summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc9051.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc9051.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc9051.txt')
-rw-r--r--doc/rfc/rfc9051.txt8659
1 files changed, 8659 insertions, 0 deletions
diff --git a/doc/rfc/rfc9051.txt b/doc/rfc/rfc9051.txt
new file mode 100644
index 0000000..3137c61
--- /dev/null
+++ b/doc/rfc/rfc9051.txt
@@ -0,0 +1,8659 @@
+
+
+
+
+Internet Engineering Task Force (IETF) A. Melnikov, Ed.
+Request for Comments: 9051 Isode Ltd
+Obsoletes: 3501 B. Leiba, Ed.
+Category: Standards Track Futurewei Technologies
+ISSN: 2070-1721 August 2021
+
+
+ Internet Message Access Protocol (IMAP) - Version 4rev2
+
+Abstract
+
+ The Internet Message Access Protocol Version 4rev2 (IMAP4rev2) allows
+ a client to access and manipulate electronic mail messages on a
+ server. IMAP4rev2 permits manipulation of mailboxes (remote message
+ folders) in a way that is functionally equivalent to local folders.
+ IMAP4rev2 also provides the capability for an offline client to
+ resynchronize with the server.
+
+ IMAP4rev2 includes operations for creating, deleting, and renaming
+ mailboxes; checking for new messages; removing messages permanently;
+ setting and clearing flags; parsing per RFCs 5322, 2045, and 2231;
+ searching; and selective fetching of message attributes, texts, and
+ portions thereof. Messages in IMAP4rev2 are accessed by the use of
+ numbers. These numbers are either message sequence numbers or unique
+ identifiers.
+
+ IMAP4rev2 does not specify a means of posting mail; this function is
+ handled by a mail submission protocol such as the one specified in
+ RFC 6409.
+
+Status of This Memo
+
+ This is an Internet Standards Track document.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Further information on
+ Internet Standards is available in Section 2 of RFC 7841.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ https://www.rfc-editor.org/info/rfc9051.
+
+Copyright Notice
+
+ Copyright (c) 2021 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+ This document may contain material from IETF Documents or IETF
+ Contributions published or made publicly available before November
+ 10, 2008. The person(s) controlling the copyright in some of this
+ material may not have granted the IETF Trust the right to allow
+ modifications of such material outside the IETF Standards Process.
+ Without obtaining an adequate license from the person(s) controlling
+ the copyright in such materials, this document may not be modified
+ outside the IETF Standards Process, and derivative works of it may
+ not be created outside the IETF Standards Process, except to format
+ it for publication as an RFC or to translate it into languages other
+ than English.
+
+Table of Contents
+
+ 1. How to Read This Document
+ 1.1. Organization of This Document
+ 1.2. Conventions Used in This Document
+ 1.3. Special Notes to Implementors
+ 2. Protocol Overview
+ 2.1. Link Level
+ 2.2. Commands and Responses
+ 2.2.1. Client Protocol Sender and Server Protocol Receiver
+ 2.2.2. Server Protocol Sender and Client Protocol Receiver
+ 2.3. Message Attributes
+ 2.3.1. Message Numbers
+ 2.3.2. Flags Message Attribute
+ 2.3.3. Internal Date Message Attribute
+ 2.3.4. RFC822.SIZE Message Attribute
+ 2.3.5. Envelope Structure Message Attribute
+ 2.3.6. Body Structure Message Attribute
+ 2.4. Message Texts
+ 3. State and Flow Diagram
+ 3.1. Not Authenticated State
+ 3.2. Authenticated State
+ 3.3. Selected State
+ 3.4. Logout State
+ 4. Data Formats
+ 4.1. Atom
+ 4.1.1. Sequence Set and UID Set
+ 4.2. Number
+ 4.3. String
+ 4.3.1. 8-Bit and Binary Strings
+ 4.4. Parenthesized List
+ 4.5. NIL
+ 5. Operational Considerations
+ 5.1. Mailbox Naming
+ 5.1.1. Mailbox Hierarchy Naming
+ 5.1.2. Namespaces
+ 5.2. Mailbox Size and Message Status Updates
+ 5.3. Response When No Command in Progress
+ 5.4. Autologout Timer
+ 5.5. Multiple Commands in Progress (Command Pipelining)
+ 6. Client Commands
+ 6.1. Client Commands - Any State
+ 6.1.1. CAPABILITY Command
+ 6.1.2. NOOP Command
+ 6.1.3. LOGOUT Command
+ 6.2. Client Commands - Not Authenticated State
+ 6.2.1. STARTTLS Command
+ 6.2.2. AUTHENTICATE Command
+ 6.2.3. LOGIN Command
+ 6.3. Client Commands - Authenticated State
+ 6.3.1. ENABLE Command
+ 6.3.2. SELECT Command
+ 6.3.3. EXAMINE Command
+ 6.3.4. CREATE Command
+ 6.3.5. DELETE Command
+ 6.3.6. RENAME Command
+ 6.3.7. SUBSCRIBE Command
+ 6.3.8. UNSUBSCRIBE Command
+ 6.3.9. LIST Command
+ 6.3.10. NAMESPACE Command
+ 6.3.11. STATUS Command
+ 6.3.12. APPEND Command
+ 6.3.13. IDLE Command
+ 6.4. Client Commands - Selected State
+ 6.4.1. CLOSE Command
+ 6.4.2. UNSELECT Command
+ 6.4.3. EXPUNGE Command
+ 6.4.4. SEARCH Command
+ 6.4.5. FETCH Command
+ 6.4.6. STORE Command
+ 6.4.7. COPY Command
+ 6.4.8. MOVE Command
+ 6.4.9. UID Command
+ 6.5. Client Commands - Experimental/Expansion
+ 7. Server Responses
+ 7.1. Server Responses - Generic Status Responses
+ 7.1.1. OK Response
+ 7.1.2. NO Response
+ 7.1.3. BAD Response
+ 7.1.4. PREAUTH Response
+ 7.1.5. BYE Response
+ 7.2. Server Responses - Server Status
+ 7.2.1. ENABLED Response
+ 7.2.2. CAPABILITY Response
+ 7.3. Server Responses - Mailbox Status
+ 7.3.1. LIST Response
+ 7.3.2. NAMESPACE Response
+ 7.3.3. STATUS Response
+ 7.3.4. ESEARCH Response
+ 7.3.5. FLAGS Response
+ 7.4. Server Responses - Mailbox Size
+ 7.4.1. EXISTS Response
+ 7.5. Server Responses - Message Status
+ 7.5.1. EXPUNGE Response
+ 7.5.2. FETCH Response
+ 7.6. Server Responses - Command Continuation Request
+ 8. Sample IMAP4rev2 Connection
+ 9. Formal Syntax
+ 10. Author's Note
+ 11. Security Considerations
+ 11.1. TLS-Related Security Considerations
+ 11.2. STARTTLS Command versus Use of Implicit TLS Port
+ 11.3. Client Handling of Unsolicited Responses Not Suitable for
+ the Current Connection State
+ 11.4. COPYUID and APPENDUID Response Codes
+ 11.5. LIST Command and Other Users' Namespace
+ 11.6. Use of MD5
+ 11.7. Other Security Considerations
+ 12. IANA Considerations
+ 12.1. Updates to IMAP Capabilities Registry
+ 12.2. GSSAPI/SASL Service Name
+ 12.3. LIST Selection Options, LIST Return Options, and LIST
+ Extended Data Items
+ 12.4. IMAP Mailbox Name Attributes and IMAP Response Codes
+ 13. References
+ 13.1. Normative References
+ 13.2. Informative References
+ 13.2.1. Related Protocols
+ 13.2.2. Historical Aspects of IMAP and Related Protocols
+ Appendix A. Backward Compatibility with IMAP4rev1
+ A.1. Mailbox International Naming Convention for Compatibility
+ with IMAP4rev1
+ Appendix B. Backward Compatibility with BINARY Extension
+ Appendix C. Backward Compatibility with LIST-EXTENDED Extension
+ Appendix D. 63-Bit Body Part and Message Sizes
+ Appendix E. Changes from RFC 3501 / IMAP4rev1
+ Appendix F. Other Recommended IMAP Extensions
+ Acknowledgements
+ Index
+ Authors' Addresses
+
+1. How to Read This Document
+
+1.1. Organization of This Document
+
+ This document is written from the point of view of the implementor of
+ an IMAP4rev2 client or server. Beyond the protocol overview in
+ Section 2, it is not optimized for someone trying to understand the
+ operation of the protocol. The material in Sections 3, 4, and 5
+ provides the general context and definitions with which IMAP4rev2
+ operates.
+
+ Sections 6, 7, and 9 describe the IMAP commands, responses, and
+ syntax, respectively. The relationships among these are such that it
+ is almost impossible to understand any of them separately. In
+ particular, do not attempt to deduce command syntax from the command
+ section alone; instead, refer to "Formal Syntax" (Section 9).
+
+1.2. Conventions Used in This Document
+
+ "Conventions" are basic principles or procedures. Document
+ conventions are noted in this section.
+
+ In examples, "C:" and "S:" indicate lines sent by the client and
+ server, respectively. Note that each line includes the terminating
+ CRLF.
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+ "OPTIONAL" in this document are to be interpreted as described in
+ BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
+ capitals, as shown here.
+
+ The word "can" (not "may") is used to refer to a possible
+ circumstance or situation, as opposed to an optional facility of the
+ protocol.
+
+ "User" is used to refer to a human user, whereas "client" refers to
+ the software being run by the user.
+
+ "Connection" refers to the entire sequence of client/server
+ interaction from the initial establishment of the network connection
+ until its termination.
+
+ "Session" refers to the sequence of client/server interaction from
+ the time that a mailbox is selected (SELECT or EXAMINE command) until
+ the time that selection ends (SELECT or EXAMINE of another mailbox,
+ CLOSE command, UNSELECT command, or connection termination).
+
+ The term "Implicit TLS" refers to the automatic negotiation of TLS
+ whenever a TCP connection is made on a particular TCP port that is
+ used exclusively by that server for TLS connections. The term
+ "Implicit TLS" is intended to contrast with the use of the STARTTLS
+ command in IMAP that is used by the client and the server to
+ explicitly negotiate TLS on an established cleartext TCP connection.
+
+ Characters are 8-bit UTF-8 (of which 7-bit US-ASCII is a subset),
+ unless otherwise specified. Other character sets are indicated using
+ a "CHARSET", as described in [MIME-IMT] and defined in [CHARSET].
+ CHARSETs have important additional semantics in addition to defining
+ a character set; refer to these documents for more detail.
+
+ There are several protocol conventions in IMAP. These refer to
+ aspects of the specification that are not strictly part of the IMAP
+ protocol but reflect generally accepted practice. Implementations
+ need to be aware of these conventions, and avoid conflicts whether or
+ not they implement the convention. For example, "&" may not be used
+ as a hierarchy delimiter since it conflicts with the Mailbox
+ International Naming Convention, and other uses of "&" in mailbox
+ names are impacted as well.
+
+1.3. Special Notes to Implementors
+
+ Implementors of the IMAP protocol are strongly encouraged to read the
+ IMAP implementation recommendations document [IMAP-IMPLEMENTATION] in
+ conjunction with this document, to help understand the intricacies of
+ this protocol and how best to build an interoperable product.
+
+ IMAP4rev2 is designed to be upwards compatible from the IMAP4rev1
+ [RFC3501], IMAP2 [IMAP2], and unpublished IMAP2bis [IMAP2BIS]
+ protocols. IMAP4rev2 is largely compatible with the IMAP4rev1
+ protocol described in RFC 3501 and the IMAP4 protocol described in
+ [RFC1730]; the exception being in certain facilities added in
+ [RFC1730] and [RFC3501] that proved problematic and were subsequently
+ removed or replaced by better alternatives. In the course of the
+ evolution of IMAP4rev2, some aspects in the earlier protocols have
+ become obsolete. Obsolete commands, responses, and data formats that
+ an IMAP4rev2 implementation can encounter when used with an earlier
+ implementation are described in Appendices A and E and
+ [IMAP-OBSOLETE]. IMAP4rev2 supports 63-bit body parts and message
+ sizes. IMAP4rev2 compatibility with BINARY and LIST-EXTENDED IMAP
+ extensions are described in Appendices B and C, respectively.
+
+ Other compatibility issues with IMAP2bis, the most common variant of
+ the earlier protocol, are discussed in [IMAP-COMPAT]. A full
+ discussion of compatibility issues with rare (and presumed extinct)
+ variants of [IMAP2] is in [IMAP-HISTORICAL]; this document is
+ primarily of historical interest.
+
+ IMAP was originally developed for the older [RFC822] standard, and as
+ a consequence, the "RFC822.SIZE" fetch item in IMAP incorporates
+ "RFC822" in its name. "RFC822" should be interpreted as a reference
+ to the updated [RFC5322] standard.
+
+ IMAP4rev2 does not specify a means of posting mail; this function is
+ handled by a mail submission protocol such as the one specified in
+ [RFC6409].
+
+2. Protocol Overview
+
+2.1. Link Level
+
+ The IMAP4rev2 protocol assumes a reliable data stream such as that
+ provided by TCP. When TCP is used, an IMAP4rev2 server listens on
+ port 143 (cleartext port) or port 993 (Implicit TLS port).
+
+2.2. Commands and Responses
+
+ An IMAP4rev2 connection consists of the establishment of a client/
+ server network connection, an initial greeting from the server, and
+ client/server interactions. These client/server interactions consist
+ of a client command, server data, and a server completion result
+ response.
+
+ All interactions transmitted by client and server are in the form of
+ lines, that is, strings that end with a CRLF. The protocol receiver
+ of an IMAP4rev2 client or server is reading either a line or a
+ sequence of octets with a known count followed by a line.
+
+2.2.1. Client Protocol Sender and Server Protocol Receiver
+
+ The client command begins an operation. Each client command is
+ prefixed with an identifier (typically a short alphanumeric string,
+ e.g., A0001, A0002, etc.) called a "tag". A different tag is
+ generated by the client for each command. More formally: the client
+ SHOULD generate a unique tag for every command, but a server MUST
+ accept tag reuse.
+
+ Clients MUST follow the syntax outlined in this specification
+ strictly. It is a syntax error to send a command with missing or
+ extraneous spaces or arguments.
+
+ There are two cases in which a line from the client does not
+ represent a complete command. In one case, a command argument is
+ quoted with an octet count (see the description of literal in
+ Section 4.3); in the other case, the command arguments require server
+ feedback (see the AUTHENTICATE command in Section 6.2.2). In either
+ case, the server sends a command continuation request response if it
+ is ready for the octets (if appropriate) and the remainder of the
+ command. This response is prefixed with the token "+".
+
+ Note: If, instead, the server detected an error in the command, it
+ sends a BAD completion response with a tag matching the command
+ (as described below) to reject the command and prevent the client
+ from sending any more of the command.
+
+ It is also possible for the server to send a completion response
+ for some other command (if multiple commands are in progress) or
+ untagged data. In either case, the command continuation request
+ is still pending; the client takes the appropriate action for the
+ response and reads another response from the server. In all
+ cases, the client MUST send a complete command (including
+ receiving all command continuation request responses and sending
+ command continuations for the command) before initiating a new
+ command.
+
+ The protocol receiver of an IMAP4rev2 server reads a command line
+ from the client, parses the command and its arguments, and transmits
+ server data and a server command completion result response.
+
+2.2.2. Server Protocol Sender and Client Protocol Receiver
+
+ Data transmitted by the server to the client and status responses
+ that do not indicate command completion are prefixed with the token
+ "*" and are called untagged responses.
+
+ Server data MAY be sent as a result of a client command or MAY be
+ sent unilaterally by the server. There is no syntactic difference
+ between server data that resulted from a specific command and server
+ data that were sent unilaterally.
+
+ The server completion result response indicates the success or
+ failure of the operation. It is tagged with the same tag as the
+ client command that began the operation. Thus, if more than one
+ command is in progress, the tag in a server completion response
+ identifies the command to which the response applies. There are
+ three possible server completion responses: OK (indicating success),
+ NO (indicating failure), or BAD (indicating a protocol error such as
+ unrecognized command or command syntax error).
+
+ Servers SHOULD strictly enforce the syntax outlined in this
+ specification. Any client command with a protocol syntax error,
+ including (but not limited to) missing or extraneous spaces or
+ arguments, SHOULD be rejected and the client given a BAD server
+ completion response.
+
+ The protocol receiver of an IMAP4rev2 client reads a response line
+ from the server. It then takes action on the response based upon the
+ first token of the response, which can be a tag, a "*", or a "+".
+
+ A client MUST be prepared to accept any server response at all times.
+ This includes server data that was not requested. Server data SHOULD
+ be remembered (cached), so that the client can reference its
+ remembered copy rather than sending a command to the server to
+ request the data. In the case of certain server data, the data MUST
+ be remembered, as specified elsewhere in this document.
+
+ This topic is discussed in greater detail in "Server Responses" (see
+ Section 7).
+
+2.3. Message Attributes
+
+ In addition to message text, each message has several attributes
+ associated with it. These attributes can be retrieved individually
+ or in conjunction with other attributes or message texts.
+
+2.3.1. Message Numbers
+
+ Messages in IMAP4rev2 are accessed by one of two numbers: the Unique
+ Identifier (UID) or the message sequence number.
+
+2.3.1.1. Unique Identifier (UID) Message Attribute
+
+ A UID is an unsigned non-zero 32-bit value assigned to each message,
+ which when used with the unique identifier validity value (see below)
+ forms a 64-bit value that MUST NOT refer to any other message in the
+ mailbox or any subsequent mailbox with the same name forever. Unique
+ identifiers are assigned in a strictly ascending fashion in the
+ mailbox; as each message is added to the mailbox, it is assigned a
+ higher UID than those of all message(s) that are already in the
+ mailbox. Unlike message sequence numbers, unique identifiers are not
+ necessarily contiguous.
+
+ The unique identifier of a message MUST NOT change during the session
+ and SHOULD NOT change between sessions. Any change of unique
+ identifiers between sessions MUST be detectable using the UIDVALIDITY
+ mechanism discussed below. Persistent unique identifiers are
+ required for a client to resynchronize its state from a previous
+ session with the server (e.g., disconnected or offline access clients
+ [IMAP-MODEL]); this is discussed further in [IMAP-DISC].
+
+ Associated with every mailbox are two 32-bit unsigned non-zero values
+ that aid in unique identifier handling: the next unique identifier
+ value (UIDNEXT) and the unique identifier validity value
+ (UIDVALIDITY).
+
+ The next unique identifier value is the predicted value that will be
+ assigned to a new message in the mailbox. Unless the unique
+ identifier validity also changes (see below), the next unique
+ identifier value MUST have the following two characteristics. First,
+ the next unique identifier value MUST NOT change unless new messages
+ are added to the mailbox; and second, the next unique identifier
+ value MUST change whenever new messages are added to the mailbox,
+ even if those new messages are subsequently expunged.
+
+ | Note: The next unique identifier value is intended to provide a
+ | means for a client to determine whether any messages have been
+ | delivered to the mailbox since the previous time it checked
+ | this value. It is not intended to provide any guarantee that
+ | any message will have this unique identifier. A client can
+ | only assume, at the time that it obtains the next unique
+ | identifier value, that messages arriving after that time will
+ | have a UID greater than or equal to that value.
+
+ The unique identifier validity value is sent in a UIDVALIDITY
+ response code in an OK untagged response at mailbox selection time.
+ If unique identifiers from an earlier session fail to persist in this
+ session, the unique identifier validity value MUST be greater than
+ the one used in the earlier session. A good UIDVALIDITY value to use
+ is a 32-bit representation of the current date/time when the value is
+ assigned: this ensures that the value is unique and always increases.
+ Another possible alternative is a global counter that gets
+ incremented every time a mailbox is created.
+
+ Note: Ideally, unique identifiers SHOULD persist at all times.
+ Although this specification recognizes that failure to persist can
+ be unavoidable in certain server environments, it strongly
+ encourages message store implementation techniques that avoid this
+ problem. For example:
+
+ 1. Unique identifiers MUST be strictly ascending in the mailbox at
+ all times. If the physical message store is reordered by a non-
+ IMAP agent, the unique identifiers in the mailbox MUST be
+ regenerated, since the former unique identifiers are no longer
+ strictly ascending as a result of the reordering.
+
+ 2. If the message store has no mechanism to store unique
+ identifiers, it must regenerate unique identifiers at each
+ session, and each session must have a unique UIDVALIDITY value.
+ Note that this situation can be very disruptive to client message
+ caching.
+
+ 3. If the mailbox is deleted/renamed and a new mailbox with the same
+ name is created at a later date, the server must either keep
+ track of unique identifiers from the previous instance of the
+ mailbox or assign a new UIDVALIDITY value to the new instance of
+ the mailbox.
+
+ 4. The combination of mailbox name, UIDVALIDITY, and UID must refer
+ to a single, immutable (or expunged) message on that server
+ forever. In particular, the internal date, RFC822.SIZE,
+ envelope, body structure, and message texts (all BODY[...] fetch
+ data items) MUST never change. This does not include message
+ numbers, nor does it include attributes that can be set by a
+ STORE command (such as FLAGS). When a message is expunged, its
+ UID MUST NOT be reused under the same UIDVALIDITY value.
+
+2.3.1.2. Message Sequence Number Message Attribute
+
+ A message sequence number is a relative position from 1 to the number
+ of messages in the mailbox. This position MUST be ordered by
+ ascending unique identifiers. As each new message is added, it is
+ assigned a message sequence number that is 1 higher than the number
+ of messages in the mailbox before that new message was added.
+
+ Message sequence numbers can be reassigned during the session. For
+ example, when a message is permanently removed (expunged) from the
+ mailbox, the message sequence number for all subsequent messages is
+ decremented. The number of messages in the mailbox is also
+ decremented. Similarly, a new message can be assigned a message
+ sequence number that was once held by some other message prior to an
+ expunge.
+
+ In addition to accessing messages by relative position in the
+ mailbox, message sequence numbers can be used in mathematical
+ calculations. For example, if an untagged "11 EXISTS" is received,
+ and previously an untagged "8 EXISTS" was received, three new
+ messages have arrived with message sequence numbers of 9, 10, and 11.
+ As another example, if message 287 in a 523-message mailbox has UID
+ 12345, there are exactly 286 messages that have lesser UIDs and 236
+ messages that have greater UIDs.
+
+2.3.2. Flags Message Attribute
+
+ A message has a list of zero or more named tokens, known as "flags",
+ associated with it. A flag is set by its addition to this list and
+ is cleared by its removal. There are two types of flags in
+ IMAP4rev2: system flags and keywords. A flag of either type can be
+ permanent or session-only.
+
+ A system flag is a flag name that is predefined in this specification
+ and begins with "\". Certain system flags (\Deleted and \Seen) have
+ special semantics described elsewhere in this document. The
+ currently defined system flags are:
+
+ \Seen Message has been read
+
+ \Answered Message has been answered
+
+ \Flagged Message is "flagged" for urgent/special attention
+
+ \Deleted Message is "deleted" for removal by later EXPUNGE
+
+ \Draft Message has not completed composition (marked as a
+ draft).
+
+ \Recent This flag was in use in IMAP4rev1 and is now
+ deprecated.
+
+ A keyword is defined by the server implementation. Keywords do not
+ begin with "\". Servers MAY permit the client to define new keywords
+ in the mailbox (see the description of the PERMANENTFLAGS response
+ code for more information). Some keywords that start with "$" are
+ also defined in this specification.
+
+ This document defines several keywords that were not originally
+ defined in [RFC3501] but were found to be useful by client
+ implementations. These keywords SHOULD be supported (allowed in
+ SEARCH and allowed and preserved in APPEND, COPY, and MOVE commands)
+ by server implementations:
+
+ $Forwarded
+ Message has been forwarded to another email address by being
+ embedded within, or attached to a new message. An email client
+ sets this keyword when it successfully forwards the message to
+ another email address. Typical usage of this keyword is to show a
+ different (or additional) icon for a message that has been
+ forwarded. Once set, the flag SHOULD NOT be cleared.
+
+ $MDNSent
+ Message Disposition Notification [RFC8098] was generated and sent
+ for this message. See [RFC3503] for more details on how this
+ keyword is used and for requirements on clients and servers.
+
+ $Junk
+ The user (or a delivery agent on behalf of the user) may choose to
+ mark a message as definitely containing junk ($Junk; see also the
+ related keyword $NotJunk). The $Junk keyword can be used to mark,
+ group, or hide undesirable messages (and such messages might be
+ moved or deleted later). See [IMAP-KEYWORDS-REG] for more
+ information.
+
+ $NotJunk
+ The user (or a delivery agent on behalf of the user) may choose to
+ mark a message as definitely not containing junk ($NotJunk; see
+ also the related keyword $Junk). The $NotJunk keyword can be used
+ to mark, group, or show messages that the user wants to see. See
+ [IMAP-KEYWORDS-REG] for more information.
+
+ $Phishing
+ The $Phishing keyword can be used by a delivery agent to mark a
+ message as highly likely to be a phishing email. A message that's
+ determined to be a phishing email by the delivery agent should
+ also be considered a junk email and have the appropriate junk
+ filtering applied, including setting the $Junk flag and placing
+ the message in the \Junk special-use mailbox (see Section 7.3.1),
+ if available.
+
+ If both the $Phishing flag and the $Junk flag are set, the user
+ agent should display an additional warning message to the user.
+ Additionally, the user agent might display a warning, such as
+ something of the form, "This message may be trying to steal your
+ personal information," when the user clicks on any hyperlinks
+ within the message.
+
+ The requirement for both $Phishing and $Junk to be set before a
+ user agent displays a warning is for better backwards
+ compatibility with existing clients that understand the $Junk flag
+ but not the $Phishing flag. This is so that when an unextended
+ client removes the $Junk flag, an extended client will also show
+ the correct state. See [IMAP-KEYWORDS-REG] for more information.
+
+ $Junk and $NotJunk are mutually exclusive. If more than one of these
+ is set for a message, the client MUST treat it as if none are set,
+ and it SHOULD unset both of them on the IMAP server.
+
+ Other registered keywords can be found in the "IMAP and JMAP
+ Keywords" registry [IMAP-KEYWORDS-REG]. New keywords SHOULD be
+ registered in this registry using the procedure specified in
+ [RFC5788].
+
+ A flag can be permanent or session-only on a per-flag basis.
+ Permanent flags are those that the client can add or remove from the
+ message flags permanently; that is, concurrent and subsequent
+ sessions will see any change in permanent flags. Changes to session
+ flags are valid only in that session.
+
+2.3.3. Internal Date Message Attribute
+
+ An Internal Date message attribute is the internal date and time of
+ the message on the server. This is not the date and time in the
+ [RFC5322] header but rather a date and time that reflects when the
+ message was received. In the case of messages delivered via [SMTP],
+ this is the date and time of final delivery of the message as defined
+ by [SMTP]. In the case of messages created by the IMAP4rev2 COPY or
+ MOVE command, this SHOULD be the same as the Internal Date attribute
+ of the source message. In the case of messages created by the
+ IMAP4rev2 APPEND command, this SHOULD be the date and time as
+ specified in the APPEND command description. All other cases are
+ implementation defined.
+
+2.3.4. RFC822.SIZE Message Attribute
+
+ RFC822.SIZE is the number of octets in the message when the message
+ is expressed in [RFC5322] format. This size SHOULD match the result
+ of a "FETCH BODY[]" command. If the message is internally stored in
+ some other format, the server calculates the size and often stores it
+ for later use to avoid the need for recalculation.
+
+2.3.5. Envelope Structure Message Attribute
+
+ An envelope structure is a parsed representation of the [RFC5322]
+ header of the message. Note that the IMAP envelope structure is not
+ the same as an [SMTP] envelope.
+
+2.3.6. Body Structure Message Attribute
+
+ A body structure is a parsed representation of the [MIME-IMB] body
+ structure information of the message.
+
+2.4. Message Texts
+
+ In addition to being able to fetch the full [RFC5322] text of a
+ message, IMAP4rev2 permits the fetching of portions of the full
+ message text. Specifically, it is possible to fetch the [RFC5322]
+ message header, the [RFC5322] message body, a [MIME-IMB] body part,
+ or a [MIME-IMB] header.
+
+3. State and Flow Diagram
+
+ Once the connection between client and server is established, an
+ IMAP4rev2 connection is in one of four states. The initial state is
+ identified in the server greeting. Most commands are only valid in
+ certain states. It is a protocol error for the client to attempt a
+ command while the connection is in an inappropriate state, and the
+ server will respond with a BAD or NO (depending upon server
+ implementation) command completion result.
+
+3.1. Not Authenticated State
+
+ In the not authenticated state, the client MUST supply authentication
+ credentials before most commands will be permitted. This state is
+ entered when a connection starts unless the connection has been pre-
+ authenticated.
+
+3.2. Authenticated State
+
+ In the authenticated state, the client is authenticated and MUST
+ select a mailbox to access before commands that affect messages will
+ be permitted. This state is entered when a pre-authenticated
+ connection starts, when acceptable authentication credentials have
+ been provided, after an error in selecting a mailbox, or after a
+ successful CLOSE or UNSELECT command.
+
+3.3. Selected State
+
+ In a selected state, a mailbox has been selected to access. This
+ state is entered when a mailbox has been successfully selected.
+
+3.4. Logout State
+
+ In the logout state, the connection is being terminated. This state
+ can be entered as a result of a client request (via the LOGOUT
+ command) or by unilateral action on the part of either the client or
+ the server.
+
+ If the client requests the logout state, the server MUST send an
+ untagged BYE response and a tagged OK response to the LOGOUT command
+ before the server closes the connection; and the client MUST read the
+ tagged OK response to the LOGOUT command before the client closes the
+ connection.
+
+ A server SHOULD NOT unilaterally close the connection without first
+ sending an untagged BYE response that contains the reason for doing
+ so. A client SHOULD NOT unilaterally close the connection; instead,
+ it SHOULD issue a LOGOUT command. If the server detects that the
+ client has unilaterally closed the connection, the server MAY omit
+ the untagged BYE response and simply close its connection.
+
+ +----------------------+
+ |connection established|
+ +----------------------+
+ ||
+ \/
+ +--------------------------------------+
+ | server greeting |
+ +--------------------------------------+
+ || (1) || (2) || (3)
+ \/ || ||
+ +-----------------+ || ||
+ |Not Authenticated| || ||
+ +-----------------+ || ||
+ || (7) || (4) || ||
+ || \/ \/ ||
+ || +----------------+ ||
+ || | Authenticated |<=++ ||
+ || +----------------+ || ||
+ || || (7) || (5) || (6) ||
+ || || \/ || ||
+ || || +--------+ || ||
+ || || |Selected|==++ ||
+ || || +--------+ ||
+ || || || (7) ||
+ \/ \/ \/ \/
+ +--------------------------------------+
+ | Logout |
+ +--------------------------------------+
+ ||
+ \/
+ +-------------------------------+
+ |both sides close the connection|
+ +-------------------------------+
+
+ Legend for the above diagram:
+
+ (1) connection without pre-authentication (OK greeting)
+ (2) pre-authenticated connection (PREAUTH greeting)
+ (3) rejected connection (BYE greeting)
+ (4) successful LOGIN or AUTHENTICATE command
+ (5) successful SELECT or EXAMINE command
+ (6) CLOSE or UNSELECT command, unsolicited CLOSED response code, or
+ failed SELECT or EXAMINE command
+ (7) LOGOUT command, server shutdown, or connection closed
+
+4. Data Formats
+
+ IMAP4rev2 uses textual commands and responses. Data in IMAP4rev2 can
+ be in one of several forms: atom, number, string, parenthesized list,
+ or NIL. Note that a particular data item may take more than one
+ form; for example, a data item defined as using "astring" syntax may
+ be either an atom or a string.
+
+4.1. Atom
+
+ An atom consists of one or more non-special characters.
+
+4.1.1. Sequence Set and UID Set
+
+ A set of messages can be referenced by a sequence set containing
+ either message sequence numbers or unique identifiers. See Section 9
+ for details. A sequence set can contain ranges of sequence numbers
+ (such as "5:50"), an enumeration of specific sequence numbers, or a
+ combination of the above. A sequence set can use the special symbol
+ "*" to represent the maximum sequence number in the mailbox. A
+ sequence set never contains unique identifiers.
+
+ A "UID set" is similar to the sequence set, but uses unique
+ identifiers instead of message sequence numbers, and is not permitted
+ to contain the special symbol "*".
+
+4.2. Number
+
+ A number consists of one or more digit characters and represents a
+ numeric value.
+
+4.3. String
+
+ A string is in one of three forms: synchronizing literal, non-
+ synchronizing literal, or quoted string. The synchronizing literal
+ form is the general form of a string, without limitation on the
+ characters the string may include. The non-synchronizing literal
+ form is also the general form, but it has a length restriction. The
+ quoted string form is an alternative that avoids the overhead of
+ processing a literal, but has limitations on the characters that may
+ be used.
+
+ When the distinction between synchronizing and non-synchronizing
+ literals is not important, this document only uses the term
+ "literal".
+
+ A synchronizing literal is a sequence of zero or more octets
+ (including CR and LF), prefix-quoted with an octet count in the form
+ of an open brace ("{"), the number of octets, a close brace ("}"),
+ and a CRLF. In the case of synchronizing literals transmitted from
+ server to client, the CRLF is immediately followed by the octet data.
+ In the case of synchronizing literals transmitted from client to
+ server, the client MUST wait to receive a command continuation
+ request (described later in this document) before sending the octet
+ data (and the remainder of the command).
+
+ The non-synchronizing literal is an alternative form of synchronizing
+ literal and may be used from client to server anywhere a
+ synchronizing literal is permitted. The non-synchronizing literal
+ form MUST NOT be sent from server to client. The non-synchronizing
+ literal is distinguished from the synchronizing literal by having a
+ plus ("+") between the octet count and the closing brace ("}"). The
+ server does not generate a command continuation request in response
+ to a non-synchronizing literal, and clients are not required to wait
+ before sending the octets of a non-synchronizing literal. Unless
+ otherwise specified in an IMAP extension, non-synchronizing literals
+ MUST NOT be larger than 4096 octets. Any literal larger than 4096
+ bytes MUST be sent as a synchronizing literal. (Non-synchronizing
+ literals defined in this document are the same as non-synchronizing
+ literals defined by the LITERAL- extension from [RFC7888]. See that
+ document for details on how to handle invalid non-synchronizing
+ literals longer than 4096 octets and for interaction with other IMAP
+ extensions.)
+
+ A quoted string is a sequence of zero or more Unicode characters,
+ excluding CR and LF, encoded in UTF-8, with double quote (<">)
+ characters at each end.
+
+ The empty string is represented as "" (a quoted string with zero
+ characters between double quotes), as {0} followed by a CRLF (a
+ synchronizing literal with an octet count of 0), or as {0+} followed
+ by a CRLF (a non-synchronizing literal with an octet count of 0).
+
+ Note: Even if the octet count is 0, a client transmitting a
+ synchronizing literal MUST wait to receive a command continuation
+ request.
+
+4.3.1. 8-Bit and Binary Strings
+
+ 8-bit textual and binary mail is supported through the use of a
+ [MIME-IMB] content transfer encoding. IMAP4rev2 implementations MAY
+ transmit 8-bit or multi-octet characters in literals but SHOULD do so
+ only when the [CHARSET] is identified.
+
+ IMAP4rev2 is compatible with [I18N-HDRS]. As a result, the
+ identified charset for header-field values with 8-bit content is
+ UTF-8 [UTF-8]. IMAP4rev2 implementations MUST accept and MAY
+ transmit [UTF-8] text in quoted-strings as long as the string does
+ not contain NUL, CR, or LF. This differs from IMAP4rev1
+ implementations.
+
+ Although a BINARY content transfer encoding is defined, unencoded
+ binary strings are not permitted, unless returned in a <literal8> in
+ response to a BINARY.PEEK[<section-binary>]<<partial>> or
+ BINARY[<section-binary>]<<partial>> FETCH data item. A "binary
+ string" is any string with NUL characters. A string with an
+ excessive amount of CTL characters MAY also be considered to be
+ binary. Unless returned in response to BINARY.PEEK[...]/BINARY[...]
+ FETCH, client and server implementations MUST encode binary data into
+ a textual form, such as base64, before transmitting the data.
+
+4.4. Parenthesized List
+
+ Data structures are represented as a "parenthesized list"; a sequence
+ of data items, delimited by space, and bounded at each end by
+ parentheses. A parenthesized list can contain other parenthesized
+ lists, using multiple levels of parentheses to indicate nesting.
+
+ The empty list is represented as () -- a parenthesized list with no
+ members.
+
+4.5. NIL
+
+ The special form "NIL" represents the non-existence of a particular
+ data item that is represented as a string or parenthesized list, as
+ distinct from the empty string "" or the empty parenthesized list ().
+
+ | Note: NIL is never used for any data item that takes the form
+ | of an atom. For example, a mailbox name of "NIL" is a mailbox
+ | named NIL as opposed to a non-existent mailbox name. This is
+ | because mailbox uses "astring" syntax, which is an atom or a
+ | string. Conversely, an addr-name of NIL is a non-existent
+ | personal name, because addr-name uses "nstring" syntax, which
+ | is NIL or a string, but never an atom.
+
+ Examples:
+
+ The following LIST response:
+
+ * LIST () "/" NIL
+
+ is equivalent to:
+
+ * LIST () "/" "NIL"
+
+ as LIST response ABNF is using "astring" for mailbox name.
+
+ However, the following response:
+
+ * FETCH 1 (BODY[1] NIL)
+
+ is not equivalent to:
+
+ * FETCH 1 (BODY[1] "NIL")
+
+ The former indicates absence of the body part, while the latter means
+ that it contains a string with the three characters "NIL".
+
+5. Operational Considerations
+
+ The following rules are listed here to ensure that all IMAP4rev2
+ implementations interoperate properly.
+
+5.1. Mailbox Naming
+
+ In IMAP4rev2, mailbox names are encoded in Net-Unicode [NET-UNICODE]
+ (this differs from IMAP4rev1). Client implementations MAY attempt to
+ create Net-Unicode mailbox names and MUST interpret any 8-bit mailbox
+ names returned by LIST as [NET-UNICODE]. Server implementations MUST
+ prohibit the creation of 8-bit mailbox names that do not comply with
+ Net-Unicode. However, servers MAY accept a denormalized UTF-8
+ mailbox name and convert it to Unicode Normalization Form C (NFC) (as
+ per Net-Unicode requirements) prior to mailbox creation. Servers
+ that choose to accept such denormalized UTF-8 mailbox names MUST
+ accept them in all IMAP commands that have a mailbox name parameter.
+ In particular, SELECT <name> must open the same mailbox that was
+ successfully created with CREATE <name>, even if <name> is a
+ denormalized UTF-8 mailbox name.
+
+ The case-insensitive mailbox name INBOX is a special name reserved to
+ mean "the primary mailbox for this user on this server". (Note that
+ this special name might not exist on some servers for some users, for
+ example, if the user has no access to personal namespace.) The
+ interpretation of all other names is implementation dependent.
+
+ In particular, this specification takes no position on case
+ sensitivity in non-INBOX mailbox names. Some server implementations
+ are fully case sensitive in ASCII range; others preserve the case of
+ a newly created name but otherwise are case insensitive; and yet
+ others coerce names to a particular case. Client implementations
+ must be able to interact with any of these.
+
+ There are certain client considerations when creating a new mailbox
+ name:
+
+ 1. Any character that is one of the atom-specials (see "Formal
+ Syntax" in Section 9) will require that the mailbox name be
+ represented as a quoted string or literal.
+
+ 2. CTL and other non-graphic characters are difficult to represent
+ in a user interface and are best avoided. Servers MAY refuse to
+ create mailbox names containing Unicode CTL characters.
+
+ 3. Although the list-wildcard characters ("%" and "*") are valid in
+ a mailbox name, it is difficult to use such mailbox names with
+ the LIST command due to the conflict with wildcard
+ interpretation.
+
+ 4. Usually, a character (determined by the server implementation) is
+ reserved to delimit levels of hierarchy.
+
+ 5. Two characters, "#" and "&", have meanings by convention and
+ should be avoided except when used in that convention. See
+ Section 5.1.2.1 and Appendix A.1, respectively.
+
+5.1.1. Mailbox Hierarchy Naming
+
+ If it is desired to export hierarchical mailbox names, mailbox names
+ MUST be left-to-right hierarchical, using a single ASCII character to
+ separate levels of hierarchy. The same hierarchy separator character
+ is used for all levels of hierarchy within a single name.
+
+5.1.2. Namespaces
+
+ Personal Namespace:
+ A namespace that the server considers within the personal scope of
+ the authenticated user on a particular connection. Typically,
+ only the authenticated user has access to mailboxes in their
+ Personal Namespace. It is the part of the namespace that belongs
+ to the user and is allocated for mailboxes. If an INBOX exists
+ for a user, it MUST appear within the user's Personal Namespace.
+ In the typical case, there SHOULD be only one Personal Namespace
+ per user on a server.
+
+ Other Users' Namespace:
+ A namespace that consists of mailboxes from the Personal
+ Namespaces of other users. To access mailboxes in the Other
+ Users' Namespace, the currently authenticated user MUST be
+ explicitly granted access rights. For example, it is common for a
+ manager to grant to their administrative support staff access
+ rights to their mailbox. In the typical case, there SHOULD be
+ only one Other Users' Namespace per user on a server.
+
+ Shared Namespace:
+ A namespace that consists of mailboxes that are intended to be
+ shared amongst users and do not exist within a user's Personal
+ Namespace.
+
+ The namespaces a server uses MAY differ on a per-user basis.
+
+5.1.2.1. Historic Mailbox Namespace Naming Convention
+
+ By convention, the first hierarchical element of any mailbox name
+ that begins with "#" identifies the "namespace" of the remainder of
+ the name. This makes it possible to disambiguate between different
+ types of mailbox stores, each of which have their own namespaces.
+
+ For example, implementations that offer access to USENET
+ newsgroups MAY use the "#news" namespace to partition the USENET
+ newsgroup namespace from that of other mailboxes. Thus, the
+ comp.mail.misc newsgroup would have a mailbox name of
+ "#news.comp.mail.misc", and the name "comp.mail.misc" can refer to
+ a different object (e.g., a user's private mailbox).
+
+ Namespaces that include the "#" character are not IMAP URL [IMAP-URL]
+ friendly and require the "#" character to be represented as %23 when
+ within URLs. As such, server implementors MAY instead consider using
+ namespace prefixes that do not contain the "#" character.
+
+5.1.2.2. Common Namespace Models
+
+ The previous version of this protocol did not define a default server
+ namespace. Two common namespace models have evolved:
+
+ The "Personal Mailbox" model, in which the default namespace that is
+ presented consists of only the user's personal mailboxes. To access
+ shared mailboxes, the user must use an escape mechanism to reach
+ another namespace.
+
+ The "Complete Hierarchy" model, in which the default namespace that
+ is presented includes the user's personal mailboxes along with any
+ other mailboxes they have access to.
+
+5.2. Mailbox Size and Message Status Updates
+
+ At any time, a server can send data that the client did not request.
+ Sometimes, such behavior is required by this specification and/or
+ extensions. For example, agents other than the server may add
+ messages to the mailbox (e.g., new message delivery); change the
+ flags of the messages in the mailbox (e.g., simultaneous access to
+ the same mailbox by multiple agents); or even remove messages from
+ the mailbox. A server MUST send mailbox size updates automatically
+ if a mailbox size change is observed during the processing of a
+ command. A server SHOULD send message flag updates automatically,
+ without requiring the client to request such updates explicitly.
+
+ Special rules exist for server notification of a client about the
+ removal of messages to prevent synchronization errors; see the
+ description of the EXPUNGE response (Section 7.5.1) for more detail.
+ In particular, it is NOT permitted to send an EXISTS response that
+ would reduce the number of messages in the mailbox; only the EXPUNGE
+ response can do this.
+
+ Regardless of what implementation decisions a client makes on
+ remembering data from the server, a client implementation MUST
+ remember mailbox size updates. It MUST NOT assume that any command
+ after the initial mailbox selection will return the size of the
+ mailbox.
+
+5.3. Response When No Command in Progress
+
+ Server implementations are permitted to send an untagged response
+ (except for EXPUNGE) while there is no command in progress. Server
+ implementations that send such responses MUST deal with flow control
+ considerations. Specifically, they MUST either (1) verify that the
+ size of the data does not exceed the underlying transport's available
+ window size or (2) use non-blocking writes.
+
+5.4. Autologout Timer
+
+ If a server has an inactivity autologout timer that applies to
+ sessions after authentication, the duration of that timer MUST be at
+ least 30 minutes. The receipt of any command from the client during
+ that interval resets the autologout timer.
+
+ Note that this specification doesn't have any restrictions on an
+ autologout timer used before successful client authentication. In
+ particular, servers are allowed to use a shortened pre-authentication
+ timer to protect themselves from Denial-of-Service attacks.
+
+5.5. Multiple Commands in Progress (Command Pipelining)
+
+ The client MAY send another command without waiting for the
+ completion result response of a command, subject to ambiguity rules
+ (see below) and flow control constraints on the underlying data
+ stream. Similarly, a server MAY begin processing another command
+ before processing the current command to completion, subject to
+ ambiguity rules. However, any command continuation request responses
+ and command continuations MUST be negotiated before any subsequent
+ command is initiated.
+
+ The exception is if an ambiguity would result because of a command
+ that would affect the results of other commands. If the server
+ detects a possible ambiguity, it MUST execute commands to completion
+ in the order given by the client.
+
+ The most obvious example of ambiguity is when a command would affect
+ the results of another command. One example is a FETCH that would
+ cause \Seen flags to be set and a SEARCH UNSEEN command.
+
+ A non-obvious ambiguity occurs with commands that permit an untagged
+ EXPUNGE response (commands other than FETCH, STORE, and SEARCH),
+ since an untagged EXPUNGE response can invalidate sequence numbers in
+ a subsequent command. This is not a problem for FETCH, STORE, or
+ SEARCH commands because servers are prohibited from sending EXPUNGE
+ responses while any of those commands are in progress. Therefore, if
+ the client sends any command other than FETCH, STORE, or SEARCH, it
+ MUST wait for the completion result response before sending a command
+ with message sequence numbers.
+
+ Note: EXPUNGE responses are permitted while UID FETCH, UID STORE,
+ and UID SEARCH are in progress. If the client sends a UID
+ command, it MUST wait for a completion result response before
+ sending a command that uses message sequence numbers (this may
+ include UID SEARCH). Any message sequence numbers in an argument
+ to UID SEARCH are associated with messages prior to the effect of
+ any untagged EXPUNGE responses returned by the UID SEARCH.
+
+ For example, the following non-waiting command sequences are invalid:
+
+ FETCH + NOOP + STORE
+
+ STORE + COPY + FETCH
+
+ COPY + COPY
+
+ The following are examples of valid non-waiting command sequences:
+
+ FETCH + STORE + SEARCH + NOOP
+
+ STORE + COPY + EXPUNGE
+
+ UID SEARCH + UID SEARCH may be valid or invalid as a non-waiting
+ command sequence, depending upon whether or not the second UID SEARCH
+ contains message sequence numbers.
+
+ Use of a SEARCH result variable (see Section 6.4.4.1) creates direct
+ dependency between two commands. See Section 6.4.4.2 for more
+ considerations about pipelining such dependent commands.
+
+6. Client Commands
+
+ IMAP4rev2 commands are described in this section. Commands are
+ organized by the state in which the command is permitted. Commands
+ that are permitted in multiple states are listed in the minimum
+ permitted state (for example, commands valid in authenticated and
+ selected states are listed in the authenticated state commands).
+
+ Command arguments, identified by "Arguments:" in the command
+ descriptions below, are described by function, not by syntax. The
+ precise syntax of command arguments is described in "Formal Syntax"
+ (Section 9).
+
+ Some commands cause specific server responses to be returned; these
+ are identified by "Responses:" in the command descriptions below.
+ See the response descriptions in "Responses" (Section 7) for
+ information on these responses and in "Formal Syntax" (Section 9) for
+ the precise syntax of these responses. It is possible for server
+ data to be transmitted as a result of any command. Thus, commands
+ that do not specifically require server data specify "no specific
+ responses for this command" instead of "none".
+
+ The "Result:" in the command description refers to the possible
+ tagged status responses to a command and any special interpretation
+ of these status responses.
+
+ The state of a connection is only changed by successful commands that
+ are documented as changing state. A rejected command (BAD response)
+ never changes the state of the connection or of the selected mailbox.
+ A failed command (NO response) generally does not change the state of
+ the connection or of the selected mailbox, with the exception of the
+ SELECT and EXAMINE commands.
+
+6.1. Client Commands - Any State
+
+ The following commands are valid in any state: CAPABILITY, NOOP, and
+ LOGOUT.
+
+6.1.1. CAPABILITY Command
+
+ Arguments: none
+
+ Responses: REQUIRED untagged response: CAPABILITY
+
+ Result: OK - capability completed
+ BAD - arguments invalid
+
+ The CAPABILITY command requests a listing of capabilities (e.g.,
+ extensions and/or modifications of server behavior) that the server
+ supports. The server MUST send a single untagged CAPABILITY response
+ with "IMAP4rev2" as one of the listed capabilities before the
+ (tagged) OK response.
+
+ A capability name that begins with "AUTH=" indicates that the server
+ supports that particular authentication mechanism as defined in the
+ Simple Authentication and Security Layer (SASL) [SASL]. All such
+ names are, by definition, part of this specification.
+
+ Other capability names refer to extensions, revisions, or amendments
+ to this specification. See the documentation of the CAPABILITY
+ response in Section 7.2.2 for additional information. If IMAP4rev1
+ capability is not advertised, no capabilities, beyond the base
+ IMAP4rev2 set defined in this specification, are enabled without
+ explicit client action to invoke the capability. If both IMAP4rev1
+ and IMAP4rev2 capabilities are advertised, no capabilities, beyond
+ the base IMAP4rev1 set specified in [RFC3501], are enabled without
+ explicit client action to invoke the capability.
+
+ Client and server implementations MUST implement the STARTTLS
+ (Section 6.2.1) and LOGINDISABLED capabilities on cleartext ports.
+ Client and server implementations MUST also implement AUTH=PLAIN
+ (described in [PLAIN]) capability on both cleartext and Implicit TLS
+ ports. See the Security Considerations (Section 11) for important
+ information.
+
+ Unless otherwise specified, all registered extensions to IMAP4rev1
+ are also valid extensions to IMAP4rev2.
+
+ Example:
+
+ C: abcd CAPABILITY
+ S: * CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI
+ LOGINDISABLED
+ S: abcd OK CAPABILITY completed
+ C: efgh STARTTLS
+ S: efgh OK STARTTLS completed
+ <TLS negotiation, further commands are under TLS layer>
+ C: ijkl CAPABILITY
+ S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN
+ S: ijkl OK CAPABILITY completed
+
+6.1.2. NOOP Command
+
+ Arguments: none
+
+ Responses: no specific responses for this command (but see below)
+
+ Result: OK - noop completed
+ BAD - command unknown or arguments invalid
+
+ The NOOP command always succeeds. It does nothing.
+
+ Since any command can return a status update as untagged data, the
+ NOOP command can be used as a periodic poll for new messages or
+ message status updates during a period of inactivity (the IDLE
+ command; see Section 6.3.13) should be used instead of NOOP if real-
+ time updates to mailbox state are desirable). The NOOP command can
+ also be used to reset any inactivity autologout timer on the server.
+
+ Example:
+
+ C: a002 NOOP
+ S: a002 OK NOOP completed
+ . . .
+ C: a047 NOOP
+ S: * 22 EXPUNGE
+ S: * 23 EXISTS
+ S: * 14 FETCH (UID 1305 FLAGS (\Seen \Deleted))
+ S: a047 OK NOOP completed
+
+6.1.3. LOGOUT Command
+
+ Arguments: none
+
+ Responses: REQUIRED untagged response: BYE
+
+ Result: OK - logout completed
+ BAD - command unknown or arguments invalid
+
+ The LOGOUT command informs the server that the client is done with
+ the connection. The server MUST send a BYE untagged response before
+ the (tagged) OK response, and then close the network connection.
+
+ Example:
+
+ C: A023 LOGOUT
+ S: * BYE IMAP4rev2 Server logging out
+ S: A023 OK LOGOUT completed
+ (Server and client then close the connection)
+
+6.2. Client Commands - Not Authenticated State
+
+ In the not authenticated state, the AUTHENTICATE or LOGIN command
+ establishes authentication and enters the authenticated state. The
+ AUTHENTICATE command provides a general mechanism for a variety of
+ authentication techniques, privacy protection, and integrity
+ checking, whereas the LOGIN command uses a conventional user name and
+ plaintext password pair and has no means of establishing privacy
+ protection or integrity checking.
+
+ The STARTTLS command is an alternative form of establishing session
+ privacy protection and integrity checking but does not by itself
+ establish authentication or enter the authenticated state.
+
+ Server implementations MAY allow access to certain mailboxes without
+ establishing authentication. This can be done by means of the
+ ANONYMOUS [SASL] authenticator described in [ANONYMOUS]. An older
+ convention is a LOGIN command using the userid "anonymous"; in this
+ case, a password is required although the server may choose to accept
+ any password. The restrictions placed on anonymous users are
+ implementation dependent.
+
+ Once authenticated (including as anonymous), it is not possible to
+ re-enter not authenticated state.
+
+ In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
+ the following commands are valid in the not authenticated state:
+ STARTTLS, AUTHENTICATE, and LOGIN. See the Security Considerations
+ (Section 11) for important information about these commands.
+
+6.2.1. STARTTLS Command
+
+ Arguments: none
+
+ Responses: no specific response for this command
+
+ Result: OK - starttls completed, begin TLS negotiation
+ NO - TLS negotiation can't be initiated, due to server
+ configuration error
+ BAD - STARTTLS received after a successful TLS
+ negotiation or arguments invalid
+
+ Note that the STARTTLS command is available only on cleartext ports.
+ The server MUST always respond with a tagged BAD response when the
+ STARTTLS command is received on an Implicit TLS port.
+
+ A TLS [TLS-1.3] negotiation begins immediately after the CRLF at the
+ end of the tagged OK response from the server. Once a client issues
+ a STARTTLS command, it MUST NOT issue further commands until a server
+ response is seen and the TLS negotiation is complete. Some past
+ server implementations incorrectly implemented STARTTLS processing
+ and are known to contain STARTTLS plaintext command injection
+ vulnerability [CERT-555316]. In order to avoid this vulnerability,
+ server implementations MUST do one of the following if any data is
+ received in the same TCP buffer after the CRLF that starts the
+ STARTTLS command:
+
+ 1. Extra data from the TCP buffer is interpreted as the beginning of
+ the TLS handshake. (If the data is in cleartext, this will
+ result in the TLS handshake failing.)
+
+ 2. Extra data from the TCP buffer is thrown away.
+
+ Note that the first option is friendlier to clients that pipeline the
+ beginning of the STARTTLS command with TLS handshake data.
+
+ After successful TLS negotiation, the server remains in the non-
+ authenticated state, even if client credentials are supplied during
+ the TLS negotiation. This does not preclude an authentication
+ mechanism such as EXTERNAL (defined in [SASL]) from using client
+ identity determined by the TLS negotiation.
+
+ Once TLS has been started, the client MUST discard cached information
+ about server capabilities and SHOULD reissue the CAPABILITY command.
+ This is necessary to protect against active attacks that alter the
+ capabilities list prior to STARTTLS. The server MAY advertise
+ different capabilities and, in particular, SHOULD NOT advertise the
+ STARTTLS capability, after a successful STARTTLS command.
+
+ Example:
+
+ C: a001 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 STARTTLS LOGINDISABLED
+ S: a001 OK CAPABILITY completed
+ C: a002 STARTTLS
+ S: a002 OK Begin TLS negotiation now
+ <TLS negotiation, further commands are under TLS layer>
+ C: a003 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 AUTH=PLAIN
+ S: a003 OK CAPABILITY completed
+ C: a004 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q=
+ S: a004 OK Success (tls protection)
+
+6.2.2. AUTHENTICATE Command
+
+ Arguments: SASL authentication mechanism name
+
+ OPTIONAL initial response
+
+ Responses: continuation data can be requested
+
+ Result: OK - authenticate completed, now in authenticated
+ state
+ NO - authenticate failure: unsupported authentication
+ mechanism, credentials rejected
+ BAD - command unknown or arguments invalid,
+ authentication exchange canceled
+
+ The AUTHENTICATE command indicates a [SASL] authentication mechanism
+ to the server. If the server supports the requested authentication
+ mechanism, it performs an authentication protocol exchange to
+ authenticate and identify the client. It MAY also negotiate an
+ OPTIONAL security layer for subsequent protocol interactions. If the
+ requested authentication mechanism is not supported, the server
+ SHOULD reject the AUTHENTICATE command by sending a tagged NO
+ response.
+
+ The AUTHENTICATE command supports the optional "initial response"
+ feature defined in Section 4 of [SASL]. The client doesn't need to
+ use it. If a SASL mechanism supports "initial response", but it is
+ not specified by the client, the server handles it as specified in
+ Section 3 of [SASL].
+
+ The service name specified by this protocol's profile of [SASL] is
+ "imap".
+
+ The authentication protocol exchange consists of a series of server
+ challenges and client responses that are specific to the
+ authentication mechanism. A server challenge consists of a command
+ continuation request response with the "+" token followed by a
+ base64-encoded (see Section 4 of [RFC4648]) string. The client
+ response consists of a single line consisting of a base64-encoded
+ string. If the client wishes to cancel an authentication exchange,
+ it issues a line consisting of a single "*". If the server receives
+ such a response, or if it receives an invalid base64 string (e.g.,
+ characters outside the base64 alphabet or non-terminal "="), it MUST
+ reject the AUTHENTICATE command by sending a tagged BAD response.
+
+ As with any other client response, the initial response MUST be
+ encoded as base64. It also MUST be transmitted outside of a quoted
+ string or literal. To send a zero-length initial response, the
+ client MUST send a single pad character ("="). This indicates that
+ the response is present, but it is a zero-length string.
+
+ When decoding the base64 data in the initial response, decoding
+ errors MUST be treated as in any normal SASL client response, i.e.,
+ with a tagged BAD response. In particular, the server should check
+ for any characters not explicitly allowed by the base64 alphabet, as
+ well as any sequence of base64 characters that contains the pad
+ character ('=') anywhere other than the end of the string (e.g.,
+ "=AAA" and "AAA=BBB" are not allowed).
+
+ If the client uses an initial response with a SASL mechanism that
+ does not support an initial response, the server MUST reject the
+ command with a tagged BAD response.
+
+ If a security layer is negotiated through the [SASL] authentication
+ exchange, it takes effect immediately following the CRLF that
+ concludes the authentication exchange for the client and the CRLF of
+ the tagged OK response for the server.
+
+ While client and server implementations MUST implement the
+ AUTHENTICATE command itself, it is not required to implement any
+ authentication mechanisms other than the PLAIN mechanism described in
+ [PLAIN]. Also, an authentication mechanism is not required to
+ support any security layers.
+
+ Note: a server implementation MUST implement a configuration in
+ which it does NOT permit any plaintext password mechanisms, unless
+ the STARTTLS command has been negotiated, TLS has been negotiated
+ on an Implicit TLS port, or some other mechanism that protects the
+ session from password snooping has been provided. Server sites
+ SHOULD NOT use any configuration that permits a plaintext password
+ mechanism without such a protection mechanism against password
+ snooping. Client and server implementations SHOULD implement
+ additional [SASL] mechanisms that do not use plaintext passwords,
+ such as the GSSAPI mechanism described in [RFC4752], the SCRAM-
+ SHA-256/SCRAM-SHA-256-PLUS [SCRAM-SHA-256] mechanisms, and/or the
+ EXTERNAL [SASL] mechanism for mutual TLS authentication. (Note
+ that the SASL framework allows for the creation of SASL mechanisms
+ that support 2-factor authentication (2FA); however, none are
+ fully ready to be recommended by this document.)
+
+ Servers and clients can support multiple authentication mechanisms.
+ The server SHOULD list its supported authentication mechanisms in the
+ response to the CAPABILITY command so that the client knows which
+ authentication mechanisms to use.
+
+ A server MAY include a CAPABILITY response code in the tagged OK
+ response of a successful AUTHENTICATE command in order to send
+ capabilities automatically. It is unnecessary for a client to send a
+ separate CAPABILITY command if it recognizes these automatic
+ capabilities. This should only be done if a security layer was not
+ negotiated by the AUTHENTICATE command, because the tagged OK
+ response as part of an AUTHENTICATE command is not protected by
+ encryption/integrity checking. [SASL] requires the client to re-
+ issue a CAPABILITY command in this case. The server MAY advertise
+ different capabilities after a successful AUTHENTICATE command.
+
+ If an AUTHENTICATE command fails with a NO response, the client MAY
+ try another authentication mechanism by issuing another AUTHENTICATE
+ command. It MAY also attempt to authenticate by using the LOGIN
+ command (see Section 6.2.3 for more detail). In other words, the
+ client MAY request authentication types in decreasing order of
+ preference, with the LOGIN command as a last resort.
+
+ The authorization identity passed from the client to the server
+ during the authentication exchange is interpreted by the server as
+ the user name whose privileges the client is requesting.
+
+ Example:
+
+ S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI]
+ Capabilities
+ C: A001 AUTHENTICATE GSSAPI
+ S: +
+ C: YIIB+wYJKoZIhvcSAQICAQBuggHqMIIB5qADAgEFoQMCAQ6iBw
+ MFACAAAACjggEmYYIBIjCCAR6gAwIBBaESGxB1Lndhc2hpbmd0
+ b24uZWR1oi0wK6ADAgEDoSQwIhsEaW1hcBsac2hpdmFtcy5jYW
+ Mud2FzaGluZ3Rvbi5lZHWjgdMwgdCgAwIBAaEDAgEDooHDBIHA
+ cS1GSa5b+fXnPZNmXB9SjL8Ollj2SKyb+3S0iXMljen/jNkpJX
+ AleKTz6BQPzj8duz8EtoOuNfKgweViyn/9B9bccy1uuAE2HI0y
+ C/PHXNNU9ZrBziJ8Lm0tTNc98kUpjXnHZhsMcz5Mx2GR6dGknb
+ I0iaGcRerMUsWOuBmKKKRmVMMdR9T3EZdpqsBd7jZCNMWotjhi
+ vd5zovQlFqQ2Wjc2+y46vKP/iXxWIuQJuDiisyXF0Y8+5GTpAL
+ pHDc1/pIGmMIGjoAMCAQGigZsEgZg2on5mSuxoDHEA1w9bcW9n
+ FdFxDKpdrQhVGVRDIzcCMCTzvUboqb5KjY1NJKJsfjRQiBYBdE
+ NKfzK+g5DlV8nrw81uOcP8NOQCLR5XkoMHC0Dr/80ziQzbNqhx
+ O6652Npft0LQwJvenwDI13YxpwOdMXzkWZN/XrEqOWp6GCgXTB
+ vCyLWLlWnbaUkZdEYbKHBPjd8t/1x5Yg==
+ S: + YGgGCSqGSIb3EgECAgIAb1kwV6ADAgEFoQMCAQ+iSzBJoAMC
+ AQGiQgRAtHTEuOP2BXb9sBYFR4SJlDZxmg39IxmRBOhXRKdDA0
+ uHTCOT9Bq3OsUTXUlk0CsFLoa8j+gvGDlgHuqzWHPSQg==
+ C:
+ S: + YDMGCSqGSIb3EgECAgIBAAD/////6jcyG4GE3KkTzBeBiVHe
+ ceP2CWY0SR0fAQAgAAQEBAQ=
+ C: YDMGCSqGSIb3EgECAgIBAAD/////3LQBHXTpFfZgrejpLlLImP
+ wkhbfa2QteAQAgAG1yYwE=
+ S: A001 OK GSSAPI authentication successful
+
+ The following example demonstrates the use of an initial response.
+
+ Example:
+
+ S: * OK [CAPABILITY IMAP4rev2 STARTTLS AUTH=GSSAPI
+ LOGINDISABLED] Server ready
+ C: A01 STARTTLS
+ S: A01 OK STARTTLS completed
+ <TLS negotiation, further commands are under TLS layer>
+ C: A02 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 AUTH=GSSAPI AUTH=PLAIN
+ S: A02 OK CAPABILITY completed
+ C: A03 AUTHENTICATE PLAIN dGVzdAB0ZXN0AHRlc3Q=
+ S: A03 OK Success (tls protection)
+
+ Note that because the initial response is optional, the following
+ negotiation (which does not use the initial response) is still valid
+ and MUST be supported by the server:
+
+ ... client connects to server and negotiates a TLS
+ protection layer ...
+ C: C01 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 AUTH=PLAIN
+ S: C01 OK Completed
+ C: A01 AUTHENTICATE PLAIN
+ S: +
+ C: dGVzdAB0ZXN0AHRlc3Q=
+ S: A01 OK Success (tls protection)
+
+ Note that in the above example there is a space following the "+"
+ from the server.
+
+ The following is an example authentication using the SASL EXTERNAL
+ mechanism (defined in [SASL]) under a TLS protection layer and an
+ empty initial response:
+
+ ... client connects to server and negotiates a TLS
+ protection layer ...
+ C: C01 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 AUTH=PLAIN AUTH=EXTERNAL
+ S: C01 OK Completed
+ C: A01 AUTHENTICATE EXTERNAL =
+ S: A01 OK Success (tls protection)
+
+ Note: The line breaks within server challenges and client responses
+ are for editorial clarity and are not in real authenticators.
+
+6.2.3. LOGIN Command
+
+ Arguments: user name
+
+ password
+
+ Responses: no specific responses for this command
+
+ Result: OK - login completed, now in authenticated state
+ NO - login failure: user name or password rejected
+ BAD - command unknown or arguments invalid
+
+ The LOGIN command identifies the client to the server and carries the
+ plaintext password authenticating this user. The LOGIN command
+ SHOULD NOT be used except as a last resort (after attempting and
+ failing to authenticate using the AUTHENTICATE command one or more
+ times), and it is recommended that client implementations have a
+ means to disable any automatic use of the LOGIN command.
+
+ A server MAY include a CAPABILITY response code in the tagged OK
+ response to a successful LOGIN command in order to send capabilities
+ automatically. It is unnecessary for a client to send a separate
+ CAPABILITY command if it recognizes these automatic capabilities.
+
+ Example:
+
+ C: a001 LOGIN SMITH SESAME
+ S: a001 OK LOGIN completed
+
+ Note: Use of the LOGIN command over an insecure network (such as the
+ Internet) is a security risk, because anyone monitoring network
+ traffic can obtain plaintext passwords. For that reason, clients
+ MUST NOT use LOGIN on unsecure networks.
+
+ Unless the client is accessing IMAP service on an Implicit TLS port
+ [RFC8314], the STARTTLS command has been negotiated, or some other
+ mechanism that protects the session from password snooping has been
+ provided, a server implementation MUST implement a configuration in
+ which it advertises the LOGINDISABLED capability and does NOT permit
+ the LOGIN command. Server sites SHOULD NOT use any configuration
+ that permits the LOGIN command without such a protection mechanism
+ against password snooping. A client implementation MUST NOT send a
+ LOGIN command if the LOGINDISABLED capability is advertised.
+
+6.3. Client Commands - Authenticated State
+
+ In the authenticated state, commands that manipulate mailboxes as
+ atomic entities are permitted. Of these commands, SELECT and EXAMINE
+ will select a mailbox for access and enter the selected state.
+
+ In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
+ the following commands are valid in the authenticated state: ENABLE,
+ SELECT, EXAMINE, NAMESPACE, CREATE, DELETE, RENAME, SUBSCRIBE,
+ UNSUBSCRIBE, LIST, STATUS, APPEND, and IDLE.
+
+6.3.1. ENABLE Command
+
+ Arguments: capability names
+
+ Responses: no specific responses for this command
+
+ Result: OK - Relevant capabilities enabled
+ BAD - No arguments, or syntax error in an argument
+
+ Several IMAP extensions allow the server to return unsolicited
+ responses specific to these extensions in certain circumstances.
+ However, servers cannot send those unsolicited responses (with the
+ exception of response codes (see Section 7.1) included in tagged or
+ untagged OK/NO/BAD responses, which can always be sent) until they
+ know that the clients support such extensions and thus will be able
+ to correctly parse and process the extension response data.
+
+ The ENABLE command provides an explicit indication from the client
+ that it supports particular extensions. It is designed such that the
+ client can send a simple constant string with the extensions it
+ supports, and the server will enable the shared subset that both
+ support.
+
+ The ENABLE command takes a list of capability names and requests the
+ server to enable the named extensions. Once enabled using ENABLE,
+ each extension remains active until the IMAP connection is closed.
+ For each argument, the server does the following:
+
+ * If the argument is not an extension known to the server, the
+ server MUST ignore the argument.
+
+ * If the argument is an extension known to the server, and it is not
+ specifically permitted to be enabled using ENABLE, the server MUST
+ ignore the argument. (Note that knowing about an extension
+ doesn't necessarily imply supporting that extension.)
+
+ * If the argument is an extension that is supported by the server
+ and that needs to be enabled, the server MUST enable the extension
+ for the duration of the connection. Note that once an extension
+ is enabled, there is no way to disable it.
+
+ If the ENABLE command is successful, the server MUST send an untagged
+ ENABLED response (Section 7.2.1), which includes all enabled
+ extensions as specified above. The ENABLED response is sent even if
+ no extensions were enabled.
+
+ Clients SHOULD only include extensions that need to be enabled by the
+ server. For example, a client can enable IMAP4rev2-specific behavior
+ when both IMAP4rev1 and IMAP4rev2 are advertised in the CAPABILITY
+ response. Future RFCs may add to this list.
+
+ The ENABLE command is only valid in the authenticated state, before
+ any mailbox is selected. Clients MUST NOT issue ENABLE once they
+ SELECT/EXAMINE a mailbox; however, server implementations don't have
+ to check that no mailbox is selected or was previously selected
+ during the duration of a connection.
+
+ The ENABLE command can be issued multiple times in a session. It is
+ additive; that is, "ENABLE a b", followed by "ENABLE c", is the same
+ as a single command "ENABLE a b c". When multiple ENABLE commands
+ are issued, each corresponding ENABLED response SHOULD only contain
+ extensions enabled by the corresponding ENABLE command, i.e., for the
+ above example, the ENABLED response to "ENABLE c" should not contain
+ "a" or "b".
+
+ There are no limitations on pipelining ENABLE. For example, it is
+ possible to send ENABLE and then immediately SELECT, or a LOGIN
+ immediately followed by ENABLE.
+
+ The server MUST NOT change the CAPABILITY list as a result of
+ executing ENABLE; that is, a CAPABILITY command issued right after an
+ ENABLE command MUST list the same capabilities as a CAPABILITY
+ command issued before the ENABLE command. This is demonstrated in
+ the following example. Note that below "X-GOOD-IDEA" is a fictitious
+ extension capability that can be ENABLED.
+
+ C: t1 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA
+ S: t1 OK foo
+ C: t2 ENABLE CONDSTORE X-GOOD-IDEA
+ S: * ENABLED X-GOOD-IDEA
+ S: t2 OK foo
+ C: t3 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 ID LITERAL+ X-GOOD-IDEA
+ S: t3 OK foo again
+
+ In the following example, the client enables the Conditional Store
+ (CONDSTORE) extension [RFC7162]:
+
+ C: a1 ENABLE CONDSTORE
+ S: * ENABLED CONDSTORE
+ S: a1 OK Conditional Store enabled
+
+6.3.1.1. Note to Designers of Extensions That May Use the ENABLE
+ Command
+
+ Designers of IMAP extensions are discouraged from creating extensions
+ that require ENABLE unless there is no good alternative design.
+ Specifically, extensions that cause potentially incompatible behavior
+ changes to deployed server responses (and thus benefit from ENABLE)
+ have a higher complexity cost than extensions that do not.
+
+6.3.2. SELECT Command
+
+ Arguments: mailbox name
+
+ Responses: REQUIRED untagged responses: FLAGS, EXISTS, LIST
+ REQUIRED OK untagged responses: PERMANENTFLAGS,
+ UIDNEXT, UIDVALIDITY
+
+ Result: OK - select completed, now in selected state
+ NO - select failure, now in authenticated state: no
+ such mailbox, can't access mailbox
+ BAD - command unknown or arguments invalid
+
+ The SELECT command selects a mailbox so that messages in the mailbox
+ can be accessed. Before returning an OK to the client, the server
+ MUST send the following untagged data to the client. (The order of
+ individual responses is not important.) Note that earlier versions
+ of this protocol, such as the IMAP4rev1 version specified in
+ [RFC2060], only required the FLAGS and EXISTS untagged responses and
+ UIDVALIDITY response code. Client implementations that need to
+ remain compatible with such older IMAP versions have to implement
+ default behavior for missing data, as discussed with the individual
+ items.
+
+ FLAGS
+ Defined flags in the mailbox. See the description of the FLAGS
+ response in Section 7.3.5 for more detail.
+
+ <n> EXISTS
+ The number of messages in the mailbox. See the description of the
+ EXISTS response in Section 7.4.1 for more detail.
+
+ LIST
+ The server MUST return a LIST response with the mailbox name. The
+ list of mailbox attributes MUST be accurate. If the server allows
+ denormalized UTF-8 mailbox names (see Section 5.1) and the
+ supplied mailbox name differs from the normalized version, the
+ server MUST return LIST with the OLDNAME extended data item. See
+ Section 6.3.9.7 for more details.
+
+ OK [PERMANENTFLAGS (<list of flags>)]
+ A list of message flags that the client can change permanently.
+ If this is missing, the client should assume that all flags can be
+ changed permanently.
+
+ OK [UIDNEXT <n>]
+ The next unique identifier value. Refer to Section 2.3.1.1 for
+ more information.
+
+ OK [UIDVALIDITY <n>]
+ The unique identifier validity value. Refer to Section 2.3.1.1
+ for more information.
+
+ Only one mailbox can be selected at a time in a connection;
+ simultaneous access to multiple mailboxes requires multiple
+ connections. The SELECT command automatically deselects any
+ currently selected mailbox before attempting the new selection.
+ Consequently, if a mailbox is selected and a SELECT command that
+ fails is attempted, no mailbox is selected. When deselecting a
+ selected mailbox, the server MUST return an untagged OK response with
+ the "[CLOSED]" response code when the currently selected mailbox is
+ closed (see Section 7.1).
+
+ If the client is permitted to modify the mailbox, the server SHOULD
+ prefix the text of the tagged OK response with the "[READ-WRITE]"
+ response code.
+
+ If the client is not permitted to modify the mailbox but is permitted
+ read access, the mailbox is selected as read-only, and the server
+ MUST prefix the text of the tagged OK response to SELECT with the
+ "[READ-ONLY]" response code. Read-only access through SELECT differs
+ from the EXAMINE command in that certain read-only mailboxes MAY
+ permit the change of permanent state on a per-user (as opposed to
+ global) basis. Netnews messages marked in a server-based .newsrc
+ file are an example of such per-user permanent state that can be
+ modified with read-only mailboxes.
+
+ Example:
+
+ C: A142 SELECT INBOX
+ S: * 172 EXISTS
+ S: * OK [UIDVALIDITY 3857529045] UIDs valid
+ S: * OK [UIDNEXT 4392] Predicted next UID
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
+ S: * LIST () "/" INBOX
+ S: A142 OK [READ-WRITE] SELECT completed
+
+ Example:
+
+ C: A142 SELECT INBOX
+ S: * 172 EXISTS
+ S: * OK [UIDVALIDITY 3857529045] UIDs valid
+ S: * OK [UIDNEXT 4392] Predicted next UID
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [PERMANENTFLAGS (\Deleted \Seen \*)] Limited
+ S: A142 OK [READ-WRITE] SELECT completed
+ [...some time later...]
+ C: A143 SELECT Drafts
+ S: * OK [CLOSED] Previous mailbox is now closed
+ S: * 5 EXISTS
+ S: * OK [UIDVALIDITY 9877410381] UIDs valid
+ S: * OK [UIDNEXT 102] Predicted next UID
+ S: * LIST () "/" Drafts
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [PERMANENTFLAGS (\Deleted \Seen \Answered
+ \Flagged \Draft \*)] System flags and keywords allowed
+ S: A143 OK [READ-WRITE] SELECT completed
+
+ Note that IMAP4rev1-compliant servers can also send the untagged
+ RECENT response that was deprecated in IMAP4rev2, e.g., "* 0 RECENT".
+ Pure IMAP4rev2 clients are advised to ignore the untagged RECENT
+ response.
+
+6.3.3. EXAMINE Command
+
+ Arguments: mailbox name
+
+ Responses: REQUIRED untagged responses: FLAGS, EXISTS, LIST
+ REQUIRED OK untagged responses: PERMANENTFLAGS,
+ UIDNEXT, UIDVALIDITY
+
+ Result: OK - examine completed, now in selected state
+ NO - examine failure, now in authenticated state: no
+ such mailbox, can't access mailbox
+ BAD - command unknown or arguments invalid
+
+ The EXAMINE command is identical to SELECT and returns the same
+ output; however, the selected mailbox is identified as read-only. No
+ changes to the permanent state of the mailbox, including per-user
+ state, are permitted.
+
+ The text of the tagged OK response to the EXAMINE command MUST begin
+ with the "[READ-ONLY]" response code.
+
+ Example:
+
+ C: A932 EXAMINE blurdybloop
+ S: * 17 EXISTS
+ S: * OK [UIDVALIDITY 3857529045] UIDs valid
+ S: * OK [UIDNEXT 4392] Predicted next UID
+ S: * LIST () "/" blurdybloop
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [PERMANENTFLAGS ()] No permanent flags permitted
+ S: A932 OK [READ-ONLY] EXAMINE completed
+
+6.3.4. CREATE Command
+
+ Arguments: mailbox name
+
+ Responses: OPTIONAL untagged response: LIST
+
+ Result: OK - create completed
+ NO - create failure: can't create mailbox with that
+ name
+ BAD - command unknown or arguments invalid
+
+ The CREATE command creates a mailbox with the given name. An OK
+ response is returned only if a new mailbox with that name has been
+ created. It is an error to attempt to create INBOX or a mailbox with
+ a name that refers to an extant mailbox. Any error in creation will
+ return a tagged NO response. If a client attempts to create a UTF-8
+ mailbox name that is not a valid Net-Unicode name, the server MUST
+ reject the creation or convert the name to Net-Unicode prior to
+ creating the mailbox. If the server decides to convert (normalize)
+ the name, it SHOULD return an untagged LIST with an OLDNAME extended
+ data item, with the OLDNAME value being the supplied mailbox name and
+ the name parameter being the normalized mailbox name. (See
+ Section 6.3.9.7 for more details.)
+
+ Mailboxes created in one IMAP session MAY be announced to other IMAP
+ sessions using an unsolicited LIST response. If the server
+ automatically subscribes a mailbox when it is created, then the
+ unsolicited LIST response for each affected subscribed mailbox name
+ MUST include the \Subscribed attribute.
+
+ If the mailbox name is suffixed with the server's hierarchy separator
+ character (as returned from the server by a LIST command), this is a
+ declaration that the client intends to create mailbox names under
+ this name in the hierarchy. Server implementations that do not
+ require this declaration MUST ignore the declaration. In any case,
+ the name created is without the trailing hierarchy delimiter.
+
+ If the server's hierarchy separator character appears elsewhere in
+ the name, the server SHOULD create any superior hierarchical names
+ that are needed for the CREATE command to be successfully completed.
+ In other words, an attempt to create "foo/bar/zap" on a server in
+ which "/" is the hierarchy separator character SHOULD create foo/ and
+ foo/bar/ if they do not already exist.
+
+ If a new mailbox is created with the same name as a mailbox that was
+ deleted, its unique identifiers MUST be greater than any unique
+ identifiers used in the previous incarnation of the mailbox unless
+ the new incarnation has a different unique identifier validity value.
+ See the description of the UID command in Section 6.4.9 for more
+ detail.
+
+ Example:
+
+ C: A003 CREATE owatagusiam/
+ S: A003 OK CREATE completed
+ C: A004 CREATE owatagusiam/blurdybloop
+ S: A004 OK CREATE completed
+ C: A005 CREATE NonNormalized
+ S: * LIST () "/" "Normalized" ("OLDNAME" ("NonNormalized"))
+ S: A005 OK CREATE completed
+
+ (In the last example, imagine that "NonNormalized" is a non-NFC
+ normalized Unicode mailbox name and that "Normalized" is its NFC
+ normalized version.)
+
+ | Note: The interpretation of this example depends on whether "/"
+ | was returned as the hierarchy separator from LIST. If "/" is
+ | the hierarchy separator, a new level of hierarchy named
+ | "owatagusiam" with a member called "blurdybloop" is created.
+ | Otherwise, two mailboxes at the same hierarchy level are
+ | created.
+
+6.3.5. DELETE Command
+
+ Arguments: mailbox name
+
+ Responses: OPTIONAL untagged response: LIST
+
+ Result: OK - delete completed
+ NO - delete failure: can't delete mailbox with that
+ name
+ BAD - command unknown or arguments invalid
+
+ The DELETE command permanently removes the mailbox with the given
+ name. A tagged OK response is returned only if the mailbox has been
+ deleted. It is an error to attempt to delete INBOX or a mailbox name
+ that does not exist.
+
+ The DELETE command MUST NOT remove inferior hierarchical names. For
+ example, if a mailbox "foo" has an inferior "foo.bar" (assuming "."
+ is the hierarchy delimiter character), removing "foo" MUST NOT remove
+ "foo.bar". It is an error to attempt to delete a name that has
+ inferior hierarchical names and also has the \Noselect mailbox name
+ attribute (see the description of the LIST response (Section 7.3.1)
+ for more details).
+
+ It is permitted to delete a name that has inferior hierarchical names
+ and does not have the \Noselect mailbox name attribute. If the
+ server implementation does not permit deleting the name while
+ inferior hierarchical names exist, then it SHOULD disallow the DELETE
+ command by returning a tagged NO response. The NO response SHOULD
+ include the HASCHILDREN response code. Alternatively, the server MAY
+ allow the DELETE command, but it sets the \Noselect mailbox name
+ attribute for that name.
+
+ If the server returns an OK response, all messages in that mailbox
+ are removed by the DELETE command.
+
+ The value of the highest-used unique identifier of the deleted
+ mailbox MUST be preserved so that a new mailbox created with the same
+ name will not reuse the identifiers of the former incarnation, unless
+ the new incarnation has a different unique identifier validity value.
+ See the description of the UID command in Section 6.4.9 for more
+ detail.
+
+ If the server decides to convert (normalize) the mailbox name, it
+ SHOULD return an untagged LIST with the "\NonExistent" attribute and
+ OLDNAME extended data item, with the OLDNAME value being the supplied
+ mailbox name and the name parameter being the normalized mailbox
+ name. (See Section 6.3.9.7 for more details.)
+
+ Mailboxes deleted in one IMAP session MAY be announced to other IMAP
+ sessions using an unsolicited LIST response, containing the
+ "\NonExistent" attribute.
+
+ Example:
+
+ C: A682 LIST "" *
+ S: * LIST () "/" blurdybloop
+ S: * LIST (\Noselect) "/" foo
+ S: * LIST () "/" foo/bar
+ S: A682 OK LIST completed
+ C: A683 DELETE blurdybloop
+ S: A683 OK DELETE completed
+ C: A684 DELETE foo
+ S: A684 NO Name "foo" has inferior hierarchical names
+ C: A685 DELETE foo/bar
+ S: A685 OK DELETE Completed
+ C: A686 LIST "" *
+ S: * LIST (\Noselect) "/" foo
+ S: A686 OK LIST completed
+ C: A687 DELETE foo
+ S: A687 OK DELETE Completed
+
+ Example:
+
+ C: A82 LIST "" *
+ S: * LIST () "." blurdybloop
+ S: * LIST () "." foo
+ S: * LIST () "." foo.bar
+ S: A82 OK LIST completed
+ C: A83 DELETE blurdybloop
+ S: A83 OK DELETE completed
+ C: A84 DELETE foo
+ S: A84 OK DELETE Completed
+ C: A85 LIST "" *
+ S: * LIST () "." foo.bar
+ S: A85 OK LIST completed
+ C: A86 LIST "" %
+ S: * LIST (\Noselect) "." foo
+ S: A86 OK LIST completed
+
+6.3.6. RENAME Command
+
+ Arguments: existing mailbox name
+
+ new mailbox name
+
+ Responses: OPTIONAL untagged response: LIST
+
+ Result: OK - rename completed
+ NO - rename failure: can't rename mailbox with that
+ name, can't rename to mailbox with that name
+ BAD - command unknown or arguments invalid
+
+ The RENAME command changes the name of a mailbox. A tagged OK
+ response is returned only if the mailbox has been renamed. It is an
+ error to attempt to rename from a mailbox name that does not exist or
+ to a mailbox name that already exists. Any error in renaming will
+ return a tagged NO response.
+
+ If the name has inferior hierarchical names, then the inferior
+ hierarchical names MUST also be renamed. For example, a rename of
+ "foo" to "zap" will rename "foo/bar" (assuming "/" is the hierarchy
+ delimiter character) to "zap/bar".
+
+ If the server's hierarchy separator character appears in the new
+ mailbox name, the server SHOULD create any superior hierarchical
+ names that are needed for the RENAME command to complete
+ successfully. In other words, an attempt to rename "foo/bar/zap" to
+ "baz/rag/zowie" on a server in which "/" is the hierarchy separator
+ character in the corresponding namespace SHOULD create "baz/" and
+ "baz/rag/" if they do not already exist.
+
+ The value of the highest-used unique identifier of the old mailbox
+ name MUST be preserved so that a new mailbox created with the same
+ name will not reuse the identifiers of the former incarnation, unless
+ the new incarnation has a different unique identifier validity value.
+ See the description of the UID command in Section 6.4.9 for more
+ detail.
+
+ Renaming INBOX is permitted and does not result in a tagged BAD
+ response, and it has special behavior: It moves all messages in INBOX
+ to a new mailbox with the given name, leaving INBOX empty. If the
+ server implementation supports inferior hierarchical names of INBOX,
+ these are unaffected by a rename of INBOX. (Note that some servers
+ disallow renaming INBOX by returning a tagged NO response, so clients
+ need to be able to handle the failure of such RENAME commands.)
+
+ If the server allows creation of mailboxes with names that are not
+ valid Net-Unicode names, the server normalizes both the existing
+ mailbox name parameter and the new mailbox name parameter. If the
+ normalized version of any of these 2 parameters differs from the
+ corresponding supplied version, the server SHOULD return an untagged
+ LIST response with an OLDNAME extended data item, with the OLDNAME
+ value being the supplied existing mailbox name and the name parameter
+ being the normalized new mailbox name (see Section 6.3.9.7). This
+ would allow the client to correlate the supplied name with the
+ normalized name.
+
+ Mailboxes renamed in one IMAP session MAY be announced to other IMAP
+ sessions using an unsolicited LIST response with an OLDNAME extended
+ data item.
+
+ In both of the above cases, if the server automatically subscribes a
+ mailbox when it is renamed, then the unsolicited LIST response for
+ each affected subscribed mailbox name MUST include the \Subscribed
+ attribute. No unsolicited LIST responses need to be sent for child
+ mailboxes. When INBOX is successfully renamed, it is assumed that a
+ new INBOX is created. No unsolicited LIST responses need to be sent
+ for INBOX in this case.
+
+ Examples:
+
+ C: A682 LIST "" *
+ S: * LIST () "/" blurdybloop
+ S: * LIST (\Noselect) "/" foo
+ S: * LIST () "/" foo/bar
+ S: A682 OK LIST completed
+ C: A683 RENAME blurdybloop sarasoop
+ S: A683 OK RENAME completed
+ C: A684 RENAME foo zowie
+ S: A684 OK RENAME Completed
+ C: A685 LIST "" *
+ S: * LIST () "/" sarasoop
+ S: * LIST (\Noselect) "/" zowie
+ S: * LIST () "/" zowie/bar
+ S: A685 OK LIST completed
+
+ C: Z432 LIST "" *
+ S: * LIST () "." INBOX
+ S: * LIST () "." INBOX.bar
+ S: Z432 OK LIST completed
+ C: Z433 RENAME INBOX old-mail
+ S: Z433 OK RENAME completed
+ C: Z434 LIST "" *
+ S: * LIST () "." INBOX
+ S: * LIST () "." INBOX.bar
+ S: * LIST () "." old-mail
+ S: Z434 OK LIST completed
+
+ Note that renaming a mailbox doesn't update subscription information
+ on the original name. To keep subscription information in sync, the
+ following sequence of commands can be used:
+
+ C: 1001 RENAME X Y
+ C: 1002 SUBSCRIBE Y
+ C: 1003 UNSUBSCRIBE X
+
+ Note that the above sequence of commands doesn't account for updating
+ the subscription for any child mailboxes of mailbox X.
+
+6.3.7. SUBSCRIBE Command
+
+ Arguments: mailbox
+
+ Responses: no specific responses for this command
+
+ Result: OK - subscribe completed
+ NO - subscribe failure: can't subscribe to that name
+ BAD - command unknown or arguments invalid
+
+ The SUBSCRIBE command adds the specified mailbox name to the server's
+ set of "active" or "subscribed" mailboxes as returned by the LIST
+ (SUBSCRIBED) command. This command returns a tagged OK response if
+ the subscription is successful or if the mailbox is already
+ subscribed.
+
+ A server MAY validate the mailbox argument to SUBSCRIBE to verify
+ that it exists. However, it SHOULD NOT unilaterally remove an
+ existing mailbox name from the subscription list even if a mailbox by
+ that name no longer exists.
+
+ | Note: This requirement is because a server site can choose to
+ | routinely remove a mailbox with a well-known name (e.g.,
+ | "system-alerts") after its contents expire, with the intention
+ | of recreating it when new contents are appropriate.
+
+ Example:
+
+ C: A002 SUBSCRIBE #news.comp.mail.mime
+ S: A002 OK SUBSCRIBE completed
+
+6.3.8. UNSUBSCRIBE Command
+
+ Arguments: mailbox name
+
+ Responses: no specific responses for this command
+
+ Result: OK - unsubscribe completed
+ NO - unsubscribe failure: can't unsubscribe that name
+ BAD - command unknown or arguments invalid
+
+ The UNSUBSCRIBE command removes the specified mailbox name from the
+ server's set of "active" or "subscribed" mailboxes as returned by the
+ LIST (SUBSCRIBED) command. This command returns a tagged OK response
+ if the unsubscription is successful or if the mailbox is not
+ subscribed.
+
+ Example:
+
+ C: A002 UNSUBSCRIBE #news.comp.mail.mime
+ S: A002 OK UNSUBSCRIBE completed
+
+6.3.9. LIST Command
+
+ Arguments (basic):
+ reference name
+ mailbox name with possible wildcards
+
+ Arguments (extended):
+ selection options (OPTIONAL)
+ reference name
+ mailbox patterns
+ return options (OPTIONAL)
+
+ Responses: untagged responses: LIST
+
+ Result: OK - list completed
+ NO - list failure: can't list that reference or
+ mailbox name
+ BAD - command unknown or arguments invalid
+
+ The LIST command returns a subset of mailbox names from the complete
+ set of all mailbox names available to the client. Zero or more
+ untagged LIST responses are returned, containing the name attributes,
+ hierarchy delimiter, name, and possible extension information; see
+ the description of the LIST response (Section 7.3.1) for more detail.
+
+ The LIST command SHOULD return its data quickly, without undue delay.
+ For example, it should not go to excess trouble to calculate the
+ \Marked or \Unmarked status or perform other processing; if each name
+ requires 1 second of processing, then a list of 1200 names would take
+ 20 minutes!
+
+ The extended LIST command, originally introduced in [RFC5258],
+ provides capabilities beyond that of the original IMAP LIST command.
+ The extended syntax is being used if one or more of the following
+ conditions is true:
+
+ 1. the first word after the command name begins with a parenthesis
+ ("LIST selection options");
+
+ 2. the second word after the command name begins with a parenthesis;
+ and
+
+ 3. the LIST command has more than 2 parameters ("LIST return
+ options").
+
+ An empty ("" string) reference name argument indicates that the
+ mailbox name is interpreted as by SELECT. The returned mailbox names
+ MUST match the supplied mailbox name pattern(s). A non-empty
+ reference name argument is the name of a mailbox or a level of
+ mailbox hierarchy, and it indicates the context in which the mailbox
+ name is interpreted. Clients SHOULD use the empty reference
+ argument.
+
+ In the basic syntax only, an empty ("" string) mailbox name argument
+ is a special request to return the hierarchy delimiter and the root
+ name of the name given in the reference. The value returned as the
+ root MAY be the empty string if the reference is non-rooted or is an
+ empty string. In all cases, a hierarchy delimiter (or NIL if there
+ is no hierarchy) is returned. This permits a client to get the
+ hierarchy delimiter (or find out that the mailbox names are flat)
+ even when no mailboxes by that name currently exist.
+
+ In the extended syntax, any mailbox name arguments that are empty
+ strings are ignored. There is no special meaning for empty mailbox
+ names when the extended syntax is used.
+
+ The reference and mailbox name arguments are interpreted into a
+ canonical form that represents an unambiguous left-to-right
+ hierarchy. The returned mailbox names will be in the interpreted
+ form, which we call a "canonical LIST pattern": the canonical pattern
+ constructed internally by the server from the reference and mailbox
+ name arguments.
+
+ Note: The interpretation of the reference argument is
+ implementation defined. It depends on whether the server
+ implementation has a concept of the "current working directory"
+ and leading "break out characters", which override the current
+ working directory.
+
+ For example, on a server that exports a UNIX or NT file system,
+ the reference argument contains the current working directory, and
+ the mailbox name argument contains the name as interpreted in the
+ current working directory.
+
+ If a server implementation has no concept of break out characters,
+ the canonical form is normally the reference name appended with
+ the mailbox name. Note that if the server implements the
+ namespace convention (Section 5.1.2.1), "#" is a break out
+ character and must be treated as such.
+
+ If the reference argument is not a level of mailbox hierarchy
+ (that is, it is a \NoInferiors name), and/or the reference
+ argument does not end with the hierarchy delimiter, it is
+ interpreted as implementation dependent. For example, a reference
+ of "foo/bar" and mailbox name of "rag/baz" could be interpreted as
+ "foo/bar/rag/baz", "foo/barrag/baz", or "foo/rag/baz". A client
+ SHOULD NOT use such a reference argument except at the explicit
+ request of the user. A hierarchical browser MUST NOT make any
+ assumptions about server interpretation of the reference unless
+ the reference is a level of mailbox hierarchy AND ends with the
+ hierarchy delimiter.
+
+ Any part of the reference argument that is included in the
+ interpreted form SHOULD prefix the interpreted form. It SHOULD also
+ be in the same form as the reference name argument. This rule
+ permits the client to determine if the returned mailbox name is in
+ the context of the reference argument or if something about the
+ mailbox argument overrode the reference argument. Without this rule,
+ the client would have to have knowledge of the server's naming
+ semantics including what characters are "breakouts" that override a
+ naming context.
+
+ Here are some examples of how references and mailbox names might be
+ interpreted on a UNIX-based server:
+
+ +==============+==============+===================+
+ | Reference | Mailbox Name | Interpretation |
+ +==============+==============+===================+
+ | ~smith/Mail/ | foo.* | ~smith/Mail/foo.* |
+ +--------------+--------------+-------------------+
+ | archive/ | % | archive/% |
+ +--------------+--------------+-------------------+
+ | #news. | comp.mail.* | #news.comp.mail.* |
+ +--------------+--------------+-------------------+
+ | ~smith/Mail/ | /usr/doc/foo | /usr/doc/foo |
+ +--------------+--------------+-------------------+
+ | archive/ | ~fred/Mail/* | ~fred/Mail/* |
+ +--------------+--------------+-------------------+
+
+ Table 1
+
+ The first three examples above demonstrate interpretations in the
+ context of the reference argument. Note that "~smith/Mail" SHOULD
+ NOT be transformed into something like "/u2/users/smith/Mail", or it
+ would be impossible for the client to determine that the
+ interpretation was in the context of the reference.
+
+ The character "*" is a wildcard and matches zero or more characters
+ at this position. The character "%" is similar to "*", but it does
+ not match a hierarchy delimiter. If the "%" wildcard is the last
+ character of a mailbox name argument, matching levels of hierarchy
+ are also returned. If these levels of hierarchy are not also
+ selectable mailboxes, they are returned with the \Noselect mailbox
+ name attribute (see the description of the LIST response
+ (Section 7.3.1) for more details).
+
+ Any syntactically valid pattern that is not accepted by a server for
+ any reason MUST be silently ignored, i.e., it results in no LIST
+ responses, and the LIST command still returns a tagged OK response.
+
+ Selection options tell the server to limit the mailbox names that are
+ selected by the LIST operation. If selection options are used, the
+ mailboxes returned are those that match both the list of canonical
+ LIST patterns and the selection options. Unless a particular
+ selection option provides special rules, the selection options are
+ cumulative: a mailbox that matches the mailbox patterns is selected
+ only if it also matches all of the selection options. (An example of
+ a selection option with special rules is the RECURSIVEMATCH option.)
+
+ Return options control what information is returned for each matched
+ mailbox. Return options MUST NOT cause the server to report
+ information about additional mailbox names other than those that
+ match the canonical LIST patterns and selection options. If no
+ return options are specified, the client is only expecting
+ information about mailbox attributes. The server MAY return other
+ information about the matched mailboxes, and clients MUST be able to
+ handle that situation.
+
+ Initial selection options and return options are defined in the
+ following subsections, and new ones will also be defined in
+ extensions. Initial options defined in this document MUST be
+ supported. Each non-initial option will be enabled by a capability
+ string (one capability may enable multiple options), and a client
+ MUST NOT send an option for which the server has not advertised
+ support. A server MUST respond to options it does not recognize with
+ a BAD response. The client SHOULD NOT specify any option more than
+ once; however, if the client does this, the server MUST act as if it
+ received the option only once. The order in which options are
+ specified by the client is not significant.
+
+ In general, each selection option except RECURSIVEMATCH will have a
+ corresponding return option with the same name. The REMOTE selection
+ option is an anomaly in this regard and does not have a corresponding
+ return option. That is because it expands, rather than restricts,
+ the set of mailboxes that are returned. Future extensions to this
+ specification should keep this parallelism in mind and define a pair
+ of corresponding selection and return options.
+
+ Server implementations are permitted to "hide" otherwise accessible
+ mailboxes from the wildcard characters, by preventing certain
+ characters or names from matching a wildcard in certain situations.
+ For example, a UNIX-based server might restrict the interpretation of
+ "*" so that an initial "/" character does not match.
+
+ The special name INBOX is included in the output from LIST, if INBOX
+ is supported by this server for this user and if the uppercase string
+ "INBOX" matches the interpreted reference and mailbox name arguments
+ with wildcards as described above. The criteria for omitting INBOX
+ is whether SELECT INBOX will return a failure; it is not relevant
+ whether the user's real INBOX resides on this or some other server.
+
+6.3.9.1. LIST Selection Options
+
+ The selection options defined in this specification are as follows:
+
+ SUBSCRIBED
+ Causes the LIST command to list subscribed names rather than the
+ existing mailboxes. This will often be a subset of the actual
+ mailboxes. It's also possible for this list to contain the names
+ of mailboxes that don't exist. In any case, the list MUST include
+ exactly those mailbox names that match the canonical list pattern
+ and are subscribed to.
+
+ This option defines a mailbox attribute, "\Subscribed", that
+ indicates that a mailbox name is subscribed to. The "\Subscribed"
+ attribute MUST be supported and MUST be accurately computed when
+ the SUBSCRIBED selection option is specified.
+
+ Note that the SUBSCRIBED selection option implies the SUBSCRIBED
+ return option (see below).
+
+ REMOTE
+ Causes the LIST command to show remote mailboxes as well as local
+ ones, as described in [RFC2193]. This option is intended to
+ replace the RLIST command and, in conjunction with the SUBSCRIBED
+ selection option, the RLSUB command. Servers that don't support
+ the concept of remote mailboxes can ignore this option.
+
+ This option defines a mailbox attribute, "\Remote", that indicates
+ that a mailbox is a remote mailbox. The "\Remote" attribute MUST
+ be accurately computed when the REMOTE option is specified.
+
+ The REMOTE selection option has no interaction with other options.
+ Its effect is to tell the server to apply the other options, if
+ any, to remote mailboxes, in addition to local ones. In
+ particular, it has no interaction with RECURSIVEMATCH (see below).
+ A request for (REMOTE RECURSIVEMATCH) is invalid, because a
+ request for (RECURSIVEMATCH) is also invalid. A request for
+ (REMOTE RECURSIVEMATCH SUBSCRIBED) is asking for all subscribed
+ mailboxes, both local and remote.
+
+ RECURSIVEMATCH
+ Forces the server to return information about parent mailboxes
+ that don't match other selection options but have some
+ submailboxes that do. Information about children is returned in
+ the CHILDINFO extended data item, as described in Section 6.3.9.6.
+
+ Note 1: In order for a parent mailbox to be returned, it still
+ has to match the canonical LIST pattern.
+
+ Note 2: When returning the CHILDINFO extended data item, it
+ doesn't matter whether or not the submailbox matches the
+ canonical LIST pattern. See also Example 9 in Section 6.3.9.8.
+
+ The RECURSIVEMATCH option MUST NOT occur as the only selection
+ option (or only with REMOTE), as it only makes sense when other
+ selection options are also used. The server MUST return a BAD
+ tagged response in such case.
+
+ Note that even if the RECURSIVEMATCH option is specified, the
+ client MUST still be able to handle cases when a CHILDINFO
+ extended data item is returned and there are no submailboxes that
+ meet the selection criteria of the subsequent LIST command, as
+ they can be deleted/renamed after the LIST response was sent but
+ before the client had a chance to access them.
+
+6.3.9.2. LIST Return Options
+
+ The return options defined in this specification are as follows:
+
+ SUBSCRIBED
+ Causes the LIST command to return subscription state for all
+ matching mailbox names. The "\Subscribed" attribute MUST be
+ supported and MUST be accurately computed when the SUBSCRIBED
+ return option is specified. Furthermore, all other mailbox
+ attributes MUST be accurately computed (this differs from the
+ behavior of the obsolete LSUB command from [RFC3501]). Note that
+ the above requirements don't override the requirement for the LIST
+ command to return results quickly (see Section 6.3.9), i.e.,
+ server implementations need to compute results quickly and
+ accurately. For example, server implementors might need to create
+ quick access indices.
+
+ CHILDREN
+ Requests mailbox child information as originally proposed in
+ [RFC3348]. See Section 6.3.9.5, below, for details.
+
+ STATUS
+ Requests STATUS response for each matching mailbox.
+
+ This option takes STATUS data items as parameters. For each
+ selectable mailbox matching the list pattern and selection
+ options, the server MUST return an untagged LIST response followed
+ by an untagged STATUS response containing the information
+ requested in the STATUS return option, except for some cases
+ described below.
+
+ If an attempted STATUS for a listed mailbox fails because the
+ mailbox can't be selected (e.g., if the "l" Access Control List
+ (ACL) right [RFC4314] is granted to the mailbox and the "r" right
+ is not granted, or is due to a race condition between LIST and
+ STATUS changing the mailbox to \NoSelect), the STATUS response
+ MUST NOT be returned, and the LIST response MUST include the
+ \NoSelect attribute. This means the server may have to buffer the
+ LIST reply until it has successfully looked up the necessary
+ STATUS information.
+
+ If the server runs into unexpected problems while trying to look
+ up the STATUS information, it MAY drop the corresponding STATUS
+ reply. In such a situation, the LIST command would still return a
+ tagged OK reply.
+
+ See the note in the discussion of the STATUS command in
+ Section 6.3.11 for information about obtaining status on the
+ currently selected mailbox.
+
+6.3.9.3. General Principles for Returning LIST Responses
+
+ This section outlines several principles that can be used by server
+ implementations of this document to decide whether a LIST response
+ should be returned, as well as how many responses and what kind of
+ information they may contain.
+
+ 1. At most, one LIST response should be returned for each mailbox
+ name that matches the canonical LIST pattern. Server
+ implementors must not assume that clients will be able to
+ assemble mailbox attributes and other information returned in
+ multiple LIST responses.
+
+ 2. There are only two reasons for including a matching mailbox name
+ in the responses to the LIST command (note that the server is
+ allowed to return unsolicited responses at any time, and such
+ responses are not governed by this rule):
+
+ A. The mailbox name also satisfies the selection criteria.
+
+ B. The mailbox name doesn't satisfy the selection criteria, but
+ it has at least one descendant mailbox name that satisfies
+ the selection criteria and that doesn't match the canonical
+ LIST pattern.
+
+ For more information on this case, see the CHILDINFO extended
+ data item described in Section 6.3.9.6. Note that the
+ CHILDINFO extended data item can only be returned when the
+ RECURSIVEMATCH selection option is specified.
+
+ 3. Attributes returned in the same LIST response are treated
+ additively. For example, the following response
+
+ S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach"
+
+ means that the "Fruit/Peach" mailbox doesn't exist, but it is
+ subscribed.
+
+6.3.9.4. Additional LIST-Related Requirements on Clients
+
+ All clients MUST treat a LIST attribute with a stronger meaning as
+ implying any attribute that can be inferred from it. (See
+ Section 7.3.1 for the list of currently defined attributes.) For
+ example, the client must treat the presence of the \NoInferiors
+ attribute as if the \HasNoChildren attribute was also sent by the
+ server.
+
+ The following table summarizes inference rules.
+
+ +====================+===================+
+ | returned attribute | implied attribute |
+ +====================+===================+
+ | \NoInferiors | \HasNoChildren |
+ +--------------------+-------------------+
+ | \NonExistent | \NoSelect |
+ +--------------------+-------------------+
+
+ Table 2
+
+6.3.9.5. The CHILDREN Return Option
+
+ The CHILDREN return option is simply an indication that the client
+ wants information about whether or not mailboxes contain child
+ mailboxes; a server MAY provide it even if the option is not
+ specified.
+
+ Many IMAP clients present the user with a hierarchical view of the
+ mailboxes that a user has access to. Rather than initially
+ presenting the entire mailbox hierarchy to the user, it is often
+ preferable to show the user a collapsed outline list of the mailbox
+ hierarchy (particularly if there is a large number of mailboxes).
+ The user can then expand the collapsed outline hierarchy as needed.
+ It is common to include a visual clue (such as a ''+'') within the
+ collapsed hierarchy to indicate that there are child mailboxes under
+ a particular mailbox. When the visual clue is clicked, the hierarchy
+ list is expanded to show the child mailboxes. The CHILDREN return
+ option provides a mechanism for a client to efficiently determine
+ whether a particular mailbox has children, without issuing a LIST ""
+ * or a LIST "" % for each mailbox name. The CHILDREN return option
+ defines two new attributes that MUST be returned within a LIST
+ response: \HasChildren and \HasNoChildren. Although these attributes
+ MAY be returned in response to any LIST command, the CHILDREN return
+ option is provided to indicate that the client particularly wants
+ this information. If the CHILDREN return option is present, the
+ server MUST return these attributes even if their computation is
+ expensive.
+
+ \HasChildren
+ The presence of this attribute indicates that the mailbox has
+ child mailboxes. A server SHOULD NOT set this attribute if
+ there are child mailboxes and the user does not have permission
+ to access any of them. In this case, \HasNoChildren SHOULD be
+ used. In many cases, however, a server may not be able to
+ efficiently compute whether a user has access to any child
+ mailbox. Note that even though the \HasChildren attribute for a
+ mailbox must be correct at the time of processing the mailbox, a
+ client must be prepared to deal with a situation when a mailbox
+ is marked with the \HasChildren attribute, but no child mailbox
+ appears in the response to the LIST command. This might happen,
+ for example, due to child mailboxes being deleted or made
+ inaccessible to the user (using access control) by another
+ client before the server is able to list them.
+
+ \HasNoChildren
+ The presence of this attribute indicates that the mailbox has NO
+ child mailboxes that are accessible to the currently
+ authenticated user.
+
+ It is an error for the server to return both a \HasChildren and a
+ \HasNoChildren attribute in the same LIST response.
+
+ Note: the \HasNoChildren attribute should not be confused with the
+ \NoInferiors attribute, which indicates that no child mailboxes exist
+ now and none can be created in the future.
+
+6.3.9.6. CHILDINFO Extended Data Item
+
+ The CHILDINFO extended data item MUST NOT be returned unless the
+ client has specified the RECURSIVEMATCH selection option.
+
+ The CHILDINFO extended data item in a LIST response describes the
+ selection criteria that has caused it to be returned and indicates
+ that the mailbox has at least one descendant mailbox that matches the
+ selection criteria.
+
+ Note: Some servers allow for mailboxes to exist without requiring
+ their parent to exist. For example, the mailbox "Customers/ABC" can
+ exist while the mailbox "Customers" does not. As the CHILDINFO
+ extended data item is not allowed if the RECURSIVEMATCH selection
+ option is not specified, such servers SHOULD use the "\NonExistent
+ \HasChildren" attribute pair to signal to the client that there is a
+ descendant mailbox that matches the selection criteria. See Example
+ 11 in Section 6.3.9.8.
+
+ The returned selection criteria allows the client to distinguish a
+ solicited response from an unsolicited one, as well as to distinguish
+ among solicited responses caused by multiple pipelined LIST commands
+ that specify different criteria.
+
+ Servers SHOULD only return a non-matching mailbox name along with
+ CHILDINFO if at least one matching child is not also being returned.
+ That is, servers SHOULD suppress redundant CHILDINFO responses.
+
+ Examples 8 and 10 in Section 6.3.9.8 demonstrate the difference
+ between the present CHILDINFO extended data item and the
+ "\HasChildren" attribute.
+
+ The following table summarizes interaction between the "\NonExistent"
+ attribute and CHILDINFO (the first column indicates whether the
+ parent mailbox exists):
+
+ +========+===========+====================+=====================+
+ | Exists | Meets the | Has a child that | Returned IMAP4rev2/ |
+ | | selection | meets the | LIST-EXTENDED |
+ | | criteria | selection criteria | attributes and |
+ | | | | CHILDINFO |
+ +========+===========+====================+=====================+
+ | no | no | no | no LIST response |
+ | | | | returned |
+ +--------+-----------+--------------------+---------------------+
+ | yes | no | no | no LIST response |
+ | | | | returned |
+ +--------+-----------+--------------------+---------------------+
+ | no | yes | no | (\NonExistent |
+ | | | | <attr>) |
+ +--------+-----------+--------------------+---------------------+
+ | yes | yes | no | (<attr>) |
+ +--------+-----------+--------------------+---------------------+
+ | no | no | yes | (\NonExistent) + |
+ | | | | CHILDINFO |
+ +--------+-----------+--------------------+---------------------+
+ | yes | no | yes | () + CHILDINFO |
+ +--------+-----------+--------------------+---------------------+
+ | no | yes | yes | (\NonExistent |
+ | | | | <attr>) + CHILDINFO |
+ +--------+-----------+--------------------+---------------------+
+ | yes | yes | yes | (<attr>) + |
+ | | | | CHILDINFO |
+ +--------+-----------+--------------------+---------------------+
+
+ Table 3
+
+ where <attr> is one or more attributes that correspond to the
+ selection criteria; for example, for the SUBSCRIBED option, the
+ <attr> is \Subscribed.
+
+6.3.9.7. OLDNAME Extended Data Item
+
+ The OLDNAME extended data item is included when a mailbox name is
+ created (with the CREATE command), renamed (with the RENAME command),
+ or deleted (with the DELETE command). (When a mailbox is deleted,
+ the "\NonExistent" attribute is also included.) IMAP extensions can
+ specify other conditions when the OLDNAME extended data item should
+ be included.
+
+ If the server allows denormalized mailbox names (see Section 5.1) in
+ SELECT/EXAMINE, CREATE, RENAME, or DELETE, it SHOULD return an
+ unsolicited LIST response that includes the OLDNAME extended data
+ item, whenever the supplied mailbox name differs from the resulting
+ normalized mailbox name. From the client point of view, this is
+ indistinguishable from another user renaming or deleting the mailbox,
+ as specified in the previous paragraph.
+
+ A deleted mailbox can be announced as follows:
+
+ S: * LIST (\NonExistent) "." "INBOX.DeletedMailbox"
+
+ Example of a renamed mailbox:
+
+ S: * LIST () "/" "NewMailbox" ("OLDNAME" ("OldMailbox"))
+
+6.3.9.8. LIST Command Examples
+
+ This example shows some uses of the basic LIST command:
+
+ Example:
+
+ C: A101 LIST "" ""
+ S: * LIST (\Noselect) "/" ""
+ S: A101 OK LIST Completed
+ C: A102 LIST #news.comp.mail.misc ""
+ S: * LIST (\Noselect) "." #news.
+ S: A102 OK LIST Completed
+ C: A103 LIST /usr/staff/jones ""
+ S: * LIST (\Noselect) "/" /
+ S: A103 OK LIST Completed
+ C: A202 LIST ~/Mail/ %
+ S: * LIST (\Noselect) "/" ~/Mail/foo
+ S: * LIST () "/" ~/Mail/meetings
+ S: A202 OK LIST completed
+
+ Extended examples:
+
+ 1: The first example shows the complete local hierarchy that will
+ be used for the other examples.
+
+ C: A01 LIST "" "*"
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST () "/" "Fruit"
+ S: * LIST () "/" "Fruit/Apple"
+ S: * LIST () "/" "Fruit/Banana"
+ S: * LIST () "/" "Tofu"
+ S: * LIST () "/" "Vegetable"
+ S: * LIST () "/" "Vegetable/Broccoli"
+ S: * LIST () "/" "Vegetable/Corn"
+ S: A01 OK done
+
+ 2: In the next example, we will see the subscribed mailboxes. This
+ is similar to, but not equivalent with, the now deprecated <LSUB
+ "" "*"> (see [RFC3501] for more details on the LSUB command).
+ Note that the mailbox called "Fruit/Peach" is subscribed to, but
+ it does not actually exist (perhaps it was deleted while still
+ subscribed). The "Fruit" mailbox is not subscribed to, but it
+ has two subscribed children. The "Vegetable" mailbox is
+ subscribed and has two children; one of them is subscribed as
+ well.
+
+ C: A02 LIST (SUBSCRIBED) "" "*"
+ S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox"
+ S: * LIST (\Subscribed) "/" "Fruit/Banana"
+ S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach"
+ S: * LIST (\Subscribed) "/" "Vegetable"
+ S: * LIST (\Subscribed) "/" "Vegetable/Broccoli"
+ S: A02 OK done
+
+ 3: The next example shows the use of the CHILDREN option. The
+ client, without having to list the second level of hierarchy,
+ now knows which of the top-level mailboxes have submailboxes
+ (children) and which do not. Note that it's not necessary for
+ the server to return the \HasNoChildren attribute for the inbox,
+ because the \NoInferiors attribute already implies that and has
+ a stronger meaning.
+
+ C: A03 LIST () "" "%" RETURN (CHILDREN)
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST (\HasChildren) "/" "Fruit"
+ S: * LIST (\HasNoChildren) "/" "Tofu"
+ S: * LIST (\HasChildren) "/" "Vegetable"
+ S: A03 OK done
+
+ 4: In this example, we see more mailboxes that reside on another
+ server. This is similar to the command <RLIST "" "%">.
+
+ C: A04 LIST (REMOTE) "" "%" RETURN (CHILDREN)
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST (\HasChildren) "/" "Fruit"
+ S: * LIST (\HasNoChildren) "/" "Tofu"
+ S: * LIST (\HasChildren) "/" "Vegetable"
+ S: * LIST (\Remote \HasNoChildren) "/" "Bread"
+ S: * LIST (\HasChildren \Remote) "/" "Meat"
+ S: A04 OK done
+
+ 5: The following example also requests the server to include
+ mailboxes that reside on another server. The server returns
+ information about all mailboxes that are subscribed. This is
+ similar to the command <RLSUB "" "*"> (see [RFC2193] for more
+ details on RLSUB). We also see the use of two selection
+ options.
+
+ C: A05 LIST (REMOTE SUBSCRIBED) "" "*"
+ S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox"
+ S: * LIST (\Subscribed) "/" "Fruit/Banana"
+ S: * LIST (\Subscribed \NonExistent) "/" "Fruit/Peach"
+ S: * LIST (\Subscribed) "/" "Vegetable"
+ S: * LIST (\Subscribed) "/" "Vegetable/Broccoli"
+ S: * LIST (\Remote \Subscribed) "/" "Bread"
+ S: A05 OK done
+
+ 6: The following example requests the server to include mailboxes
+ that reside on another server. The server is asked to return
+ subscription information for all returned mailboxes. This is
+ different from the example above.
+
+ Note that the output of this command is not a superset of the
+ output in the previous example, as it doesn't include a LIST
+ response for the non-existent "Fruit/Peach".
+
+ C: A06 LIST (REMOTE) "" "*" RETURN (SUBSCRIBED)
+ S: * LIST (\Marked \NoInferiors \Subscribed) "/" "inbox"
+ S: * LIST () "/" "Fruit"
+ S: * LIST () "/" "Fruit/Apple"
+ S: * LIST (\Subscribed) "/" "Fruit/Banana"
+ S: * LIST () "/" "Tofu"
+ S: * LIST (\Subscribed) "/" "Vegetable"
+ S: * LIST (\Subscribed) "/" "Vegetable/Broccoli"
+ S: * LIST () "/" "Vegetable/Corn"
+ S: * LIST (\Remote \Subscribed) "/" "Bread"
+ S: * LIST (\Remote) "/" "Meat"
+ S: A06 OK done
+
+ 7: The following example demonstrates the difference between the
+ \HasChildren attribute and the CHILDINFO extended data item.
+
+ Let's assume there is the following hierarchy:
+
+ C: C01 LIST "" "*"
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST () "/" "Foo"
+ S: * LIST () "/" "Foo/Bar"
+ S: * LIST () "/" "Foo/Baz"
+ S: * LIST () "/" "Moo"
+ S: C01 OK done
+
+ If the client asks RETURN (CHILDREN), it will get this:
+
+ C: CA3 LIST "" "%" RETURN (CHILDREN)
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST (\HasChildren) "/" "Foo"
+ S: * LIST (\HasNoChildren) "/" "Moo"
+ S: CA3 OK done
+
+ A) Let's also assume that the mailbox "Foo/Baz" is the only
+ subscribed mailbox. Then we get this result:
+
+ C: C02 LIST (SUBSCRIBED) "" "*"
+ S: * LIST (\Subscribed) "/" "Foo/Baz"
+ S: C02 OK done
+
+ Now, if the client issues <LIST (SUBSCRIBED) "" "%">, the
+ server will return no mailboxes (as the mailboxes "Moo",
+ "Foo", and "Inbox" are NOT subscribed). However, if the
+ client issues this:
+
+ C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%"
+ S: * LIST () "/" "Foo" ("CHILDINFO" ("SUBSCRIBED"))
+ S: C04 OK done
+
+ (that is, the mailbox "Foo" is not subscribed, but it has a
+ child that is), then A1 or A2 occurs.
+
+ A1) If the mailbox "Foo" had also been subscribed, the last
+ command would return this:
+
+ C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%"
+ S: * LIST (\Subscribed) "/" "Foo" ("CHILDINFO"
+ ("SUBSCRIBED"))
+ S: C04 OK done
+
+ or even this:
+
+ C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%"
+ S: * LIST (\Subscribed \HasChildren) "/" "Foo"
+ ("CHILDINFO" ("SUBSCRIBED"))
+ S: C04 OK done
+
+ A2) If we assume instead that the mailbox "Foo" is not part
+ of the original hierarchy and is not subscribed, the
+ last command will give this result:
+
+ C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%"
+ S: * LIST (\NonExistent) "/" "Foo" ("CHILDINFO"
+ ("SUBSCRIBED"))
+ S: C04 OK done
+
+ B) Now, let's assume that no mailbox is subscribed. In this
+ case, the command <LIST (SUBSCRIBED RECURSIVEMATCH) "" "%">
+ will return no responses, as there are no subscribed
+ children (even though "Foo" has children).
+
+ C) And finally, suppose that only the mailboxes "Foo" and "Moo"
+ are subscribed. In that case, we see this result:
+
+ C: C04 LIST (SUBSCRIBED RECURSIVEMATCH) "" "%" RETURN
+ (CHILDREN)
+ S: * LIST (\HasChildren \Subscribed) "/" "Foo"
+ S: * LIST (\HasNoChildren \Subscribed) "/" "Moo"
+ S: C04 OK done
+
+ (which means that the mailbox "Foo" has children, but none
+ of them is subscribed).
+
+ 8: The following example demonstrates that the CHILDINFO extended
+ data item is returned whether or not child mailboxes match the
+ canonical LIST pattern.
+
+ Let's assume there is the following hierarchy:
+
+ C: D01 LIST "" "*"
+ S: * LIST (\Marked \NoInferiors) "/" "inbox"
+ S: * LIST () "/" "foo2"
+ S: * LIST () "/" "foo2/bar1"
+ S: * LIST () "/" "foo2/bar2"
+ S: * LIST () "/" "baz2"
+ S: * LIST () "/" "baz2/bar2"
+ S: * LIST () "/" "baz2/bar22"
+ S: * LIST () "/" "baz2/bar222"
+ S: * LIST () "/" "eps2"
+ S: * LIST () "/" "eps2/mamba"
+ S: * LIST () "/" "qux2/bar2"
+ S: D01 OK done
+
+ And that the following mailboxes are subscribed:
+
+ C: D02 LIST (SUBSCRIBED) "" "*"
+ S: * LIST (\Subscribed) "/" "foo2/bar1"
+ S: * LIST (\Subscribed) "/" "foo2/bar2"
+ S: * LIST (\Subscribed) "/" "baz2/bar2"
+ S: * LIST (\Subscribed) "/" "baz2/bar22"
+ S: * LIST (\Subscribed) "/" "baz2/bar222"
+ S: * LIST (\Subscribed) "/" "eps2"
+ S: * LIST (\Subscribed) "/" "eps2/mamba"
+ S: * LIST (\Subscribed) "/" "qux2/bar2"
+ S: D02 OK done
+
+ The client issues the following command first:
+
+ C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*2"
+ S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\Subscribed) "/" "foo2/bar2"
+ S: * LIST (\Subscribed) "/" "baz2/bar2"
+ S: * LIST (\Subscribed) "/" "baz2/bar22"
+ S: * LIST (\Subscribed) "/" "baz2/bar222"
+ S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\Subscribed) "/" "qux2/bar2"
+ S: D03 OK done
+
+ and the server may also include the following (but this would
+ violate a restriction in Section 6.3.9.6, because CHILDINFO is
+ redundant):
+
+ S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\NonExistent) "/" "qux2" ("CHILDINFO" ("SUBSCRIBED"))
+
+ The CHILDINFO extended data item is returned for mailboxes
+ "foo2", "baz2", and "eps2" because all of them have subscribed
+ children, even though for the mailbox "foo2", only one of the
+ two subscribed children matches the pattern; for the mailbox
+ "baz2", all of the subscribed children match the pattern; and
+ for the mailbox "eps2", none of the subscribed children match
+ the pattern.
+
+ Note that if the client issues the following:
+
+ C: D03 LIST (RECURSIVEMATCH SUBSCRIBED) "" "*"
+ S: * LIST () "/" "foo2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\Subscribed) "/" "foo2/bar1"
+ S: * LIST (\Subscribed) "/" "foo2/bar2"
+ S: * LIST () "/" "baz2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\Subscribed) "/" "baz2/bar2"
+ S: * LIST (\Subscribed) "/" "baz2/bar22"
+ S: * LIST (\Subscribed) "/" "baz2/bar222"
+ S: * LIST (\Subscribed) "/" "eps2" ("CHILDINFO" ("SUBSCRIBED"))
+ S: * LIST (\Subscribed) "/" "eps2/mamba"
+ S: * LIST (\Subscribed) "/" "qux2/bar2"
+ S: D03 OK done
+
+ the LIST responses for mailboxes "foo2", "baz2", and "eps2"
+ still have the CHILDINFO extended data item, even though this
+ information is redundant and the client can determine it by
+ itself.
+
+ 9: The following example shows usage of an extended syntax for the
+ mailbox pattern. It also demonstrates that the presence of the
+ CHILDINFO extended data item doesn't necessarily imply
+ \HasChildren.
+
+ C: a1 LIST "" ("foo")
+ S: * LIST () "/" foo
+ S: a1 OK done
+
+ C: a2 LIST (SUBSCRIBED) "" "foo/*"
+ S: * LIST (\Subscribed \NonExistent) "/" foo/bar
+ S: a2 OK done
+
+ C: a3 LIST (SUBSCRIBED RECURSIVEMATCH) "" foo RETURN (CHILDREN)
+ S: * LIST (\HasNoChildren) "/" foo ("CHILDINFO" ("SUBSCRIBED"))
+ S: a3 OK done
+
+ 10: The following example shows how a server that supports missing
+ mailbox hierarchy elements can signal to a client that didn't
+ specify the RECURSIVEMATCH selection option that there is a
+ child mailbox that matches the selection criteria.
+
+ C: a1 LIST (REMOTE) "" *
+ S: * LIST () "/" music/rock
+ S: * LIST (\Remote) "/" also/jazz
+ S: a1 OK done
+
+ C: a2 LIST () "" %
+ S: * LIST (\NonExistent \HasChildren) "/" music
+ S: a2 OK done
+
+ C: a3 LIST (REMOTE) "" %
+ S: * LIST (\NonExistent \HasChildren) "/" music
+ S: * LIST (\NonExistent \HasChildren) "/" also
+ S: a3 OK done
+
+ C: a3.1 LIST "" (% music/rock)
+ S: * LIST () "/" music/rock
+ S: a3.1 OK done
+
+ Because "music/rock" is the only mailbox under "music", there's
+ no need for the server to also return "music". However, clients
+ must handle both cases.
+
+ 11: The following examples show use of the STATUS return option.
+
+ C: A01 LIST "" % RETURN (STATUS (MESSAGES UNSEEN))
+ S: * LIST () "." "INBOX"
+ S: * STATUS "INBOX" (MESSAGES 17 UNSEEN 16)
+ S: * LIST () "." "foo"
+ S: * STATUS "foo" (MESSAGES 30 UNSEEN 29)
+ S: * LIST (\NoSelect) "." "bar"
+ S: A01 OK List completed.
+
+ The "bar" mailbox isn't selectable, so it has no STATUS reply.
+
+ C: A02 LIST (SUBSCRIBED RECURSIVEMATCH) "" % RETURN (STATUS
+ (MESSAGES))
+ S: * LIST (\Subscribed) "." "INBOX"
+ S: * STATUS "INBOX" (MESSAGES 17)
+ S: * LIST () "." "foo" (CHILDINFO ("SUBSCRIBED"))
+ S: A02 OK List completed.
+
+ The LIST reply for "foo" is returned because it has matching
+ children, but no STATUS reply is returned because "foo" itself
+ doesn't match the selection criteria.
+
+6.3.10. NAMESPACE Command
+
+ Arguments: none
+
+ Responses: REQUIRED untagged responses: NAMESPACE
+
+ Result: OK - command completed
+ NO - Can't complete the command
+ BAD - arguments invalid
+
+ The NAMESPACE command causes a single untagged NAMESPACE response to
+ be returned. The untagged NAMESPACE response contains the prefix and
+ hierarchy delimiter to the server's Personal Namespace(s), Other
+ Users' Namespace(s), and Shared Namespace(s) that the server wishes
+ to expose. The response will contain a NIL for any namespace class
+ that is not available. The namespace-response-extensions ABNF non-
+ terminal is defined for extensibility and MAY be included in the
+ NAMESPACE response.
+
+ Example 1:
+
+ In this example, a server supports a single Personal Namespace. No
+ leading prefix is used on personal mailboxes, and "/" is the
+ hierarchy delimiter.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) NIL NIL
+ S: A001 OK NAMESPACE command completed
+
+ Example 2:
+
+ A user logged on anonymously to a server. No personal mailboxes are
+ associated with the anonymous user, and the user does not have access
+ to the Other Users' Namespace. No prefix is required to access
+ shared mailboxes, and the hierarchy delimiter is "."
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE NIL NIL (("" "."))
+ S: A001 OK NAMESPACE command completed
+
+ Example 3:
+
+ A server that contains a Personal Namespace and a single Shared
+ Namespace.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) NIL (("Public Folders/" "/"))
+ S: A001 OK NAMESPACE command completed
+
+ Example 4:
+
+ A server that contains a Personal Namespace, Other Users' Namespace,
+ and multiple Shared Namespaces. Note that the hierarchy delimiter
+ used within each namespace can be different.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) (("~" "/")) (("#shared/" "/")
+ ("#public/" "/")("#ftp/" "/")("#news." "."))
+ S: A001 OK NAMESPACE command completed
+
+ The prefix string allows a client to do things such as automatically
+ create personal mailboxes or LIST all available mailboxes within a
+ namespace.
+
+ Example 5:
+
+ A server that supports only the Personal Namespace, with a leading
+ prefix of INBOX to personal mailboxes and a hierarchy delimiter of
+ ".".
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("INBOX." ".")) NIL NIL
+ S: A001 OK NAMESPACE command completed
+
+ Automatically create a mailbox to store sent items.
+
+ C: A002 CREATE "INBOX.Sent Mail"
+ S: A002 OK CREATE command completed
+
+ Although a server will typically support only a single Personal
+ Namespace, and a single Other User's Namespace, circumstances exist
+ where there MAY be multiples of these, and a client MUST be prepared
+ for them. If a client is configured such that it is required to
+ create a certain mailbox, there can be circumstances where it is
+ unclear which Personal Namespaces it should create the mailbox in.
+ In these situations, a client SHOULD let the user select which
+ namespaces to create the mailbox in, or just use the first Personal
+ Namespace.
+
+ Example 6:
+
+ In this example, a server supports two Personal Namespaces. In
+ addition to the regular Personal Namespace, the user has an
+ additional Personal Namespace that allows access to mailboxes in an
+ MH format mailstore.
+
+ The client is configured to save a copy of all mail sent by the user
+ into a mailbox with the \Sent attribute (see Section 7.3.1).
+ Furthermore, after a message is deleted from a mailbox, the client is
+ configured to move that message to a mailbox with the \Trash
+ attribute. The server signals with the \NonExistent mailbox
+ attribute that the corresponding mailboxes don't exist yet and that
+ it is possible to create them. Once created, they could be used for
+ \Sent or \Trash purposes, and the server will no longer include the
+ \NonExistent mailbox attribute for them.
+
+ Note that this example demonstrates how some extension parameters can
+ be passed to further describe the #mh namespace. See the fictitious
+ "X-PARAM" extension parameter.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")("#mh/" "/" "X-PARAM"
+ ("FLAG1" "FLAG2"))) NIL NIL
+ S: A001 OK NAMESPACE command completed
+
+ C: A002 LIST (SPECIAL-USE) "" "*"
+ S: * LIST (\NonExistent \Archive) "/" Archives
+ S: * LIST (\NonExistent \Drafts) "/" Drafts
+ S: * LIST (\NonExistent \Junk) "/" Junk
+ S: * LIST (\NonExistent \Sent) "/" "Sent Mail"
+ S: * LIST (\NonExistent \Trash) "/" "Deleted Items"
+ S: A002 OK LIST Completed
+
+ C: A003 LIST (SPECIAL-USE) "#mh/" "*"
+ S: * LIST (\NonExistent \Archive) "/" "#mh/Archives"
+ S: * LIST (\NonExistent \Drafts) "/" "#mh/Drafts"
+ S: * LIST (\NonExistent \Junk) "/" "#mh/Junk"
+ S: * LIST (\NonExistent \Sent) "/" "#mh/Sent Mail"
+ S: * LIST (\NonExistent \Trash) "/" "#mh/Deleted Items"
+ S: A003 OK LIST Completed
+
+ It is desired to keep only one copy of sent mail. It is unclear
+ which Personal Namespace the client should use to create the 'Sent
+ Mail' mailbox. The user is prompted to select a namespace, and only
+ one 'Sent Mail' mailbox is created.
+
+ C: A004 CREATE "Sent Mail"
+ S: A004 OK CREATE command completed
+
+ The client is designed so that it keeps two 'Deleted Items'
+ mailboxes, one for each namespace.
+
+ C: A005 CREATE "Delete Items"
+ S: A005 OK CREATE command completed
+
+ C: A006 CREATE "#mh/Deleted Items"
+ S: A006 OK CREATE command completed
+
+ The next level of hierarchy following the Other Users' Namespace
+ prefix SHOULD consist of <username>, where <username> is a user name
+ as per the LOGIN or AUTHENTICATE command.
+
+ A client can construct a LIST command by appending a "%" to the Other
+ Users' Namespace prefix to discover the Personal Namespaces of other
+ users that are available to the currently authenticated user.
+
+ In response to such a LIST command, a server SHOULD NOT return user
+ names that have not granted access to their personal mailboxes to the
+ user in question.
+
+ A server MAY return a LIST response containing only the names of
+ users that have explicitly granted access to the user in question.
+
+ Alternatively, a server MAY return NO to such a LIST command,
+ requiring that a user name be included with the Other Users'
+ Namespace prefix before listing any other user's mailboxes.
+
+ Example 7:
+
+ A server that supports providing a list of other user's mailboxes
+ that are accessible to the currently logged on user.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) (("Other Users/" "/")) NIL
+ S: A001 OK NAMESPACE command completed
+
+ C: A002 LIST "" "Other Users/%"
+ S: * LIST () "/" "Other Users/Mike"
+ S: * LIST () "/" "Other Users/Karen"
+ S: * LIST () "/" "Other Users/Matthew"
+ S: * LIST () "/" "Other Users/Tesa"
+ S: A002 OK LIST command completed
+
+ Example 8:
+
+ A server that does not support providing a list of other user's
+ mailboxes that are accessible to the currently logged on user. The
+ mailboxes are listable if the client includes the name of the other
+ user with the Other Users' Namespace prefix.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) (("#Users/" "/")) NIL
+ S: A001 OK NAMESPACE command completed
+
+ In this example, the currently logged on user has access to the
+ Personal Namespace of user Mike, but the server chose to suppress
+ this information in the LIST response. However, by appending the
+ user name Mike (received through user input) to the Other Users'
+ Namespace prefix, the client is able to get a listing of the personal
+ mailboxes of user Mike.
+
+ C: A002 LIST "" "#Users/%"
+ S: A002 NO The requested item could not be found.
+
+ C: A003 LIST "" "#Users/Mike/%"
+ S: * LIST () "/" "#Users/Mike/INBOX"
+ S: * LIST () "/" "#Users/Mike/Foo"
+ S: A003 OK LIST command completed.
+
+ A prefix string might not contain a hierarchy delimiter, because in
+ some cases, it is not needed as part of the prefix.
+
+ Example 9:
+
+ A server that allows access to the Other Users' Namespace by
+ prefixing the others' mailboxes with a '~' followed by <username>,
+ where <username> is a user name as per the LOGIN or AUTHENTICATE
+ command.
+
+ C: A001 NAMESPACE
+ S: * NAMESPACE (("" "/")) (("~" "/")) NIL
+ S: A001 OK NAMESPACE command completed
+
+ List the mailboxes for user mark
+
+ C: A002 LIST "" "~mark/%"
+ S: * LIST () "/" "~mark/INBOX"
+ S: * LIST () "/" "~mark/foo"
+ S: A002 OK LIST command completed
+
+6.3.11. STATUS Command
+
+ Arguments: mailbox name
+
+ status data item names
+
+ Responses: REQUIRED untagged responses: STATUS
+
+ Result: OK - status completed
+ NO - status failure: no status for that name
+ BAD - command unknown or arguments invalid
+
+ The STATUS command requests the status of the indicated mailbox. It
+ does not change the currently selected mailbox, nor does it affect
+ the state of any messages in the queried mailbox.
+
+ The STATUS command provides an alternative to opening a second
+ IMAP4rev2 connection and doing an EXAMINE command on a mailbox to
+ query that mailbox's status without deselecting the current mailbox
+ in the first IMAP4rev2 connection.
+
+ Unlike the LIST command, the STATUS command is not guaranteed to be
+ fast in its response. Under certain circumstances, it can be quite
+ slow. In some implementations, the server is obliged to open the
+ mailbox as "read-only" internally to obtain certain status
+ information. Also unlike the LIST command, the STATUS command does
+ not accept wildcards.
+
+ Note: The STATUS command is intended to access the status of
+ mailboxes other than the currently selected mailbox. Because the
+ STATUS command can cause the mailbox to be opened internally, and
+ because this information is available by other means on the
+ selected mailbox, the STATUS command SHOULD NOT be used on the
+ currently selected mailbox. However, servers MUST be able to
+ execute the STATUS command on the selected mailbox. (This might
+ also implicitly happen when the STATUS return option is used in a
+ LIST command.)
+
+ The STATUS command MUST NOT be used as a "check for new messages
+ in the selected mailbox" operation (refer to Sections 7 and 7.4.1
+ for more information about the proper method for new message
+ checking).
+
+ STATUS SIZE (see below) can take a significant amount of time,
+ depending upon server implementation. Clients should use STATUS
+ SIZE cautiously.
+
+ The currently defined status data items that can be requested are:
+
+ MESSAGES
+ The number of messages in the mailbox.
+
+ UIDNEXT
+ The next unique identifier value of the mailbox. Refer to
+ Section 2.3.1.1 for more information.
+
+ UIDVALIDITY
+ The unique identifier validity value of the mailbox. Refer to
+ Section 2.3.1.1 for more information.
+
+ UNSEEN
+ The number of messages that do not have the \Seen flag set.
+
+ DELETED
+ The number of messages that have the \Deleted flag set.
+
+ SIZE
+ The total size of the mailbox in octets. This is not strictly
+ required to be an exact value, but it MUST be equal to or greater
+ than the sum of the values of the RFC822.SIZE FETCH message data
+ items (see Section 6.4.5) of all messages in the mailbox.
+
+ Example:
+
+ C: A042 STATUS blurdybloop (UIDNEXT MESSAGES)
+ S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)
+ S: A042 OK STATUS completed
+
+6.3.12. APPEND Command
+
+ Arguments: mailbox name
+
+ OPTIONAL flag parenthesized list
+
+ OPTIONAL date/time string
+
+ message literal
+
+ Responses: OPTIONAL untagged response: LIST
+
+ Result: OK - append completed
+ NO - append error: can't append to that mailbox, error
+ in flags or date/time or message text
+ BAD - command unknown or arguments invalid
+
+ The APPEND command appends the literal argument as a new message to
+ the end of the specified destination mailbox. This argument SHOULD
+ be in the format of an [RFC5322] or [I18N-HDRS] message. 8-bit
+ characters are permitted in the message. A server implementation
+ that is unable to preserve 8-bit data properly MUST be able to
+ reversibly convert 8-bit APPEND data to 7 bits using a [MIME-IMB]
+ content transfer encoding.
+
+ Note: There may be exceptions, such as draft messages, in which
+ required [RFC5322] header fields are omitted in the message
+ literal argument to APPEND. The full implications of doing so
+ must be understood and carefully weighed.
+
+ If a flag parenthesized list is specified, the flags SHOULD be set in
+ the resulting message; otherwise, the flag list of the resulting
+ message is set to "empty" by default.
+
+ If a date-time is specified, the internal date SHOULD be set in the
+ resulting message; otherwise, the internal date of the resulting
+ message is set to the current date and time by default.
+
+ If the append is unsuccessful for any reason, the mailbox MUST be
+ restored to its state before the APPEND attempt (other than possibly
+ keeping the changed mailbox's UIDNEXT value); no partial appending is
+ permitted.
+
+ If the destination mailbox does not exist, a server MUST return an
+ error and MUST NOT automatically create the mailbox. Unless it is
+ certain that the destination mailbox cannot be created, the server
+ MUST send the response code "[TRYCREATE]" as the prefix of the text
+ of the tagged NO response. This gives a hint to the client that it
+ can attempt a CREATE command and retry the APPEND if the CREATE is
+ successful.
+
+ On successful completion of an APPEND, the server returns an
+ APPENDUID response code (see Section 7.1), unless otherwise specified
+ below.
+
+ In the case of a mailbox that has permissions set so that the client
+ can APPEND to the mailbox, but not SELECT or EXAMINE it, the server
+ MUST NOT send an APPENDUID response code as it would disclose
+ information about the mailbox.
+
+ In the case of a mailbox that has UIDNOTSTICKY status (see
+ Section 7.1), the server MAY omit the APPENDUID response code as it
+ is not meaningful.
+
+ If the mailbox is currently selected, normal new message actions
+ SHOULD occur. Specifically, the server SHOULD notify the client
+ immediately via an untagged EXISTS response. If the server does not
+ do so, the client MAY issue a NOOP command after one or more APPEND
+ commands.
+
+ If the server decides to convert (normalize) the mailbox name, it
+ SHOULD return an untagged LIST with an OLDNAME extended data item,
+ with the OLDNAME value being the supplied mailbox name and the name
+ parameter being the normalized mailbox name. (See Section 6.3.9.7
+ for more details.)
+
+ Example:
+
+ C: A003 APPEND saved-messages (\Seen) {326}
+ S: + Ready for literal data
+ C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
+ C: From: Fred Foobar <foobar@Blurdybloop.example>
+ C: Subject: afternoon meeting
+ C: To: mooch@owatagu.siam.edu.example
+ C: Message-Id: <B27397-0100000@Blurdybloop.example>
+ C: MIME-Version: 1.0
+ C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
+ C:
+ C: Hello Joe, do you think we can meet at 3:30 tomorrow?
+ C:
+ S: A003 OK APPEND completed
+
+ Example:
+
+ C: A003 APPEND saved-messages (\Seen) {297+}
+ C: Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST)
+ C: From: Fred Foobar <foobar@example.com>
+ C: Subject: afternoon meeting
+ C: To: mooch@example.com
+ C: Message-Id: <B27397-0100000@example.com>
+ C: MIME-Version: 1.0
+ C: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
+ C:
+ C: Hello Joe, do you think we can meet at 3:30 tomorrow?
+ C:
+ S: A003 OK [APPENDUID 38505 3955] APPEND completed
+ C: A004 COPY 2:4 meeting
+ S: A004 OK [COPYUID 38505 304,319:320 3956:3958] Done
+ C: A005 UID COPY 305:310 meeting
+ S: A005 OK No matching messages, so nothing copied
+ C: A006 COPY 2 funny
+ S: A006 OK Done
+ C: A007 SELECT funny
+ S: * 1 EXISTS
+ S: * OK [UIDVALIDITY 3857529045] Validity session-only
+ S: * OK [UIDNEXT 2] Predicted next UID
+ S: * NO [UIDNOTSTICKY] Non-persistent UIDs
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [PERMANENTFLAGS (\Deleted \Seen)] Limited
+ S: * LIST () "." funny
+ S: A007 OK [READ-WRITE] SELECT completed
+
+ In this example, A003 and A004 demonstrate successful appending and
+ copying to a mailbox that returns the UIDs assigned to the messages.
+ A005 is an example in which no messages were copied; this is because
+ in A003, we see that message 2 had UID 304, and message 3 had UID
+ 319; therefore, UIDs 305 through 310 do not exist (refer to
+ Section 2.3.1.1 for further explanation). A006 is an example of a
+ message being copied that did not return a COPYUID; and, as expected,
+ A007 shows that the mail store containing that mailbox does not
+ support persistent UIDs.
+
+ | Note: The APPEND command is not used for message delivery,
+ | because it does not provide a mechanism to transfer [SMTP]
+ | envelope information.
+
+6.3.13. IDLE Command
+
+ Arguments: none
+
+ Responses: continuation data will be requested; the client sends
+ the continuation data "DONE" to end the command
+
+ Result: OK - IDLE completed after client sent "DONE"
+ NO - failure: the server will not allow the IDLE
+ command at this time
+ BAD - command unknown or arguments invalid
+
+ Without the IDLE command, a client would need to poll the server for
+ changes to the selected mailbox (new mail, deletions, and flag
+ changes). It's often more desirable to have the server transmit
+ updates to the client in real time. This allows a user to see new
+ mail immediately. The IDLE command allows a client to tell the
+ server that it's ready to accept such real-time updates.
+
+ The IDLE command is sent from the client to the server when the
+ client is ready to accept unsolicited update messages. The server
+ requests a response to the IDLE command using the continuation ("+")
+ response. The IDLE command remains active until the client responds
+ to the continuation, and as long as an IDLE command is active, the
+ server is now free to send untagged EXISTS, EXPUNGE, FETCH, and other
+ responses at any time. If the server chooses to send unsolicited
+ FETCH responses, they MUST include a UID FETCH item.
+
+ The IDLE command is terminated by the receipt of a "DONE"
+ continuation from the client; such response satisfies the server's
+ continuation request. At that point, the server MAY send any
+ remaining queued untagged responses and then MUST immediately send
+ the tagged response to the IDLE command and prepare to process other
+ commands. As for other commands, the processing of any new command
+ may cause the sending of unsolicited untagged responses, subject to
+ the ambiguity limitations. The client MUST NOT send a command while
+ the server is waiting for the DONE, since the server will not be able
+ to distinguish a command from a continuation.
+
+ The server MAY consider a client inactive if it has an IDLE command
+ running, and if such a server has an inactivity timeout, it MAY log
+ the client off implicitly at the end of its timeout period. Because
+ of that, clients using IDLE are advised to terminate IDLE and reissue
+ it at least every 29 minutes to avoid being logged off. This still
+ allows a client to receive immediate mailbox updates even though it
+ need only "poll" at half hour intervals.
+
+ Example:
+
+ C: A001 SELECT INBOX
+ S: * FLAGS (\Deleted \Seen \Flagged)
+ S: * OK [PERMANENTFLAGS (\Deleted \Seen \Flagged)] Limited
+ S: * 3 EXISTS
+ S: * OK [UIDVALIDITY 1]
+ S: * OK [UIDNEXT 1]
+ S: * LIST () "/" INBOX
+ S: A001 OK [READ-WRITE] SELECT completed
+ C: A002 IDLE
+ S: + idling
+ ...time passes; new mail arrives...
+ S: * 4 EXISTS
+ C: DONE
+ S: A002 OK IDLE terminated
+ ...another client expunges message 2 now...
+ C: A003 FETCH 4 ALL
+ S: * 4 FETCH (...)
+ S: A003 OK FETCH completed
+ C: A004 IDLE
+ S: * 2 EXPUNGE
+ S: * 3 EXISTS
+ S: + idling
+ ...time passes; another client expunges message 3...
+ S: * 3 EXPUNGE
+ S: * 2 EXISTS
+ ...time passes; new mail arrives...
+ S: * 3 EXISTS
+ C: DONE
+ S: A004 OK IDLE terminated
+ C: A005 FETCH 3 ALL
+ S: * 3 FETCH (...)
+ S: A005 OK FETCH completed
+ C: A006 IDLE
+
+6.4. Client Commands - Selected State
+
+ In the selected state, commands that manipulate messages in a mailbox
+ are permitted.
+
+ In addition to the universal commands (CAPABILITY, NOOP, and LOGOUT),
+ and the authenticated state commands (SELECT, EXAMINE, NAMESPACE,
+ CREATE, DELETE, RENAME, SUBSCRIBE, UNSUBSCRIBE, LIST, STATUS, and
+ APPEND), the following commands are valid in the selected state:
+ CLOSE, UNSELECT, EXPUNGE, SEARCH, FETCH, STORE, COPY, MOVE, and UID.
+
+6.4.1. CLOSE Command
+
+ Arguments: none
+
+ Responses: no specific responses for this command
+
+ Result: OK - close completed, now in authenticated state
+ BAD - command unknown or arguments invalid
+
+ The CLOSE command permanently removes all messages that have the
+ \Deleted flag set from the currently selected mailbox, and it returns
+ to the authenticated state from the selected state. No untagged
+ EXPUNGE responses are sent.
+
+ No messages are removed, and no error is given, if the mailbox is
+ selected by an EXAMINE command or is otherwise selected as read-only.
+
+ Even if a mailbox is selected, a SELECT, EXAMINE, or LOGOUT command
+ MAY be issued without previously issuing a CLOSE command. The
+ SELECT, EXAMINE, and LOGOUT commands implicitly close the currently
+ selected mailbox without doing an expunge. However, when many
+ messages are deleted, a CLOSE-LOGOUT or CLOSE-SELECT sequence is
+ considerably faster than an EXPUNGE-LOGOUT or EXPUNGE-SELECT because
+ no untagged EXPUNGE responses (which the client would probably
+ ignore) are sent.
+
+ Example:
+
+ C: A341 CLOSE
+ S: A341 OK CLOSE completed
+
+6.4.2. UNSELECT Command
+
+ Arguments: none
+
+ Responses: no specific responses for this command
+
+ Result: OK - unselect completed, now in authenticated state
+ BAD - no mailbox selected, or argument supplied but
+ none permitted
+
+ The UNSELECT command frees a session's resources associated with the
+ selected mailbox and returns the server to the authenticated state.
+ This command performs the same actions as CLOSE, except that no
+ messages are permanently removed from the currently selected mailbox.
+
+ Example:
+
+ C: A342 UNSELECT
+ S: A342 OK Unselect completed
+
+6.4.3. EXPUNGE Command
+
+ Arguments: none
+
+ Responses: untagged responses: EXPUNGE
+
+ Result: OK - expunge completed
+ NO - expunge failure: can't expunge (e.g., permission
+ denied)
+ BAD - command unknown or arguments invalid
+
+ The EXPUNGE command permanently removes all messages that have the
+ \Deleted flag set from the currently selected mailbox. Before
+ returning an OK to the client, an untagged EXPUNGE response is sent
+ for each message that is removed.
+
+ Example:
+
+ C: A202 EXPUNGE
+ S: * 3 EXPUNGE
+ S: * 3 EXPUNGE
+ S: * 5 EXPUNGE
+ S: * 8 EXPUNGE
+ S: A202 OK EXPUNGE completed
+
+ Note: In this example, messages 3, 4, 7, and 11 had the \Deleted flag
+ set. See the description of the EXPUNGE response (Section 7.5.1) for
+ further explanation.
+
+6.4.4. SEARCH Command
+
+ Arguments: OPTIONAL result specifier
+
+ OPTIONAL [CHARSET] specification
+
+ searching criteria (one or more)
+
+ Responses: OPTIONAL untagged response: ESEARCH
+
+ Result: OK - search completed
+ NO - search error: can't search that [CHARSET] or
+ criteria
+ BAD - command unknown or arguments invalid
+
+ The SEARCH command searches the mailbox for messages that match the
+ given searching criteria.
+
+ The SEARCH command may contain result options. Result options
+ control what kind of information is returned about messages matching
+ the search criteria in an untagged ESEARCH response. If no result
+ option is specified or empty list of options is specified as "()",
+ ALL is assumed (see below). The order of individual options is
+ arbitrary. Individual options may contain parameters enclosed in
+ parentheses. (However, if an option has a mandatory parameter, which
+ can always be represented as a number or a sequence-set, the option
+ parameter does not need the enclosing parentheses. See "Formal
+ Syntax" (Section 9) for more details.) If an option has parameters,
+ they consist of atoms and/or strings and/or lists in a specific
+ order. Any options not defined by extensions that the server
+ supports MUST be rejected with a BAD response.
+
+ Note that IMAP4rev1 used SEARCH responses [RFC3501] instead of
+ ESEARCH responses. Clients that support only IMAP4rev2 MUST ignore
+ SEARCH responses.
+
+ This document specifies the following result options:
+
+ MIN
+ Return the lowest message number/UID that satisfies the SEARCH
+ criteria.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the MIN result option in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ MAX
+ Return the highest message number/UID that satisfies the SEARCH
+ criteria.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the MAX result option in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ ALL
+ Return all message numbers/UIDs that satisfy the SEARCH criteria
+ using the sequence-set syntax. Note that the client MUST NOT
+ assume that messages/UIDs will be listed in any particular order.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the ALL result option in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ COUNT
+ Return the number of messages that satisfy the SEARCH criteria.
+ This result option MUST always be included in the ESEARCH
+ response.
+
+ SAVE
+ This option tells the server to remember the result of the SEARCH
+ or UID SEARCH command (as well as any command based on SEARCH,
+ e.g., SORT and THREAD [RFC5256]) and store it in an internal
+ variable that we will reference as the "search result variable".
+ The client can use the "$" marker to reference the content of this
+ internal variable. The "$" marker can be used instead of message
+ sequence or UID sequence in order to indicate that the server
+ should substitute it with the list of messages from the search
+ result variable. Thus, the client can use the result of the
+ latest remembered SEARCH command as a parameter to another
+ command. See Section 6.4.4.1 for details on how the value of the
+ search result variable is determined, how it is affected by other
+ commands executed, and how the SAVE return option interacts with
+ other return options.
+
+ In absence of any other SEARCH result option, the SAVE result
+ option also suppresses any ESEARCH response that would have been
+ otherwise returned by the SEARCH command.
+
+ Note: future extensions to this document can allow servers to return
+ multiple ESEARCH responses for a single extended SEARCH command.
+ However, all options specified above MUST result in a single ESEARCH
+ response if used by themselves or in combination. This guarantee
+ simplifies processing in IMAP4rev2 clients. Future SEARCH extensions
+ that relax this restriction will have to describe how results from
+ multiple ESEARCH responses are to be combined.
+
+ Searching criteria consist of one or more search keys.
+
+ When multiple keys are specified, the result is the intersection (AND
+ function) of all the messages that match those keys. For example,
+ the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers to all
+ deleted messages from Smith with INTERNALDATE greater than February
+ 1, 1994. A search key can also be a parenthesized list of one or
+ more search keys (e.g., for use with the OR and NOT keys).
+
+ Server implementations MAY exclude [MIME-IMB] body parts with
+ terminal content media types other than TEXT and MESSAGE from
+ consideration in SEARCH matching.
+
+ The OPTIONAL [CHARSET] specification consists of the word "CHARSET"
+ followed by the name of a character set from the registry
+ [CHARSET-REG]. It indicates the [CHARSET] of the strings that appear
+ in the search criteria. [MIME-IMB] content transfer encodings and
+ [MIME-HDRS] strings in [RFC5322]/[MIME-IMB] headers MUST be decoded
+ before comparing text. Servers MUST support US-ASCII and UTF-8
+ charsets; other CHARSETs MAY be supported. Clients SHOULD use UTF-8.
+ Note that if CHARSET is not provided, IMAP4rev2 servers MUST assume
+ UTF-8, so selecting CHARSET UTF-8 is redundant. It is permitted for
+ improved compatibility with existing IMAP4rev1 clients.
+
+ If the server does not support the specified [CHARSET], it MUST
+ return a tagged NO response (not a BAD). This response SHOULD
+ contain the BADCHARSET response code, which MAY list the CHARSETs
+ supported by the server.
+
+ In all search keys that use strings, and unless otherwise specified,
+ a message matches the key if the string is a substring of the
+ associated text. The matching SHOULD be case insensitive for
+ characters within the ASCII range. Consider using [IMAP-I18N] for
+ language-sensitive, case-insensitive searching. Note that the empty
+ string is a substring; this is useful when performing a HEADER search
+ in order to test for a header field presence in the message.
+
+ The defined search keys are as follows. Refer to "Formal Syntax"
+ (Section 9) for the precise syntactic definitions of the arguments.
+
+ <sequence set>
+ Messages with message sequence numbers corresponding to the
+ specified message sequence number set.
+
+ ALL
+ All messages in the mailbox; the default initial key for ANDing.
+
+ ANSWERED
+ Messages with the \Answered flag set.
+
+ BCC <string>
+ Messages that contain the specified string in the envelope
+ structure's Blind Carbon Copy (BCC) field.
+
+ BEFORE <date>
+ Messages whose internal date (disregarding time and timezone) is
+ earlier than the specified date.
+
+ BODY <string>
+ Messages that contain the specified string in the body of the
+ message. Unlike TEXT (see below), this doesn't match any header
+ fields. Servers are allowed to implement flexible matching for
+ this search key, for example, by matching "swim" to both "swam"
+ and "swum" in English language text or only performing full word
+ matching (where "swim" will not match "swimming").
+
+ CC <string>
+ Messages that contain the specified string in the envelope
+ structure's CC field.
+
+ DELETED
+ Messages with the \Deleted flag set.
+
+ DRAFT
+ Messages with the \Draft flag set.
+
+ FLAGGED
+ Messages with the \Flagged flag set.
+
+ FROM <string>
+ Messages that contain the specified string in the envelope
+ structure's FROM field.
+
+ HEADER <field-name> <string>
+ Messages that have a header field with the specified field-name
+ (as defined in [RFC5322]) and that contain the specified string in
+ the text of the header field (what comes after the colon). If the
+ string to search is zero-length, this matches all messages that
+ have a header field with the specified field-name regardless of
+ the contents. Servers should use a substring search for this
+ SEARCH item, as clients can use it for automatic processing not
+ initiated by end users. For example, this can be used when
+ searching for Message-ID or Content-Type header field values that
+ need to be exact or for searches in header fields that the IMAP
+ server might not know anything about.
+
+ KEYWORD <flag>
+ Messages with the specified keyword flag set.
+
+ LARGER <n>
+ Messages with an RFC822.SIZE larger than the specified number of
+ octets.
+
+ NOT <search-key>
+ Messages that do not match the specified search key.
+
+ ON <date>
+ Messages whose internal date (disregarding time and timezone) is
+ within the specified date.
+
+ OR <search-key1> <search-key2>
+ Messages that match either search key.
+
+ SEEN
+ Messages that have the \Seen flag set.
+
+ SENTBEFORE <date>
+ Messages whose [RFC5322] Date: header field (disregarding time and
+ timezone) is earlier than the specified date.
+
+ SENTON <date>
+ Messages whose [RFC5322] Date: header field (disregarding time and
+ timezone) is within the specified date.
+
+ SENTSINCE <date>
+ Messages whose [RFC5322] Date: header field (disregarding time and
+ timezone) is within or later than the specified date.
+
+ SINCE <date>
+ Messages whose internal date (disregarding time and timezone) is
+ within or later than the specified date.
+
+ SMALLER <n>
+ Messages with an RFC822.SIZE smaller than the specified number of
+ octets.
+
+ SUBJECT <string>
+ Messages that contain the specified string in the envelope
+ structure's SUBJECT field.
+
+ TEXT <string>
+ Messages that contain the specified string in the header
+ (including MIME header fields) or body of the message. Servers
+ are allowed to implement flexible matching for this search key,
+ for example, matching "swim" to both "swam" and "swum" in English
+ language text or only performing full-word matching (where "swim"
+ will not match "swimming").
+
+ TO <string>
+ Messages that contain the specified string in the envelope
+ structure's TO field.
+
+ UID <sequence set>
+ Messages with unique identifiers corresponding to the specified
+ unique identifier set. Sequence-set ranges are permitted.
+
+ UNANSWERED
+ Messages that do not have the \Answered flag set.
+
+ UNDELETED
+ Messages that do not have the \Deleted flag set.
+
+ UNDRAFT
+ Messages that do not have the \Draft flag set.
+
+ UNFLAGGED
+ Messages that do not have the \Flagged flag set.
+
+ UNKEYWORD <flag>
+ Messages that do not have the specified keyword flag set.
+
+ UNSEEN
+ Messages that do not have the \Seen flag set.
+
+ Example:
+
+ C: A282 SEARCH RETURN (MIN COUNT) FLAGGED
+ SINCE 1-Feb-1994 NOT FROM "Smith"
+ S: * ESEARCH (TAG "A282") MIN 2 COUNT 3
+ S: A282 OK SEARCH completed
+
+ Example:
+
+ C: A283 SEARCH RETURN () FLAGGED
+ SINCE 1-Feb-1994 NOT FROM "Smith"
+ S: * ESEARCH (TAG "A283") ALL 2,10:11
+ S: A283 OK SEARCH completed
+
+ Example:
+
+ C: A284 SEARCH TEXT "string not in mailbox"
+ S: * ESEARCH (TAG "A284")
+ S: A284 OK SEARCH completed
+ C: A285 SEARCH CHARSET UTF-8 TEXT {12}
+ S: + Ready for literal text
+ C: отпуск
+ S: * ESEARCH (TAG "A285") ALL 43
+ S: A285 OK SEARCH completed
+
+
+ The following example demonstrates finding the first unseen message
+ in the mailbox:
+
+ Example:
+
+ C: A284 SEARCH RETURN (MIN) UNSEEN
+ S: * ESEARCH (TAG "A284") MIN 4
+ S: A284 OK SEARCH completed
+
+ The following example demonstrates that if the ESEARCH UID indicator
+ is present, all data in the ESEARCH response is referring to UIDs;
+ for example, the MIN result specifier will be followed by a UID.
+
+ Example:
+
+ C: A285 UID SEARCH RETURN (MIN MAX) 1:5000
+ S: * ESEARCH (TAG "A285") UID MIN 7 MAX 3800
+ S: A285 OK SEARCH completed
+
+ The following example demonstrates returning the number of deleted
+ messages:
+
+ Example:
+
+ C: A286 SEARCH RETURN (COUNT) DELETED
+ S: * ESEARCH (TAG "A286") COUNT 15
+ S: A286 OK SEARCH completed
+
+6.4.4.1. SAVE Result Option and SEARCH Result Variable
+
+ Upon successful completion of a SELECT or an EXAMINE command (after
+ the tagged OK response), the current search result variable is reset
+ to the empty sequence.
+
+ A successful SEARCH command with the SAVE result option sets the
+ value of the search result variable to the list of messages found in
+ the SEARCH command. For example, if no messages were found, the
+ search result variable will contain the empty sequence.
+
+ Any of the following SEARCH commands MUST NOT change the search
+ result variable:
+
+ a SEARCH command that caused the server to return the BAD tagged
+ response,
+
+ a SEARCH command with no SAVE result option that caused the server
+ to return NO tagged response, and
+
+ a successful SEARCH command with no SAVE result option.
+
+ A SEARCH command with the SAVE result option that caused the server
+ to return the NO tagged response sets the value of the search result
+ variable to the empty sequence.
+
+ When a message listed in the search result variable is EXPUNGEd, it
+ is automatically removed from the list. Implementors are reminded
+ that if the server stores the list as a list of message numbers, it
+ MUST automatically adjust them when notifying the client about
+ expunged messages, as described in Section 7.5.1.
+
+ If the server decides to send a new UIDVALIDITY value while the
+ mailbox is opened, it causes the resetting of the search variable to
+ the empty sequence.
+
+ Note that even if the "$" marker contains the empty sequence of
+ messages, it must be treated by all commands accepting message sets
+ as parameters as a valid, but non-matching, list of messages. For
+ example, the "FETCH $" command would return a tagged OK response and
+ no FETCH responses. See also Example 5 in Section 6.4.4.4.
+
+ The SAVE result option doesn't change whether the server would return
+ items corresponding to MIN, MAX, ALL, or COUNT result options.
+
+ When the SAVE result option is combined with the MIN or MAX result
+ option, and both ALL and COUNT result options are absent, the
+ corresponding MIN/MAX is returned (if the search result is not
+ empty), but the "$" marker would contain a single message as returned
+ in the MIN/MAX return item.
+
+ If the SAVE result option is combined with both MIN and MAX result
+ options, and both ALL and COUNT result options are absent, the "$"
+ marker would contain zero messages, one message, or two messages as
+ returned in the MIN/MAX return items.
+
+ If the SAVE result option is combined with the ALL and/or COUNT
+ result option(s), the "$" marker would always contain all messages
+ found by the SEARCH or UID SEARCH command.
+
+ The following table summarizes the additional requirement on ESEARCH
+ server implementations described in this section.
+
+ +==============================+====================+
+ | Combination of Result Option | "$" Marker Value |
+ +==============================+====================+
+ | SAVE MIN | MIN |
+ +------------------------------+--------------------+
+ | SAVE MAX | MAX |
+ +------------------------------+--------------------+
+ | SAVE MIN MAX | MIN & MAX |
+ +------------------------------+--------------------+
+ | SAVE * [m] | all found messages |
+ +------------------------------+--------------------+
+
+ Table 4
+
+ where '*' means "ALL" and/or "COUNT", and '[m]' means optional "MIN"
+ and/or "MAX"
+
+ Implementation note: server implementors should note that "$" can
+ reference IMAP message sequences or UID sequences, depending on the
+ context where it is used. For example, the "$" marker can be set as
+ a result of a SEARCH (SAVE) command and used as a parameter to a UID
+ FETCH command (which accepts a UID sequence, not a message sequence),
+ or the "$" marker can be set as a result of a UID SEARCH (SAVE)
+ command and used as a parameter to a FETCH command (which accepts a
+ message sequence, not a UID sequence). Server implementations need
+ to automatically map the "$" marker value to message numbers or UIDs,
+ depending on the context where the "$" marker is used.
+
+6.4.4.2. Multiple Commands in Progress
+
+ Use of a SEARCH RETURN (SAVE) command followed by a command using the
+ "$" marker creates direct dependency between the two commands. As
+ directed by Section 5.5, a server MUST execute the two commands in
+ the order they were received.
+
+ A client MAY pipeline a SEARCH RETURN (SAVE) command with one or more
+ commands using the "$" marker, as long as this doesn't create an
+ ambiguity, as described in Section 5.5. Examples 7-9 in
+ Section 6.4.4.4 explain this in more details.
+
+6.4.4.3. Refusing to Save Search Results
+
+ In some cases, the server MAY refuse to save a SEARCH (SAVE) result,
+ for example, if an internal limit on the number of saved results is
+ reached. In this case, the server MUST return a tagged NO response
+ containing the NOTSAVED response code and set the search result
+ variable to the empty sequence, as described in Section 6.4.4.1.
+
+6.4.4.4. Examples Showing Use of the SAVE Result Option
+
+ Only in this section: explanatory comments in examples that start
+ with // are not part of the protocol.
+
+ 1. The following example demonstrates how the client can use the
+ result of a SEARCH command to FETCH headers of interesting
+ messages:
+
+ Example 1:
+
+ C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994
+ NOT FROM "Smith"
+ S: A282 OK SEARCH completed, result saved
+ C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER])
+ S: * 2 FETCH (UID 14 ...
+ S: * 84 FETCH (UID 100 ...
+ S: * 882 FETCH (UID 1115 ...
+ S: A283 OK completed
+
+ The client can also pipeline the two commands:
+
+ Example 2:
+
+ C: A282 SEARCH RETURN (SAVE) FLAGGED SINCE 1-Feb-1994
+ NOT FROM "Smith"
+ C: A283 FETCH $ (UID INTERNALDATE FLAGS BODY.PEEK[HEADER])
+ S: A282 OK SEARCH completed
+ S: * 2 FETCH (UID 14 ...
+ S: * 84 FETCH (UID 100 ...
+ S: * 882 FETCH (UID 1115 ...
+ S: A283 OK completed
+
+ 2. The following example demonstrates that the result of one SEARCH
+ command can be used as input to another SEARCH command:
+
+ Example 3:
+
+ C: A300 SEARCH RETURN (SAVE) SINCE 1-Jan-2004
+ NOT FROM "Smith"
+ S: A300 OK SEARCH completed
+ C: A301 UID SEARCH UID $ SMALLER 4096
+ S: * ESEARCH (TAG "A301") UID ALL 17,900,901
+ S: A301 OK completed
+
+ Note that the second command in Example 3 can be replaced with:
+
+ C: A301 UID SEARCH $ SMALLER 4096
+
+ and the result of the command would be the same.
+
+ 3. The following example shows that the "$" marker can be combined
+ with other message numbers using the OR SEARCH criterion.
+
+ Example 4:
+
+ C: P282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994
+ NOT FROM "Smith"
+ S: P282 OK SEARCH completed
+ C: P283 SEARCH CHARSET UTF-8 (OR $ 1,3000:3021) TEXT {8+}
+ C: мать
+ S: * ESEARCH (TAG "P283") ALL 882,1102,3003,3005:3006
+ S: P283 OK completed
+
+ 4. The following example demonstrates that a failed SEARCH sets the
+ search result variable to the empty list. The server doesn't
+ implement the KOI8-R charset.
+
+ Example 5:
+
+ C: B282 SEARCH RETURN (SAVE) SINCE 1-Feb-1994
+ NOT FROM "Smith"
+ S: B282 OK SEARCH completed
+ C: B283 SEARCH RETURN (SAVE) CHARSET KOI8-R
+ (OR $ 1,3000:3021) TEXT {4}
+ C: XXXX
+ S: B283 NO [BADCHARSET UTF-8] KOI8-R is not supported
+ //After this command, the saved result variable contains
+ //no messages. A client that wants to reissue the B283
+ //SEARCH command with another CHARSET would have to reissue
+ //the B282 command as well. One possible workaround for
+ //this is to include the desired CHARSET parameter
+ //in the earliest SEARCH RETURN (SAVE) command in a
+ //sequence of related SEARCH commands, to cause
+ //the earliest SEARCH in the sequence to fail.
+ //A better approach might be to always use CHARSET UTF-8
+ //instead.
+
+ Note: Since this document format is restricted to 7-bit ASCII
+ text, it is not possible to show actual KOI8-R data. The "XXXX"
+ is a placeholder for what would be 4 octets of 8-bit data in an
+ actual transaction.
+
+ 5. The following example demonstrates that it is not an error to use
+ the "$" marker when it contains no messages.
+
+ Example 6:
+
+ C: E282 SEARCH RETURN (SAVE) SINCE 28-Oct-2006
+ NOT FROM "Eric"
+ C: E283 COPY $ "Other Messages"
+ //The "$" contains no messages
+ S: E282 OK SEARCH completed
+ S: E283 OK COPY completed, nothing copied
+
+ Example 7:
+
+ C: F282 SEARCH RETURN (SAVE) KEYWORD $Junk
+ C: F283 COPY $ "Junk"
+ C: F284 STORE $ +FLAGS.Silent (\Deleted)
+ S: F282 OK SEARCH completed
+ S: F283 OK COPY completed
+ S: F284 OK STORE completed
+
+ Example 8:
+
+ C: G282 SEARCH RETURN (SAVE) KEYWORD $Junk
+ C: G283 SEARCH RETURN (ALL) SINCE 28-Oct-2006
+ FROM "Eric"
+ // The server can execute the two SEARCH commands
+ // in any order, as they don't have any dependency.
+ // For example, it may return:
+ S: * ESEARCH (TAG "G283") ALL 3:15,27,29:103
+ S: G283 OK SEARCH completed
+ S: G282 OK SEARCH completed
+
+ The following example demonstrates that the result of the second
+ SEARCH RETURN (SAVE) always overrides the result of the first.
+
+ Example 9:
+
+ C: H282 SEARCH RETURN (SAVE) KEYWORD $Junk
+ C: H283 SEARCH RETURN (SAVE) SINCE 28-Oct-2006
+ FROM "Eric"
+ S: H282 OK SEARCH completed
+ S: H283 OK SEARCH completed
+ // At this point "$" would contain results of H283
+
+ The following example demonstrates behavioral difference for
+ different combinations of ESEARCH result options.
+
+ Example 10:
+
+ C: C282 SEARCH RETURN (ALL) SINCE 12-Feb-2006
+ NOT FROM "Smith"
+ S: * ESEARCH (TAG "C283") ALL 2,10:15,21
+ //$ value hasn't changed
+ S: C282 OK SEARCH completed
+
+ C: C283 SEARCH RETURN (ALL SAVE) SINCE 12-Feb-2006
+ NOT FROM "Smith"
+ S: * ESEARCH (TAG "C283") ALL 2,10:15,21
+ //$ value is 2,10:15,21
+ S: C283 OK SEARCH completed
+
+ C: C284 SEARCH RETURN (SAVE MIN) SINCE 12-Feb-2006
+ NOT FROM "Smith"
+ S: * ESEARCH (TAG "C284") MIN 2
+ //$ value is 2
+ S: C284 OK SEARCH completed
+
+ C: C285 SEARCH RETURN (MAX SAVE MIN) SINCE
+ 12-Feb-2006 NOT FROM "Smith"
+ S: * ESEARCH (TAG "C285") MIN 2 MAX 21
+ //$ value is 2,21
+ S: C285 OK SEARCH completed
+
+ C: C286 SEARCH RETURN (MAX SAVE MIN COUNT)
+ SINCE 12-Feb-2006 NOT FROM "Smith"
+ S: * ESEARCH (TAG "C286") MIN 2 MAX 21 COUNT 8
+ //$ value is 2,10:15,21
+ S: C286 OK SEARCH completed
+
+ C: C286 SEARCH RETURN (ALL SAVE MIN) SINCE
+ 12-Feb-2006 NOT FROM "Smith"
+ S: * ESEARCH (TAG "C286") MIN 2 ALL 2,10:15,21
+ //$ value is 2,10:15,21
+ S: C286 OK SEARCH completed
+
+6.4.5. FETCH Command
+
+ Arguments: sequence set
+
+ message data item names or macro
+
+ Responses: untagged responses: FETCH
+
+ Result: OK - fetch completed
+ NO - fetch error: can't fetch that data
+ BAD - command unknown or arguments invalid
+
+ The FETCH command retrieves data associated with a message in the
+ mailbox. The data items to be fetched can be either a single atom or
+ a parenthesized list.
+
+ Most data items, identified in the formal syntax (Section 9) under
+ the msg-att-static rule, are static and MUST NOT change for any
+ particular message. Other data items, identified in the formal
+ syntax under the msg-att-dynamic rule, MAY change either as a result
+ of a STORE command or due to external events.
+
+ For example, if a client receives an ENVELOPE for a message when
+ it already knows the envelope, it can safely ignore the newly
+ transmitted envelope.
+
+ There are three macros that specify commonly used sets of data items
+ and can be used instead of data items. A macro must be used by
+ itself and not in conjunction with other macros or data items.
+
+ ALL
+ Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE)
+
+ FAST
+ Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE)
+
+ FULL
+ Macro equivalent to: (FLAGS INTERNALDATE RFC822.SIZE ENVELOPE
+ BODY)
+
+ Several data items reference "section" or "section-binary". See
+ Section 6.4.5.1 for their detailed definition.
+
+ The currently defined data items that can be fetched are:
+
+ BINARY[<section-binary>]<<partial>>
+ Requests that the specified section be transmitted after
+ performing decoding of the section's Content-Transfer-Encoding.
+
+ The <partial> argument, if present, requests that a subset of the
+ data be returned. The semantics of a partial FETCH BINARY command
+ are the same as for a partial FETCH BODY command, with the
+ exception that the <partial> arguments refer to the DECODED
+ section data.
+
+ Note that this data item can only be requested for leaf body
+ parts: those that have media types other than multipart/*,
+ message/rfc822, or message/global.
+
+ BINARY.PEEK[<section-binary>]<<partial>>
+ An alternate form of BINARY[<section-binary>] that does not
+ implicitly set the \Seen flag.
+
+ BINARY.SIZE[<section-binary>]
+ Requests the decoded size of the section (i.e., the size to expect
+ in response to the corresponding FETCH BINARY request).
+
+ Note: client authors are cautioned that this might be an expensive
+ operation for some server implementations. Needlessly issuing
+ this request could result in degraded performance due to servers
+ having to calculate the value every time the request is issued.
+
+ Note that this data item can only be requested for leaf body
+ parts: those that have media types other than multipart/*,
+ message/rfc822, or message/global.
+
+ BODY
+ Non-extensible form of BODYSTRUCTURE.
+
+ BODY[<section>]<<partial>>
+ The text of a particular body section. If BODY[] is specified
+ (the section specification is omitted), the FETCH is requesting
+ the [RFC5322] expression of the entire message.
+
+ It is possible to fetch a substring of the designated text. This
+ is done by appending an open angle bracket ("<"), the octet
+ position of the first desired octet, a period, the maximum number
+ of octets desired, and a close angle bracket (">") to the part
+ specifier. If the starting octet is beyond the end of the text,
+ an empty string is returned.
+
+ Any partial fetch that attempts to read beyond the end of the text
+ is truncated as appropriate. A partial fetch that starts at octet
+ 0 is returned as a partial fetch, even if this truncation
+ happened.
+
+ Note: This means that BODY[]<0.2048> of a 1500-octet message
+ will return BODY[]<0> with a literal of size 1500, not BODY[].
+
+ Note: A substring fetch of a HEADER.FIELDS or HEADER.FIELDS.NOT
+ part specifier is calculated after subsetting the header.
+
+ The \Seen flag is implicitly set; if this causes the flags to
+ change, they SHOULD be included as part of the FETCH responses.
+
+ BODY.PEEK[<section>]<<partial>>
+ An alternate form of BODY[<section>] that does not implicitly set
+ the \Seen flag.
+
+ BODYSTRUCTURE
+ The [MIME-IMB] body structure of the message. This is computed by
+ the server by parsing the [MIME-IMB] header fields in the
+ [RFC5322] header and [MIME-IMB] headers. See Section 7.5.2 for
+ more details.
+
+ ENVELOPE
+ The envelope structure of the message. This is computed by the
+ server by parsing the [RFC5322] header into the component parts,
+ defaulting various fields as necessary. See Section 7.5.2 for
+ more details.
+
+ FLAGS
+ The flags that are set for this message.
+
+ INTERNALDATE
+ The internal date of the message.
+
+ RFC822.SIZE
+ The size of the message, as defined in Section 2.3.4.
+
+ UID
+ The unique identifier for the message.
+
+ Example:
+
+ C: A654 FETCH 2:4 (FLAGS BODY[HEADER.FIELDS (DATE FROM)])
+ S: * 2 FETCH ....
+ S: * 3 FETCH ....
+ S: * 4 FETCH ....
+ S: A654 OK FETCH completed
+
+6.4.5.1. FETCH Section Specification
+
+ Several FETCH data items reference "section" or "section-binary".
+ The section specification is a set of zero or more part specifiers
+ delimited by periods. A part specifier is either a part number or
+ one of the following: HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, MIME,
+ and TEXT. (Non-numeric part specifiers have to be the last specifier
+ in a section specification.) An empty section specification refers
+ to the entire message, including the header.
+
+ Every message has at least one part number. Messages that do not use
+ MIME, and MIME messages that are not multipart and have no
+ encapsulated message within them, only have a part 1.
+
+ Multipart messages are assigned consecutive part numbers, as they
+ occur in the message. If a particular part is of type message or
+ multipart, its parts MUST be indicated by a period followed by the
+ part number within that nested multipart part.
+
+ A part of type MESSAGE/RFC822 or MESSAGE/GLOBAL also has nested part
+ numbers, referring to parts of the MESSAGE part's body.
+
+ The HEADER, HEADER.FIELDS, HEADER.FIELDS.NOT, and TEXT part
+ specifiers can be the sole part specifier or can be prefixed by one
+ or more numeric part specifiers, provided that the numeric part
+ specifier refers to a part of type MESSAGE/RFC822 or MESSAGE/GLOBAL.
+ The MIME part specifier MUST be prefixed by one or more numeric part
+ specifiers.
+
+ The HEADER, HEADER.FIELDS, and HEADER.FIELDS.NOT part specifiers
+ refer to the [RFC5322] header of the message or of an encapsulated
+ [MIME-IMT] MESSAGE/RFC822 or MESSAGE/GLOBAL message. HEADER.FIELDS
+ and HEADER.FIELDS.NOT are followed by a list of field-names (as
+ defined in [RFC5322]) and return a subset of the header. The subset
+ returned by HEADER.FIELDS contains only those header fields with a
+ field-name that matches one of the names in the list; similarly, the
+ subset returned by HEADER.FIELDS.NOT contains only the header fields
+ with a non-matching field-name. The field-matching is ASCII-range
+ case insensitive but is otherwise exact. Subsetting does not exclude
+ the [RFC5322] delimiting blank line between the header and the body;
+ the blank line is included in all header fetches, except in the case
+ of a message that has no body and no blank line.
+
+ The MIME part specifier refers to the [MIME-IMB] header for this
+ part.
+
+ The TEXT part specifier refers to the text body of the message,
+ omitting the [RFC5322] header.
+
+ Here is an example of a complex message with some of its part
+ specifiers:
+
+ HEADER ([RFC5322] header of the message)
+ TEXT ([RFC5322] text body of the message) MULTIPART/MIXED
+ 1 TEXT/PLAIN
+ 2 APPLICATION/OCTET-STREAM
+ 3 MESSAGE/RFC822
+ 3.HEADER ([RFC5322] header of the message)
+ 3.TEXT ([RFC5322] text body of the message) MULTIPART/MIXED
+ 3.1 TEXT/PLAIN
+ 3.2 APPLICATION/OCTET-STREAM
+ 4 MULTIPART/MIXED
+ 4.1 IMAGE/GIF
+ 4.1.MIME ([MIME-IMB] header for the IMAGE/GIF)
+ 4.2 MESSAGE/RFC822
+ 4.2.HEADER ([RFC5322] header of the message)
+ 4.2.TEXT ([RFC5322] text body of the message) MULTIPART/MIXED
+ 4.2.1 TEXT/PLAIN
+ 4.2.2 MULTIPART/ALTERNATIVE
+ 4.2.2.1 TEXT/PLAIN
+ 4.2.2.2 TEXT/RICHTEXT
+
+6.4.6. STORE Command
+
+ Arguments: sequence set
+
+ message data item name
+
+ value for message data item
+
+ Responses: untagged responses: FETCH
+
+ Result: OK - store completed
+ NO - store error: can't store that data
+ BAD - command unknown or arguments invalid
+
+ The STORE command alters data associated with a message in the
+ mailbox. Normally, STORE will return the updated value of the data
+ with an untagged FETCH response. A suffix of ".SILENT" in the data
+ item name prevents the untagged FETCH, and the server SHOULD assume
+ that the client has determined the updated value itself or does not
+ care about the updated value.
+
+ Note: Regardless of whether or not the ".SILENT" suffix was used,
+ the server SHOULD send an untagged FETCH response if a change to a
+ message's flags from an external source is observed. The intent
+ is that the status of the flags is determinate without a race
+ condition.
+
+ The currently defined data items that can be stored are:
+
+ FLAGS <flag list>
+ Replace the flags for the message with the argument. The new
+ value of the flags is returned as if a FETCH of those flags was
+ done.
+
+ FLAGS.SILENT <flag list>
+ Equivalent to FLAGS, but without returning a new value.
+
+ +FLAGS <flag list>
+ Add the argument to the flags for the message. The new value of
+ the flags is returned as if a FETCH of those flags was done.
+
+ +FLAGS.SILENT <flag list>
+ Equivalent to +FLAGS, but without returning a new value.
+
+ -FLAGS <flag list>
+ Remove the argument from the flags for the message. The new value
+ of the flags is returned as if a FETCH of those flags was done.
+
+ -FLAGS.SILENT <flag list>
+ Equivalent to -FLAGS, but without returning a new value.
+
+ Example:
+
+ C: A003 STORE 2:4 +FLAGS (\Deleted)
+ S: * 2 FETCH (FLAGS (\Deleted \Seen))
+ S: * 3 FETCH (FLAGS (\Deleted))
+ S: * 4 FETCH (FLAGS (\Deleted \Flagged \Seen))
+ S: A003 OK STORE completed
+
+6.4.7. COPY Command
+
+ Arguments: sequence set
+
+ mailbox name
+
+ Responses: no specific responses for this command
+
+ Result: OK - copy completed
+ NO - copy error: can't copy those messages or to that
+ name
+ BAD - command unknown or arguments invalid
+
+ The COPY command copies the specified message(s) to the end of the
+ specified destination mailbox. The flags and internal date of the
+ message(s) SHOULD be preserved in the copy.
+
+ If the destination mailbox does not exist, a server MUST return an
+ error. It MUST NOT automatically create the mailbox. Unless it is
+ certain that the destination mailbox can not be created, the server
+ MUST send the response code "[TRYCREATE]" as the prefix of the text
+ of the tagged NO response. This gives a hint to the client that it
+ can attempt a CREATE command and retry the COPY if the CREATE is
+ successful.
+
+ If the COPY command is unsuccessful for any reason, server
+ implementations MUST restore the destination mailbox to its state
+ before the COPY attempt (other than possibly incrementing UIDNEXT),
+ i.e., partial copy MUST NOT be done.
+
+ On successful completion of a COPY, the server returns a COPYUID
+ response code (see Section 7.1). Two exceptions to this requirement
+ are listed below.
+
+ In the case of a mailbox that has permissions set so that the client
+ can COPY to the mailbox, but not SELECT or EXAMINE it, the server
+ MUST NOT send a COPYUID response code as it would disclose
+ information about the mailbox.
+
+ In the case of a mailbox that has UIDNOTSTICKY status (see
+ Section 7.1), the server MAY omit the COPYUID response code as it is
+ not meaningful.
+
+ Example:
+
+ C: A003 COPY 2:4 MEETING
+ S: A003 OK [COPYUID 38505 304,319:320 3956:3958] COPY completed
+
+6.4.8. MOVE Command
+
+ Arguments: sequence set
+
+ mailbox name
+
+ Responses: no specific responses for this command
+
+ Result: OK - move completed
+ NO - move error: can't move those messages or to that
+ name
+ BAD - command unknown or arguments invalid
+
+ The MOVE command moves the specified message(s) to the end of the
+ specified destination mailbox. The flags and internal date of the
+ message(s) SHOULD be preserved.
+
+ This means that a new message is created in the target mailbox with a
+ new UID, the original message is removed from the source mailbox, and
+ it appears to the client as a single action. This has the same
+ effect for each message as this sequence:
+
+ 1. [UID] COPY
+
+ 2. [UID] STORE +FLAGS.SILENT \DELETED
+
+ 3. UID EXPUNGE
+
+ Although the effect of the MOVE is the same as the preceding steps,
+ the semantics are not identical: the intermediate states produced by
+ those steps do not occur, and the response codes are different. In
+ particular, though the COPY and EXPUNGE response codes will be
+ returned, response codes for a STORE MUST NOT be generated, and the
+ \Deleted flag MUST NOT be set for any message.
+
+ Unlike the COPY command, MOVE of a set of messages might fail partway
+ through the set. Regardless of whether the command is successful in
+ moving the entire set, each individual message MUST be either moved
+ or unaffected. The server MUST leave each message in a state where
+ it is in at least one of the source or target mailboxes (no message
+ can be lost or orphaned). The server SHOULD NOT leave any message in
+ both mailboxes (it would be bad for a partial failure to result in a
+ bunch of duplicate messages). This is true even if the server
+ returns a tagged NO response to the command.
+
+ If the destination mailbox does not exist, a server MUST return an
+ error. It MUST NOT automatically create the mailbox. Unless it is
+ certain that the destination mailbox cannot be created, the server
+ MUST send the response code "[TRYCREATE]" as the prefix of the text
+ of the tagged NO response. This gives a hint to the client that it
+ can attempt a CREATE command and retry the MOVE if the CREATE is
+ successful.
+
+ Because of the similarity of MOVE to COPY, extensions that affect
+ COPY affect MOVE in the same way. Response codes listed in
+ Section 7.1, as well as those defined by extensions, are sent as
+ indicated for COPY.
+
+ Servers send COPYUID in response to a MOVE or a UID MOVE (see
+ Section 6.4.9) command. For additional information about COPYUID,
+ see Section 7.1. Note that there are several exceptions listed in
+ Section 6.4.7 that allow servers not to return COPYUID.
+
+ Servers are also REQUIRED to send the COPYUID response code in an
+ untagged OK before sending EXPUNGE or similar responses. (Sending
+ COPYUID in the tagged OK, as described in Section 6.4.7, means that
+ clients first receive an EXPUNGE for a message and afterwards COPYUID
+ for the same message. It can be unnecessarily difficult to process
+ that sequence usefully.)
+
+ An example:
+
+ C: a UID MOVE 42:69 foo
+ S: * OK [COPYUID 432432 42:69 1202:1229]
+ S: * 22 EXPUNGE
+ ...More EXPUNGE responses from the server...
+ S: a OK Done
+
+ Note that the server may send unrelated EXPUNGE responses as well, if
+ any happen to have been expunged at the same time; this is normal
+ IMAP operation.
+
+ Note that moving a message to the currently selected mailbox (that
+ is, where the source and target mailboxes are the same) is allowed
+ when copying the message to the currently selected mailbox is
+ allowed.
+
+ The server may send EXPUNGE responses before the tagged response, so
+ the client cannot safely send more commands with message sequence
+ number arguments while the server is processing MOVE.
+
+ MOVE and UID MOVE can be pipelined with other commands, but care has
+ to be taken. Both commands modify sequence numbers and also allow
+ unrelated EXPUNGE responses. The renumbering of other messages in
+ the source mailbox following any EXPUNGE response can be surprising
+ and makes it unsafe to pipeline any command that relies on message
+ sequence numbers after a MOVE or UID MOVE. Similarly, MOVE cannot be
+ pipelined with a command that might cause message renumbering. See
+ Section 5.5 for more information about ambiguities as well as
+ handling requirements for both clients and servers.
+
+6.4.9. UID Command
+
+ Arguments: command name
+
+ command arguments
+
+ Responses: untagged responses: FETCH, ESEARCH, EXPUNGE
+
+ Result: OK - UID command completed
+ NO - UID command error
+ BAD - command unknown or arguments invalid
+
+ The UID command has three forms. In the first form, it takes as its
+ arguments a COPY, MOVE, FETCH, or STORE command with arguments
+ appropriate for the associated command. However, the numbers in the
+ sequence-set argument are unique identifiers instead of message
+ sequence numbers. Sequence-set ranges are permitted, but there is no
+ guarantee that unique identifiers will be contiguous.
+
+ A non-existent unique identifier is ignored without any error message
+ generated. Thus, it is possible for a UID FETCH command to return an
+ OK without any data or a UID COPY, UID MOVE, or UID STORE to return
+ an OK without performing any operations.
+
+ In the second form, the UID command takes an EXPUNGE command with an
+ extra parameter that specifies a sequence set of UIDs to operate on.
+ The UID EXPUNGE command permanently removes all messages that have
+ both the \Deleted flag set and a UID that is included in the
+ specified sequence set from the currently selected mailbox. If a
+ message either does not have the \Deleted flag set or has a UID that
+ is not included in the specified sequence set, it is not affected.
+
+ UID EXPUNGE is particularly useful for disconnected use clients. By
+ using UID EXPUNGE instead of EXPUNGE when resynchronizing with the
+ server, the client can ensure that it does not inadvertently remove
+ any messages that have been marked as \Deleted by other clients
+ between the time that the client was last connected and the time the
+ client resynchronizes.
+
+ Example:
+
+ C: A003 UID EXPUNGE 3000:3002
+ S: * 3 EXPUNGE
+ S: * 3 EXPUNGE
+ S: * 3 EXPUNGE
+ S: A003 OK UID EXPUNGE completed
+
+ In the third form, the UID command takes a SEARCH command with SEARCH
+ command arguments. The interpretation of the arguments is the same
+ as with SEARCH; however, the numbers returned in an ESEARCH response
+ for a UID SEARCH command are unique identifiers instead of message
+ sequence numbers. Also, the corresponding ESEARCH response MUST
+ include the UID indicator. For example, the command UID SEARCH 1:100
+ UID 443:557 returns the unique identifiers corresponding to the
+ intersection of two sequence sets, the message sequence number range
+ 1:100, and the UID range 443:557.
+
+ Note: in the above example, the UID range 443:557 appears. The
+ same comment about a non-existent unique identifier being ignored
+ without any error message also applies here. Hence, even if
+ neither UID 443 or 557 exist, this range is valid and would
+ include an existing UID 495.
+
+ Also note that a UID range of 559:* always includes the UID of the
+ last message in the mailbox, even if 559 is higher than any
+ assigned UID value. This is because the contents of a range are
+ independent of the order of the range endpoints. Thus, any UID
+ range with * as one of the endpoints indicates at least one
+ message (the message with the highest numbered UID), unless the
+ mailbox is empty.
+
+ The number after the "*" in an untagged FETCH or EXPUNGE response is
+ always a message sequence number, not a unique identifier, even for a
+ UID command response. However, server implementations MUST
+ implicitly include the UID message data item as part of any FETCH
+ response caused by a UID command, regardless of whether a UID was
+ specified as a message data item to the FETCH.
+
+ Note: The rule about including the UID message data item as part of a
+ FETCH response primarily applies to the UID FETCH and UID STORE
+ commands, including a UID FETCH command that does not include UID as
+ a message data item. Although it is unlikely that the other UID
+ commands will cause an untagged FETCH, this rule applies to these
+ commands as well.
+
+ Example:
+
+ C: A999 UID FETCH 4827313:4828442 FLAGS
+ S: * 23 FETCH (FLAGS (\Seen) UID 4827313)
+ S: * 24 FETCH (FLAGS (\Seen) UID 4827943)
+ S: * 25 FETCH (FLAGS (\Seen) UID 4828442)
+ S: A999 OK UID FETCH completed
+
+6.5. Client Commands - Experimental/Expansion
+
+ Each command that is not part of this specification MUST have at
+ least one capability name (see Section 6.1.1) associated with it.
+ (Multiple commands can be associated with the same capability name.)
+
+ Server implementations MUST NOT send any added untagged responses
+ (not specified in this specification), unless the client requested it
+ by issuing the associated experimental command (specified in an
+ extension document) or the ENABLE command (Section 6.3.1).
+
+ The following example demonstrates how a client can check for the
+ presence of a fictitious XPIG-LATIN capability that adds the XPIG-
+ LATIN command and the XPIG-LATIN untagged response. (Note that for
+ an extension, the command name and the capability name don't have to
+ be the same.)
+
+ Example:
+
+ C: a441 CAPABILITY
+ S: * CAPABILITY IMAP4rev2 XPIG-LATIN
+ S: a441 OK CAPABILITY completed
+ C: A442 XPIG-LATIN
+ S: * XPIG-LATIN ow-nay eaking-spay ig-pay atin-lay
+ S: A442 OK XPIG-LATIN ompleted-cay
+
+7. Server Responses
+
+ Server responses are in three forms: status responses, server data,
+ and command continuation requests. The information contained in a
+ server response, identified by "Contents:" in the response
+ descriptions below, is described by function, not by syntax. The
+ precise syntax of server responses is described in "Formal Syntax"
+ (Section 9).
+
+ The client MUST be prepared to accept any response at all times.
+
+ Status responses can be tagged or untagged. Tagged status responses
+ indicate the completion result (OK, NO, or BAD status) of a client
+ command and have a tag matching the command.
+
+ Some status responses, and all server data, are untagged. An
+ untagged response is indicated by the token "*" instead of a tag.
+ Untagged status responses indicate server greeting or server status
+ that does not indicate the completion of a command (for example, an
+ impending system shutdown alert). For historical reasons, untagged
+ server data responses are also called "unsolicited data", although
+ strictly speaking, only unilateral server data is truly
+ "unsolicited".
+
+ Certain server data MUST be remembered by the client when it is
+ received; this is noted in the description of that data. Such data
+ conveys critical information that affects the interpretation of all
+ subsequent commands and responses (e.g., updates reflecting the
+ creation or destruction of messages).
+
+ Other server data SHOULD be remembered for later reference; if the
+ client does not need to remember the data, or if remembering the data
+ has no obvious purpose (e.g., a SEARCH response when no SEARCH
+ command is in progress), the data can be ignored.
+
+ An example of unilateral untagged server data occurs when the IMAP
+ connection is in the selected state. In the selected state, the
+ server checks the mailbox for new messages as part of command
+ execution. Normally, this is part of the execution of every command;
+ hence, a NOOP command suffices to check for new messages. If new
+ messages are found, the server sends an untagged EXISTS response
+ reflecting the new size of the mailbox. Server implementations that
+ offer multiple simultaneous access to the same mailbox SHOULD also
+ send appropriate unilateral untagged FETCH and EXPUNGE responses if
+ another agent changes the state of any message flags or expunges any
+ messages.
+
+ Command continuation request responses use the token "+" instead of a
+ tag. These responses are sent by the server to indicate acceptance
+ of an incomplete client command and readiness for the remainder of
+ the command.
+
+7.1. Server Responses - Generic Status Responses
+
+ Status responses are OK, NO, BAD, PREAUTH, and BYE. OK, NO, and BAD
+ can be tagged or untagged. PREAUTH and BYE are always untagged.
+
+ Status responses MAY include an OPTIONAL "response code". A response
+ code consists of data inside square brackets in the form of an atom,
+ possibly followed by a space and arguments. The response code
+ contains additional information or status codes for client software
+ beyond the OK/NO/BAD condition and are defined when there is a
+ specific action that a client can take based upon the additional
+ information.
+
+ The currently defined response codes are:
+
+ ALERT
+ The human-readable text contains a special alert that is presented
+ to the user in a fashion that calls the user's attention to the
+ message. Content of ALERT response codes received on a connection
+ without TLS or SASL security-layer confidentiality SHOULD be
+ ignored by clients. If displayed, such alerts MUST be clearly
+ marked as potentially suspicious. (Note that some existing
+ clients are known to hyperlink returned text, which make them very
+ dangerous.) Alerts received after successful establishment of a
+ TLS/SASL confidentiality layer MUST be presented to the user.
+
+ ALREADYEXISTS
+ The operation attempts to create something that already exists,
+ such as when a CREATE or RENAME command attempts to create a
+ mailbox and there is already one of that name.
+
+ C: o356 RENAME this that
+ S: o356 NO [ALREADYEXISTS] Mailbox "that" already exists
+
+ APPENDUID
+ Followed by the UIDVALIDITY of the destination mailbox and the UID
+ assigned to the appended message in the destination mailbox, it
+ indicates that the message has been appended to the destination
+ mailbox with that UID.
+
+ If the server also supports the [MULTIAPPEND] extension, and if
+ multiple messages were appended in the APPEND command, then the
+ second value is a UID set containing the UIDs assigned to the
+ appended messages, in the order they were transmitted in the
+ APPEND command. This UID set may not contain extraneous UIDs or
+ the symbol "*".
+
+ Note: the UID set form of the APPENDUID response code MUST NOT
+ be used if only a single message was appended. In particular,
+ a server MUST NOT send a range such as 123:123. This is
+ because a client that does not support [MULTIAPPEND] expects
+ only a single UID and not a UID set.
+
+ UIDs are assigned in strictly ascending order in the mailbox
+ (refer to Section 2.3.1.1); note that a range of 12:10 is exactly
+ equivalent to 10:12 and refers to the sequence 10,11,12.
+
+ This response code is returned in a tagged OK response to the
+ APPEND command.
+
+ AUTHENTICATIONFAILED
+ Authentication failed for some reason on which the server is
+ unwilling to elaborate. Typically, this includes "unknown user"
+ and "bad password".
+
+ This is the same as not sending any response code, except that
+ when a client sees AUTHENTICATIONFAILED, it knows that the problem
+ wasn't, e.g., UNAVAILABLE, so there's no point in trying the same
+ login/password again later.
+
+ C: b LOGIN "fred" "foo"
+ S: b NO [AUTHENTICATIONFAILED] Authentication failed
+
+ AUTHORIZATIONFAILED
+ Authentication succeeded in using the authentication identity, but
+ the server cannot or will not allow the authentication identity to
+ act as the requested authorization identity. This is only
+ applicable when the authentication and authorization identities
+ are different.
+
+ C: c1 AUTHENTICATE PLAIN
+ [...]
+ S: c1 NO [AUTHORIZATIONFAILED] No such authorization-ID
+
+ C: c2 AUTHENTICATE PLAIN
+ [...]
+ S: c2 NO [AUTHORIZATIONFAILED] Authenticator is not an admin
+
+ BADCHARSET
+ Optionally followed by a parenthesized list of charsets. A SEARCH
+ failed because the given charset is not supported by this
+ implementation. If the optional list of charsets is given, this
+ lists the charsets that are supported by this implementation.
+
+ CANNOT
+ This operation violates some invariant of the server and can never
+ succeed.
+
+ C: l create "///////"
+ S: l NO [CANNOT] Adjacent slashes are not supported
+
+ CAPABILITY
+ Followed by a list of capabilities. This can appear in the
+ initial OK or PREAUTH response to transmit an initial capabilities
+ list. It can also appear in tagged responses to LOGIN or
+ AUTHENTICATE commands. This makes it unnecessary for a client to
+ send a separate CAPABILITY command if it recognizes this response
+ code and there was no change to the TLS and/or authentication
+ state since it was received.
+
+ CLIENTBUG
+ The server has detected a client bug. This can accompany any of
+ OK, NO, and BAD, depending on what the client bug is.
+
+ C: k1 select "/archive/projects/experiment-iv"
+ [...]
+ S: k1 OK [READ-ONLY] Done
+ C: k2 status "/archive/projects/experiment-iv" (messages)
+ [...]
+ S: k2 OK [CLIENTBUG] Done
+
+ CLOSED
+ The CLOSED response code has no parameters. A server returns the
+ CLOSED response code when the currently selected mailbox is closed
+ implicitly using the SELECT or EXAMINE command on another mailbox.
+ The CLOSED response code serves as a boundary between responses
+ for the previously opened mailbox (which was closed) and the newly
+ selected mailbox; all responses before the CLOSED response code
+ relate to the mailbox that was closed, and all subsequent
+ responses relate to the newly opened mailbox.
+
+ There is no need to return the CLOSED response code on completion
+ of the CLOSE or the UNSELECT command (or similar), whose purpose
+ is to close the currently selected mailbox without opening a new
+ one.
+
+ CONTACTADMIN
+ The user should contact the system administrator or support desk.
+
+ C: e login "fred" "foo"
+ S: e NO [CONTACTADMIN]
+
+ COPYUID
+ Followed by the UIDVALIDITY of the destination mailbox, a UID set
+ containing the UIDs of the message(s) in the source mailbox that
+ were copied to the destination mailbox, followed by another UID
+ set containing the UIDs assigned to the copied message(s) in the
+ destination mailbox, indicates that the message(s) has been copied
+ to the destination mailbox with the stated UID(s).
+
+ The source UID set is in the order the message(s) was copied; the
+ destination UID set corresponds to the source UID set and is in
+ the same order. Neither of the UID sets may contain extraneous
+ UIDs or the symbol "*".
+
+ UIDs are assigned in strictly ascending order in the mailbox
+ (refer to Section 2.3.1.1); note that a range of 12:10 is exactly
+ equivalent to 10:12 and refers to the sequence 10,11,12.
+
+ This response code is returned in a tagged OK response to the COPY
+ or UID COPY command or in the untagged OK response to the MOVE or
+ UID MOVE command.
+
+ CORRUPTION
+ The server discovered that some relevant data (e.g., the mailbox)
+ are corrupt. This response code does not include any information
+ about what's corrupt, but the server can write that to its
+ logfiles.
+
+ C: i select "/archive/projects/experiment-iv"
+ S: i NO [CORRUPTION] Cannot open mailbox
+
+ EXPIRED
+ Either authentication succeeded or the server no longer had the
+ necessary data; either way, access is no longer permitted using
+ that passphrase. The client or user should get a new passphrase.
+
+ C: d login "fred" "foo"
+ S: d NO [EXPIRED] That password isn't valid any more
+
+ EXPUNGEISSUED
+ Someone else has issued an EXPUNGE for the same mailbox. The
+ client may want to issue NOOP soon. [IMAP-MULTIACCESS] discusses
+ this subject in depth.
+
+ C: h search from maria@example.com
+ S: * ESEARCH (TAG "h") ALL 1:3,5,8,13,21,42
+ S: h OK [EXPUNGEISSUED] Search completed
+
+ HASCHILDREN
+ The mailbox delete operation failed because the mailbox has one or
+ more children, and the server doesn't allow deletion of mailboxes
+ with children.
+
+ C: m356 DELETE Notes
+ S: o356 NO [HASCHILDREN] Mailbox "Notes" has children
+ that need to be deleted first
+
+ INUSE
+ An operation has not been carried out because it involves sawing
+ off a branch someone else is sitting on. Someone else may be
+ holding an exclusive lock needed for this operation, or the
+ operation may involve deleting a resource someone else is using,
+ typically a mailbox.
+
+ The operation may succeed if the client tries again later.
+
+ C: g delete "/archive/projects/experiment-iv"
+ S: g NO [INUSE] Mailbox in use
+
+ LIMIT
+ The operation ran up against an implementation limit of some kind,
+ such as the number of flags on a single message or the number of
+ flags used in a mailbox.
+
+ C: m STORE 42 FLAGS f1 f2 f3 f4 f5 ... f250
+ S: m NO [LIMIT] At most 32 flags in one mailbox supported
+
+ NONEXISTENT
+ The operation attempts to delete something that does not exist.
+ Similar to ALREADYEXISTS.
+
+ C: p RENAME this that
+ S: p NO [NONEXISTENT] No such mailbox
+
+ NOPERM
+ The access control system (e.g., ACL; see [RFC4314]) does not
+ permit this user to carry out an operation, such as selecting or
+ creating a mailbox.
+
+ C: f select "/archive/projects/experiment-iv"
+ S: f NO [NOPERM] Access denied
+
+ OVERQUOTA
+ The user would be over quota after the operation. (The user may
+ or may not be over quota already.)
+
+ Note that if the server sends OVERQUOTA but doesn't support the
+ IMAP QUOTA extension defined by [RFC2087], then there is a quota,
+ but the client cannot find out what the quota is.
+
+ C: n1 uid copy 1:* oldmail
+ S: n1 NO [OVERQUOTA] Sorry
+
+ C: n2 uid copy 1:* oldmail
+ S: n2 OK [OVERQUOTA] You are now over your soft quota
+
+ PARSE
+ The human-readable text represents an error in parsing the
+ [RFC5322] header or [MIME-IMB] headers of a message in the
+ mailbox.
+
+ PERMANENTFLAGS
+ Followed by a parenthesized list of flags and indicates which of
+ the known flags the client can change permanently. Any flags that
+ are in the FLAGS untagged response, but not in the PERMANENTFLAGS
+ list, cannot be set permanently. The PERMANENTFLAGS list can also
+ include the special flag \*, which indicates that it is possible
+ to create new keywords by attempting to store those keywords in
+ the mailbox. If the client attempts to STORE a flag that is not
+ in the PERMANENTFLAGS list, the server will either ignore the
+ change or store the state change for the remainder of the current
+ session only.
+
+ There is no need for a server that included the special flag \* to
+ return a new PERMANENTFLAGS response code when a new keyword was
+ successfully set on a message upon client request. However, if
+ the server has a limit on the number of different keywords that
+ can be stored in a mailbox and that limit is reached, the server
+ MUST send a new PERMANENTFLAGS response code without the special
+ flag \*.
+
+ PRIVACYREQUIRED
+ The operation is not permitted due to a lack of data
+ confidentiality. If TLS is not in use, the client could try
+ STARTTLS (see Section 6.2.1) or alternatively reconnect on an
+ Implicit TLS port, and then repeat the operation.
+
+ C: d login "fred" "foo"
+ S: d NO [PRIVACYREQUIRED] Connection offers no privacy
+
+ C: d select inbox
+ S: d NO [PRIVACYREQUIRED] Connection offers no privacy
+
+ READ-ONLY
+ The mailbox is selected as read-only, or its access while selected
+ has changed from read-write to read-only.
+
+ READ-WRITE
+ The mailbox is selected as read-write, or its access while
+ selected has changed from read-only to read-write.
+
+ SERVERBUG
+ The server encountered a bug in itself or violated one of its own
+ invariants.
+
+ C: j select "/archive/projects/experiment-iv"
+ S: j NO [SERVERBUG] This should not happen
+
+ TRYCREATE
+ An APPEND, COPY, or MOVE attempt is failing because the target
+ mailbox does not exist (as opposed to some other reason). This is
+ a hint to the client that the operation can succeed if the mailbox
+ is first created by the CREATE command.
+
+ UIDNEXT
+ Followed by a decimal number and indicates the next unique
+ identifier value. Refer to Section 2.3.1.1 for more information.
+
+ UIDNOTSTICKY
+ The selected mailbox is supported by a mail store that does not
+ support persistent UIDs; that is, UIDVALIDITY will be different
+ each time the mailbox is selected. Consequently, APPEND or COPY
+ to this mailbox will not return an APPENDUID or COPYUID response
+ code.
+
+ This response code is returned in an untagged NO response to the
+ SELECT command.
+
+ Note: servers SHOULD NOT have any UIDNOTSTICKY mail stores.
+ This facility exists to support legacy mail stores in which it
+ is technically infeasible to support persistent UIDs. This
+ should be avoided when designing new mail stores.
+
+ UIDVALIDITY
+ Followed by a decimal number and indicates the unique identifier
+ validity value. Refer to Section 2.3.1.1 for more information.
+
+ UNAVAILABLE
+ Temporary failure because a subsystem is down. For example, an
+ IMAP server that uses a Lightweight Directory Access Protocol
+ (LDAP) or Radius server for authentication might use this response
+ code when the LDAP/Radius server is down.
+
+ C: a LOGIN "fred" "foo"
+ S: a NO [UNAVAILABLE] User's backend down for maintenance
+
+ UNKNOWN-CTE
+ The server does not know how to decode the section's Content-
+ Transfer-Encoding.
+
+ Client implementations MUST ignore response codes that they do not
+ recognize.
+
+7.1.1. OK Response
+
+ Contents:
+ OPTIONAL response code
+ human-readable text
+
+ The OK response indicates an information message from the server.
+ When tagged, it indicates successful completion of the associated
+ command. The human-readable text MAY be presented to the user as an
+ information message. The untagged form indicates an information-only
+ message; the nature of the information MAY be indicated by a response
+ code.
+
+ The untagged form is also used as one of three possible greetings at
+ connection startup. It indicates that the connection is not yet
+ authenticated and that a LOGIN or an AUTHENTICATE command is needed.
+
+ Example:
+
+ S: * OK IMAP4rev2 server ready
+ C: A001 LOGIN fred blurdybloop
+ S: * OK [ALERT] System shutdown in 10 minutes
+ S: A001 OK LOGIN Completed
+
+7.1.2. NO Response
+
+ Contents:
+ OPTIONAL response code
+ human-readable text
+
+ The NO response indicates an operational error message from the
+ server. When tagged, it indicates unsuccessful completion of the
+ associated command. The untagged form indicates a warning; the
+ command can still complete successfully. The human-readable text
+ describes the condition.
+
+ Example:
+
+ C: A222 COPY 1:2 owatagusiam
+ S: * NO Disk is 98% full, please delete unnecessary data
+ S: A222 OK COPY completed
+ C: A223 COPY 3:200 blurdybloop
+ S: * NO Disk is 98% full, please delete unnecessary data
+ S: * NO Disk is 99% full, please delete unnecessary data
+ S: A223 NO COPY failed: disk is full
+
+7.1.3. BAD Response
+
+ Contents:
+ OPTIONAL response code
+ human-readable text
+
+ The BAD response indicates an error message from the server. When
+ tagged, it reports a protocol-level error in the client's command;
+ the tag indicates the command that caused the error. The untagged
+ form indicates a protocol-level error for which the associated
+ command can not be determined; it can also indicate an internal
+ server failure. The human-readable text describes the condition.
+
+ Example:
+
+ C: ...very long command line...
+ S: * BAD Command line too long
+ C: ...empty line...
+ S: * BAD Empty command line
+ C: A443 EXPUNGE
+ S: * BAD Disk crash, attempting salvage to a new disk!
+ S: * OK Salvage successful, no data lost
+ S: A443 OK Expunge completed
+
+7.1.4. PREAUTH Response
+
+ Contents:
+ OPTIONAL response code
+ human-readable text
+
+ The PREAUTH response is always untagged and is one of three possible
+ greetings at connection startup. It indicates that the connection
+ has already been authenticated by external means; thus, no LOGIN/
+ AUTHENTICATE command is needed.
+
+ Because PREAUTH moves the connection directly to the authenticated
+ state, it effectively prevents the client from using the STARTTLS
+ command (Section 6.2.1). For this reason, the PREAUTH response
+ SHOULD only be returned by servers on connections that are protected
+ by TLS (such as on an Implicit TLS port [RFC8314]) or protected
+ through other means such as IPsec. Clients that require mandatory
+ TLS MUST close the connection after receiving the PREAUTH response on
+ a non-protected port.
+
+ Example:
+
+ S: * PREAUTH IMAP4rev2 server logged in as Smith
+
+7.1.5. BYE Response
+
+ Contents:
+ OPTIONAL response code
+ human-readable text
+
+ The BYE response is always untagged and indicates that the server is
+ about to close the connection. The human-readable text MAY be
+ displayed to the user in a status report by the client. The BYE
+ response is sent under one of four conditions:
+
+ 1. as part of a normal logout sequence. The server will close the
+ connection after sending the tagged OK response to the LOGOUT
+ command.
+
+ 2. as a panic shutdown announcement. The server closes the
+ connection immediately.
+
+ 3. as an announcement of an inactivity autologout. The server
+ closes the connection immediately.
+
+ 4. as one of three possible greetings at connection startup,
+ indicating that the server is not willing to accept a connection
+ from this client. The server closes the connection immediately.
+
+ The difference between a BYE that occurs as part of a normal LOGOUT
+ sequence (the first case) and a BYE that occurs because of a failure
+ (the other three cases) is that the connection closes immediately in
+ the failure case. In all cases, the client SHOULD continue to read
+ response data from the server until the connection is closed; this
+ will ensure that any pending untagged or completion responses are
+ read and processed.
+
+ Example:
+
+ S: * BYE Autologout; idle for too long
+
+7.2. Server Responses - Server Status
+
+ These responses are always untagged. This is how server status data
+ are transmitted from the server to the client.
+
+7.2.1. ENABLED Response
+
+ Contents: capability listing
+
+ The ENABLED response occurs as a result of an ENABLE command. The
+ capability listing contains a space-separated listing of capability
+ names that the server supports and that were successfully enabled.
+ The ENABLED response may contain no capabilities, which means that no
+ extensions listed by the client were successfully enabled.
+
+ Example:
+
+ S: * ENABLED CONDSTORE QRESYNC
+
+7.2.2. CAPABILITY Response
+
+ Contents: capability listing
+
+ The CAPABILITY response occurs as a result of a CAPABILITY command.
+ The capability listing contains a space-separated listing of
+ capability names that the server supports. The capability listing
+ MUST include the atom "IMAP4rev2", but note that it doesn't have to
+ be the first capability listed. The order of capability names has no
+ significance.
+
+ Client and server implementations MUST implement the capabilities
+ "AUTH=PLAIN" (described in [PLAIN]), and MUST implement "STARTTLS"
+ and "LOGINDISABLED" on the cleartext port. See the Security
+ Considerations (Section 11) for important information related to
+ these capabilities.
+
+ A capability name that begins with "AUTH=" indicates that the server
+ supports that particular authentication mechanism [SASL].
+
+ The LOGINDISABLED capability indicates that the LOGIN command is
+ disabled, and that the server will respond with a tagged NO response
+ to any attempt to use the LOGIN command even if the user name and
+ password are valid (their validity will not be checked). An IMAP
+ client MUST NOT issue the LOGIN command if the server advertises the
+ LOGINDISABLED capability.
+
+ Other capability names indicate that the server supports an
+ extension, revision, or amendment to the IMAP4rev2 protocol. If
+ IMAP4rev1 capability is not advertised, server responses MUST conform
+ to this document until the client issues a command that uses an
+ additional capability. If both IMAP4rev1 and IMAP4rev2 capabilities
+ are advertised, server responses MUST conform to [RFC3501] until the
+ client issues a command that uses an additional capability. (For
+ example, the client can issue ENABLE IMAP4rev2 to enable
+ IMAP4rev2-specific behavior.)
+
+ Capability names SHOULD be registered with IANA using the RFC
+ Required policy [RFC8126]. A server SHOULD NOT offer unregistered
+ capability names.
+
+ Client implementations SHOULD NOT require any capability name other
+ than "IMAP4rev2", and possibly "STARTTLS" and "LOGINDISABLED" (on a
+ cleartext port). Client implementations MUST ignore any unknown
+ capability names.
+
+ A server MAY send capabilities automatically, by using the CAPABILITY
+ response code in the initial PREAUTH or OK responses and by sending
+ an updated CAPABILITY response code in the tagged OK response as part
+ of a successful authentication. It is unnecessary for a client to
+ send a separate CAPABILITY command if it recognizes these automatic
+ capabilities and there was no change to the TLS and/or authentication
+ state since they were received.
+
+ The list of capabilities returned by a server MAY change during the
+ connection. In particular, it is quite common for the server to
+ change the list of capabilities after successful TLS negotiation
+ (STARTTLS command) and/or after successful authentication
+ (AUTHENTICATE or LOGIN commands).
+
+ Example:
+
+ S: * CAPABILITY STARTTLS AUTH=GSSAPI IMAP4rev2 LOGINDISABLED
+ XPIG-LATIN
+
+ Note that in the above example, XPIG-LATIN is a fictitious capability
+ name.
+
+7.3. Server Responses - Mailbox Status
+
+ These responses are always untagged. This is how mailbox status data
+ are transmitted from the server to the client. Many of these
+ responses typically result from a command with the same name.
+
+7.3.1. LIST Response
+
+ Contents:
+ name attributes
+ hierarchy delimiter
+ name
+ OPTIONAL extension data
+
+ The LIST response occurs as a result of a LIST command. It returns a
+ single name that matches the LIST specification. There can be
+ multiple LIST responses for a single LIST command.
+
+ The following base mailbox name attributes are defined:
+
+ \NonExistent
+ The "\NonExistent" attribute indicates that a mailbox name does
+ not refer to an existing mailbox. Note that this attribute is not
+ meaningful by itself, as mailbox names that match the canonical
+ LIST pattern but don't exist must not be returned unless one of
+ the two conditions listed below is also satisfied:
+
+ 1. The mailbox name also satisfies the selection criteria (for
+ example, it is subscribed and the "SUBSCRIBED" selection
+ option has been specified).
+
+ 2. "RECURSIVEMATCH" has been specified, and the mailbox name has
+ at least one descendant mailbox name that does not match the
+ LIST pattern and does match the selection criteria.
+
+ In practice, this means that the "\NonExistent" attribute is
+ usually returned with one or more of "\Subscribed", "\Remote",
+ "\HasChildren", or the CHILDINFO extended data item.
+
+ The "\NonExistent" attribute implies "\NoSelect".
+
+ \Noinferiors
+ It is not possible for any child levels of hierarchy to exist
+ under this name; no child levels exist now and none can be created
+ in the future.
+
+ \Noselect
+ It is not possible to use this name as a selectable mailbox.
+
+ \HasChildren
+ The presence of this attribute indicates that the mailbox has
+ child mailboxes. A server SHOULD NOT set this attribute if there
+ are child mailboxes and the user does not have permission to
+ access any of them. In this case, \HasNoChildren SHOULD be used.
+ In many cases, however, a server may not be able to efficiently
+ compute whether a user has access to any child mailboxes. Note
+ that even though the \HasChildren attribute for a mailbox must be
+ correct at the time of processing the mailbox, a client must be
+ prepared to deal with a situation when a mailbox is marked with
+ the \HasChildren attribute, but no child mailbox appears in the
+ response to the LIST command. This might happen, for example, due
+ to child mailboxes being deleted or made inaccessible to the user
+ (using access control) by another client before the server is able
+ to list them.
+
+ \HasNoChildren
+ The presence of this attribute indicates that the mailbox has NO
+ child mailboxes that are accessible to the currently authenticated
+ user.
+
+ \Marked
+ The mailbox has been marked "interesting" by the server; the
+ mailbox probably contains messages that have been added since the
+ last time the mailbox was selected.
+
+ \Unmarked
+ The mailbox does not contain any additional messages since the
+ last time the mailbox was selected.
+
+ \Subscribed
+ The mailbox name was subscribed to using the SUBSCRIBE command.
+
+ \Remote
+ The mailbox is a remote mailbox.
+
+ It is an error for the server to return both a \HasChildren and a
+ \HasNoChildren attribute in the same LIST response. A client that
+ encounters a LIST response with both \HasChildren and \HasNoChildren
+ attributes present should act as if both are absent in the LIST
+ response.
+
+ Note: the \HasNoChildren attribute should not be confused with the
+ \NoInferiors attribute, which indicates that no child mailboxes
+ exist now and none can be created in the future.
+
+ If it is not feasible for the server to determine whether or not the
+ mailbox is "interesting", the server SHOULD NOT send either \Marked
+ or \Unmarked. The server MUST NOT send more than one of \Marked,
+ \Unmarked, and \Noselect for a single mailbox, and it MAY send none
+ of these.
+
+ In addition to the base mailbox name attributes defined above, an
+ IMAP server MAY also include any or all of the following attributes
+ that denote "role" (or "special-use") of a mailbox. These attributes
+ are included along with base attributes defined above. A given
+ mailbox may have none, one, or more than one of these attributes. In
+ some cases, a special use is advice to a client about what to put in
+ that mailbox. In other cases, it's advice to a client about what to
+ expect to find there.
+
+ \All
+ This mailbox presents all messages in the user's message store.
+ Implementations MAY omit some messages, such as, perhaps, those in
+ \Trash and \Junk. When this special use is supported, it is
+ almost certain to represent a virtual mailbox.
+
+ \Archive
+ This mailbox is used to archive messages. The meaning of an
+ "archival" mailbox is server dependent; typically, it will be used
+ to get messages out of the inbox, or otherwise keep them out of
+ the user's way, while still making them accessible.
+
+ \Drafts
+ This mailbox is used to hold draft messages -- typically, messages
+ that are being composed but have not yet been sent. In some
+ server implementations, this might be a virtual mailbox,
+ containing messages from other mailboxes that are marked with the
+ "\Draft" message flag. Alternatively, this might just be advice
+ that a client put drafts here.
+
+ \Flagged
+ This mailbox presents all messages marked in some way as
+ "important". When this special use is supported, it is likely to
+ represent a virtual mailbox collecting messages (from other
+ mailboxes) that are marked with the "\Flagged" message flag.
+
+ \Junk
+ This mailbox is where messages deemed to be junk mail are held.
+ Some server implementations might put messages here automatically.
+ Alternatively, this might just be advice to a client-side spam
+ filter.
+
+ \Sent
+ This mailbox is used to hold copies of messages that have been
+ sent. Some server implementations might put messages here
+ automatically. Alternatively, this might just be advice that a
+ client save sent messages here.
+
+ \Trash
+ This mailbox is used to hold messages that have been deleted or
+ marked for deletion. In some server implementations, this might
+ be a virtual mailbox, containing messages from other mailboxes
+ that are marked with the "\Deleted" message flag. Alternatively,
+ this might just be advice that a client that chooses not to use
+ the IMAP "\Deleted" model should use as its trash location. In
+ server implementations that strictly expect the IMAP "\Deleted"
+ model, this special use is likely not to be supported.
+
+ All special-use attributes are OPTIONAL, and any given server or
+ message store may support any combination of the attributes, or none
+ at all. In most cases, there will likely be at most one mailbox with
+ a given attribute for a given user, but in some server or message
+ store implementations, it might be possible for multiple mailboxes to
+ have the same special-use attribute.
+
+ Special-use attributes are likely to be user specific. User Adam
+ might share his \Sent mailbox with user Barb, but that mailbox is
+ unlikely to also serve as Barb's \Sent mailbox.
+
+ Other mailbox name attributes can be found in the "IMAP Mailbox Name
+ Attributes" registry [IMAP-MAILBOX-NAME-ATTRS-REG].
+
+ The hierarchy delimiter is a character used to delimit levels of
+ hierarchy in a mailbox name. A client can use it to create child
+ mailboxes and to search higher or lower levels of naming hierarchy.
+ All children of a top-level hierarchy node MUST use the same
+ separator character. A NIL hierarchy delimiter means that no
+ hierarchy exists; the name is a "flat" name.
+
+ The name represents an unambiguous left-to-right hierarchy and MUST
+ be valid for use as a reference in LIST command. Unless \Noselect or
+ \NonExistent is indicated, the name MUST also be valid as an argument
+ for commands, such as SELECT, that accept mailbox names.
+
+ The name might be followed by an OPTIONAL series of extended fields,
+ a parenthesized list of tagged data (also referred to as an "extended
+ data item"). The first element of an extended field is a string,
+ which identifies the type of data. [RFC5258] specifies requirements
+ on string registration (which are called "tags"; such tags are not to
+ be confused with IMAP command tags); in particular, it states that
+ "Tags MUST be registered with IANA". This document doesn't change
+ that. See Section 9.5 of [RFC5258] for the registration template.
+ The server MAY return data in the extended fields that was not
+ directly solicited by the client in the corresponding LIST command.
+ For example, the client can enable extra extended fields by using
+ another IMAP extension that makes use of the extended LIST responses.
+ The client MUST ignore all extended fields it doesn't recognize.
+
+ Example:
+
+ S: * LIST (\Noselect) "/" ~/Mail/foo
+
+ Example:
+
+ S: * LIST (\Marked) ":" Tables (tablecloth (("edge" "lacy")
+ ("color" "red")) Sample "text")
+ S: * LIST () ":" Tables:new (tablecloth ("edge" "lacy")
+ Sample ("text" "more text"))
+
+7.3.2. NAMESPACE Response
+
+ Contents: the prefix and hierarchy delimiter to the server's
+ Personal Namespace(s), Other Users' Namespace(s), and
+ Shared Namespace(s)
+
+ The NAMESPACE response occurs as a result of a NAMESPACE command. It
+ contains the prefix and hierarchy delimiter to the server's Personal
+ Namespace(s), Other Users' Namespace(s), and Shared Namespace(s) that
+ the server wishes to expose. The response will contain a NIL for any
+ namespace class that is not available. The Namespace-Response-
+ Extensions ABNF non-terminal is defined for extensibility and MAY be
+ included in the response.
+
+ Example:
+
+ S: * NAMESPACE (("" "/")) (("~" "/")) NIL
+
+7.3.3. STATUS Response
+
+ Contents:
+ name
+ status parenthesized list
+
+ The STATUS response occurs as a result of a STATUS command. It
+ returns the mailbox name that matches the STATUS specification and
+ the requested mailbox status information.
+
+ Example:
+
+ S: * STATUS blurdybloop (MESSAGES 231 UIDNEXT 44292)
+
+7.3.4. ESEARCH Response
+
+ Contents: one or more search-return-data pairs
+
+ The ESEARCH response occurs as a result of a SEARCH or UID SEARCH
+ command.
+
+ The ESEARCH response starts with an optional search correlator. If
+ it is missing, then the response was not caused by a particular IMAP
+ command, whereas if it is present, it contains the tag of the command
+ that caused the response to be returned.
+
+ The search correlator is followed by an optional UID indicator. If
+ this indicator is present, all data in the ESEARCH response refers to
+ UIDs; otherwise, all returned data refers to message numbers.
+
+ The rest of the ESEARCH response contains one or more search data
+ pairs. Each pair starts with a unique return item name, followed by
+ a space and the corresponding data. Search data pairs may be
+ returned in any order. Unless otherwise specified by an extension,
+ any return item name SHOULD appear only once in an ESEARCH response.
+
+ This document specifies the following return item names:
+
+ MIN
+ Returns the lowest message number/UID that satisfies the SEARCH
+ criteria.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the MIN return item in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ MAX
+ Returns the highest message number/UID that satisfies the SEARCH
+ criteria.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the MAX return item in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ ALL
+ Returns all message numbers/UIDs that satisfy the SEARCH criteria
+ using the sequence-set syntax. Each set MUST be complete; in
+ particular, a UID set is returned in an ESEARCH response only when
+ each number in the range corresponds to an existing (matching)
+ message. The client MUST NOT assume that messages/UIDs will be
+ listed in any particular order.
+
+ If the SEARCH results in no matches, the server MUST NOT include
+ the ALL return item in the ESEARCH response; however, it still
+ MUST send the ESEARCH response.
+
+ COUNT
+ Returns the number of messages that satisfy the SEARCH criteria.
+ This return item MUST always be included in the ESEARCH response.
+
+ Example:
+
+ S: * ESEARCH UID COUNT 17 ALL 4:18,21,28
+
+ Example:
+
+ S: * ESEARCH (TAG "a567") UID COUNT 17 ALL 4:18,21,28
+
+ Example:
+
+ S: * ESEARCH COUNT 18 ALL 1:17,21
+
+7.3.5. FLAGS Response
+
+ Contents: flag parenthesized list
+
+ The FLAGS response occurs as a result of a SELECT or EXAMINE command.
+ The flag parenthesized list identifies the flags (at a minimum, the
+ system-defined flags) that are applicable for this mailbox. Flags
+ other than the system flags can also exist, depending on server
+ implementation.
+
+ The update from the FLAGS response MUST be remembered by the client.
+
+ Example:
+
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+
+7.4. Server Responses - Mailbox Size
+
+ These responses are always untagged. This is how changes in the size
+ of the mailbox are transmitted from the server to the client.
+ Immediately following the "*" token is a number that represents a
+ message count.
+
+7.4.1. EXISTS Response
+
+ Contents: none
+
+ The EXISTS response reports the number of messages in the mailbox.
+ This response occurs as a result of a SELECT or EXAMINE command and
+ if the size of the mailbox changes (e.g., new messages).
+
+ The update from the EXISTS response MUST be remembered by the client.
+
+ Example:
+
+ S: * 23 EXISTS
+
+7.5. Server Responses - Message Status
+
+ These responses are always untagged. This is how message data are
+ transmitted from the server to the client, often as a result of a
+ command with the same name. Immediately following the "*" token is a
+ number that represents a message sequence number.
+
+7.5.1. EXPUNGE Response
+
+ Contents: none
+
+ The EXPUNGE response reports that the specified message sequence
+ number has been permanently removed from the mailbox. The message
+ sequence number for each successive message in the mailbox is
+ immediately decremented by 1, and this decrement is reflected in
+ message sequence numbers in subsequent responses (including other
+ untagged EXPUNGE responses).
+
+ The EXPUNGE response also decrements the number of messages in the
+ mailbox; it is not necessary to send an EXISTS response with the new
+ value.
+
+ As a result of the immediate decrement rule, message sequence numbers
+ that appear in a set of successive EXPUNGE responses depend upon
+ whether the messages are removed starting from lower numbers to
+ higher numbers, or from higher numbers to lower numbers. For
+ example, if the last 5 messages in a 9-message mailbox are expunged,
+ a "lower to higher" server will send five untagged EXPUNGE responses
+ for message sequence number 5, whereas a "higher to lower" server
+ will send successive untagged EXPUNGE responses for message sequence
+ numbers 9, 8, 7, 6, and 5.
+
+ An EXPUNGE response MUST NOT be sent when no command is in progress,
+ nor while responding to a FETCH, STORE, or SEARCH command. This rule
+ is necessary to prevent a loss of synchronization of message sequence
+ numbers between client and server. A command is not "in progress"
+ until the complete command has been received; in particular, a
+ command is not "in progress" during the negotiation of command
+ continuation.
+
+ Note: UID FETCH, UID STORE, and UID SEARCH are different commands
+ from FETCH, STORE, and SEARCH. An EXPUNGE response MAY be sent
+ during a UID command.
+
+ The update from the EXPUNGE response MUST be remembered by the
+ client.
+
+ Example:
+
+ S: * 44 EXPUNGE
+
+7.5.2. FETCH Response
+
+ Contents: message data
+
+ The FETCH response returns data about a message to the client. The
+ data are pairs of data item names, and their values are in
+ parentheses. This response occurs as the result of a FETCH or STORE
+ command, as well as by a unilateral server decision (e.g., flag
+ updates).
+
+ The current data items are:
+
+ BINARY[<section-binary>]<<number>>
+ An <nstring> or <literal8> expressing the content of the specified
+ section after removing any encoding specified in the corresponding
+ Content-Transfer-Encoding header field. If <number> is present,
+ it refers to the offset within the DECODED section data.
+
+ If the domain of the decoded data is "8bit" and the data does not
+ contain the NUL octet, the server SHOULD return the data in a
+ <string> instead of a <literal8>; this allows the client to
+ determine if the "8bit" data contains the NUL octet without having
+ to explicitly scan the data stream for NULs.
+
+ Messaging clients and servers have been notoriously lax in their
+ adherence to the Internet CRLF convention for terminating lines of
+ textual data (text/* media types) in Internet protocols. When
+ sending data in a BINARY[...] FETCH data item, servers MUST ensure
+ that textual line-oriented sections are always transmitted using
+ the IMAP CRLF line termination syntax, regardless of the
+ underlying storage representation of the data on the server.
+
+ If the server does not know how to decode the section's Content-
+ Transfer-Encoding, it MUST fail the request and issue a "NO"
+ response that contains the "UNKNOWN-CTE" response code.
+
+ BINARY.SIZE[<section-binary>]
+ The size of the section after removing any encoding specified in
+ the corresponding Content-Transfer-Encoding header field. The
+ value returned MUST match the size of the <nstring> or <literal8>
+ that will be returned by the corresponding FETCH BINARY request.
+
+ If the server does not know how to decode the section's Content-
+ Transfer-Encoding, it MUST fail the request and issue a "NO"
+ response that contains the "UNKNOWN-CTE" response code.
+
+ BODY
+ A form of BODYSTRUCTURE without extension data.
+
+ BODY[<section>]<<origin octet>>
+ A string expressing the body contents of the specified section.
+ The string SHOULD be interpreted by the client according to the
+ content transfer encoding, body type, and subtype.
+
+ If the origin octet is specified, this string is a substring of
+ the entire body contents, starting at that origin octet. This
+ means that BODY[]<0> MAY be truncated, but BODY[] is NEVER
+ truncated.
+
+ Note: The origin octet facility MUST NOT be used by a server in
+ a FETCH response unless the client specifically requested it by
+ means of a FETCH of a BODY[<section>]<<partial>> data item.
+
+ 8-bit textual data is permitted if a [CHARSET] identifier is part
+ of the body parameter parenthesized list for this section. Note
+ that headers (part specifiers HEADER or MIME, or the header
+ portion of a MESSAGE/RFC822 or MESSAGE/GLOBAL part) MAY be in UTF-
+ 8. Note also that the [RFC5322] delimiting blank line between the
+ header and the body is not affected by header-line subsetting; the
+ blank line is always included as part of the header data, except
+ in the case of a message that has no body and no blank line.
+
+ Non-textual data such as binary data MUST be transfer encoded into
+ a textual form, such as base64, prior to being sent to the client.
+ To derive the original binary data, the client MUST decode the
+ transfer-encoded string.
+
+ BODYSTRUCTURE
+ A parenthesized list that describes the [MIME-IMB] body structure
+ of a message. This is computed by the server by parsing the
+ [MIME-IMB] header fields, defaulting various fields as necessary.
+
+ For example, a simple text message of 48 lines and 2279 octets can
+ have a body structure of:
+
+ ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 2279 48)
+
+ Multiple parts are indicated by parenthesis nesting. Instead of a
+ body type as the first element of the parenthesized list, there is
+ a sequence of one or more nested body structures. The second
+ element of the parenthesized list is the multipart subtype (mixed,
+ digest, parallel, alternative, etc.).
+
+ For example, a two-part message consisting of a text and a
+ base64-encoded text attachment can have a body structure of:
+
+
+ (("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT" 1152 23)
+ ("TEXT" "PLAIN" ("CHARSET" "US-ASCII" "NAME" "cc.diff")
+ "<960723163407.20117h@cac.washington.edu>" "Compiler diff"
+ "BASE64" 4554 73) "MIXED")
+
+ Extension data follows the multipart subtype. Extension data is
+ never returned with the BODY fetch but can be returned with a
+ BODYSTRUCTURE fetch. Extension data, if present, MUST be in the
+ defined order. The extension data of a multipart body part are in
+ the following order:
+
+ body parameter parenthesized list
+ A parenthesized list of attribute/value pairs (e.g., ("foo" "bar"
+ "baz" "rag") where "bar" is the value of "foo", and "rag" is the
+ value of "baz") as defined in [MIME-IMB]. Servers SHOULD decode
+ parameter-value continuations and parameter-value character sets
+ as described in [RFC2231], for example, if the message contains
+ parameters "baz*0", "baz*1", and "baz*2", the server should decode
+ them per [RFC2231], concatenate, and return the resulting value as
+ a parameter "baz". Similarly, if the message contains parameters
+ "foo*0*" and "foo*1*", the server should decode them per
+ [RFC2231], convert to UTF-8, concatenate, and return the resulting
+ value as a parameter "foo*".
+
+ body disposition
+ A parenthesized list, consisting of a disposition type string,
+ followed by a parenthesized list of disposition attribute/value
+ pairs as defined in [DISPOSITION]. Servers SHOULD decode
+ parameter-value continuations as described in [RFC2231].
+
+ body language
+ A string or parenthesized list giving the body language value as
+ defined in [LANGUAGE-TAGS].
+
+ body location
+ A string giving the body content URI as defined in [LOCATION].
+
+ Any following extension data are not yet defined in this version
+ of the protocol. Such extension data can consist of zero or more
+ NILs, strings, numbers, or potentially nested parenthesized lists
+ of such data. Client implementations that do a BODYSTRUCTURE
+ fetch MUST be prepared to accept such extension data. Server
+ implementations MUST NOT send such extension data until it has
+ been defined by a revision of this protocol.
+
+ The basic fields of a non-multipart body part are in the following
+ order:
+
+ body type
+ A string giving the content media-type name as defined in
+ [MIME-IMB].
+
+ body subtype
+ A string giving the content subtype name as defined in [MIME-IMB].
+
+ body parameter parenthesized list
+ A parenthesized list of attribute/value pairs (e.g., ("foo" "bar"
+ "baz" "rag") where "bar" is the value of "foo", and "rag" is the
+ value of "baz") as defined in [MIME-IMB].
+
+ body id
+ A string giving the Content-ID header field value as defined in
+ Section 7 of [MIME-IMB].
+
+ body description
+ A string giving the Content-Description header field value as
+ defined in Section 8 of [MIME-IMB].
+
+ body encoding
+ A string giving the content transfer encoding as defined in
+ Section 6 of [MIME-IMB].
+
+ body size
+ A number giving the size of the body in octets. Note that this
+ size is the size in its transfer encoding and not the resulting
+ size after any decoding.
+
+ A body type of type MESSAGE and subtype RFC822 contains,
+ immediately after the basic fields, the envelope structure, body
+ structure, and size in text lines of the encapsulated message.
+
+ A body type of type TEXT contains, immediately after the basic
+ fields, the size of the body in text lines. Note that this size
+ is the size in its content transfer encoding and not the resulting
+ size after any decoding.
+
+ Extension data follows the basic fields and the type-specific
+ fields listed above. Extension data is never returned with the
+ BODY fetch but can be returned with a BODYSTRUCTURE fetch.
+ Extension data, if present, MUST be in the defined order.
+
+ The extension data of a non-multipart body part are in the
+ following order:
+
+ body MD5
+ A string giving the body MD5 value as defined in [MD5].
+
+ body disposition
+ A parenthesized list with the same content and function as the
+ body disposition for a multipart body part.
+
+ body language
+ A string or parenthesized list giving the body language value as
+ defined in [LANGUAGE-TAGS].
+
+ body location
+ A string giving the body content URI as defined in [LOCATION].
+
+ Any following extension data are not yet defined in this version
+ of the protocol and would be as described above under multipart
+ extension data.
+
+ ENVELOPE
+ A parenthesized list that describes the envelope structure of a
+ message. This is computed by the server by parsing the [RFC5322]
+ header into the component parts, defaulting various fields as
+ necessary.
+
+ The fields of the envelope structure are in the following order:
+ date, subject, from, sender, reply-to, to, cc, bcc, in-reply-to,
+ and message-id. The date, subject, in-reply-to, and message-id
+ fields are strings. The from, sender, reply-to, to, cc, and bcc
+ fields are parenthesized lists of address structures.
+
+ An address structure is a parenthesized list that describes an
+ electronic mail address. The fields of an address structure are
+ in the following order: display name, [SMTP] at-domain-list
+ (source route and obs-route ABNF production from [RFC5322]),
+ mailbox name (local-part ABNF production from [RFC5322]), and
+ hostname.
+
+ [RFC5322] group syntax is indicated by a special form of address
+ structure in which the hostname field is NIL. If the mailbox name
+ field is also NIL, this is an end-of-group marker (semicolon in
+ RFC 822 syntax). If the mailbox name field is non-NIL, this is
+ the start of a group marker, and the mailbox name field holds the
+ group name phrase.
+
+ If the Date, Subject, In-Reply-To, and Message-ID header fields
+ are absent in the [RFC5322] header, the corresponding member of
+ the envelope is NIL; if these header fields are present but empty,
+ the corresponding member of the envelope is the empty string.
+
+ Note: some servers may return a NIL envelope member in the
+ "present but empty" case. Clients SHOULD treat NIL and the
+ empty string as identical.
+
+ Note: [RFC5322] requires that all messages have a valid Date
+ header field. Therefore, for a well-formed message, the date
+ member in the envelope cannot be NIL or the empty string.
+ However, it can be NIL for a malformed or draft message.
+
+ Note: [RFC5322] requires that the In-Reply-To and Message-ID
+ header fields, if present, have non-empty content. Therefore,
+ for a well-formed message, the in-reply-to and message-id
+ members in the envelope cannot be the empty string. However,
+ they can still be the empty string for a malformed message.
+
+ If the From, To, Cc, and Bcc header fields are absent in the
+ [RFC5322] header, or are present but empty, the corresponding
+ member of the envelope is NIL.
+
+ If the Sender or Reply-To header fields are absent in the
+ [RFC5322] header, or are present but empty, the server sets the
+ corresponding member of the envelope to be the same value as the
+ from member (the client is not expected to know how to do this).
+
+ Note: [RFC5322] requires that all messages have a valid From
+ header field. Therefore, for a well-formed message, the from,
+ sender, and reply-to members in the envelope cannot be NIL.
+ However, they can be NIL for a malformed or draft message.
+
+ FLAGS
+ A parenthesized list of flags that are set for this message.
+
+ INTERNALDATE
+ A string representing the internal date of the message.
+
+ RFC822.SIZE
+ A number expressing the size of a message, as described in
+ Section 2.3.4.
+
+ UID
+ A number expressing the unique identifier of the message.
+
+ If the server chooses to send unsolicited FETCH responses, they MUST
+ include UID FETCH item. Note that this is a new requirement when
+ compared to [RFC3501].
+
+ Example:
+
+ S: * 23 FETCH (FLAGS (\Seen) RFC822.SIZE 44827 UID 447)
+
+7.6. Server Responses - Command Continuation Request
+
+ The command continuation request response is indicated by a "+" token
+ instead of a tag. This form of response indicates that the server is
+ ready to accept the continuation of a command from the client. The
+ remainder of this response is a line of text.
+
+ This response is used in the AUTHENTICATE command to transmit server
+ data to the client and request additional client data. This response
+ is also used if an argument to any command is a synchronizing
+ literal.
+
+ The client is not permitted to send the octets of the synchronizing
+ literal unless the server indicates that it is expected. This
+ permits the server to process commands and reject errors on a line-
+ by-line basis. The remainder of the command, including the CRLF that
+ terminates a command, follows the octets of the literal. If there
+ are any additional command arguments, the literal octets are followed
+ by a space and those arguments.
+
+ Example:
+
+ C: A001 LOGIN {11}
+ S: + Ready for additional command text
+ C: FRED FOOBAR {7}
+ S: + Ready for additional command text
+ C: fat man
+ S: A001 OK LOGIN completed
+ C: A044 BLURDYBLOOP {102856}
+ S: A044 BAD No such command as "BLURDYBLOOP"
+
+8. Sample IMAP4rev2 Connection
+
+ The following is a transcript of an IMAP4rev2 connection on a non-TLS
+ port. A long line in this sample is broken for editorial clarity.
+
+ S: * OK [CAPABILITY STARTTLS AUTH=SCRAM-SHA-256 LOGINDISABLED
+ IMAP4rev2] IMAP4rev2 Service Ready
+ C: a000 starttls
+ S: a000 OK Proceed with TLS negotiation
+ <TLS negotiation>
+ C: A001 AUTHENTICATE SCRAM-SHA-256
+ biwsbj11c2VyLHI9ck9wck5HZndFYmVSV2diTkVrcU8=
+ S: + cj1yT3ByTkdmd0ViZVJXZ2JORWtxTyVodllEcFdVYTJSYVRDQWZ1eEZJbGopaE
+ 5sRiRrMCxzPVcyMlphSjBTTlk3c29Fc1VFamI2Z1E9PSxpPTQwOTY=
+ C: Yz1iaXdzLHI9ck9wck5HZndFYmVSV2diTkVrcU8laHZZRHBXVWEyUmFUQ0FmdXhG
+ SWxqKWhObEYkazAscD1kSHpiWmFwV0lrNGpVaE4rVXRlOXl0YWc5empmTUhnc3Ft
+ bWl6N0FuZFZRPQ==
+ S: + dj02cnJpVFJCaTIzV3BSUi93dHVwK21NaFVaVW4vZEI1bkxUSlJzamw5NUc0
+ PQ==
+ C:
+ S: A001 OK SCRAM-SHA-256 authentication successful
+ C: babc ENABLE IMAP4rev2
+ S: * ENABLED IMAP4rev2
+ S: babc OK Some capabilities enabled
+ C: a002 select inbox
+ S: * 18 EXISTS
+ S: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
+ S: * OK [UIDVALIDITY 3857529045] UIDs valid
+ S: * LIST () "/" INBOX ("OLDNAME" ("inbox"))
+ S: a002 OK [READ-WRITE] SELECT completed
+ C: a003 fetch 12 full
+ S: * 12 FETCH (FLAGS (\Seen) INTERNALDATE
+ "17-Jul-1996 02:44:25 -0700" RFC822.SIZE 4286 ENVELOPE (
+ "Wed, 17 Jul 1996 02:23:25 -0700 (PDT)"
+ "IMAP4rev2 WG mtg summary and minutes"
+ (("Terry Gray" NIL "gray" "cac.washington.edu"))
+ (("Terry Gray" NIL "gray" "cac.washington.edu"))
+ (("Terry Gray" NIL "gray" "cac.washington.edu"))
+ ((NIL NIL "imap" "cac.washington.edu"))
+ ((NIL NIL "minutes" "CNRI.Reston.VA.US")
+ ("John Klensin" NIL "KLENSIN" "MIT.EDU")) NIL NIL
+ "<B27397-0100000@cac.washington.ed>")
+ BODY ("TEXT" "PLAIN" ("CHARSET" "US-ASCII") NIL NIL "7BIT"
+ 3028 92))
+ S: a003 OK FETCH completed
+ C: a004 fetch 12 body[header]
+ S: * 12 FETCH (BODY[HEADER] {342}
+ S: Date: Wed, 17 Jul 1996 02:23:25 -0700 (PDT)
+ S: From: Terry Gray <gray@cac.washington.edu>
+ S: Subject: IMAP4rev2 WG mtg summary and minutes
+ S: To: imap@cac.washington.edu
+ S: cc: minutes@CNRI.Reston.VA.US, John Klensin <KLENSIN@MIT.EDU>
+ S: Message-Id: <B27397-0100000@cac.washington.edu>
+ S: MIME-Version: 1.0
+ S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
+ S:
+ S: )
+ S: a004 OK FETCH completed
+ C: a005 store 12 +flags \deleted
+ S: * 12 FETCH (FLAGS (\Seen \Deleted))
+ S: a005 OK +FLAGS completed
+ C: a006 logout
+ S: * BYE IMAP4rev2 server terminating connection
+ S: a006 OK LOGOUT completed
+
+9. Formal Syntax
+
+ The following syntax specification uses the Augmented Backus-Naur
+ Form (ABNF) notation as specified in [ABNF].
+
+ In the case of alternative or optional rules in which a later rule
+ overlaps an earlier rule, the rule that is listed earlier MUST take
+ priority. For example, "\Seen" when parsed as a flag is the \Seen
+ flag name and not a flag-extension, even though "\Seen" can be parsed
+ as a flag-extension. Some, but not all, instances of this rule are
+ noted below.
+
+ Note: [ABNF] rules MUST be followed strictly; in particular:
+
+ 1. Unless otherwise noted, all alphabetic characters are case
+ insensitive. The use of uppercase or lowercase characters to
+ define token strings is for editorial clarity only.
+ Implementations MUST accept these strings in a case-insensitive
+ fashion.
+
+ 2. In all cases, SP refers to exactly one space. It is NOT
+ permitted to substitute TAB, insert additional spaces, or
+ otherwise treat SP as being equivalent to linear whitespace
+ (LWSP).
+
+ 3. The ASCII NUL character, %x00, MUST NOT be used anywhere, with
+ the exception of the OCTET production.
+
+ SP = <Defined in RFC 5234>
+ CTL = <Defined in RFC 5234>
+ CRLF = <Defined in RFC 5234>
+ ALPHA = <Defined in RFC 5234>
+ DIGIT = <Defined in RFC 5234>
+ DQUOTE = <Defined in RFC 5234>
+ OCTET = <Defined in RFC 5234>
+
+ address = "(" addr-name SP addr-adl SP addr-mailbox SP
+ addr-host ")"
+
+ addr-adl = nstring
+ ; Holds route from [RFC5322] obs-route if
+ ; non-NIL
+
+ addr-host = nstring
+ ; NIL indicates [RFC5322] group syntax.
+ ; Otherwise, holds [RFC5322] domain name
+
+ addr-mailbox = nstring
+ ; NIL indicates end of [RFC5322] group; if
+ ; non-NIL and addr-host is NIL, holds
+ ; [RFC5322] group name.
+ ; Otherwise, holds [RFC5322] local-part
+ ; after removing [RFC5322] quoting
+
+ addr-name = nstring
+ ; If non-NIL, holds phrase from [RFC5322]
+ ; mailbox after removing [RFC5322] quoting
+
+ append = "APPEND" SP mailbox [SP flag-list] [SP date-time]
+ SP literal
+
+ append-uid = uniqueid
+
+ astring = 1*ASTRING-CHAR / string
+
+ ASTRING-CHAR = ATOM-CHAR / resp-specials
+
+ atom = 1*ATOM-CHAR
+
+ ATOM-CHAR = <any CHAR except atom-specials>
+
+ atom-specials = "(" / ")" / "{" / SP / CTL / list-wildcards /
+ quoted-specials / resp-specials
+
+ authenticate = "AUTHENTICATE" SP auth-type [SP initial-resp]
+ *(CRLF base64)
+
+ auth-type = atom
+ ; Authentication mechanism name, as defined by
+ ; [SASL], Section 7.1
+
+ base64 = *(4base64-char) [base64-terminal]
+
+ base64-char = ALPHA / DIGIT / "+" / "/"
+ ; Case sensitive
+
+ base64-terminal = (2base64-char "==") / (3base64-char "=")
+
+ body = "(" (body-type-1part / body-type-mpart) ")"
+
+ body-extension = nstring / number / number64 /
+ "(" body-extension *(SP body-extension) ")"
+ ; Future expansion. Client implementations
+ ; MUST accept body-extension fields. Server
+ ; implementations MUST NOT generate
+ ; body-extension fields except as defined by
+ ; future Standard or Standards Track
+ ; revisions of this specification.
+
+ body-ext-1part = body-fld-md5 [SP body-fld-dsp [SP body-fld-lang
+ [SP body-fld-loc *(SP body-extension)]]]
+ ; MUST NOT be returned on non-extensible
+ ; "BODY" fetch
+
+ body-ext-mpart = body-fld-param [SP body-fld-dsp [SP body-fld-lang
+ [SP body-fld-loc *(SP body-extension)]]]
+ ; MUST NOT be returned on non-extensible
+ ; "BODY" fetch
+
+ body-fields = body-fld-param SP body-fld-id SP body-fld-desc SP
+ body-fld-enc SP body-fld-octets
+
+ body-fld-desc = nstring
+
+ body-fld-dsp = "(" string SP body-fld-param ")" / nil
+
+ body-fld-enc = (DQUOTE ("7BIT" / "8BIT" / "BINARY" / "BASE64"/
+ "QUOTED-PRINTABLE") DQUOTE) / string
+ ; Content-Transfer-Encoding header field value.
+ ; Defaults to "7BIT" (as per RFC 2045)
+ ; if not present in the body part.
+
+ body-fld-id = nstring
+
+ body-fld-lang = nstring / "(" string *(SP string) ")"
+
+ body-fld-loc = nstring
+
+ body-fld-lines = number64
+
+ body-fld-md5 = nstring
+
+ body-fld-octets = number
+
+ body-fld-param = "(" string SP string *(SP string SP string) ")" /
+ nil
+
+ body-type-1part = (body-type-basic / body-type-msg / body-type-text)
+ [SP body-ext-1part]
+
+ body-type-basic = media-basic SP body-fields
+ ; MESSAGE subtype MUST NOT be "RFC822" or
+ ; "GLOBAL"
+
+ body-type-mpart = 1*body SP media-subtype
+ [SP body-ext-mpart]
+ ; MULTIPART body part
+
+ body-type-msg = media-message SP body-fields SP envelope
+ SP body SP body-fld-lines
+
+ body-type-text = media-text SP body-fields SP body-fld-lines
+
+ capability = ("AUTH=" auth-type) / atom
+ ; New capabilities SHOULD be
+ ; registered with IANA using the
+ ; RFC Required policy, i.e., in
+ ; a Standards Track, an Experimental,
+ ; or an Informational RFC.
+
+ capability-data = "CAPABILITY" *(SP capability) SP "IMAP4rev2"
+ *(SP capability)
+ ; See Section 6.1.1 for information about
+ ; required security-related capabilities.
+ ; Servers that offer RFC 1730 compatibility MUST
+ ; list "IMAP4" as the first capability.
+ ; Servers that offer RFC 3501 compatibility MUST
+ ; list "IMAP4rev1" as one of the capabilities.
+
+ CHAR = <defined in [ABNF]>
+
+ CHAR8 = %x01-ff
+ ; any OCTET except NUL, %x00
+
+ charset = atom / quoted
+
+ childinfo-extended-item = "CHILDINFO" SP "("
+ list-select-base-opt-quoted
+ *(SP list-select-base-opt-quoted) ")"
+ ; Extended data item (mbox-list-extended-item)
+ ; returned when the RECURSIVEMATCH
+ ; selection option is specified.
+ ; Note 1: the CHILDINFO extended data item tag can be
+ ; returned with or without surrounding quotes, as per
+ ; mbox-list-extended-item-tag production.
+ ; Note 2: The selection options are always returned
+ ; quoted, unlike their specification in
+ ; the extended LIST command.
+
+ child-mbox-flag = "\HasChildren" / "\HasNoChildren"
+ ; attributes for the CHILDREN return option, at most
+ ; one possible per LIST response
+
+ command = tag SP (command-any / command-auth /
+ command-nonauth / command-select) CRLF
+ ; Modal based on state
+
+ command-any = "CAPABILITY" / "LOGOUT" / "NOOP"
+ ; Valid in all states
+
+ command-auth = append / create / delete / enable / examine /
+ list / namespace-command / rename /
+ select / status / subscribe / unsubscribe /
+ idle
+ ; Valid only in Authenticated or Selected state
+
+ command-nonauth = login / authenticate / "STARTTLS"
+ ; Valid only when in Not Authenticated state
+
+ command-select = "CLOSE" / "UNSELECT" / "EXPUNGE" / copy /
+ move / fetch / store / search / uid
+ ; Valid only when in Selected state
+
+ continue-req = "+" SP (resp-text / base64) CRLF
+
+ copy = "COPY" SP sequence-set SP mailbox
+
+ create = "CREATE" SP mailbox
+ ; Use of INBOX gives a NO error
+
+ date = date-text / DQUOTE date-text DQUOTE
+
+ date-day = 1*2DIGIT
+ ; Day of month
+
+ date-day-fixed = (SP DIGIT) / 2DIGIT
+ ; Fixed-format version of date-day
+
+ date-month = "Jan" / "Feb" / "Mar" / "Apr" / "May" / "Jun" /
+ "Jul" / "Aug" / "Sep" / "Oct" / "Nov" / "Dec"
+
+ date-text = date-day "-" date-month "-" date-year
+
+ date-year = 4DIGIT
+
+ date-time = DQUOTE date-day-fixed "-" date-month "-" date-year
+ SP time SP zone DQUOTE
+
+ delete = "DELETE" SP mailbox
+ ; Use of INBOX gives a NO error
+
+ digit-nz = %x31-39
+ ; 1-9
+
+ eitem-standard-tag = atom
+ ; a tag for LIST extended data item defined in a Standard
+ ; Track or Experimental RFC.
+
+ eitem-vendor-tag = vendor-token "-" atom
+ ; a vendor-specific tag for LIST extended data item
+
+ enable = "ENABLE" 1*(SP capability)
+
+ enable-data = "ENABLED" *(SP capability)
+
+ envelope = "(" env-date SP env-subject SP env-from SP
+ env-sender SP env-reply-to SP env-to SP env-cc SP
+ env-bcc SP env-in-reply-to SP env-message-id ")"
+
+ env-bcc = "(" 1*address ")" / nil
+
+ env-cc = "(" 1*address ")" / nil
+
+ env-date = nstring
+
+ env-from = "(" 1*address ")" / nil
+
+ env-in-reply-to = nstring
+
+ env-message-id = nstring
+
+ env-reply-to = "(" 1*address ")" / nil
+
+ env-sender = "(" 1*address ")" / nil
+
+ env-subject = nstring
+
+ env-to = "(" 1*address ")" / nil
+
+ esearch-response = "ESEARCH" [search-correlator] [SP "UID"]
+ *(SP search-return-data)
+ ; ESEARCH response replaces SEARCH response
+ ; from IMAP4rev1.
+
+ examine = "EXAMINE" SP mailbox
+
+ fetch = "FETCH" SP sequence-set SP (
+ "ALL" / "FULL" / "FAST" /
+ fetch-att / "(" fetch-att *(SP fetch-att) ")")
+
+ fetch-att = "ENVELOPE" / "FLAGS" / "INTERNALDATE" /
+ "RFC822.SIZE" /
+ "BODY" ["STRUCTURE"] / "UID" /
+ "BODY" section [partial] /
+ "BODY.PEEK" section [partial] /
+ "BINARY" [".PEEK"] section-binary [partial] /
+ "BINARY.SIZE" section-binary
+
+ flag = "\Answered" / "\Flagged" / "\Deleted" /
+ "\Seen" / "\Draft" / flag-keyword / flag-extension
+ ; Does not include "\Recent"
+
+ flag-extension = "\" atom
+ ; Future expansion. Client implementations
+ ; MUST accept flag-extension flags. Server
+ ; implementations MUST NOT generate
+ ; flag-extension flags except as defined by
+ ; a future Standard or Standards Track
+ ; revisions of this specification.
+ ; "\Recent" was defined in RFC 3501
+ ; and is now deprecated.
+
+ flag-fetch = flag / obsolete-flag-recent
+
+ flag-keyword = "$MDNSent" / "$Forwarded" / "$Junk" /
+ "$NotJunk" / "$Phishing" / atom
+
+ flag-list = "(" [flag *(SP flag)] ")"
+
+ flag-perm = flag / "\*"
+
+ greeting = "*" SP (resp-cond-auth / resp-cond-bye) CRLF
+
+ header-fld-name = astring
+
+ header-list = "(" header-fld-name *(SP header-fld-name) ")"
+
+ idle = "IDLE" CRLF "DONE"
+
+ initial-resp = (base64 / "=")
+ ; "initial response" defined in
+ ; Section 4 of [SASL]
+
+ list = "LIST" [SP list-select-opts] SP
+ mailbox SP mbox-or-pat
+ [SP list-return-opts]
+
+
+ list-mailbox = 1*list-char / string
+
+ list-char = ATOM-CHAR / list-wildcards / resp-specials
+
+ list-return-opt = return-option
+ ; Note that return-option is the ABNF
+ ; non-terminal used by RFC 5258
+
+ list-return-opts = "RETURN" SP
+ "(" [list-return-opt *(SP list-return-opt)] ")"
+ ; list return options, e.g., CHILDREN
+
+ list-select-base-opt = "SUBSCRIBED" / option-extension
+ ; options that can be used by themselves
+
+ list-select-base-opt-quoted = DQUOTE list-select-base-opt DQUOTE
+
+ list-select-independent-opt = "REMOTE" / option-extension
+ ; options that do not syntactically interact with
+ ; other options
+
+ list-select-mod-opt = "RECURSIVEMATCH" / option-extension
+ ; options that require a list-select-base-opt
+ ; to also be present
+
+ list-select-opt = list-select-base-opt / list-select-independent-opt
+ / list-select-mod-opt
+
+ list-select-opts = "(" [
+ (*(list-select-opt SP) list-select-base-opt
+ *(SP list-select-opt))
+ / (list-select-independent-opt
+ *(SP list-select-independent-opt))
+ ] ")"
+ ; Any number of options may be in any order.
+ ; If a list-select-mod-opt appears, then a
+ ; list-select-base-opt must also appear.
+ ; This allows these:
+ ; ()
+ ; (REMOTE)
+ ; (SUBSCRIBED)
+ ; (SUBSCRIBED REMOTE)
+ ; (SUBSCRIBED RECURSIVEMATCH)
+ ; (SUBSCRIBED REMOTE RECURSIVEMATCH)
+ ; But does NOT allow these:
+ ; (RECURSIVEMATCH)
+ ; (REMOTE RECURSIVEMATCH)
+
+ list-wildcards = "%" / "*"
+
+ literal = "{" number64 ["+"] "}" CRLF *CHAR8
+ ; <number64> represents the number of CHAR8s.
+ ; A non-synchronizing literal is distinguished
+ ; from a synchronizing literal by the presence of
+ ; "+" before the closing "}".
+ ; Non-synchronizing literals are not allowed when
+ ; sent from server to the client.
+
+ literal8 = "~{" number64 "}" CRLF *OCTET
+ ; <number64> represents the number of OCTETs
+ ; in the response string.
+
+ login = "LOGIN" SP userid SP password
+
+ mailbox = "INBOX" / astring
+ ; INBOX is case insensitive. All case variants
+ ; of INBOX (e.g., "iNbOx") MUST be interpreted as
+ ; INBOX, not as an astring. An astring that
+ ; consists of the case-insensitive sequence
+ ; "I" "N" "B" "O" "X" is considered
+ ; to be an INBOX and not an astring.
+ ; Refer to Section 5.1 for further
+ ; semantic details of mailbox names.
+
+ mailbox-data = "FLAGS" SP flag-list / "LIST" SP mailbox-list /
+ esearch-response /
+ "STATUS" SP mailbox SP "(" [status-att-list] ")" /
+ number SP "EXISTS" / namespace-response /
+ obsolete-search-response /
+ obsolete-recent-response
+ ; obsolete-search-response and
+ ; obsolete-recent-response can only be returned
+ ; by servers that support both IMAPrev1
+ ; and IMAPrev2.
+
+ mailbox-list = "(" [mbx-list-flags] ")" SP
+ (DQUOTE QUOTED-CHAR DQUOTE / nil) SP mailbox
+ [SP mbox-list-extended]
+ ; This is the list information pointed to by the ABNF
+ ; item "mailbox-data", which is defined above
+
+ mbox-list-extended = "(" [mbox-list-extended-item
+ *(SP mbox-list-extended-item)] ")"
+
+ mbox-list-extended-item = mbox-list-extended-item-tag SP
+ tagged-ext-val
+
+ mbox-list-extended-item-tag = astring
+ ; The content MUST conform to either
+ ; "eitem-vendor-tag" or "eitem-standard-tag"
+ ; ABNF productions.
+
+ mbox-or-pat = list-mailbox / patterns
+
+ mbx-list-flags = *(mbx-list-oflag SP) mbx-list-sflag
+ *(SP mbx-list-oflag) /
+ mbx-list-oflag *(SP mbx-list-oflag)
+
+ mbx-list-oflag = "\Noinferiors" / child-mbox-flag /
+ "\Subscribed" / "\Remote" / flag-extension
+ ; Other flags; multiple from this list are
+ ; possible per LIST response, but each flag
+ ; can only appear once per LIST response
+
+ mbx-list-sflag = "\NonExistent" / "\Noselect" / "\Marked" /
+ "\Unmarked"
+ ; Selectability flags; only one per LIST response
+
+ media-basic = ((DQUOTE ("APPLICATION" / "AUDIO" / "IMAGE" /
+ "FONT" / "MESSAGE" / "MODEL" / "VIDEO" ) DQUOTE)
+ / string)
+ SP media-subtype
+ ; FONT defined in [RFC8081].
+ ; MODEL defined in [RFC2077].
+ ; Other top-level media types
+ ; are defined in [MIME-IMT].
+
+ media-message = DQUOTE "MESSAGE" DQUOTE SP
+ DQUOTE ("RFC822" / "GLOBAL") DQUOTE
+ ; Defined in [MIME-IMT]
+
+ media-subtype = string
+ ; Defined in [MIME-IMT]
+
+ media-text = DQUOTE "TEXT" DQUOTE SP media-subtype
+ ; Defined in [MIME-IMT]
+
+ message-data = nz-number SP ("EXPUNGE" / ("FETCH" SP msg-att))
+
+ move = "MOVE" SP sequence-set SP mailbox
+
+ msg-att = "(" (msg-att-dynamic / msg-att-static)
+ *(SP (msg-att-dynamic / msg-att-static)) ")"
+
+ msg-att-dynamic = "FLAGS" SP "(" [flag-fetch *(SP flag-fetch)] ")"
+ ; MAY change for a message
+
+ msg-att-static = "ENVELOPE" SP envelope /
+ "INTERNALDATE" SP date-time /
+ "RFC822.SIZE" SP number64 /
+ "BODY" ["STRUCTURE"] SP body /
+ "BODY" section ["<" number ">"] SP nstring /
+ "BINARY" section-binary SP (nstring / literal8) /
+ "BINARY.SIZE" section-binary SP number /
+ "UID" SP uniqueid
+ ; MUST NOT change for a message
+
+ name-component = 1*UTF8-CHAR
+ ; MUST NOT contain ".", "/", "%", or "*"
+
+ namespace = nil / "(" 1*namespace-descr ")"
+
+ namespace-command = "NAMESPACE"
+
+ namespace-descr = "(" string SP
+ (DQUOTE QUOTED-CHAR DQUOTE / nil)
+ [namespace-response-extensions] ")"
+
+ namespace-response-extensions = *namespace-response-extension
+
+ namespace-response-extension = SP string SP
+ "(" string *(SP string) ")"
+
+ namespace-response = "NAMESPACE" SP namespace
+ SP namespace SP namespace
+ ; The first Namespace is the Personal Namespace(s).
+ ; The second Namespace is the Other Users'
+ ; Namespace(s).
+ ; The third Namespace is the Shared Namespace(s).
+
+ nil = "NIL"
+
+ nstring = string / nil
+
+ number = 1*DIGIT
+ ; Unsigned 32-bit integer
+ ; (0 <= n < 4,294,967,296)
+
+ number64 = 1*DIGIT
+ ; Unsigned 63-bit integer
+ ; (0 <= n <= 9,223,372,036,854,775,807)
+
+ nz-number = digit-nz *DIGIT
+ ; Non-zero unsigned 32-bit integer
+ ; (0 < n < 4,294,967,296)
+
+ nz-number64 = digit-nz *DIGIT
+ ; Unsigned 63-bit integer
+ ; (0 < n <= 9,223,372,036,854,775,807)
+
+ obsolete-flag-recent = "\Recent"
+
+ obsolete-recent-response = number SP "RECENT"
+
+ obsolete-search-response = "SEARCH" *(SP nz-number)
+
+ oldname-extended-item = "OLDNAME" SP "(" mailbox ")"
+ ; Extended data item (mbox-list-extended-item)
+ ; returned in a LIST response when a mailbox is
+ ; renamed or deleted. Also returned when
+ ; the server canonicalized the provided mailbox
+ ; name.
+ ; Note 1: the OLDNAME tag can be returned
+ ; with or without surrounding quotes, as per
+ ; mbox-list-extended-item-tag production.
+
+ option-extension = (option-standard-tag / option-vendor-tag)
+ [SP option-value]
+
+ option-standard-tag = atom
+ ; an option defined in a Standards Track or
+ ; Experimental RFC
+
+ option-val-comp = astring /
+ option-val-comp *(SP option-val-comp) /
+ "(" option-val-comp ")"
+
+ option-value = "(" option-val-comp ")"
+
+ option-vendor-tag = vendor-token "-" atom
+ ; a vendor-specific option, non-standard
+
+ partial-range = number64 ["." nz-number64]
+ ; Copied from RFC 5092 (IMAP URL)
+ ; and updated to support 64-bit sizes.
+
+ partial = "<" number64 "." nz-number64 ">"
+ ; Partial FETCH request. 0-based offset of
+ ; the first octet, followed by the number of
+ ; octets in the fragment.
+
+ password = astring
+
+ patterns = "(" list-mailbox ")"
+ ; [RFC5258] supports multiple patterns,
+ ; but this document only requires one
+ ; to be supported.
+ ; If the server is also implementing
+ ; [RFC5258], the "patterns" syntax from
+ ; that document must be followed.
+
+ quoted = DQUOTE *QUOTED-CHAR DQUOTE
+
+ QUOTED-CHAR = <any TEXT-CHAR except quoted-specials> /
+ "\" quoted-specials / UTF8-2 / UTF8-3 / UTF8-4
+
+ quoted-specials = DQUOTE / "\"
+
+ rename = "RENAME" SP mailbox SP mailbox
+ ; Use of INBOX as a destination gives a NO error
+
+ response = *(continue-req / response-data) response-done
+
+ response-data = "*" SP (resp-cond-state / resp-cond-bye /
+ mailbox-data / message-data / capability-data /
+ enable-data) CRLF
+
+ response-done = response-tagged / response-fatal
+
+ response-fatal = "*" SP resp-cond-bye CRLF
+ ; Server closes connection immediately
+
+ response-tagged = tag SP resp-cond-state CRLF
+
+ resp-code-apnd = "APPENDUID" SP nz-number SP append-uid
+
+ resp-code-copy = "COPYUID" SP nz-number SP uid-set SP uid-set
+
+ resp-cond-auth = ("OK" / "PREAUTH") SP resp-text
+ ; Authentication condition
+
+ resp-cond-bye = "BYE" SP resp-text
+
+ resp-cond-state = ("OK" / "NO" / "BAD") SP resp-text
+ ; Status condition
+
+ resp-specials = "]"
+
+ resp-text = ["[" resp-text-code "]" SP] [text]
+
+ resp-text-code = "ALERT" /
+ "BADCHARSET" [SP "(" charset *(SP charset) ")" ] /
+ capability-data / "PARSE" /
+ "PERMANENTFLAGS" SP
+ "(" [flag-perm *(SP flag-perm)] ")" /
+ "READ-ONLY" / "READ-WRITE" / "TRYCREATE" /
+ "UIDNEXT" SP nz-number /
+ "UIDVALIDITY" SP nz-number /
+ resp-code-apnd / resp-code-copy / "UIDNOTSTICKY" /
+ "UNAVAILABLE" / "AUTHENTICATIONFAILED" /
+ "AUTHORIZATIONFAILED" / "EXPIRED" /
+ "PRIVACYREQUIRED" / "CONTACTADMIN" / "NOPERM" /
+ "INUSE" / "EXPUNGEISSUED" / "CORRUPTION" /
+ "SERVERBUG" / "CLIENTBUG" / "CANNOT" /
+ "LIMIT" / "OVERQUOTA" / "ALREADYEXISTS" /
+ "NONEXISTENT" / "NOTSAVED" / "HASCHILDREN" /
+ "CLOSED" /
+ "UNKNOWN-CTE" /
+ atom [SP 1*<any TEXT-CHAR except "]">]
+
+ return-option = "SUBSCRIBED" / "CHILDREN" / status-option /
+ option-extension
+
+ search = "SEARCH" [search-return-opts]
+ SP search-program
+
+ search-correlator = SP "(" "TAG" SP tag-string ")"
+
+ search-key = "ALL" / "ANSWERED" / "BCC" SP astring /
+ "BEFORE" SP date / "BODY" SP astring /
+ "CC" SP astring / "DELETED" / "FLAGGED" /
+ "FROM" SP astring / "KEYWORD" SP flag-keyword /
+ "ON" SP date / "SEEN" /
+ "SINCE" SP date / "SUBJECT" SP astring /
+ "TEXT" SP astring / "TO" SP astring /
+ "UNANSWERED" / "UNDELETED" / "UNFLAGGED" /
+ "UNKEYWORD" SP flag-keyword / "UNSEEN" /
+ ; Above this line were in [IMAP2]
+ "DRAFT" / "HEADER" SP header-fld-name SP astring /
+ "LARGER" SP number64 / "NOT" SP search-key /
+ "OR" SP search-key SP search-key /
+ "SENTBEFORE" SP date / "SENTON" SP date /
+ "SENTSINCE" SP date / "SMALLER" SP number64 /
+ "UID" SP sequence-set / "UNDRAFT" / sequence-set /
+ "(" search-key *(SP search-key) ")"
+
+ search-modifier-name = tagged-ext-label
+
+ search-mod-params = tagged-ext-val
+ ; This non-terminal shows recommended syntax
+ ; for future extensions.
+
+ search-program = ["CHARSET" SP charset SP]
+ search-key *(SP search-key)
+ ; CHARSET argument to SEARCH MUST be
+ ; registered with IANA.
+
+ search-ret-data-ext = search-modifier-name SP search-return-value
+ ; Note that not every SEARCH return option
+ ; is required to have the corresponding
+ ; ESEARCH return data.
+
+ search-return-data = "MIN" SP nz-number /
+ "MAX" SP nz-number /
+ "ALL" SP sequence-set /
+ "COUNT" SP number /
+ search-ret-data-ext
+ ; All return data items conform to
+ ; search-ret-data-ext syntax.
+ ; Note that "$" marker is not allowed
+ ; after the ALL return data item.
+
+ search-return-opts = SP "RETURN" SP "(" [search-return-opt
+ *(SP search-return-opt)] ")"
+
+ search-return-opt = "MIN" / "MAX" / "ALL" / "COUNT" /
+ "SAVE" /
+ search-ret-opt-ext
+ ; conforms to generic search-ret-opt-ext
+ ; syntax
+
+ search-ret-opt-ext = search-modifier-name [SP search-mod-params]
+
+ search-return-value = tagged-ext-val
+ ; Data for the returned search option.
+ ; A single "nz-number"/"number"/"number64" value
+ ; can be returned as an atom (i.e., without
+ ; quoting). A sequence-set can be returned
+ ; as an atom as well.
+
+ section = "[" [section-spec] "]"
+
+ section-binary = "[" [section-part] "]"
+
+ section-msgtext = "HEADER" /
+ "HEADER.FIELDS" [".NOT"] SP header-list /
+ "TEXT"
+ ; top-level or MESSAGE/RFC822 or
+ ; MESSAGE/GLOBAL part
+
+ section-part = nz-number *("." nz-number)
+ ; body part reference.
+ ; Allows for accessing nested body parts.
+
+ section-spec = section-msgtext / (section-part ["." section-text])
+
+ section-text = section-msgtext / "MIME"
+ ; text other than actual body part (headers,
+ ; etc.)
+
+ select = "SELECT" SP mailbox
+
+ seq-number = nz-number / "*"
+ ; message sequence number (COPY, FETCH, STORE
+ ; commands) or unique identifier (UID COPY,
+ ; UID FETCH, UID STORE commands).
+ ; * represents the largest number in use. In
+ ; the case of message sequence numbers, it is
+ ; the number of messages in a non-empty mailbox.
+ ; In the case of unique identifiers, it is the
+ ; unique identifier of the last message in the
+ ; mailbox or, if the mailbox is empty, the
+ ; mailbox's current UIDNEXT value.
+ ; The server should respond with a tagged BAD
+ ; response to a command that uses a message
+ ; sequence number greater than the number of
+ ; messages in the selected mailbox. This
+ ; includes "*" if the selected mailbox is empty.
+
+ seq-range = seq-number ":" seq-number
+ ; two seq-number values and all values between
+ ; these two regardless of order.
+ ; Example: 2:4 and 4:2 are equivalent and
+ ; indicate values 2, 3, and 4.
+ ; Example: a unique identifier sequence range of
+ ; 3291:* includes the UID of the last message in
+ ; the mailbox, even if that value is less than
+ ; 3291.
+
+ sequence-set = (seq-number / seq-range) ["," sequence-set]
+ ; set of seq-number values, regardless of order.
+ ; Servers MAY coalesce overlaps and/or execute
+ ; the sequence in any order.
+ ; Example: a message sequence number set of
+ ; 2,4:7,9,12:* for a mailbox with 15 messages is
+ ; equivalent to 2,4,5,6,7,9,12,13,14,15
+ ; Example: a message sequence number set of
+ ; *:4,5:7 for a mailbox with 10 messages is
+ ; equivalent to 10,9,8,7,6,5,4,5,6,7 and MAY
+ ; be reordered and overlap coalesced to be
+ ; 4,5,6,7,8,9,10.
+
+ sequence-set =/ seq-last-command
+ ; Allow for "result of the last command"
+ ; indicator.
+
+ seq-last-command = "$"
+
+ status = "STATUS" SP mailbox SP
+ "(" status-att *(SP status-att) ")"
+
+ status-att = "MESSAGES" / "UIDNEXT" / "UIDVALIDITY" /
+ "UNSEEN" / "DELETED" / "SIZE"
+
+ status-att-val = ("MESSAGES" SP number) /
+ ("UIDNEXT" SP nz-number) /
+ ("UIDVALIDITY" SP nz-number) /
+ ("UNSEEN" SP number) /
+ ("DELETED" SP number) /
+ ("SIZE" SP number64)
+ ; Extensions to the STATUS responses
+ ; should extend this production.
+ ; Extensions should use the generic
+ ; syntax defined by tagged-ext.
+
+ status-att-list = status-att-val *(SP status-att-val)
+
+ status-option = "STATUS" SP "(" status-att *(SP status-att) ")"
+ ; This ABNF production complies with
+ ; <option-extension> syntax.
+
+ store = "STORE" SP sequence-set SP store-att-flags
+
+ store-att-flags = (["+" / "-"] "FLAGS" [".SILENT"]) SP
+ (flag-list / (flag *(SP flag)))
+
+ string = quoted / literal
+
+ subscribe = "SUBSCRIBE" SP mailbox
+
+ tag = 1*<any ASTRING-CHAR except "+">
+
+ tag-string = astring
+ ; <tag> represented as <astring>
+
+ tagged-ext-label = tagged-label-fchar *tagged-label-char
+ ; Is a valid RFC 3501 "atom".
+
+ tagged-label-fchar = ALPHA / "-" / "_" / "."
+
+ tagged-label-char = tagged-label-fchar / DIGIT / ":"
+
+ tagged-ext-comp = astring /
+ tagged-ext-comp *(SP tagged-ext-comp) /
+ "(" tagged-ext-comp ")"
+ ; Extensions that follow this general
+ ; syntax should use nstring instead of
+ ; astring when appropriate in the context
+ ; of the extension.
+ ; Note that a message set or a "number"
+ ; can always be represented as an "atom".
+ ; A URL should be represented as
+ ; a "quoted" string.
+
+ tagged-ext-simple = sequence-set / number / number64
+
+ tagged-ext-val = tagged-ext-simple /
+ "(" [tagged-ext-comp] ")"
+
+ text = 1*(TEXT-CHAR / UTF8-2 / UTF8-3 / UTF8-4)
+ ; Non-ASCII text can only be returned
+ ; after ENABLE IMAP4rev2 command
+
+ TEXT-CHAR = <any CHAR except CR and LF>
+
+ time = 2DIGIT ":" 2DIGIT ":" 2DIGIT
+ ; Hours minutes seconds
+
+ uid = "UID" SP
+ (copy / move / fetch / search / store /
+ uid-expunge)
+ ; Unique identifiers used instead of message
+ ; sequence numbers
+
+ uid-expunge = "EXPUNGE" SP sequence-set
+ ; Unique identifiers used instead of message
+ ; sequence numbers
+
+ uid-set = (uniqueid / uid-range) *("," uid-set)
+
+ uid-range = (uniqueid ":" uniqueid)
+ ; two uniqueid values and all values
+ ; between these two regardless of order.
+ ; Example: 2:4 and 4:2 are equivalent.
+
+ uniqueid = nz-number
+ ; Strictly ascending
+
+ unsubscribe = "UNSUBSCRIBE" SP mailbox
+
+ userid = astring
+
+ UTF8-CHAR = <Defined in Section 4 of RFC 3629>
+
+ UTF8-2 = <Defined in Section 4 of RFC 3629>
+
+ UTF8-3 = <Defined in Section 4 of RFC 3629>
+
+ UTF8-4 = <Defined in Section 4 of RFC 3629>
+
+ vendor-token = "vendor." name-component
+ ; Definition copied from RFC 2244.
+ ; MUST be registered with IANA
+
+ zone = ("+" / "-") 4DIGIT
+ ; Signed four-digit value of hhmm representing
+ ; hours and minutes east of Greenwich (that is,
+ ; the amount that the given time differs from
+ ; Universal Time). Subtracting the timezone
+ ; from the given time will give the UT form.
+ ; The Universal Time zone is "+0000".
+
+10. Author's Note
+
+ This document is a revision or rewrite of earlier documents and
+ supercedes the protocol specification in those documents: [RFC3501],
+ [RFC2060], [RFC1730], unpublished IMAP2bis.TXT document, [IMAP2], and
+ [RFC1064].
+
+11. Security Considerations
+
+ IMAP4rev2 protocol transactions, including electronic mail data, are
+ sent in the clear over the network, exposing them to possible
+ eavesdropping and manipulation unless protection is negotiated. This
+ can be accomplished by use of the Implicit TLS port, the STARTTLS
+ command, negotiated confidentiality protection in the AUTHENTICATE
+ command, or some other protection mechanism.
+
+11.1. TLS-Related Security Considerations
+
+ This section applies to use of both the STARTTLS command and the
+ Implicit TLS port.
+
+ IMAP client and server implementations MUST comply with relevant TLS
+ recommendations from [RFC8314]. If recommendations/requirements in
+ this document conflict with recommendations from [RFC8314], for
+ example in regards to TLS ciphersuites, recommendations from this
+ document take precedence.
+
+ Clients and servers MUST implement TLS 1.2 [TLS-1.2] or newer. Use
+ of TLS 1.3 [TLS-1.3] is RECOMMENDED. TLS 1.2 may be used only in
+ cases where the other party has not yet implemented TLS 1.3.
+ Additionally, when using TLS 1.2, IMAP implementations MUST implement
+ the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite. This is
+ important as it ensures that any two compliant implementations can be
+ configured to interoperate. Other TLS cipher suites recommended in
+ RFC 7525 [RFC7525] are RECOMMENDED:
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, and
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. All other cipher suites are
+ OPTIONAL. Note that this is a change from Section 2.1 of [IMAP-TLS].
+
+ The list of mandatory-to-implement TLS 1.3 cipher suites is described
+ in Section 9.1 of [TLS-1.3].
+
+ During the TLS negotiation [TLS-1.3] [TLS-1.2], the client MUST check
+ its understanding of the server hostname against the server's
+ identity as presented in the server Certificate message, in order to
+ prevent on-path attackers attempting to masquerade as the server.
+ This procedure is described in [RFC7817].
+
+ Both the client and server MUST check the result of the STARTTLS
+ command and subsequent TLS [TLS-1.3] [TLS-1.2] negotiation to see
+ whether acceptable authentication and/or privacy was achieved.
+
+11.2. STARTTLS Command versus Use of Implicit TLS Port
+
+ For maximum backward compatibility, the client MUST implement both
+ TLS negotiation on an Implicit TLS port and TLS negotiation using the
+ STARTTLS command on a cleartext port.
+
+ The server MUST implement TLS negotiation on an Implicit TLS port.
+ The server SHOULD also implement IMAP on a cleartext port. If the
+ server listens on a cleartext port, it MUST allow the STARTTLS
+ command on it.
+
+ Some site/firewall maintainers insist on TLS site-wide and prefer not
+ to rely on a configuration option in each higher-level protocol. For
+ this reason, IMAP4rev2 clients SHOULD try both ports 993 and 143 (and
+ both IPv4 and IPv6) concurrently by default, unless overridden by
+ either user configuration or DNS SRV records [RFC6186]. A good
+ algorithm for implementing such concurrent connect is described in
+ [RFC8305].
+
+11.3. Client Handling of Unsolicited Responses Not Suitable for the
+ Current Connection State
+
+ Cleartext mail transmission (whether caused by firewall configuration
+ errors that result in TLS stripping or weak security policies in
+ email clients that choose not to negotiate TLS in the first place)
+ can enable injection of responses that can confuse or even cause
+ crashes in email clients. The following measures are recommended to
+ minimize damage from them.
+
+ * See Section 7.1.4 for special security considerations related to
+ the PREAUTH response.
+
+ * Many server responses and response codes are only meaningful in
+ authenticated or even selected state. However, nothing prevents a
+ server (or an on-path attacker) from sending such invalid
+ responses in cleartext before STARTTLS/AUTHENTICATE commands are
+ issued. Before authentication, clients SHOULD ignore any
+ responses other than CAPABILITY and server status responses
+ (Section 7.1), as well as any response codes other than
+ CAPABILITY. (In particular, some email clients are known to
+ incorrectly process LIST responses received before authentication,
+ or FETCH responses when no mailbox is selected.) Clients SHOULD
+ ignore the ALERT response code until after TLS (whether using
+ STARTTLS or TLS negotiation on an Implicit TLS port) or a SASL
+ security layer with confidentiality protection has been
+ successfully negotiated. Unless explicitly allowed by an IMAP
+ extension, when not in selected state, clients MUST ignore
+ responses / response codes related to message and mailbox status
+ such as FLAGS, EXIST, EXPUNGE, and FETCH.
+
+11.4. COPYUID and APPENDUID Response Codes
+
+ The COPYUID and APPENDUID response codes return information about the
+ mailbox, which may be considered sensitive if the mailbox has
+ permissions set that permit the client to COPY or APPEND to the
+ mailbox, but not SELECT or EXAMINE it.
+
+ Consequently, these response codes SHOULD NOT be issued if the client
+ does not have access to SELECT or EXAMINE the mailbox.
+
+11.5. LIST Command and Other Users' Namespace
+
+ In response to a LIST command containing an argument of the Other
+ Users' Namespace prefix, a server MUST NOT list users that have not
+ granted list access to their personal mailboxes to the currently
+ authenticated user. Providing such a list could compromise security
+ by potentially disclosing confidential information of who is located
+ on the server or providing a starting point for a list of user
+ accounts to attack.
+
+11.6. Use of MD5
+
+ The BODYSTRUCTURE FETCH data item can contain the MD5 digest of the
+ message body in the "body MD5" field (body-fld-md5 ABNF production).
+ While MD5 is no longer considered a secure cryptographic hash
+ [RFC6151], this field is used solely to expose the value of the
+ Content-MD5 header field (if present in the original message), which
+ is just a message integrity check and is not used for cryptographic
+ purposes. Also note that other mechanisms that provide message
+ integrity checks were defined since RFC 1864 [MD5] was published and
+ are now more commonly used than Content-MD5. Two such mechanisms are
+ the DKIM-Signature header field [RFC6376] and S/MIME signing
+ [RFC8550] [RFC8551].
+
+11.7. Other Security Considerations
+
+ A server error message for an AUTHENTICATE command that fails due to
+ invalid credentials SHOULD NOT detail why the credentials are
+ invalid.
+
+ Use of the LOGIN command sends passwords in the clear. This can be
+ avoided by using the AUTHENTICATE command with a [SASL] mechanism
+ that does not use plaintext passwords, by first negotiating
+ encryption via STARTTLS or some other protection mechanism.
+
+ A server implementation MUST implement a configuration that, at the
+ time of authentication, requires:
+
+ 1. The STARTTLS command has been negotiated or TLS negotiated on an
+ Implicit TLS port
+ OR
+ 2. Some other mechanism that protects the session from password
+ snooping has been provided
+ OR
+ 3. The following measures are in place:
+ a) The LOGINDISABLED capability is advertised, and [SASL]
+ mechanisms (such as PLAIN) using plaintext passwords are NOT
+ advertised in the CAPABILITY list.
+ AND
+ b) The LOGIN command returns an error even if the password is
+ correct
+ AND
+ c) The AUTHENTICATE command returns an error with all [SASL]
+ mechanisms that use plaintext passwords, even if the password
+ is correct.
+
+ A server error message for a failing LOGIN command SHOULD NOT specify
+ that the user name, as opposed to the password, is invalid.
+
+ A server SHOULD have mechanisms in place to limit or delay failed
+ AUTHENTICATE/LOGIN attempts.
+
+ A server SHOULD report any authentication failure and analyze such
+ authentication failure attempts with regard to a password brute-force
+ attack as well as a password spraying attack [NCSC]. Accounts with
+ passwords that match well-known passwords from spraying attacks MUST
+ be blocked, and users associated with such accounts must be requested
+ to change their passwords. Only a password with significant strength
+ SHOULD be accepted.
+
+ Additional security considerations are discussed in the sections that
+ define the AUTHENTICATE and LOGIN commands (see Sections 6.2.2 and
+ 6.2.3, respectively).
+
+12. IANA Considerations
+
+ IANA has updated the "Service Names and Transport Protocol Port
+ Numbers" registry as follows:
+
+ 1. Registration for TCP port 143 and the corresponding "imap"
+ service name have been updated to point to this document and
+ [RFC3501].
+
+ 2. Registration for TCP port 993 and the corresponding "imaps"
+ service name have been updated to point to this document,
+ [RFC8314], and [RFC3501].
+
+ 3. UDP ports 143 and 993 have both been marked as "Reserved" in the
+ registry.
+
+ Additional IANA actions are specified in the subsections that follow.
+
+12.1. Updates to IMAP Capabilities Registry
+
+ IMAP4 capabilities are registered by publishing a Standards Track or
+ IESG-approved Informational or Experimental RFC. The registry is
+ currently located at: <https://www.iana.org/assignments/
+ imap4-capabilities>
+
+ As this specification revises the AUTH= prefix, STARTTLS, and
+ LOGINDISABLED extensions, IANA has updated registry entries for these
+ 3 extensions to point to this document and [RFC3501].
+
+12.2. GSSAPI/SASL Service Name
+
+ GSSAPI/Kerberos/SASL service names are registered by publishing a
+ Standards Track or IESG-approved Experimental RFC. The registry is
+ currently located at: <https://www.iana.org/assignments/gssapi-
+ service-names>
+
+ IANA has updated the "imap" service name previously registered in
+ [RFC3501] to point to both this document and [RFC3501].
+
+12.3. LIST Selection Options, LIST Return Options, and LIST Extended
+ Data Items
+
+ [RFC5258] specifies IANA registration procedures for LIST selection
+ options, LIST return options, and LIST extended data items. This
+ document doesn't change these registration procedures. In
+ particular, LIST selection options (Section 6.3.9.1) and LIST return
+ options (Section 6.3.9.2) are registered using the procedure
+ specified in Section 9 of [RFC5258] (and using the registration
+ template from Section 9.3 of [RFC5258]). LIST extended data items
+ are registered using the registration template from Section 9.6 of
+ [RFC5258]).
+
+ IANA has added a reference to RFC 9051 for the "OLDNAME" LIST-
+ EXTENDED extended data item entry. This is in addition to the
+ existing reference to [RFC5465].
+
+12.4. IMAP Mailbox Name Attributes and IMAP Response Codes
+
+ IANA has updated the "IMAP Mailbox Name Attributes" registry to point
+ to this document in addition to [RFC3501].
+
+ IANA has updated the "IMAP Response Codes" registry to point to this
+ document in addition to [RFC3501].
+
+13. References
+
+13.1. Normative References
+
+ [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
+ Specifications: ABNF", STD 68, RFC 5234,
+ DOI 10.17487/RFC5234, January 2008,
+ <https://www.rfc-editor.org/info/rfc5234>.
+
+ [BCP178] Saint-Andre, P., Crocker, D., and M. Nottingham,
+ "Deprecating the "X-" Prefix and Similar Constructs in
+ Application Protocols", BCP 178, RFC 6648, June 2012.
+
+ <https://www.rfc-editor.org/info/bcp178>
+
+ [CHARSET] Freed, N. and J. Postel, "IANA Charset Registration
+ Procedures", BCP 19, RFC 2978, DOI 10.17487/RFC2978,
+ October 2000, <https://www.rfc-editor.org/info/rfc2978>.
+
+ [DISPOSITION]
+ Troost, R., Dorner, S., and K. Moore, Ed., "Communicating
+ Presentation Information in Internet Messages: The
+ Content-Disposition Header Field", RFC 2183,
+ DOI 10.17487/RFC2183, August 1997,
+ <https://www.rfc-editor.org/info/rfc2183>.
+
+ [I18N-HDRS]
+ Yang, A., Steele, S., and N. Freed, "Internationalized
+ Email Headers", RFC 6532, DOI 10.17487/RFC6532, February
+ 2012, <https://www.rfc-editor.org/info/rfc6532>.
+
+ [IMAP-IMPLEMENTATION]
+ Leiba, B., "IMAP4 Implementation Recommendations",
+ RFC 2683, DOI 10.17487/RFC2683, September 1999,
+ <https://www.rfc-editor.org/info/rfc2683>.
+
+ [IMAP-MULTIACCESS]
+ Gahrns, M., "IMAP4 Multi-Accessed Mailbox Practice",
+ RFC 2180, DOI 10.17487/RFC2180, July 1997,
+ <https://www.rfc-editor.org/info/rfc2180>.
+
+ [LANGUAGE-TAGS]
+ Alvestrand, H., "Content Language Headers", RFC 3282,
+ DOI 10.17487/RFC3282, May 2002,
+ <https://www.rfc-editor.org/info/rfc3282>.
+
+ [LOCATION] Palme, J., Hopmann, A., and N. Shelness, "MIME
+ Encapsulation of Aggregate Documents, such as HTML
+ (MHTML)", RFC 2557, DOI 10.17487/RFC2557, March 1999,
+ <https://www.rfc-editor.org/info/rfc2557>.
+
+ [MD5] Myers, J. and M. Rose, "The Content-MD5 Header Field",
+ RFC 1864, DOI 10.17487/RFC1864, October 1995,
+ <https://www.rfc-editor.org/info/rfc1864>.
+
+ [MIME-HDRS]
+ Moore, K., "MIME (Multipurpose Internet Mail Extensions)
+ Part Three: Message Header Extensions for Non-ASCII Text",
+ RFC 2047, DOI 10.17487/RFC2047, November 1996,
+ <https://www.rfc-editor.org/info/rfc2047>.
+
+ [MIME-IMB] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part One: Format of Internet Message
+ Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
+ <https://www.rfc-editor.org/info/rfc2045>.
+
+ [MIME-IMT] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
+ Extensions (MIME) Part Two: Media Types", RFC 2046,
+ DOI 10.17487/RFC2046, November 1996,
+ <https://www.rfc-editor.org/info/rfc2046>.
+
+ [MULTIAPPEND]
+ Crispin, M., "Internet Message Access Protocol (IMAP) -
+ MULTIAPPEND Extension", RFC 3502, DOI 10.17487/RFC3502,
+ March 2003, <https://www.rfc-editor.org/info/rfc3502>.
+
+ [NET-UNICODE]
+ Klensin, J. and M. Padlipsky, "Unicode Format for Network
+ Interchange", RFC 5198, DOI 10.17487/RFC5198, March 2008,
+ <https://www.rfc-editor.org/info/rfc5198>.
+
+ [PLAIN] Zeilenga, K., Ed., "The PLAIN Simple Authentication and
+ Security Layer (SASL) Mechanism", RFC 4616,
+ DOI 10.17487/RFC4616, August 2006,
+ <https://www.rfc-editor.org/info/rfc4616>.
+
+ [RFC2077] Nelson, S., Parks, C., and , "The Model Primary Content
+ Type for Multipurpose Internet Mail Extensions", RFC 2077,
+ DOI 10.17487/RFC2077, January 1997,
+ <https://www.rfc-editor.org/info/rfc2077>.
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119,
+ DOI 10.17487/RFC2119, March 1997,
+ <https://www.rfc-editor.org/info/rfc2119>.
+
+ [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded
+ Word Extensions: Character Sets, Languages, and
+ Continuations", RFC 2231, DOI 10.17487/RFC2231, November
+ 1997, <https://www.rfc-editor.org/info/rfc2231>.
+
+ [RFC3503] Melnikov, A., "Message Disposition Notification (MDN)
+ profile for Internet Message Access Protocol (IMAP)",
+ RFC 3503, DOI 10.17487/RFC3503, March 2003,
+ <https://www.rfc-editor.org/info/rfc3503>.
+
+ [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
+ Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
+ <https://www.rfc-editor.org/info/rfc4648>.
+
+ [RFC4752] Melnikov, A., Ed., "The Kerberos V5 ("GSSAPI") Simple
+ Authentication and Security Layer (SASL) Mechanism",
+ RFC 4752, DOI 10.17487/RFC4752, November 2006,
+ <https://www.rfc-editor.org/info/rfc4752>.
+
+ [RFC5258] Leiba, B. and A. Melnikov, "Internet Message Access
+ Protocol version 4 - LIST Command Extensions", RFC 5258,
+ DOI 10.17487/RFC5258, June 2008,
+ <https://www.rfc-editor.org/info/rfc5258>.
+
+ [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322,
+ DOI 10.17487/RFC5322, October 2008,
+ <https://www.rfc-editor.org/info/rfc5322>.
+
+ [RFC5788] Melnikov, A. and D. Cridland, "IMAP4 Keyword Registry",
+ RFC 5788, DOI 10.17487/RFC5788, March 2010,
+ <https://www.rfc-editor.org/info/rfc5788>.
+
+ [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre,
+ "Recommendations for Secure Use of Transport Layer
+ Security (TLS) and Datagram Transport Layer Security
+ (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May
+ 2015, <https://www.rfc-editor.org/info/rfc7525>.
+
+ [RFC7817] Melnikov, A., "Updated Transport Layer Security (TLS)
+ Server Identity Check Procedure for Email-Related
+ Protocols", RFC 7817, DOI 10.17487/RFC7817, March 2016,
+ <https://www.rfc-editor.org/info/rfc7817>.
+
+ [RFC8081] Lilley, C., "The "font" Top-Level Media Type", RFC 8081,
+ DOI 10.17487/RFC8081, February 2017,
+ <https://www.rfc-editor.org/info/rfc8081>.
+
+ [RFC8098] Hansen, T., Ed. and A. Melnikov, Ed., "Message Disposition
+ Notification", STD 85, RFC 8098, DOI 10.17487/RFC8098,
+ February 2017, <https://www.rfc-editor.org/info/rfc8098>.
+
+ [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
+ 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
+ May 2017, <https://www.rfc-editor.org/info/rfc8174>.
+
+ [RFC8314] Moore, K. and C. Newman, "Cleartext Considered Obsolete:
+ Use of Transport Layer Security (TLS) for Email Submission
+ and Access", RFC 8314, DOI 10.17487/RFC8314, January 2018,
+ <https://www.rfc-editor.org/info/rfc8314>.
+
+ [SASL] Melnikov, A., Ed. and K. Zeilenga, Ed., "Simple
+ Authentication and Security Layer (SASL)", RFC 4422,
+ DOI 10.17487/RFC4422, June 2006,
+ <https://www.rfc-editor.org/info/rfc4422>.
+
+ [SCRAM-SHA-256]
+ Hansen, T., "SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple
+ Authentication and Security Layer (SASL) Mechanisms",
+ RFC 7677, DOI 10.17487/RFC7677, November 2015,
+ <https://www.rfc-editor.org/info/rfc7677>.
+
+ [TLS-1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security
+ (TLS) Protocol Version 1.2", RFC 5246,
+ DOI 10.17487/RFC5246, August 2008,
+ <https://www.rfc-editor.org/info/rfc5246>.
+
+ [TLS-1.3] Rescorla, E., "The Transport Layer Security (TLS) Protocol
+ Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
+ <https://www.rfc-editor.org/info/rfc8446>.
+
+ [UTF-7] Goldsmith, D. and M. Davis, "UTF-7 A Mail-Safe
+ Transformation Format of Unicode", RFC 2152,
+ DOI 10.17487/RFC2152, May 1997,
+ <https://www.rfc-editor.org/info/rfc2152>.
+
+ [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
+ 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November
+ 2003, <https://www.rfc-editor.org/info/rfc3629>.
+
+13.2. Informative References
+
+13.2.1. Related Protocols
+
+ [ANONYMOUS]
+ Zeilenga, K., "Anonymous Simple Authentication and
+ Security Layer (SASL) Mechanism", RFC 4505,
+ DOI 10.17487/RFC4505, June 2006,
+ <https://www.rfc-editor.org/info/rfc4505>.
+
+ [CERT-555316]
+ Carnegie Mellon University, "STARTTLS plaintext command
+ injection vulnerability", Software Engineering Institute,
+ CERT Coordination Center, Vulnerability Note VU#555316,
+ September 2011, <https://www.kb.cert.org/vuls/id/555316>.
+
+ [CHARSET-REG]
+ IANA, "Character Set Registrations",
+ <https://www.iana.org/assignments/charset-reg/>.
+
+ [IMAP-DISC]
+ Melnikov, A., Ed., "Synchronization Operations for
+ Disconnected IMAP4 Clients", RFC 4549,
+ DOI 10.17487/RFC4549, June 2006,
+ <https://www.rfc-editor.org/info/rfc4549>.
+
+ [IMAP-I18N]
+ Newman, C., Gulbrandsen, A., and A. Melnikov, "Internet
+ Message Access Protocol Internationalization", RFC 5255,
+ DOI 10.17487/RFC5255, June 2008,
+ <https://www.rfc-editor.org/info/rfc5255>.
+
+ [IMAP-KEYWORDS-REG]
+ IANA, "IMAP and JMAP Keywords",
+ <https://www.iana.org/assignments/imap-jmap-keywords/>.
+
+ [IMAP-MAILBOX-NAME-ATTRS-REG]
+ IANA, "IMAP Mailbox Name Attributes",
+ <https://www.iana.org/assignments/imap-mailbox-name-
+ attributes/>.
+
+ [IMAP-MODEL]
+ Crispin, M., "Distributed Electronic Mail Models in
+ IMAP4", RFC 1733, DOI 10.17487/RFC1733, December 1994,
+ <https://www.rfc-editor.org/info/rfc1733>.
+
+ [IMAP-URL] Melnikov, A., Ed. and C. Newman, "IMAP URL Scheme",
+ RFC 5092, DOI 10.17487/RFC5092, November 2007,
+ <https://www.rfc-editor.org/info/rfc5092>.
+
+ [IMAP-UTF-8]
+ Resnick, P., Ed., Newman, C., Ed., and S. Shen, Ed., "IMAP
+ Support for UTF-8", RFC 6855, DOI 10.17487/RFC6855, March
+ 2013, <https://www.rfc-editor.org/info/rfc6855>.
+
+ [NCSC] NCSC, "Spray you, spray me: defending against password
+ spraying attacks", May 2018, <https://www.ncsc.gov.uk/
+ blog-post/spray-you-spray-me-defending-against-password-
+ spraying-attacks>.
+
+ [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087,
+ DOI 10.17487/RFC2087, January 1997,
+ <https://www.rfc-editor.org/info/rfc2087>.
+
+ [RFC2177] Leiba, B., "IMAP4 IDLE command", RFC 2177,
+ DOI 10.17487/RFC2177, June 1997,
+ <https://www.rfc-editor.org/info/rfc2177>.
+
+ [RFC2193] Gahrns, M., "IMAP4 Mailbox Referrals", RFC 2193,
+ DOI 10.17487/RFC2193, September 1997,
+ <https://www.rfc-editor.org/info/rfc2193>.
+
+ [RFC2342] Gahrns, M. and C. Newman, "IMAP4 Namespace", RFC 2342,
+ DOI 10.17487/RFC2342, May 1998,
+ <https://www.rfc-editor.org/info/rfc2342>.
+
+ [RFC3348] Gahrns, M. and R. Cheng, "The Internet Message Action
+ Protocol (IMAP4) Child Mailbox Extension", RFC 3348,
+ DOI 10.17487/RFC3348, July 2002,
+ <https://www.rfc-editor.org/info/rfc3348>.
+
+ [RFC3516] Nerenberg, L., "IMAP4 Binary Content Extension", RFC 3516,
+ DOI 10.17487/RFC3516, April 2003,
+ <https://www.rfc-editor.org/info/rfc3516>.
+
+ [RFC3691] Melnikov, A., "Internet Message Access Protocol (IMAP)
+ UNSELECT command", RFC 3691, DOI 10.17487/RFC3691,
+ February 2004, <https://www.rfc-editor.org/info/rfc3691>.
+
+ [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension",
+ RFC 4314, DOI 10.17487/RFC4314, December 2005,
+ <https://www.rfc-editor.org/info/rfc4314>.
+
+ [RFC4315] Crispin, M., "Internet Message Access Protocol (IMAP) -
+ UIDPLUS extension", RFC 4315, DOI 10.17487/RFC4315,
+ December 2005, <https://www.rfc-editor.org/info/rfc4315>.
+
+ [RFC4466] Melnikov, A. and C. Daboo, "Collected Extensions to IMAP4
+ ABNF", RFC 4466, DOI 10.17487/RFC4466, April 2006,
+ <https://www.rfc-editor.org/info/rfc4466>.
+
+ [RFC4731] Melnikov, A. and D. Cridland, "IMAP4 Extension to SEARCH
+ Command for Controlling What Kind of Information Is
+ Returned", RFC 4731, DOI 10.17487/RFC4731, November 2006,
+ <https://www.rfc-editor.org/info/rfc4731>.
+
+ [RFC4959] Siemborski, R. and A. Gulbrandsen, "IMAP Extension for
+ Simple Authentication and Security Layer (SASL) Initial
+ Client Response", RFC 4959, DOI 10.17487/RFC4959,
+ September 2007, <https://www.rfc-editor.org/info/rfc4959>.
+
+ [RFC5161] Gulbrandsen, A., Ed. and A. Melnikov, Ed., "The IMAP
+ ENABLE Extension", RFC 5161, DOI 10.17487/RFC5161, March
+ 2008, <https://www.rfc-editor.org/info/rfc5161>.
+
+ [RFC5182] Melnikov, A., "IMAP Extension for Referencing the Last
+ SEARCH Result", RFC 5182, DOI 10.17487/RFC5182, March
+ 2008, <https://www.rfc-editor.org/info/rfc5182>.
+
+ [RFC5256] Crispin, M. and K. Murchison, "Internet Message Access
+ Protocol - SORT and THREAD Extensions", RFC 5256,
+ DOI 10.17487/RFC5256, June 2008,
+ <https://www.rfc-editor.org/info/rfc5256>.
+
+ [RFC5465] Gulbrandsen, A., King, C., and A. Melnikov, "The IMAP
+ NOTIFY Extension", RFC 5465, DOI 10.17487/RFC5465,
+ February 2009, <https://www.rfc-editor.org/info/rfc5465>.
+
+ [RFC5530] Gulbrandsen, A., "IMAP Response Codes", RFC 5530,
+ DOI 10.17487/RFC5530, May 2009,
+ <https://www.rfc-editor.org/info/rfc5530>.
+
+ [RFC5819] Melnikov, A. and T. Sirainen, "IMAP4 Extension for
+ Returning STATUS Information in Extended LIST", RFC 5819,
+ DOI 10.17487/RFC5819, March 2010,
+ <https://www.rfc-editor.org/info/rfc5819>.
+
+ [RFC6151] Turner, S. and L. Chen, "Updated Security Considerations
+ for the MD5 Message-Digest and the HMAC-MD5 Algorithms",
+ RFC 6151, DOI 10.17487/RFC6151, March 2011,
+ <https://www.rfc-editor.org/info/rfc6151>.
+
+ [RFC6154] Leiba, B. and J. Nicolson, "IMAP LIST Extension for
+ Special-Use Mailboxes", RFC 6154, DOI 10.17487/RFC6154,
+ March 2011, <https://www.rfc-editor.org/info/rfc6154>.
+
+ [RFC6186] Daboo, C., "Use of SRV Records for Locating Email
+ Submission/Access Services", RFC 6186,
+ DOI 10.17487/RFC6186, March 2011,
+ <https://www.rfc-editor.org/info/rfc6186>.
+
+ [RFC6376] Crocker, D., Ed., Hansen, T., Ed., and M. Kucherawy, Ed.,
+ "DomainKeys Identified Mail (DKIM) Signatures", STD 76,
+ RFC 6376, DOI 10.17487/RFC6376, September 2011,
+ <https://www.rfc-editor.org/info/rfc6376>.
+
+ [RFC6409] Gellens, R. and J. Klensin, "Message Submission for Mail",
+ STD 72, RFC 6409, DOI 10.17487/RFC6409, November 2011,
+ <https://www.rfc-editor.org/info/rfc6409>.
+
+ [RFC6851] Gulbrandsen, A. and N. Freed, Ed., "Internet Message
+ Access Protocol (IMAP) - MOVE Extension", RFC 6851,
+ DOI 10.17487/RFC6851, January 2013,
+ <https://www.rfc-editor.org/info/rfc6851>.
+
+ [RFC7162] Melnikov, A. and D. Cridland, "IMAP Extensions: Quick Flag
+ Changes Resynchronization (CONDSTORE) and Quick Mailbox
+ Resynchronization (QRESYNC)", RFC 7162,
+ DOI 10.17487/RFC7162, May 2014,
+ <https://www.rfc-editor.org/info/rfc7162>.
+
+ [RFC7888] Melnikov, A., Ed., "IMAP4 Non-synchronizing Literals",
+ RFC 7888, DOI 10.17487/RFC7888, May 2016,
+ <https://www.rfc-editor.org/info/rfc7888>.
+
+ [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
+ Writing an IANA Considerations Section in RFCs", BCP 26,
+ RFC 8126, DOI 10.17487/RFC8126, June 2017,
+ <https://www.rfc-editor.org/info/rfc8126>.
+
+ [RFC8305] Schinazi, D. and T. Pauly, "Happy Eyeballs Version 2:
+ Better Connectivity Using Concurrency", RFC 8305,
+ DOI 10.17487/RFC8305, December 2017,
+ <https://www.rfc-editor.org/info/rfc8305>.
+
+ [RFC8438] Bosch, S., "IMAP Extension for STATUS=SIZE", RFC 8438,
+ DOI 10.17487/RFC8438, August 2018,
+ <https://www.rfc-editor.org/info/rfc8438>.
+
+ [RFC8474] Gondwana, B., Ed., "IMAP Extension for Object
+ Identifiers", RFC 8474, DOI 10.17487/RFC8474, September
+ 2018, <https://www.rfc-editor.org/info/rfc8474>.
+
+ [RFC8550] Schaad, J., Ramsdell, B., and S. Turner, "Secure/
+ Multipurpose Internet Mail Extensions (S/MIME) Version 4.0
+ Certificate Handling", RFC 8550, DOI 10.17487/RFC8550,
+ April 2019, <https://www.rfc-editor.org/info/rfc8550>.
+
+ [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/
+ Multipurpose Internet Mail Extensions (S/MIME) Version 4.0
+ Message Specification", RFC 8551, DOI 10.17487/RFC8551,
+ April 2019, <https://www.rfc-editor.org/info/rfc8551>.
+
+ [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
+ DOI 10.17487/RFC5321, October 2008,
+ <https://www.rfc-editor.org/info/rfc5321>.
+
+13.2.2. Historical Aspects of IMAP and Related Protocols
+
+ [IMAP-COMPAT]
+ Crispin, M., "IMAP4 Compatibility with IMAP2bis",
+ RFC 2061, DOI 10.17487/RFC2061, December 1996,
+ <https://www.rfc-editor.org/info/rfc2061>.
+
+ [IMAP-HISTORICAL]
+ Crispin, M., "IMAP4 Compatibility with IMAP2 and
+ IMAP2bis", RFC 1732, DOI 10.17487/RFC1732, December 1994,
+ <https://www.rfc-editor.org/info/rfc1732>.
+
+ [IMAP-OBSOLETE]
+ Crispin, M., "Internet Message Access Protocol - Obsolete
+ Syntax", RFC 2062, DOI 10.17487/RFC2062, December 1996,
+ <https://www.rfc-editor.org/info/rfc2062>.
+
+ [IMAP-TLS] Newman, C., "Using TLS with IMAP, POP3 and ACAP",
+ RFC 2595, DOI 10.17487/RFC2595, June 1999,
+ <https://www.rfc-editor.org/info/rfc2595>.
+
+ [IMAP2] Crispin, M., "Interactive Mail Access Protocol: Version
+ 2", RFC 1176, DOI 10.17487/RFC1176, August 1990,
+ <https://www.rfc-editor.org/info/rfc1176>.
+
+ [IMAP2BIS] Crispin, M., "INTERACTIVE MAIL ACCESS PROTOCOL - VERSION
+ 2bis", Work in Progress, Internet-Draft, draft-ietf-imap-
+ imap2bis-02, 29 October 1993,
+ <https://datatracker.ietf.org/doc/html/draft-ietf-imap-
+ imap2bis-02>.
+
+ [RFC1064] Crispin, M., "Interactive Mail Access Protocol: Version
+ 2", RFC 1064, DOI 10.17487/RFC1064, July 1988,
+ <https://www.rfc-editor.org/info/rfc1064>.
+
+ [RFC1730] Crispin, M., "Internet Message Access Protocol - Version
+ 4", RFC 1730, DOI 10.17487/RFC1730, December 1994,
+ <https://www.rfc-editor.org/info/rfc1730>.
+
+ [RFC2060] Crispin, M., "Internet Message Access Protocol - Version
+ 4rev1", RFC 2060, DOI 10.17487/RFC2060, December 1996,
+ <https://www.rfc-editor.org/info/rfc2060>.
+
+ [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
+ 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003,
+ <https://www.rfc-editor.org/info/rfc3501>.
+
+ [RFC822] Crocker, D., "STANDARD FOR THE FORMAT OF ARPA INTERNET
+ TEXT MESSAGES", STD 11, RFC 822, DOI 10.17487/RFC0822,
+ August 1982, <https://www.rfc-editor.org/info/rfc822>.
+
+Appendix A. Backward Compatibility with IMAP4rev1
+
+ An implementation that wants to remain compatible with IMAP4rev1 can
+ advertise both IMAP4rev1 and IMAP4rev2 in its CAPABILITY response /
+ response code. (Such server implementation is likely to also want to
+ advertise other IMAP4rev1 extensions that were folded into IMAP4rev2;
+ see Appendix E.) While some IMAP4rev1 responses were removed in
+ IMAP4rev2, their presence will not break IMAP4rev2-only clients.
+
+ If both IMAP4rev1 and IMAP4rev2 are advertised, an IMAP client that
+ wants to use IMAP4rev2 MUST issue an "ENABLE IMAP4rev2" command.
+
+ When compared to IMAP4rev1, some request data items, corresponding
+ response data items, and responses were removed in IMAP4rev2. See
+ Appendix E for more details. With the exception of obsolete SEARCH
+ and RECENT responses, servers advertising both IMAP4rev1 and
+ IMAP4rev2 would never return such removed response data items/
+ responses unless explicitly requested by an IMAPrev1 client.
+
+ Servers advertising both IMAP4rev1 and IMAP4rev2 MUST NOT generate
+ UTF-8-quoted strings unless the client has issued "ENABLE IMAP4rev2".
+ Consider implementation of mechanisms described or referenced in
+ [IMAP-UTF-8] to achieve this goal.
+
+ Servers advertising both IMAP4rev1 and IMAP4rev2, and clients
+ intending to be compatible with IMAP4rev1 servers, MUST be compatible
+ with the Mailbox International Naming Convention described in
+ Appendix A.1.
+
+ Also see Appendix D for special considerations for servers that
+ support 63-bit body part / message sizes and want to advertise
+ support for both IMAP4rev1 and IMAP4rev2.
+
+A.1. Mailbox International Naming Convention for Compatibility with
+ IMAP4rev1
+
+ Support for the Mailbox International Naming Convention described in
+ this section is not required for IMAP4rev2-only clients and servers.
+ It is only used for backward compatibility with IMAP4rev1
+ implementations.
+
+ By convention, international mailbox names in IMAP4rev1 are specified
+ using a modified version of the UTF-7 encoding described in [UTF-7].
+ Modified UTF-7 may also be usable in servers that implement an
+ earlier version of this protocol.
+
+ In modified UTF-7, printable US-ASCII characters, except for "&",
+ represent themselves; that is, characters with octet values 0x20-0x25
+ and 0x27-0x7e. The character "&" (0x26) is represented by the
+ 2-octet sequence "&-".
+
+ All other characters (octet values 0x00-0x1f and 0x7f-0xff) are
+ represented in modified base64, with a further modification from
+ [UTF-7] that "," is used instead of "/". Modified base64 MUST NOT be
+ used to represent any printing of a US-ASCII character that can
+ represent itself. Only characters inside the modified base64
+ alphabet are permitted in modified base64 text.
+
+ "&" is used to shift to modified base64 and "-" to shift back to US-
+ ASCII. There is no implicit shift from base64 to US-ASCII, and null
+ shifts ("-&" while in base64; note that "&-" while in US-ASCII means
+ "&") are not permitted. However, all names start in US-ASCII and
+ MUST end in US-ASCII; that is, a name that ends with a non-ASCII
+ ISO-10646 character MUST end with a "-".
+
+ The purpose of these modifications is to correct the following
+ problems with UTF-7:
+
+ 1. UTF-7 uses the "+" character for shifting; this conflicts with
+ the common use of "+" in mailbox names, in particular USENET
+ newsgroup names.
+
+ 2. UTF-7's encoding is base64, which uses the "/" character; this
+ conflicts with the use of "/" as a popular hierarchy delimiter.
+
+ 3. UTF-7 prohibits the unencoded usage of "\"; this conflicts with
+ the use of "\" as a popular hierarchy delimiter.
+
+ 4. UTF-7 prohibits the unencoded usage of "~"; this conflicts with
+ the use of "~" in some servers as a home directory indicator.
+
+ 5. UTF-7 permits multiple alternate forms to represent the same
+ string; in particular, printable US-ASCII characters can be
+ represented in encoded form.
+
+ Although modified UTF-7 is a convention, it establishes certain
+ requirements on the server handling of any mailbox name with an
+ embedded "&" character. In particular, server implementations MUST
+ preserve the exact form of the modified base64 portion of a modified
+ UTF-7 name and treat that text as case sensitive, even if names are
+ otherwise case insensitive or case folded.
+
+ Server implementations SHOULD verify that any mailbox name with an
+ embedded "&" character, used as an argument to CREATE, is: in the
+ correctly modified UTF-7 syntax; has no superfluous shifts; and has
+ no encoding in modified base64 of any printing US-ASCII character
+ that can represent itself. However, client implementations MUST NOT
+ depend upon the server doing this and SHOULD NOT attempt to create a
+ mailbox name with an embedded "&" character unless it complies with
+ the modified UTF-7 syntax.
+
+ Server implementations that export a mail store that does not follow
+ the modified UTF-7 convention MUST convert any mailbox name that
+ contains either non-ASCII characters or the "&" character to modified
+ UTF-7.
+
+ For example, here is a mailbox name that mixes English, Chinese,
+ and Japanese text: ~peter/mail/&U,BTFw-/&ZeVnLIqe-
+
+ For example, the string "&Jjo!" is not a valid mailbox name
+ because it does not contain a shift to US-ASCII before the "!".
+ The correct form is "&Jjo-!". The string "&U,BTFw-&ZeVnLIqe-" is
+ not permitted because it contains a superfluous shift. The
+ correct form is "&U,BTF2XlZyyKng-".
+
+Appendix B. Backward Compatibility with BINARY Extension
+
+ IMAP4rev2 incorporates a subset of functionality provided by the
+ BINARY extension [RFC3516]; in particular, it includes additional
+ FETCH items (BINARY, BINARY.PEEK, and BINARY.SIZE) but not extensions
+ to the APPEND command. IMAP4rev2 implementations that support full
+ [RFC3516] functionality need to also advertise the BINARY capability
+ in the CAPABILITY response / response code.
+
+Appendix C. Backward Compatibility with LIST-EXTENDED Extension
+
+ IMAP4rev2 incorporates most of the functionality provided by the
+ LIST-EXTENDED extension [RFC5258]. In particular, the syntax for
+ multiple mailbox patterns is not supported in IMAP4rev2, unless LIST-
+ EXTENDED capability is also advertised in the CAPABILITY response /
+ response code.
+
+Appendix D. 63-Bit Body Part and Message Sizes
+
+ IMAP4rev2 increases allowed body part and message sizes that servers
+ can support from 32 to 63 bits. Server implementations don't have to
+ support 63-bit-long body parts/message sizes; however, client
+ implementations have to expect them.
+
+ As IMAP4rev1 didn't support 63-bit-long body part / message sizes,
+ there is an interoperability issue exposed by 63-bit-capable servers/
+ mailboxes that are accessible by both IMAP4rev1 and IMAP4rev2 email
+ clients. As IMAP4rev1 would be unable to retrieve the full content
+ of messages bigger than 4 Gb, such servers either need to replace
+ messages bigger that 4 Gb with messages under 4 Gb or hide them from
+ IMAP4rev1 clients. This document doesn't prescribe any
+ implementation strategy to address this issue.
+
+Appendix E. Changes from RFC 3501 / IMAP4rev1
+
+ Below is the summary of changes since RFC 3501:
+
+ 1. Support for 64-bit message and body part sizes.
+
+ 2. Folded in IMAP NAMESPACE [RFC2342], UNSELECT [RFC3691], UIDPLUS
+ [RFC4315], ESEARCH [RFC4731], SEARCHRES [RFC5182], ENABLE
+ [RFC5161], IDLE [RFC2177], SASL-IR [RFC4959], LIST-EXTENDED
+ [RFC5258], LIST-STATUS [RFC5819], MOVE [RFC6851], and LITERAL-
+ extensions [RFC7888]. Also folded in IMAP ABNF extensions
+ [RFC4466], response codes [RFC5530], the FETCH side of the
+ BINARY extension [RFC3516], and the list of new mailbox
+ attributes from SPECIAL-USE [RFC6154].
+
+ 3. Added STATUS SIZE [RFC8438] and STATUS DELETED.
+
+ 4. SEARCH command now requires to return the ESEARCH response
+ (SEARCH response is now deprecated).
+
+ 5. Clarified which SEARCH keys have to use substring match and
+ which don't.
+
+ 6. Clarified that the server should decode parameter value
+ continuations as described in [RFC2231]. This requirement was
+ hidden in [RFC2231] itself.
+
+ 7. Clarified that the COPYUID response code is returned for both
+ MOVE and UID MOVE.
+
+ 8. Tightened requirements about COPY/MOVE commands not creating a
+ target mailbox. Also required them to return the TRYCREATE
+ response code, if the target mailbox doesn't exist and can be
+ created.
+
+ 9. Added the CLOSED response code from [RFC7162]. SELECT/EXAMINE
+ when a mailbox is already selected now requires a CLOSED
+ response code to be returned.
+
+ 10. SELECT/EXAMINE are now required to return an untagged LIST
+ response.
+
+ 11. UNSEEN response code on SELECT/EXAMINE is now deprecated.
+
+ 12. RECENT response on SELECT/EXAMINE, \Recent flag, RECENT STATUS,
+ and SEARCH NEW items are now deprecated.
+
+ 13. Clarified that the server doesn't need to send a new
+ PERMANENTFLAGS response code when a new keyword was successfully
+ added and the server advertised \* earlier for the same mailbox.
+
+ 14. For future extensibility, extended ABNF for tagged-ext-simple to
+ allow for bare number64.
+
+ 15. Added SHOULD level requirement on IMAP servers to support
+ $MDNSent, $Forwarded, $Junk, $NonJunk, and $Phishing keywords.
+
+ 16. Mailbox names and message headers now allow for UTF-8. Support
+ for modified UTF-7 in mailbox names is not required, unless
+ compatibility with IMAP4rev1 is desired.
+
+ 17. Removed the CHECK command. Clients should use NOOP instead.
+
+ 18. RFC822, RFC822.HEADER, and RFC822.TEXT FETCH data items were
+ deprecated. Clients should use the corresponding BODY[]
+ variants instead.
+
+ 19. LSUB command was deprecated. Clients should use LIST
+ (SUBSCRIBED) instead.
+
+ 20. IDLE command can now return updates not related to the currently
+ selected mailbox state.
+
+ 21. All unsolicited FETCH updates are required to include UID.
+
+ 22. Clarified that client implementations MUST ignore response codes
+ that they do not recognize. (Changed from a SHOULD to a MUST.)
+
+ 23. resp-text ABNF non-terminal was updated to allow for empty text.
+
+ 24. After ENABLE, IMAP4rev2 human-readable response text can include
+ non-ASCII encoded in UTF-8.
+
+ 25. Updated to use modern TLS-related recommendations as per
+ [RFC7525], [RFC7817], and [RFC8314].
+
+ 26. Added warnings about use of ALERT response codes and PREAUTH
+ response.
+
+ 27. Replaced DIGEST-MD5 SASL mechanism with SCRAM-SHA-256. DIGEST-
+ MD5 was deprecated.
+
+ 28. Clarified that any command received from the client resets
+ server autologout timer.
+
+ 29. Revised IANA registration procedure for IMAP extensions and
+ removed "X" convention in accordance with [BCP178].
+
+ 30. Loosened requirements on servers when closing connections to be
+ more aligned with existing practices.
+
+Appendix F. Other Recommended IMAP Extensions
+
+ Support for the following extensions is recommended for all IMAP
+ clients and servers. While they significantly reduce bandwidth and/
+ or number of round trips used by IMAP in certain situations, the
+ EXTRA WG decided that requiring them as a part of IMAP4rev2 would
+ push the bar to implement too high for new implementations. Also
+ note that the absence of any IMAP extension from this list doesn't
+ make it somehow deficient or not recommended for use with IMAP4rev2.
+
+ 1. Quick Mailbox Resynchronization (QRESYNC) and CONDSTORE
+ extensions [RFC7162]. They make discovering changes to IMAP
+ mailboxes more efficient, at the expense of storing a bit more
+ state.
+
+ 2. OBJECTID extension [RFC8474] helps with preserving the IMAP
+ client cache when messages are moved/copied or mailboxes are
+ renamed.
+
+Acknowledgements
+
+ Earlier draft versions of this document were edited by Mark Crispin.
+ Sadly, he is no longer available to help with this work. Editors of
+ this revision are hoping that Mark would have approved.
+
+ Chris Newman has contributed text on I18N and use of UTF-8 in
+ messages and mailbox names.
+
+ Thank you to Tony Hansen for helping with the index generation.
+ Thank you to Murray Kucherawy, Timo Sirainen, Bron Gondwana, Stephan
+ Bosch, Robert Sparks, Arnt Gulbrandsen, Benjamin Kaduk, Daniel
+ Migaul, Roman Danyliw, and Éric Vyncke for extensive feedback.
+
+ This document incorporates text from [RFC2342] (by Mike Gahrns and
+ Chris Newman), [RFC3516] (by Lyndon Nerenberg), [RFC4315] (by Mark
+ Crispin), [RFC4466] (by Cyrus Daboo), [RFC4731] (by Dave Cridland),
+ [RFC4959] (by Rob Siemborski and Arnt Gulbrandsen), [RFC5161] (by
+ Arnt Gulbrandsen), [RFC5465] (by Arnt Gulbrandsen and Curtis King),
+ [RFC5530] (by Arnt Gulbrandsen), [RFC5819] (by Timo Sirainen),
+ [RFC6154] (by Jamie Nicolson), [RFC6851] (by Arnt Gulbrandsen and Ned
+ Freed), and [RFC8438] (by Stephan Bosch), so work done by authors/
+ editors of these documents is appreciated. Note that editors of this
+ document were redacted from the above list.
+
+ The CHILDREN return option was originally proposed by Mike Gahrns and
+ Raymond Cheng in [RFC3348]. Most of the information in
+ Section 6.3.9.5 is taken directly from their original specification
+ [RFC3348].
+
+ Thank you to Damian Poddebniak, Fabian Ising, Hanno Boeck, and
+ Sebastian Schinzel for pointing out that the ENABLE command should be
+ a member of "command-auth" and not "command-any" ABNF production, as
+ well as pointing out security issues associated with ALERT, PREAUTH,
+ and other responses received before authentication.
+
+Index
+
+ $ + - \ A B C D E F H I K L M N O P R S T U
+
+ $
+
+ $Forwarded (predefined flag)
+ Section 2.3.2
+ $Junk (predefined flag)
+ Section 2.3.2
+ $MDNSent (predefined flag)
+ Section 2.3.2
+ $NotJunk (predefined flag)
+ Section 2.3.2
+ $Phishing (predefined flag)
+ Section 2.3.2, Paragraph 6.10.1
+
+ +
+
+ +FLAGS <flag list>
+ Section 6.4.6
+ +FLAGS.SILENT <flag list>
+ Section 6.4.6
+
+ -
+
+ -FLAGS <flag list>
+ Section 6.4.6
+ -FLAGS.SILENT <flag list>
+ Section 6.4.6
+
+ \
+
+ \All (mailbox name attribute)
+ Section 7.3.1
+ \Answered (system flag)
+ Section 2.3.2
+ \Archive (mailbox name attribute)
+ Section 7.3.1
+ \Deleted (system flag)
+ Section 2.3.2
+ \Draft (system flag)
+ Section 2.3.2
+ \Drafts (mailbox name attribute)
+ Section 7.3.1
+ \Flagged (mailbox name attribute)
+ Section 7.3.1
+ \Flagged (system flag)
+ Section 2.3.2
+ \HasChildren (mailbox name attribute)
+ Section 7.3.1
+ \HasNoChildren (mailbox name attribute)
+ Section 7.3.1
+ \Junk (mailbox name attribute)
+ Section 7.3.1
+ \Marked (mailbox name attribute)
+ Section 7.3.1
+ \Noinferiors (mailbox name attribute)
+ Section 7.3.1
+ \NonExistent (mailbox name attribute)
+ Section 7.3.1, Paragraph 4.2.1
+ \Noselect (mailbox name attribute)
+ Section 7.3.1
+ \Recent (system flag)
+ Section 2.3.2
+ \Remote (mailbox name attribute)
+ Section 7.3.1
+ \Seen (system flag)
+ Section 2.3.2
+ \Sent (mailbox name attribute)
+ Section 7.3.1
+ \Subscribed (mailbox name attribute)
+ Section 7.3.1
+ \Trash (mailbox name attribute)
+ Section 7.3.1
+ \Unmarked (mailbox name attribute)
+ Section 7.3.1
+
+ A
+
+ ALERT (response code)
+ Section 7.1
+ ALL (fetch item)
+ Section 6.4.5
+ ALL (search key)
+ Section 6.4.4
+ ALL (search result option)
+ Section 6.4.4, Paragraph 6.6.1
+ ALL (search return item name)
+ Section 7.3.4, Paragraph 7.6.1
+ ALREADYEXISTS (response code)
+ Section 7.1, Paragraph 4.4.1
+ ANSWERED (search key)
+ Section 6.4.4
+ APPEND (command)
+ Section 6.3.12
+ APPENDUID (response code)
+ Section 7.1, Paragraph 4.6.1
+ AUTHENTICATE (command)
+ Section 6.2.2
+ AUTHENTICATIONFAILED (response code)
+ Section 7.1, Paragraph 4.8.1
+ AUTHORIZATIONFAILED (response code)
+ Section 7.1, Paragraph 4.10.1
+
+ B
+
+ BAD (response)
+ Section 7.1.3
+ BADCHARSET (response code)
+ Section 7.1
+ BCC <string> (search key)
+ Section 6.4.4
+ BEFORE <date> (search key)
+ Section 6.4.4
+ BINARY.PEEK[<section-binary>]<<partial>> (fetch item)
+ Section 6.4.5
+ BINARY.SIZE[<section-binary>] (fetch item)
+ Section 6.4.5, Paragraph 9.6.1
+ BINARY.SIZE[<section-binary>] (fetch result)
+ Section 7.5.2, Paragraph 4.4.1
+ BINARY[<section-binary>]<<number>> (fetch result)
+ Section 7.5.2, Paragraph 4.2.1
+ BINARY[<section-binary>]<<partial>> (fetch item)
+ Section 6.4.5, Paragraph 9.2.1
+ BODY (fetch item)
+ Section 6.4.5
+ BODY (fetch result)
+ Section 7.5.2
+ BODY <string> (search key)
+ Section 6.4.4
+ BODY.PEEK[<section>]<<partial>> (fetch item)
+ Section 6.4.5
+ BODYSTRUCTURE (fetch item)
+ Section 6.4.5
+ BODYSTRUCTURE (fetch result)
+ Section 7.5.2, Paragraph 4.10.1
+ BODY[<section>]<<origin octet>> (fetch result)
+ Section 7.5.2, Paragraph 4.8.1
+ BODY[<section>]<<partial>> (fetch item)
+ Section 6.4.5, Paragraph 9.10.1
+ BYE (response)
+ Section 7.1.5
+ Body Structure (message attribute)
+ Section 2.3.6
+
+ C
+
+ CANNOT (response code)
+ Section 7.1, Paragraph 4.14.1
+ CAPABILITY (command)
+ Section 6.1.1
+ CAPABILITY (response code)
+ Section 7.1
+ CAPABILITY (response)
+ Section 7.2.2
+ CC <string> (search key)
+ Section 6.4.4
+ CLIENTBUG (response code)
+ Section 7.1, Paragraph 4.18.1
+ CLOSE (command)
+ Section 6.4.1
+ CLOSED (response code)
+ Section 7.1, Paragraph 4.20.1
+ CONTACTADMIN (response code)
+ Section 7.1, Paragraph 4.22.1
+ COPY (command)
+ Section 6.4.7
+ COPYUID (response code)
+ Section 7.1, Paragraph 4.24.1
+ CORRUPTION (response code)
+ Section 7.1, Paragraph 4.26.1
+ COUNT (search result option)
+ Section 6.4.4
+ COUNT (search return item name)
+ Section 7.3.4
+ CREATE (command)
+ Section 6.3.4
+
+ D
+
+ DELETE (command)
+ Section 6.3.5
+ DELETED (search key)
+ Section 6.4.4
+ DELETED (status item)
+ Section 6.3.11
+ DRAFT (search key)
+ Section 6.4.4
+
+ E
+
+ ENABLE (command)
+ Section 6.3.1
+ ENVELOPE (fetch item)
+ Section 6.4.5
+ ENVELOPE (fetch result)
+ Section 7.5.2, Paragraph 4.42.1
+ ESEARCH (response)
+ Section 7.3.4
+ EXAMINE (command)
+ Section 6.3.3
+ EXPIRED (response code)
+ Section 7.1, Paragraph 4.28.1
+ EXPUNGE (command)
+ Section 6.4.3
+ EXPUNGE (response)
+ Section 7.5.1
+ EXPUNGEISSUED (response code)
+ Section 7.1, Paragraph 4.30.1
+ Envelope Structure (message attribute)
+ Section 2.3.5
+
+ F
+
+ FAST (fetch item)
+ Section 6.4.5
+ FETCH (command)
+ Section 6.4.5
+ FETCH (response)
+ Section 7.5.2
+ FLAGGED (search key)
+ Section 6.4.4
+ FLAGS (fetch item)
+ Section 6.4.5
+ FLAGS (fetch result)
+ Section 7.5.2
+ FLAGS (response)
+ Section 7.3.5
+ FLAGS <flag list> (store command data item)
+ Section 6.4.6
+ FLAGS.SILENT <flag list> (store command data item)
+ Section 6.4.6
+ FROM <string> (search key)
+ Section 6.4.4
+ FULL (fetch item)
+ Section 6.4.5
+ Flags (message attribute)
+ Section 2.3.2
+
+ H
+
+ HASCHILDREN (response code)
+ Section 7.1, Paragraph 4.32.1
+ HEADER (part specifier)
+ Section 6.4.5.1, Paragraph 5
+ HEADER <field-name> <string> (search key)
+ Section 6.4.4
+ HEADER.FIELDS (part specifier)
+ Section 6.4.5.1, Paragraph 5
+ HEADER.FIELDS.NOT (part specifier)
+ Section 6.4.5.1, Paragraph 5
+
+ I
+
+ IDLE (command)
+ Section 6.3.13
+ INTERNALDATE ( fetch item)
+ Section 6.4.5
+ INTERNALDATE (fetch result)
+ Section 7.5.2
+ INUSE (response code)
+ Section 7.1, Paragraph 4.34.1
+ Internal Date (message attribute)
+ Section 2.3.3
+
+ K
+
+ KEYWORD <flag> (search key)
+ Section 6.4.4
+ Keyword (type of flag)
+ Section 2.3.2, Paragraph 4
+
+ L
+
+ LARGER <n> (search key)
+ Section 6.4.4
+ LIMIT (response code)
+ Section 7.1, Paragraph 4.36.1
+ LIST (command)
+ Section 6.3.9
+ LIST (response)
+ Section 7.3.1
+ LOGOUT (command)
+ Section 6.1.3
+
+ M
+
+ MAX (search result option)
+ Section 6.4.4, Paragraph 6.4.1
+ MAX (search return item name)
+ Section 7.3.4, Paragraph 7.4.1
+ MAY (specification requirement term)
+ Section 1.2
+ MESSAGES (status item)
+ Section 6.3.11
+ MIME (part specifier)
+ Section 6.4.5.1, Paragraph 7
+ MIN (search result option)
+ Section 6.4.4, Paragraph 6.2.1
+ MIN (search return item name)
+ Section 7.3.4, Paragraph 7.2.1
+ MOVE (command)
+ Section 6.4.8
+ MUST (specification requirement term)
+ Section 1.2
+ MUST NOT (specification requirement term)
+ Section 1.2
+ Message Sequence Number (message attribute)
+ Section 2.3.1.2
+
+ N
+
+ NAMESPACE (command)
+ Section 6.3.10
+ NAMESPACE (response)
+ Section 7.3.2
+ NO (response)
+ Section 7.1.2
+ NONEXISTENT (response code)
+ Section 7.1, Paragraph 4.38.1
+ NOOP (command)
+ Section 6.1.2
+ NOPERM (response code)
+ Section 7.1, Paragraph 4.40.1
+ NOT <search-key> (search key)
+ Section 6.4.4
+ NOT RECOMMENDED (specification requirement term)
+ Section 1.2
+
+ O
+
+ OK (response)
+ Section 7.1.1
+ ON <date> (search key)
+ Section 6.4.4
+ OPTIONAL (specification requirement term)
+ Section 1.2; Section 1.2
+ OR <search-key1> <search-key2> (search key)
+ Section 6.4.4
+ OVERQUOTA (response code)
+ Section 7.1, Paragraph 4.42.1
+
+ P
+
+ PARSE (response code)
+ Section 7.1
+ PERMANENTFLAGS (response code)
+ Section 7.1, Paragraph 4.46.1
+ PREAUTH (response)
+ Section 7.1.4
+ PRIVACYREQUIRED (response code)
+ Section 7.1, Paragraph 4.48.1
+ Permanent Flag (class of flag)
+ Section 2.3.2, Paragraph 9
+ Predefined keywords
+ Section 2.3.2, Paragraph 5
+
+ R
+
+ READ-ONLY (response code)
+ Section 7.1
+ READ-WRITE (response code)
+ Section 7.1
+ RECOMMENDED (specification requirement term)
+ Section 1.2
+ RENAME (command)
+ Section 6.3.6
+ REQUIRED (specification requirement term)
+ Section 1.2
+ RFC822.SIZE (fetch item)
+ Section 6.4.5
+ RFC822.SIZE (fetch result)
+ Section 7.5.2
+ RFC822.SIZE (message attribute)
+ Section 2.3.4
+
+ S
+
+ SAVE (search result option)
+ Section 6.4.4, Paragraph 6.10.1
+ SEARCH (command)
+ Section 6.4.4
+ SEEN (search key)
+ Section 6.4.4
+ SELECT (command)
+ Section 6.3.2
+ SENTBEFORE <date> (search key)
+ Section 6.4.4
+ SENTON <date> (search key)
+ Section 6.4.4
+ SENTSINCE <date> (search key)
+ Section 6.4.4
+ SERVERBUG (response code)
+ Section 7.1, Paragraph 4.54.1
+ SHOULD (specification requirement term)
+ Section 1.2
+ SHOULD NOT (specification requirement term)
+ Section 1.2
+ SINCE <date> (search key)
+ Section 6.4.4
+ SIZE (status item)
+ Section 6.3.11
+ SMALLER <n> (search key)
+ Section 6.4.4
+ STARTTLS (command)
+ Section 6.2.1
+ STATUS (command)
+ Section 6.3.11
+ STATUS (response)
+ Section 7.3.3
+ STORE (command)
+ Section 6.4.6
+ SUBJECT <string> (search key)
+ Section 6.4.4
+ SUBSCRIBE (command)
+ Section 6.3.7
+ Session Flag (class of flag)
+ Section 2.3.2, Paragraph 9
+ System Flag (type of flag)
+ Section 2.3.2, Paragraph 2
+
+ T
+
+ TEXT (part specifier)
+ Section 6.4.5.1, Paragraph 5
+ TEXT <string> (search key)
+ Section 6.4.4
+ TO <string> (search key)
+ Section 6.4.4
+ TRYCREATE (response code)
+ Section 7.1
+
+ U
+
+ UID (command)
+ Section 6.4.9
+ UID (fetch item)
+ Section 6.4.5
+ UID (fetch result)
+ Section 7.5.2
+ UID <sequence set> (search key)
+ Section 6.4.4
+ UIDNEXT (response code)
+ Section 7.1
+ UIDNEXT (status item)
+ Section 6.3.11
+ UIDNOTSTICKY (response code)
+ Section 7.1, Paragraph 4.60.1
+ UIDVALIDITY (response code)
+ Section 7.1
+ UIDVALIDITY (status item)
+ Section 6.3.11
+ UNANSWERED (search key)
+ Section 6.4.4
+ UNAVAILABLE (response code)
+ Section 7.1, Paragraph 4.64.1
+ UNDELETED (search key)
+ Section 6.4.4
+ UNDRAFT (search key)
+ Section 6.4.4
+ UNFLAGGED (search key)
+ Section 6.4.4
+ UNKEYWORD <flag> (search key)
+ Section 6.4.4
+ UNKNOWN-CTE (response code)
+ Section 7.1
+ UNSEEN (search key)
+ Section 6.4.4
+ UNSEEN (status item)
+ Section 6.3.11
+ UNSELECT (command)
+ Section 6.4.2
+ UNSUBSCRIBE (command)
+ Section 6.3.8
+ Unique Identifier (UID) (message attribute)
+ Section 2.3.1.1
+
+Authors' Addresses
+
+ Alexey Melnikov (editor)
+ Isode Ltd
+ 14 Castle Mews
+ Hampton, Middlesex
+ TW12 2NP
+ United Kingdom
+
+ Email: Alexey.Melnikov@isode.com
+
+
+ Barry Leiba (editor)
+ Futurewei Technologies
+
+ Email: barryleiba@computer.org
+ URI: http://internetmessagingtechnology.org/