| Post Office Protocol continue... |
Whether using POP3 or IMAP to retrieve messages, e-mail clients typically use
the SMTP_Submit profile of the Simple Mail Transfer Protocol (SMTP) to send
messages. E-mail clients are commonly categorized as either POP or
IMAP clients, but in both cases the clients also use SMTP. There are
extensions to POP3 that allow some clients to transmit outbound mail via POP3 -
these are known as "XTND XMIT" extensions. The Qualcomm qpopper and CommuniGate
Pro servers and Eudora clients are examples of systems that optionally utilize
the XTND XMIT methods of authenticated client-to-server e-mail transmission.
MIME serves as the standard for attachments and non-ASCII text in e-mail.
Although neither POP3 nor SMTP require MIME-formatted e-mail, essentially all
Internet e-mail comes MIME-formatted, so POP clients must also understand and
use MIME. IMAP, by design, assumes MIME-formatted e-mail.
Like many other older Internet protocols, POP3 originally supported only an
unencrypted login mechanism. Although plain text transmission of passwords in
POP3 still commonly occurs, POP3 currently supports several authentication
methods to provide varying levels of protection against illegitimate access to a
user's e-mail. One such method, APOP, uses the MD5 hash function in an
attempt to avoid replay attacks and disclosure of the shared secret. Clients
implementing APOP include Mozilla Thunderbird, Opera, Eudora, KMail and Novell
Evolution. POP3 clients can also support SASL authentication methods via the
AUTH extension. MIT Project Athena also produced a Kerberized version.
POP3 works over a TCP/IP connection using TCP on network port 110. E-mail
clients can encrypt POP3 traffic using TLS or SSL. A TLS or SSL connection is
negotiated using the STLS command. Some clients and servers, like Google
Gmail, instead use the deprecated alternate-port method, which uses TCP port
995.
|
