Mail clients use SMTP to send outgoing mail to an SMTP server. To retrieve mail messages, however, the Post Office Protocol (currently version 3) generally is used. POP3 is a stateful protocol, progressing from one state to another, depending on the results of the transaction in progress and the commands that are issued. The states are listed here:
In the following sections, you'll see what happens during each state and the POP3 commands that can be used in each state. Similar to SMTP, commands are not case-sensitive and are either 3 or 4 characters long. The total length of arguments allowed for a command is 40 characters. Responses, however, can be up to 512 characters in length. Finally, the status indicators that the POP3 server can return to the client are limited to only two:
Each of these status indicators can be followed by text that describes the response. In many cases, the response consists of multiple lines. Both the +OK and the -ERR status indicators must be sent by the server in uppercase only. When multiple lines are sent as part of a response, the same method used by SMTP to mark the end of the response is used: the period character on a line by itself. The AUTHORIZATION StateA POP3 server typically listens on TCP port number 110 for incoming requests from POP3 clients. After a TCP connection is established between the client and the POP3 server, the POP3 server sends a greeting to the client. At this point, the process is said to be in the AUTHORIZATION state. During this state, the client uses some authentication method to identify itself to the POP3 server. This can be clear-text username and password combinations, or it can be a more secure authorization method. For more information about secure forms of authentication when using POP3, see RFC 1734, "POP3 AUTHentication command." This RFC defines the AUTH command that can be used to negotiate an authentication mechanism between the client and the server. After the client has been authenticated to the POP3 server, the server attempts to gain an exclusive lock on the client's mailbox files. This lock prevents changes to the mailbox during the session so that the current collection of messages remains the same through the UPDATE state. Failure to lock the mailbox could allow new messages to arrive . As you'll find out in the next section, the server uses message numbers to identify each message in the mailbox. If new messages were allowed to enter the mailbox while the users were accessing it, it would be possible for confusion to exist during the UPDATE state, especially if messages are to be deleted. Thus, the mailbox is locked so that it will remain consistent for the current session. The TRANSACTION StateAfter authentication has been performed successfully, the process enters into the TRANSACTION state, in which the client can send commands to the POP3 server. When finished issuing commands to the server, the client uses the QUIT command to terminate the session. At this point, the server enters the UPDATE state. The POP3 server assigns a unique message number, beginning with 1, to each message in the mailbox. During this TRANSACTION state, the client can use the following commands to communicate with the POP3 server:
After the client has finished issuing commands to the server and processing the responses the POP3 server returns, the client issues the QUIT command to indicate that it is finished. This ends the TRANSACTION state. The UPDATE StateAfter the QUIT command has been received by the POP3 server, the session enters the UPDATE state. In this state, the POP3 server can delete the mail messages that were previously marked for deletion by the client. Again, if the session is terminated (by a network failure, for example) before the client can issue the QUIT command, messages that were marked for deletion are not deleted because the session never makes it to the UPDATE state. When the POP3 server deletes messages during this state, it sends the +OK status indicator back to the client. If an error occurs trying to delete any of the messages, the -ERR status indicator is returned to the client. After deleting the messages, the server performs other housekeeping chores, such as removing its lock on the mailbox, and then terminates the TCP connection. |