message sequence number.7.4.1.  EXPUNGE ResponseContents:   noneThe EXPUNGE response reports that the specified message sequencenumber has been permanently removed from the mailbox.  The messagesequence number for each successive message in the mailbox isimmediately decremented by 1, and this decrement is reflected inmessage sequence numbers in subsequent responses (including otheruntagged EXPUNGE responses).Crispin                     Standards Track                    [Page 72]RFC 3501                         IMAPv4                       March 2003The EXPUNGE response also decrements the number of messages in themailbox; it is not necessary to send an EXISTS response with thenew value.As a result of the immediate decrement rule, message sequencenumbers that appear in a set of successive EXPUNGE responsesdepend upon whether the messages are removed starting from lowernumbers to higher numbers, or from higher numbers to lowernumbers.  For example, if the last 5 messages in a 9-messagemailbox are expunged, a "lower to higher" server will send fiveuntagged EXPUNGE responses for message sequence number 5, whereasa "higher to lower server" will send successive untagged EXPUNGEresponses for message sequence numbers 9, 8, 7, 6, and 5.An EXPUNGE response MUST NOT be sent when no command is inprogress, nor while responding to a FETCH, STORE, or SEARCHcommand.  This rule is necessary to prevent a loss ofsynchronization of message sequence numbers between client andserver.  A command is not "in progress" until the complete commandhas been received; in particular, a command is not "in progress"during the negotiation of command continuation.Note: UID FETCH, UID STORE, and UID SEARCH are differentcommands from FETCH, STORE, and SEARCH.  An EXPUNGEresponse MAY be sent during a UID command.The update from the EXPUNGE response MUST be recorded by theclient.Example:    S: * 44 EXPUNGE7.4.2.  FETCH ResponseContents:   message dataThe FETCH response returns data about a message to the client.The data are pairs of data item names and their values inparentheses.  This response occurs as the result of a FETCH orSTORE command, as well as by unilateral server decision (e.g.,flag updates).The current data items are:BODYA form of BODYSTRUCTURE without extension data.Crispin                     Standards Track                    [Page 73]RFC 3501                         IMAPv4                       March 2003BODY[
]<>A string expressing the body contents of the specified section.The string SHOULD be interpreted by the client according to thecontent transfer encoding, body type, and subtype.If the origin octet is specified, this string is a substring ofthe entire body contents, starting at that origin octet.  Thismeans that BODY[]<0> MAY be truncated, but BODY[] is NEVERtruncated.Note: The origin octet facility MUST NOT be used by a serverin a FETCH response unless the client specifically requestedit by means of a FETCH of a BODY[
]<> dataitem.8-bit textual data is permitted if a [CHARSET] identifier ispart of the body parameter parenthesized list for this section.Note that headers (part specifiers HEADER or MIME, or theheader portion of a MESSAGE/RFC822 part), MUST be 7-bit; 8-bitcharacters are not permitted in headers.  Note also that the[RFC-2822] delimiting blank line between the header and thebody is not affected by header line subsetting; the blank lineis always included as part of header data, except in the caseof a message which has no body and no blank line.Non-textual data such as binary data MUST be transfer encodedinto a textual form, such as BASE64, prior to being sent to theclient.  To derive the original binary data, the client MUSTdecode the transfer encoded string.BODYSTRUCTUREA parenthesized list that describes the [MIME-IMB] bodystructure of a message.  This is computed by the server byparsing the [MIME-IMB] header fields, defaulting various fieldsas necessary.For example, a simple text message of 48 lines and 2279 octetscan have a body structure of: ("TEXT" "PLAIN" ("CHARSET""US-ASCII") NIL NIL "7BIT" 2279 48)Multiple parts are indicated by parenthesis nesting.  Insteadof a body type as the first element of the parenthesized list,there is a sequence of one or more nested body structures.  Thesecond element of the parenthesized list is the multipartsubtype (mixed, digest, parallel, alternative, etc.).Crispin                     Standards Track                    [Page 74]RFC 3501                         IMAPv4                       March 2003For example, a two part message consisting of a text and aBASE64-encoded text attachment can have a body structure of:(("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 115223)("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff")"<960723163407.20117h@cac.washington.edu>" "Compiler diff""BASE64" 4554 73) "MIXED")Extension data follows the multipart subtype.  Extension datais never returned with the BODY fetch, but can be returned witha BODYSTRUCTURE fetch.  Extension data, if present, MUST be inthe defined order.  The extension data of a multipart body partare in the following order:body parameter parenthesized listA parenthesized list of attribute/value pairs [e.g., ("foo""bar" "baz" "rag") where "bar" is the value of "foo", and"rag" is the value of "baz"] as defined in [MIME-IMB].body dispositionA parenthesized list, consisting of a disposition typestring, followed by a parenthesized list of dispositionattribute/value pairs as defined in [DISPOSITION].body languageA string or parenthesized list giving the body languagevalue as defined in [LANGUAGE-TAGS].body locationA string list giving the body content URI as defined in[LOCATION].Any following extension data are not yet defined in thisversion of the protocol.  Such extension data can consist ofzero or more NILs, strings, numbers, or potentially nestedparenthesized lists of such data.  Client implementations thatdo a BODYSTRUCTURE fetch MUST be prepared to accept suchextension data.  Server implementations MUST NOT send suchextension data until it has been defined by a revision of thisprotocol.The basic fields of a non-multipart body part are in thefollowing order:body typeA string giving the content media type name as defined in[MIME-IMB].Crispin                     Standards Track                    [Page 75]RFC 3501                         IMAPv4                       March 2003body subtypeA string giving the content subtype name as defined in[MIME-IMB].body parameter parenthesized listA parenthesized list of attribute/value pairs [e.g., ("foo""bar" "baz" "rag") where "bar" is the value of "foo" and"rag" is the value of "baz"] as defined in [MIME-IMB].body idA string giving the content id as defined in [MIME-IMB].body descriptionA string giving the content description as defined in[MIME-IMB].body encodingA string giving the content transfer encoding as defined in[MIME-IMB].body sizeA number giving the size of the body in octets.  Note thatthis size is the size in its transfer encoding and not theresulting size after any decoding.A body type of type MESSAGE and subtype RFC822 contains,immediately after the basic fields, the envelope structure,body structure, and size in text lines of the encapsulatedmessage.A body type of type TEXT contains, immediately after the basicfields, the size of the body in text lines.  Note that thissize is the size in its content transfer encoding and not theresulting size after any decoding.Extension data follows the basic fields and the type-specificfields listed above.  Extension data is never returned with theBODY fetch, but can be returned with a BODYSTRUCTURE fetch.Extension data, if present, MUST be in the defined order.The extension data of a non-multipart body part are in thefollowing order:body MD5A string giving the body MD5 value as defined in [MD5].Crispin                     Standards Track                    [Page 76]RFC 3501                         IMAPv4                       March 2003body dispositionA parenthesized list with the same content and function asthe body disposition for a multipart body part.body languageA string or parenthesized list giving the body languagevalue as defined in [LANGUAGE-TAGS].body locationA string list giving the body content URI as defined in[LOCATION].Any following extension data are not yet defined in thisversion of the protocol, and would be as described above undermultipart extension data.ENVELOPEA parenthesized list that describes the envelope structure of amessage.  This is computed by the server by parsing the[RFC-2822] header into the component parts, defaulting variousfields as necessary.The fields of the envelope structure are in the followingorder: date, subject, from, sender, reply-to, to, cc, bcc,in-reply-to, and message-id.  The date, subject, in-reply-to,and message-id fields are strings.  The from, sender, reply-to,to, cc, and bcc fields are parenthesized lists of addressstructures.An address structure is a parenthesized list that describes anelectronic mail address.  The fields of an address structureare in the following order: personal name, [SMTP]at-domain-list (source route), mailbox name, and host name.[RFC-2822] group syntax is indicated by a special form ofaddress structure in which the host name field is NIL.  If themailbox name field is also NIL, this is an end of group marker(semi-colon in RFC 822 syntax).  If the mailbox name field isnon-NIL, this is a start of group marker, and the mailbox namefield holds the group name phrase.If the Date, Subject, In-Reply-To, and Message-ID header linesare absent in the [RFC-2822] header, the corresponding memberof the envelope is NIL; if these header lines are present butempty the corresponding member of the envelope is the emptystring.Crispin                     Standards Track                    [Page 77]RFC 3501                         IMAPv4                       March 2003Note: some servers may return a NIL envelope member in the"present but empty" case.  Clients SHOULD treat NIL andempty string as identical.Note: [RFC-2822] requires that all messages have a validDate header.  Therefore, the date member in the envelope cannot be NIL or the empty string.Note: [RFC-2822] requires that the In-Reply-To andMessage-ID headers, if present, have non-empty content.Therefore, the in-reply-to and message-id members in theenvelope can not be the empty string.If the From, To, cc, and bcc header lines are absent in the[RFC-2822] header, or are present but empty, the correspondingmember of the envelope is NIL.If the Sender or Reply-To lines are absent in the [RFC-2822]header, or are present but empty, the server sets thecorresponding member of the envelope to be the same value asthe from member (the client is not expected to know to dothis).Note: [RFC-2822] requires that all messages have a validFrom header.  Therefore, the from, sender, and reply-tomembers in the envelope can not be NIL.FLAGSA parenthesized list of flags that are set for this message.INTERNALDATEA string representing the internal date of the message.RFC822Equivalent to BODY[].RFC822.HEADEREquivalent to BODY[HEADER].  Note that this did not result in\Seen being set, because RFC822.HEADER response data occurs asa result of a FETCH of RFC822.HEADER.  BODY[HEADER] responsedata occurs as a result of a FETCH of BODY[HEADER] (which sets\Seen) or BODY.PEEK[HEADER] (which does not set \Seen).RFC822.SIZEA number expressing the [RFC-2822] size of the message.Crispin                     Standards Track                    [Page 78]RFC 3501                         IMAPv4                       March 2003RFC822.TEXTEquivalent to BODY[TEXT].UIDA number expressing the unique identifier of the message.Example:    S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827)7.5.    Server Responses - Command Continuation RequestThe command continuation request response is indicated by a "+" tokeninstead of a tag.  This form of response indicates that the server isready to accept the continuation of a command from the client.  Theremainder of this response is a line of text.This response is used in the AUTHENTICATE command to transmit serverdata to the client, and request additional client data.  Thisresponse is also used if an argument to any command is a literal.The client is not permitted to send the octets of the literal unlessthe server indicates that it is expected.  This permits the server toprocess commands and reject errors on a line-by-line basis.  Theremainder of the command, including the CRLF that terminates acommand, follows the octets of the literal.  If there are anyadditional command arguments, the literal octets are followed by aspace and those arguments.Example:    C: A001 LOGIN {11}S: + Ready for additional command textC: FRED FOOBAR {7}S: + Ready for additional command textC: fat manS: A001 OK LOGIN completedC: A044 BLURDYBLOOP {102856}S: A044 BAD No such command as "BLURDYBLOOP"Crispin                     Standards Track                    [Page 79]RFC 3501                         IMAPv4                       March 20038.      Sample IMAP4rev1 connectionThe following is a transcript of an IMAP4rev1 connection.  A longline in this sample is broken for editorial clarity.S:   * OK IMAP4rev1 Service ReadyC:   a001 login mrc secretS:   a001 OK LOGIN completedC:   a002 select inboxS:   * 18 EXISTSS:   * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)S:   * 2 RECENTS:   * OK [UNSEEN 17] Message 17 is the first unseen messageS:   * OK [UIDVALIDITY 3857529045] UIDs validS:   a002 OK [READ-WRITE] SELECT completedC:   a003 fetch 12 fullS:   * 12 FETCH (FLAGS (\Seen) INTERNALDATE "17-Jul-1996 02:44:25 -0700"RFC822.SIZE 4286 ENVELOPE ("Wed, 17 Jul 1996 02:23:25 -0700 (PDT)""IMAP4rev1 WG mtg summary and minutes"(("Terry Gray" NIL "gray" "cac.washington.edu"))(("Terry Gray" NIL "gray" "cac.washington.edu"))(("Terry Gray" NIL "gray" "cac.washington.edu"))((NIL NIL "imap" "cac.washington.edu"))((NIL NIL "minutes" "CNRI.Reston.VA.US")("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL"")BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 302892))S:    a003 OK FETCH completedC:    a004 fetch 12 body[header]S:    * 12 FETCH (BODY[HEADER] {342}S:    Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT)S:    From: Terry Gray S:    Subject: IMAP4rev1 WG mtg summary and minutesS:    To: imap@cac.washington.eduS:    cc: minutes@CNRI.Reston.VA.US, John Klensin S:    Message-Id: S:    MIME-Version: 1.0S:    Content-Type: TEXT/PLAIN; CHARSET=US-ASCIIS:S:    )S:    a004 OK FETCH completedC:    a005 store 12 +flags \deletedS:    * 12 FETCH (FLAGS (\Seen \Deleted))S:    a005 OK +FLAGS completedC:    a006 logoutS:    * BYE IMAP4rev1 server terminating connectionS:    a006 OK LOGOUT completedCrispin                     Standards Track                    [Page 80]RFC 3501                         IMAPv4                       March 20039.      Formal SyntaxThe following syntax specification uses the Augmented Backus-NaurForm (ABNF) notation as specified in [ABNF].In the case of alternative or optional rules in which a later ruleoverlaps an earlier rule, the rule which is listed earlier MUST takepriority.  For example, "\Seen" when parsed as a flag is the \Seenflag name and not a flag-extension, even though "\Seen" can be parsedas a flag-extension.  Some, but not all, instances of this rule arenoted below.Note: [ABNF] rules MUST be followed strictly; inparticular:(1) Except as noted otherwise, all alphabetic charactersare case-insensitive.  The use of upper or lower casecharacters to define token strings is for editorial clarityonly.  Implementations MUST accept these strings in acase-insensitive fashion.(2) In all cases, SP refers to exactly one space.  It isNOT permitted to substitute TAB, insert additional spaces,or otherwise treat SP as being equivalent to LWSP.(3) The ASCII NUL character, %x00, MUST NOT be used at anytime.address         = "(" addr-name SP addr-adl SP addr-mailbox SPaddr-host ")"addr-adl        = nstring; Holds route from [RFC-2822] route-addr if; non-NILaddr-host       = nstring; NIL indicates [RFC-2822] group syntax.; Otherwise, holds [RFC-2822] domain nameaddr-mailbox    = nstring; NIL indicates end of [RFC-2822] group; if; non-NIL and addr-host is NIL, holds; [RFC-2822] group name.; Otherwise, holds [RFC-2822] local-part; after removing [RFC-2822] quotingCrispin                     Standards Track                    [Page 81]RFC 3501                         IMAPv4                       March 2003addr-name       = nstring; If non-NIL, holds phrase from [RFC-2822]; mailbox after removing [RFC-2822] quotingappend          = "APPEND" SP mailbox [SP flag-list] [SP date-time] SPliteralastring         = 1*ASTRING-CHAR / stringASTRING-CHAR   = ATOM-CHAR / resp-specialsatom            = 1*ATOM-CHARATOM-CHAR       = atom-specials   = "(" / ")" / "{" / SP / CTL / list-wildcards /quoted-specials / resp-specialsauthenticate    = "AUTHENTICATE" SP auth-type *(CRLF base64)auth-type       = atom; Defined by [SASL]base64          = *(4base64-char) [base64-terminal]base64-char     = ALPHA / DIGIT / "+" / "/"; Case-sensitivebase64-terminal = (2base64-char "==") / (3base64-char "=")body            = "(" (body-type-1part / body-type-mpart) ")"body-extension  = nstring / number /"(" body-extension *(SP body-extension) ")"; Future expansion.  Client implementations; MUST accept body-extension fields.  Server; implementations MUST NOT generate; body-extension fields except as defined by; future standard or standards-track; revisions of this specification.body-ext-1part  = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang[SP body-fld-loc *(SP body-extension)]]]; MUST NOT be returned on non-extensible; "BODY" fetchCrispin                     Standards Track                    [Page 82]RFC 3501                         IMAPv4                       March 2003body-ext-mpart  = body-fld-param [SP body-fld-dsp [SP body-fld-lang[SP body-fld-loc *(SP body-extension)]]]; MUST NOT be returned on non-extensible; "BODY" fetchbody-fields     = body-fld-param SP body-fld-id SP body-fld-desc SPbody-fld-enc SP body-fld-octetsbody-fld-desc   = nstringbody-fld-dsp    = "(" string SP body-fld-param ")" / nilbody-fld-enc    = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/"QUOTED-PRINTABLE") DQUOTE) / stringbody-fld-id     = nstringbody-fld-lang   = nstring / "(" string *(SP string) ")"body-fld-loc    = nstringbody-fld-lines  = numberbody-fld-md5    = nstringbody-fld-octets = numberbody-fld-param  = "(" string SP string *(SP string SP string) ")" / nilbody-type-1part = (body-type-basic / body-type-msg / body-type-text)[SP body-ext-1part]body-type-basic = media-basic SP body-fields; MESSAGE subtype MUST NOT be "RFC822"body-type-mpart = 1*body SP media-subtype[SP body-ext-mpart]body-type-msg   = media-message SP body-fields SP envelopeSP body SP body-fld-linesbody-type-text  = media-text SP body-fields SP body-fld-linescapability      = ("AUTH=" auth-type) / atom; New capabilities MUST begin with "X" or be; registered with IANA as standard or; standards-trackCrispin                     Standards Track                    [Page 83]RFC 3501                         IMAPv4                       March 2003capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev1"*(SP capability); Servers MUST implement the STARTTLS, AUTH=PLAIN,; and LOGINDISABLED capabilities; Servers which offer RFC 1730 compatibility MUST; list "IMAP4" as the first capability.CHAR8           = %x01-ff; any OCTET except NUL, %x00command         = tag SP (command-any / command-auth / command-nonauth /command-select) CRLF; Modal based on statecommand-any     = "CAPABILITY" / "LOGOUT" / "NOOP" / x-command; Valid in all statescommand-auth    = append / create / delete / examine / list / lsub /rename / select / status / subscribe / unsubscribe; Valid only in Authenticated or Selected statecommand-nonauth = login / authenticate / "STARTTLS"; Valid only when in Not Authenticated statecommand-select  = "CHECK" / "CLOSE" / "EXPUNGE" / copy / fetch / store /uid / search; Valid only when in Selected statecontinue-req    = "+" SP (resp-text / base64) CRLFcopy            = "COPY" SP sequence-set SP mailboxcreate          = "CREATE" SP mailbox; Use of INBOX gives a NO errordate            = date-text / DQUOTE date-text DQUOTEdate-day        = 1*2DIGIT; Day of monthdate-day-fixed  = (SP DIGIT) / 2DIGIT; Fixed-format version of date-daydate-month      = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" /"Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec"date-text       = date-day "-" date-month "-" date-yearCrispin                     Standards Track                    [Page 84]RFC 3501                         IMAPv4                       March 2003date-year       = 4DIGITdate-time       = DQUOTE date-day-fixed "-" date-month "-" date-yearSP time SP zone DQUOTEdelete          = "DELETE" SP mailbox; Use of INBOX gives a NO errordigit-nz        = %x31-39; 1-9envelope        = "(" env-date SP env-subject SP env-from SPenv-sender SP env-reply-to SP env-to SP env-cc SPenv-bcc SP env-in-reply-to SP env-message-id ")"env-bcc         = "(" 1*address ")" / nilenv-cc          = "(" 1*address ")" / nilenv-date        = nstringenv-from        = "(" 1*address ")" / nilenv-in-reply-to = nstringenv-message-id  = nstringenv-reply-to    = "(" 1*address ")" / nilenv-sender      = "(" 1*address ")" / nilenv-subject     = nstringenv-to          = "(" 1*address ")" / nilexamine         = "EXAMINE" SP mailboxfetch           = "FETCH" SP sequence-set SP ("ALL" / "FULL" / "FAST" /fetch-att / "(" fetch-att *(SP fetch-att) ")")fetch-att       = "ENVELOPE" / "FLAGS" / "INTERNALDATE" /"RFC822" [".HEADER" / ".SIZE" / ".TEXT"] /"BODY" ["STRUCTURE"] / "UID" /"BODY" section ["<" number "." nz-number ">"] /"BODY.PEEK" section ["<" number "." nz-number ">"]Crispin                     Standards Track                    [Page 85]RFC 3501                         IMAPv4                       March 2003flag            = "\Answered" / "\Flagged" / "\Deleted" /"\Seen" / "\Draft" / flag-keyword / flag-extension; Does not include "\Recent"flag-extension  = "\" atom; Future expansion.  Client implementations; MUST accept flag-extension flags.  Server; implementations MUST NOT generate; flag-extension flags except as defined by; future standard or standards-track; revisions of this specification.flag-fetch      = flag / "\Recent"flag-keyword    = atomflag-list       = "(" [flag *(SP flag)] ")"flag-perm       = flag / "\*"greeting        = "*" SP (resp-cond-auth / resp-cond-bye) CRLFheader-fld-name = astringheader-list     = "(" header-fld-name *(SP header-fld-name) ")"list            = "LIST" SP mailbox SP list-mailboxlist-mailbox    = 1*list-char / stringlist-char       = ATOM-CHAR / list-wildcards / resp-specialslist-wildcards  = "%" / "*"literal         = "{" number "}" CRLF *CHAR8; Number represents the number of CHAR8slogin           = "LOGIN" SP userid SP passwordlsub            = "LSUB" SP mailbox SP list-mailboxCrispin                     Standards Track                    [Page 86]RFC 3501                         IMAPv4                       March 2003mailbox         = "INBOX" / astring; INBOX is case-insensitive.  All case variants of; INBOX (e.g., "iNbOx") MUST be interpreted as INBOX; not as an astring.  An astring which consists of; the case-insensitive sequence "I" "N" "B" "O" "X"; is considered to be INBOX and not an astring.;  Refer to section 5.1 for further; semantic details of mailbox names.mailbox-data    =  "FLAGS" SP flag-list / "LIST" SP mailbox-list /"LSUB" SP mailbox-list / "SEARCH" *(SP nz-number) /"STATUS" SP mailbox SP "(" [status-att-list] ")" /number SP "EXISTS" / number SP "RECENT"mailbox-list    = "(" [mbx-list-flags] ")" SP(DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailboxmbx-list-flags  = *(mbx-list-oflag SP) mbx-list-sflag*(SP mbx-list-oflag) /mbx-list-oflag *(SP mbx-list-oflag)mbx-list-oflag  = "\Noinferiors" / flag-extension; Other flags; multiple possible per LIST responsembx-list-sflag  = "\Noselect" / "\Marked" / "\Unmarked"; Selectability flags; only one per LIST responsemedia-basic     = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" /"MESSAGE" / "VIDEO") DQUOTE) / string) SPmedia-subtype; Defined in [MIME-IMT]media-message   = DQUOTE "MESSAGE" DQUOTE SP DQUOTE "RFC822" DQUOTE; Defined in [MIME-IMT]media-subtype   = string; Defined in [MIME-IMT]media-text      = DQUOTE "TEXT" DQUOTE SP media-subtype; Defined in [MIME-IMT]message-data    = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att))msg-att         = "(" (msg-att-dynamic / msg-att-static)*(SP (msg-att-dynamic / msg-att-static)) ")"msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")"; MAY change for a messageCrispin                     Standards Track                    [Page 87]RFC 3501                         IMAPv4                       March 2003msg-att-static  = "ENVELOPE" SP envelope / "INTERNALDATE" SP date-time /"RFC822" [".HEADER" / ".TEXT"] SP nstring /"RFC822.SIZE" SP number /"BODY" ["STRUCTURE"] SP body /"BODY" section ["<" number ">"] SP nstring /"UID" SP uniqueid; MUST NOT change for a messagenil             = "NIL"nstring         = string / nilnumber          = 1*DIGIT; Unsigned 32-bit integer; (0 <= n < 4,294,967,296)nz-number       = digit-nz *DIGIT; Non-zero unsigned 32-bit integer; (0 < n < 4,294,967,296)password        = astringquoted          = DQUOTE *QUOTED-CHAR DQUOTEQUOTED-CHAR     =  /"\" quoted-specialsquoted-specials = DQUOTE / "\"rename          = "RENAME" SP mailbox SP mailbox; Use of INBOX as a destination gives a NO errorresponse        = *(continue-req / response-data) response-doneresponse-data   = "*" SP (resp-cond-state / resp-cond-bye /mailbox-data / message-data / capability-data) CRLFresponse-done   = response-tagged / response-fatalresponse-fatal  = "*" SP resp-cond-bye CRLF; Server closes connection immediatelyresponse-tagged = tag SP resp-cond-state CRLFresp-cond-auth  = ("OK" / "PREAUTH") SP resp-text; Authentication conditionCrispin                     Standards Track                    [Page 88]RFC 3501                         IMAPv4                       March 2003resp-cond-bye   = "BYE" SP resp-textresp-cond-state = ("OK" / "NO" / "BAD") SP resp-text; Status conditionresp-specials   = "]"resp-text       = ["[" resp-text-code "]" SP] textresp-text-code  = "ALERT" /"BADCHARSET" [SP "(" astring *(SP astring) ")" ] /capability-data / "PARSE" /"PERMANENTFLAGS" SP "("[flag-perm *(SP flag-perm)] ")" /"READ-ONLY" / "READ-WRITE" / "TRYCREATE" /"UIDNEXT" SP nz-number / "UIDVALIDITY" SP nz-number /"UNSEEN" SP nz-number /atom [SP 1*]search          = "SEARCH" [SP "CHARSET" SP astring] 1*(SP search-key); CHARSET argument to MUST be registered with IANAsearch-key      = "ALL" / "ANSWERED" / "BCC" SP astring /"BEFORE" SP date / "BODY" SP astring /"CC" SP astring / "DELETED" / "FLAGGED" /"FROM" SP astring / "KEYWORD" SP flag-keyword /"NEW" / "OLD" / "ON" SP date / "RECENT" / "SEEN" /"SINCE" SP date / "SUBJECT" SP astring /"TEXT" SP astring / "TO" SP astring /"UNANSWERED" / "UNDELETED" / "UNFLAGGED" /"UNKEYWORD" SP flag-keyword / "UNSEEN" /; Above this line were in [IMAP2]"DRAFT" / "HEADER" SP header-fld-name SP astring /"LARGER" SP number / "NOT" SP search-key /"OR" SP search-key SP search-key /"SENTBEFORE" SP date / "SENTON" SP date /"SENTSINCE" SP date / "SMALLER" SP number /"UID" SP sequence-set / "UNDRAFT" / sequence-set /"(" search-key *(SP search-key) ")"section         = "[" [section-spec] "]"section-msgtext = "HEADER" / "HEADER.FIELDS" [".NOT"] SP header-list /"TEXT"; top-level or MESSAGE/RFC822 partsection-part    = nz-number *("." nz-number); body part nestingCrispin                     Standards Track                    [Page 89]RFC 3501                         IMAPv4                       March 2003section-spec    = section-msgtext / (section-part ["." section-text])section-text    = section-msgtext / "MIME"; text other than actual body part (headers, etc.)select          = "SELECT" SP mailboxseq-number      = nz-number / "*"; message sequence number (COPY, FETCH, STORE; commands) or unique identifier (UID COPY,; UID FETCH, UID STORE commands).; * represents the largest number in use.  In; the case of message sequence numbers, it is; the number of messages in a non-empty mailbox.; In the case of unique identifiers, it is the; unique identifier of the last message in the; mailbox or, if the mailbox is empty, the; mailbox's current UIDNEXT value.; The server should respond with a tagged BAD; response to a command that uses a message; sequence number greater than the number of; messages in the selected mailbox.  This; includes "*" if the selected mailbox is empty.seq-range       = seq-number ":" seq-number; two seq-number values and all values between; these two regardless of order.; Example: 2:4 and 4:2 are equivalent and indicate; values 2, 3, and 4.; Example: a unique identifier sequence range of; 3291:* includes the UID of the last message in; the mailbox, even if that value is less than 3291.sequence-set    = (seq-number / seq-range) *("," sequence-set); set of seq-number values, regardless of order.; Servers MAY coalesce overlaps and/or execute the; sequence in any order.; Example: a message sequence number set of; 2,4:7,9,12:* for a mailbox with 15 messages is; equivalent to 2,4,5,6,7,9,12,13,14,15; Example: a message sequence number set of *:4,5:7; for a mailbox with 10 messages is equivalent to; 10,9,8,7,6,5,4,5,6,7 and MAY be reordered and; overlap coalesced to be 4,5,6,7,8,9,10.status          = "STATUS" SP mailbox SP"(" status-att *(SP status-att) ")"Crispin                     Standards Track                    [Page 90]RFC 3501                         IMAPv4                       March 2003status-att      = "MESSAGES" / "RECENT" / "UIDNEXT" / "UIDVALIDITY" /"UNSEEN"status-att-list =  status-att SP number *(SP status-att SP number)store           = "STORE" SP sequence-set SP store-att-flagsstore-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP(flag-list / (flag *(SP flag)))string          = quoted / literalsubscribe       = "SUBSCRIBE" SP mailboxtag             = 1*text            = 1*TEXT-CHARTEXT-CHAR       = time            = 2DIGIT ":" 2DIGIT ":" 2DIGIT; Hours minutes secondsuid             = "UID" SP (copy / fetch / search / store); Unique identifiers used instead of message; sequence numbersuniqueid        = nz-number; Strictly ascendingunsubscribe     = "UNSUBSCRIBE" SP mailboxuserid          = astringx-command       = "X" atom zone            = ("+" / "-") 4DIGIT; Signed four-digit value of hhmm representing; hours and minutes east of Greenwich (that is,; the amount that the given time differs from; Universal Time).  Subtracting the timezone; from the given time will give the UT form.; The Universal Time zone is "+0000".Crispin                     Standards Track                    [Page 91]RFC 3501                         IMAPv4                       March 200310.     Author's NoteThis document is a revision or rewrite of earlier documents, andsupercedes the protocol specification in those documents: RFC 2060,RFC 1730, unpublished IMAP2bis.TXT document, RFC 1176, and RFC 1064.11.     Security ConsiderationsIMAP4rev1 protocol transactions, including electronic mail data, aresent in the clear over the network unless protection from snooping isnegotiated.  This can be accomplished either by the use of STARTTLS,negotiated privacy protection in the AUTHENTICATE command, or someother protection mechanism.11.1.   STARTTLS Security ConsiderationsThe specification of the STARTTLS command and LOGINDISABLEDcapability in this document replaces that in [IMAP-TLS].  [IMAP-TLS]remains normative for the PLAIN [SASL] authenticator.IMAP client and server implementations MUST implement theTLS_RSA_WITH_RC4_128_MD5 [TLS] cipher suite, and SHOULD implement theTLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA [TLS] cipher suite.  This isimportant as it assures that any two compliant implementations can beconfigured to interoperate.  All other cipher suites are OPTIONAL.Note that this is a change from section 2.1 of [IMAP-TLS].During the [TLS] negotiation, the client MUST check its understandingof the server hostname against the server's identity as presented inthe server Certificate message, in order to prevent man-in-the-middleattacks.  If the match fails, the client SHOULD either ask forexplicit user confirmation, or terminate the connection and indicatethat the server's identity is suspect.  Matching is performedaccording to these rules:The client MUST use the server hostname it used to open theconnection as the value to compare against the server nameas expressed in the server certificate.  The client MUSTNOT use any form of the server hostname derived from aninsecure remote source (e.g., insecure DNS lookup).  CNAMEcanonicalization is not done.If a subjectAltName extension of type dNSName is present inthe certificate, it SHOULD be used as the source of theserver's identity.Matching is case-insensitive.Crispin                     Standards Track                    [Page 92]RFC 3501                         IMAPv4                       March 2003A "*" wildcard character MAY be used as the left-most namecomponent in the certificate.  For example, *.example.comwould match a.example.com, foo.example.com, etc. but wouldnot match example.com.If the certificate contains multiple names (e.g., more thanone dNSName field), then a match with any one of the fieldsis considered acceptable.Both the client and server MUST check the result of the STARTTLScommand and subsequent [TLS] negotiation to see whether acceptableauthentication or privacy was achieved.11.2.   Other Security ConsiderationsA server error message for an AUTHENTICATE command which fails due toinvalid credentials SHOULD NOT detail why the credentials areinvalid.Use of the LOGIN command sends passwords in the clear.  This can beavoided by using the AUTHENTICATE command with a [SASL] mechanismthat does not use plaintext passwords, by first negotiatingencryption via STARTTLS or some other protection mechanism.A server implementation MUST implement a configuration that, at thetime of authentication, requires:(1) The STARTTLS command has been negotiated.OR(2) Some other mechanism that protects the session from passwordsnooping has been provided.OR(3) The following measures are in place:(a) The LOGINDISABLED capability is advertised, and [SASL]mechanisms (such as PLAIN) using plaintext passwords are NOTadvertised in the CAPABILITY list.AND(b) The LOGIN command returns an error even if the password iscorrect.AND(c) The AUTHENTICATE command returns an error with all [SASL]mechanisms that use plaintext passwords, even if the passwordis correct.A server error message for a failing LOGIN command SHOULD NOT specifythat the user name, as opposed to the password, is invalid.A server SHOULD have mechanisms in place to limit or delay failedAUTHENTICATE/LOGIN attempts.Crispin                     Standards Track                    [Page 93]RFC 3501                         IMAPv4                       March 2003Additional security considerations are discussed in the sectiondiscussing the AUTHENTICATE and LOGIN commands.12.     IANA ConsiderationsIMAP4 capabilities are registered by publishing a standards track orIESG approved experimental RFC.  The registry is currently locatedat:http://www.iana.org/assignments/imap4-capabilitiesAs this specification revises the STARTTLS and LOGINDISABLEDextensions previously defined in [IMAP-TLS], the registry will beupdated accordingly.Crispin                     Standards Track                    [Page 94]RFC 3501                         IMAPv4                       March 2003AppendicesA.      Normative ReferencesThe following documents contain definitions or specifications thatare necessary to understand this document properly:[ABNF]                Crocker, D. and P. Overell, "Augmented BNF forSyntax Specifications: ABNF", RFC 2234,November 1997.[ANONYMOUS]           Newman, C., "Anonymous SASL Mechanism", RFC2245, November 1997.[CHARSET]             Freed, N. and J. Postel, "IANA Character SetRegistration Procedures", RFC 2978, October2000.[DIGEST-MD5]          Leach, P. and C. Newman, "Using DigestAuthentication as a SASL Mechanism", RFC 2831,May 2000.[DISPOSITION]         Troost, R., Dorner, S. and K. Moore,"Communicating Presentation Information inInternet Messages: The Content-DispositionHeader", RFC 2183, August 1997.[IMAP-TLS]            Newman, C., "Using TLS with IMAP, POP3 andACAP", RFC 2595, June 1999.[KEYWORDS]            Bradner, S., "Key words for use in RFCs toIndicate Requirement Levels", BCP 14, RFC 2119,March 1997.[LANGUAGE-TAGS]       Alvestrand, H., "Tags for the Identification ofLanguages", BCP 47, RFC 3066, January 2001.[LOCATION]            Palme, J., Hopmann, A. and N. Shelness, "MIMEEncapsulation of Aggregate Documents, such asHTML (MHTML)", RFC 2557, March 1999.[MD5]                 Myers, J. and M. Rose, "The Content-MD5 HeaderField", RFC 1864, October 1995.Crispin                     Standards Track                    [Page 95]RFC 3501                         IMAPv4                       March 2003[MIME-HDRS]           Moore, K., "MIME (Multipurpose Internet MailExtensions) Part Three: Message HeaderExtensions for Non-ASCII Text", RFC 2047,November 1996.[MIME-IMB]            Freed, N. and N. Borenstein, "MIME(Multipurpose Internet Mail Extensions) PartOne: Format of Internet Message Bodies", RFC2045, November 1996.[MIME-IMT]            Freed, N. and N. Borenstein, "MIME(Multipurpose Internet Mail Extensions) PartTwo: Media Types", RFC 2046, November 1996.[RFC-2822]            Resnick, P., "Internet Message Format", RFC2822, April 2001.[SASL]                Myers, J., "Simple Authentication and SecurityLayer (SASL)", RFC 2222, October 1997.[TLS]                 Dierks, T. and C. Allen, "The TLS ProtocolVersion 1.0", RFC 2246, January 1999.[UTF-7]               Goldsmith, D. and M. Davis, "UTF-7: A Mail-SafeTransformation Format of Unicode", RFC 2152,May 1997.The following documents describe quality-of-implementation issuesthat should be carefully considered when implementing this protocol:[IMAP-IMPLEMENTATION] Leiba, B., "IMAP ImplementationRecommendations", RFC 2683, September 1999.[IMAP-MULTIACCESS]    Gahrns, M., "IMAP4 Multi-Accessed MailboxPractice", RFC 2180, July 1997.A.1     Informative ReferencesThe following documents describe related protocols:[IMAP-DISC]           Austein, R., "Synchronization Operations forDisconnected IMAP4 Clients", Work in Progress.[IMAP-MODEL]          Crispin, M., "Distributed Electronic MailModels in IMAP4", RFC 1733, December 1994.Crispin                     Standards Track                    [Page 96]RFC 3501                         IMAPv4                       March 2003[ACAP]                Newman, C. and J. Myers, "ACAP -- ApplicationConfiguration Access Protocol", RFC 2244,November 1997.[SMTP]                Klensin, J., "Simple Mail Transfer Protocol",STD 10, RFC 2821, April 2001.The following documents are historical or describe historical aspectsof this protocol:[IMAP-COMPAT]         Crispin, M., "IMAP4 Compatibility withIMAP2bis", RFC 2061, December 1996.[IMAP-HISTORICAL]     Crispin, M., "IMAP4 Compatibility with IMAP2and IMAP2bis", RFC 1732, December 1994.[IMAP-OBSOLETE]       Crispin, M., "Internet Message Access Protocol- Obsolete Syntax", RFC 2062, December 1996.[IMAP2]               Crispin, M., "Interactive Mail Access Protocol- Version 2", RFC 1176, August 1990.[RFC-822]             Crocker, D., "Standard for the Format of ARPAInternet Text Messages", STD 11, RFC 822,August 1982.[RFC-821]             Postel, J., "Simple Mail Transfer Protocol",STD 10, RFC 821, August 1982.B.      Changes from RFC 20601) Clarify description of unique identifiers and their semantics.2) Fix the SELECT description to clarify that UIDVALIDITY is requiredin the SELECT and EXAMINE responses.3) Added an example of a failing search.4) Correct store-att-flags: "#flag" should be "1#flag".5) Made search and section rules clearer.6) Correct the STORE example.7) Correct "BASE645" misspelling.8) Remove extraneous close parenthesis in example of two-part messagewith text and BASE64 attachment.Crispin                     Standards Track                    [Page 97]RFC 3501                         IMAPv4                       March 20039) Remove obsolete "MAILBOX" response from mailbox-data.10) A spurious "<" in the rule for mailbox-data was removed.11) Add CRLF to continue-req.12) Specifically exclude "]" from the atom in resp-text-code.13) Clarify that clients and servers should adhere strictly to theprotocol syntax.14) Emphasize in 5.2 that EXISTS can not be used to shrink a mailbox.15) Add NEWNAME to resp-text-code.16) Clarify that the empty string, not NIL, is used as arguments toLIST.17) Clarify that NIL can be returned as a hierarchy delimiter for theempty string mailbox name argument if the mailbox namespace is flat.18) Clarify that addr-mailbox and addr-name have RFC-2822 quotingremoved.19) Update UTF-7 reference.20) Fix example in 6.3.11.21) Clarify that non-existent UIDs are ignored.22) Update DISPOSITION reference.23) Expand state diagram.24) Clarify that partial fetch responses are only returned inresponse to a partial fetch command.25) Add UIDNEXT response code.  Correct UIDVALIDITY definitionreference.26) Further clarification of "can" vs. "MAY".27) Reference RFC-2119.28) Clarify that superfluous shifts are not permitted in modifiedUTF-7.29) Clarify that there are no implicit shifts in modified UTF-7.Crispin                     Standards Track                    [Page 98]RFC 3501                         IMAPv4                       March 200330) Clarify that "INBOX" in a mailbox name is always INBOX, even ifit is given as a string.31) Add missing open parenthesis in media-basic grammar rule.32) Correct attribute syntax in mailbox-data.33) Add UIDNEXT to EXAMINE responses.34) Clarify UNSEEN, PERMANENTFLAGS, UIDVALIDITY, and UIDNEXTresponses in SELECT and EXAMINE.  They are required now, but weren'tin older versions.35) Update references with RFC numbers.36) Flush text-mime2.37) Clarify that modified UTF-7 names must be case-sensitive and thatviolating the convention should be avoided.38) Correct UID FETCH example.39) Clarify UID FETCH, UID STORE, and UID SEARCH vs. untagged EXPUNGEresponses.40) Clarify the use of the word "convention".41) Clarify that a command is not "in progress" until it has beenfully received (specifically, that a command is not "in progress"during command continuation negotiation).42) Clarify envelope defaulting.43) Clarify that SP means one and only one space character.44) Forbid silly states in LIST response.45) Clarify that the ENVELOPE, INTERNALDATE, RFC822*, BODY*, and UIDfor a message is static.46) Add BADCHARSET response code.47) Update formal syntax to [ABNF] conventions.48) Clarify trailing hierarchy delimiter in CREATE semantics.49) Clarify that the "blank line" is the [RFC-2822] delimiting blankline.Crispin                     Standards Track                    [Page 99]RFC 3501                         IMAPv4                       March 200350) Clarify that RENAME should also create hierarchy as needed forthe command to complete.51) Fix body-ext-mpart to not require language if dispositionpresent.52) Clarify the RFC822.HEADER response.53) Correct missing space after charset astring in search.54) Correct missing quote for BADCHARSET in resp-text-code.55) Clarify that ALL, FAST, and FULL preclude any other data itemsappearing.56) Clarify semantics of reference argument in LIST.57) Clarify that a null string for SEARCH HEADER X-FOO means anymessage with a header line with a field-name of X-FOO regardless ofthe text of the header.58) Specifically reserve 8-bit mailbox names for future use as UTF-8.59) It is not an error for the client to store a flag that is not inthe PERMANENTFLAGS list; however, the server will either ignore thechange or make the change in the session only.60) Correct/clarify the text regarding superfluous shifts.61) Correct typographic errors in the "Changes" section.62) Clarify that STATUS must not be used to check for new messages inthe selected mailbox63) Clarify LSUB behavior with "%" wildcard.64) Change AUTHORIZATION to AUTHENTICATE in section 7.5.65) Clarify description of multipart body type.66) Clarify that STORE FLAGS does not affect \Recent.67) Change "west" to "east" in description of timezone.68) Clarify that commands which break command pipelining must waitfor a completion result response.69) Clarify that EXAMINE does not affect \Recent.Crispin                     Standards Track                   [Page 100]RFC 3501                         IMAPv4                       March 200370) Make description of MIME structure consistent.71) Clarify that date searches disregard the time and timezone of theINTERNALDATE or Date: header.  In other words, "ON 13-APR-2000" meansmessages with an INTERNALDATE text which starts with "13-APR-2000",even if timezone differential from the local timezone is sufficientto move that INTERNALDATE into the previous or next day.72) Clarify that the header fetches don't add a blank line if oneisn't in the [RFC-2822] message.73) Clarify (in discussion of UIDs) that messages are immutable.74) Add an example of CHARSET searching.75) Clarify in SEARCH that keywords are a type of flag.76) Clarify the mandatory nature of the SELECT data responses.77) Add optional CAPABILITY response code in the initial OK orPREAUTH.78) Add note that server can send an untagged CAPABILITY command aspart of the responses to AUTHENTICATE and LOGIN.79) Remove statement about it being unnecessary to issue a CAPABILITYcommand more than once in a connection.  That statement is no longertrue.80) Clarify that untagged EXPUNGE decrements the number of messagesin the mailbox.81) Fix definition of "body" (concatenation has tighter binding thanalternation).82) Add a new "Special Notes to Implementors" section with referenceto [IMAP-IMPLEMENTATION].83) Clarify that an untagged CAPABILITY response to an AUTHENTICATEcommand should only be done if a security layer was not negotiated.84) Change the definition of atom to exclude "]".  Update astring toinclude "]" for compatibility with the past.  Remove resp-text-atom.85) Remove NEWNAME.  It can't work because mailbox names can beliterals and can include "]".  Functionality can be addressed viareferrals.Crispin                     Standards Track                   [Page 101]RFC 3501                         IMAPv4                       March 200386) Move modified UTF-7 rationale in order to have more logicalparagraph flow.87) Clarify UID uniqueness guarantees with the use of MUST.88) Note that clients should read response data until the connectionis closed instead of immediately closing on a BYE.89) Change RFC-822 references to RFC-2822.90) Clarify that RFC-2822 should be followed instead of RFC-822.91) Change recommendation of optional automatic capabilities in LOGINand AUTHENTICATE to use the CAPABILITY response code in the taggedOK.  This is more interoperable than an unsolicited untaggedCAPABILITY response.92) STARTTLS and AUTH=PLAIN are mandatory to implement; addrecommendations for other [SASL] mechanisms.93) Clarify that a "connection" (as opposed to "server" or "command")is in one of the four states.94) Clarify that a failed or rejected command does not change state.95) Split references between normative and informative.96) Discuss authentication failure issues in security section.97) Clarify that a data item is not necessarily of only one datatype.98) Clarify that sequence ranges are independent of order.99) Change an example to clarify that superfluous shifts inModified-UTF7 can not be fixed just by omitting the shift.  Theentire string must be recalculated.100) Change Envelope Structure definition since [RFC-2822] uses"envelope" to refer to the [SMTP] envelope and not the envelope datathat appears in the [RFC-2822] header.101) Expand on RFC822.HEADER response data vs. BODY[HEADER].102) Clarify Logout state semantics, change ASCII art.103) Security changes to comply with IESG requirements.Crispin                     Standards Track                   [Page 102]RFC 3501                         IMAPv4                       March 2003104) Add definition for body URI.105) Break sequence range definition into three rules, with rewrittendescriptions for each.106) Move STARTTLS and LOGINDISABLED here from [IMAP-TLS].107) Add IANA Considerations section.108) Clarify valid client assumptions for new message UIDs vs.UIDNEXT.109) Clarify that changes to permanentflags affect concurrentsessions as well as subsequent sessions.110) Clarify that authenticated state can be entered by the CLOSEcommand.111) Emphasize that SELECT and EXAMINE are the exceptions to the rulethat a failing command does not change state.112) Clarify that newly-appended messages have the Recent flag set.113) Clarify that newly-copied messages SHOULD have the Recent flagset.114) Clarify that UID commands always return the UID in FETCHresponses.C.      Key Word Index+FLAGS  (store command data item) ...............   59+FLAGS.SILENT  (store command data item) ........   59-FLAGS  (store command data item) ...............   59-FLAGS.SILENT  (store command data item) ........   59ALERT (response code) ......................................   64ALL (fetch item) ...........................................   55ALL (search key) ...........................................   50ANSWERED (search key) ......................................   50APPEND (command) ...........................................   45AUTHENTICATE (command) .....................................   27BAD (response) .............................................   66BADCHARSET (response code) .................................   64BCC  (search key) ..................................   51BEFORE  (search key) .................................   51BODY (fetch item) ..........................................   55BODY (fetch result) ........................................   73BODY  (search key) .................................   51Crispin                     Standards Track                   [Page 103]RFC 3501                         IMAPv4                       March 2003BODY.PEEK[
]<> (fetch item) ...............   57BODYSTRUCTURE (fetch item) .................................   57BODYSTRUCTURE (fetch result) ...............................   74BODY[
]<> (fetch result) .............   74BODY[
]<> (fetch item) ....................   55BYE (response) .............................................   67Body Structure (message attribute) .........................   12CAPABILITY (command) .......................................   24CAPABILITY (response code) .................................   64CAPABILITY (response) ......................................   68CC  (search key) ...................................   51CHECK (command) ............................................   47CLOSE (command) ............................................   48COPY (command) .............................................   59CREATE (command) ...........................................   34DELETE (command) ...........................................   35DELETED (search key) .......................................   51DRAFT (search key) .........................................   51ENVELOPE (fetch item) ......................................   57ENVELOPE (fetch result) ....................................   77EXAMINE (command) ..........................................   33EXISTS (response) ..........................................   71EXPUNGE (command) ..........................................   48EXPUNGE (response) .........................................   72Envelope Structure (message attribute) .....................   12FAST (fetch item) ..........................................   55FETCH (command) ............................................   54FETCH (response) ...........................................   73FLAGGED (search key) .......................................   51FLAGS (fetch item) .........................................   57FLAGS (fetch result) .......................................   78FLAGS (response) ...........................................   71FLAGS  (store command data item) ................   59FLAGS.SILENT  (store command data item) .........   59FROM  (search key) .................................   51FULL (fetch item) ..........................................   55Flags (message attribute) ..................................   11HEADER (part specifier) ....................................   55HEADER   (search key) ..................   51HEADER.FIELDS  (part specifier) ...............   55HEADER.FIELDS.NOT  (part specifier) ...........   55INTERNALDATE (fetch item) ..................................   57INTERNALDATE (fetch result) ................................   78Internal Date (message attribute) ..........................   12KEYWORD  (search key) ................................   51Keyword (type of flag) .....................................   11LARGER  (search key) ....................................   51LIST (command) .............................................   40Crispin                     Standards Track                   [Page 104]RFC 3501                         IMAPv4                       March 2003LIST (response) ............................................   69LOGIN (command) ............................................   30LOGOUT (command) ...........................................   25LSUB (command) .............................................   43LSUB (response) ............................................   70MAY (specification requirement term) .......................    4MESSAGES (status item) .....................................   45MIME (part specifier) ......................................   56MUST (specification requirement term) ......................    4MUST NOT (specification requirement term) ..................    4Message Sequence Number (message attribute) ................   10NEW (search key) ...........................................   51NO (response) ..............................................   66NOOP (command) .............................................   25NOT  (search key) ..............................   52OK (response) ..............................................   65OLD (search key) ...........................................   52ON  (search key) .....................................   52OPTIONAL (specification requirement term) ..................    4OR   (search key) ................   52PARSE (response code) ......................................   64PERMANENTFLAGS (response code) .............................   64PREAUTH (response) .........................................   67Permanent Flag (class of flag) .............................   12READ-ONLY (response code) ..................................   65READ-WRITE (response code) .................................   65RECENT (response) ..........................................   72RECENT (search key) ........................................   52RECENT (status item) .......................................   45RENAME (command) ...........................................   37REQUIRED (specification requirement term) ..................    4RFC822 (fetch item) ........................................   57RFC822 (fetch result) ......................................   78RFC822.HEADER (fetch item) .................................   57RFC822.HEADER (fetch result) ...............................   78RFC822.SIZE (fetch item) ...................................   57RFC822.SIZE (fetch result) .................................   78RFC822.TEXT (fetch item) ...................................   58RFC822.TEXT (fetch result) .................................   79SEARCH (command) ...........................................   49SEARCH (response) ..........................................   71SEEN (search key) ..........................................   52SELECT (command) ...........................................   31SENTBEFORE  (search key) .............................   52SENTON  (search key) .................................   52SENTSINCE  (search key) ..............................   52SHOULD (specification requirement term) ....................    4SHOULD NOT (specification requirement term) ................    4Crispin                     Standards Track                   [Page 105]RFC 3501                         IMAPv4                       March 2003SINCE  (search key) ..................................   52SMALLER  (search key) ...................................   52STARTTLS (command) .........................................   27STATUS (command) ...........................................   44STATUS (response) ..........................................   70STORE (command) ............................................   58SUBJECT  (search key) ..............................   53SUBSCRIBE (command) ........................................   38Session Flag (class of flag) ...............................   12System Flag (type of flag) .................................   11TEXT (part specifier) ......................................   56TEXT  (search key) .................................   53TO  (search key) ...................................   53TRYCREATE (response code) ..................................   65UID (command) ..............................................   60UID (fetch item) ...........................................   58UID (fetch result) .........................................   79UID  (search key) ............................   53UIDNEXT (response code) ....................................   65UIDNEXT (status item) ......................................   45UIDVALIDITY (response code) ................................   65UIDVALIDITY (status item) ..................................   45UNANSWERED (search key) ....................................   53UNDELETED (search key) .....................................   53UNDRAFT (search key) .......................................   53UNFLAGGED (search key) .....................................   53UNKEYWORD  (search key) ..............................   53UNSEEN (response code) .....................................   65UNSEEN (search key) ........................................   53UNSEEN (status item) .......................................   45UNSUBSCRIBE (command) ......................................   39Unique Identifier (UID) (message attribute) ................    8X (command) ..........................................   62[RFC-2822] Size (message attribute) ........................   12\Answered (system flag) ....................................   11\Deleted (system flag) .....................................   11\Draft (system flag) .......................................   11\Flagged (system flag) .....................................   11\Marked (mailbox name attribute) ...........................   69\Noinferiors (mailbox name attribute) ......................   69\Noselect (mailbox name attribute) .........................   69\Recent (system flag) ......................................   11\Seen (system flag) ........................................   11\Unmarked (mailbox name attribute) .........................   69Crispin                     Standards Track                   [Page 106]RFC 3501                         IMAPv4                       March 2003Author's AddressMark R. CrispinNetworks and Distributed ComputingUniversity of Washington4545 15th Avenue NESeattle, WA  98105-4527Phone: (206) 543-5762EMail: MRC@CAC.Washington.EDUCrispin                     Standards Track                   [Page 107]RFC 3501                         IMAPv4                       March 2003Full Copyright StatementCopyright (C) The Internet Society (2003).  All Rights Reserved.This document and translations of it may be copied and furnished toothers, and derivative works that comment on or otherwise explain itor assist in its implementation may be prepared, copied, publishedand distributed, in whole or in part, without restriction of anykind, provided that the above copyright notice and this paragraph areincluded on all such copies and derivative works.  However, thisdocument itself may not be modified in any way, such as by removingthe copyright notice or references to the Internet Society or otherInternet organizations, except as needed for the purpose ofdeveloping Internet standards in which case the procedures forcopyrights defined in the Internet Standards process must befollowed, or as required to translate it into languages other thanEnglish.The limited permissions granted above are perpetual and will not berevoked by the Internet Society or its successors or assigns.  v Thisdocument and the information contained herein is provided on an "ASIS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASKFORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOTLIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILLNOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITYOR FITNESS FOR A PARTICULAR PURPOSE.AcknowledgementFunding for the RFC Editor function is currently provided by theInternet Society.Crispin                     Standards Track                   [Page 108]