Red Hat LINUX 7.2 Reference Manual page 260

260 Chapter 16:Email
The imap package in Red Hat Linux allows users to connect to your system and receive their email
using IMAP. Secure IMAP connections are supported through Secure Socket Layer (SSL) technology
built into the imapd daemon, allowing it to use the /usr/share/ssl/certs/imapd.pem cer-
tificate file. The stunnel program is not required to provide SSL-encryption for IMAP connections,
though it can be used. See Section 16.6.2, Secure Email Servers for more information concerning these
two encryption options.
Other free, as well as commercial, IMAP clients and servers are available, many of which extend
the IMAP protocol and provide additional functionality. A comprehensive list can be found at
http://www.imap.org/products/longlist.htm.
16.1.2 POP
The Post Office Protocol (POP) allows email clients to pull off email from remote servers and save
those messages on their local machine. Most POP email clients are automatically configured to delete
the message on the email server after it has been successfully transferred to the client's system, though
this can usually be changed.
To connect to a POP server, the email client opens a TCP connection to port 110 on the server. At
the time the connection is made, the POP server sends the POP client a greeting, after which the two
machines send each other commands and responses specified in the protocol. As part of this communi-
cation, the POP client is asked to authenticate itself in what is called the Authentication State, where
the user's username and password are sent to the POP server. If authentication is successful, then the
POP client moves on to the Transaction State, where commands like LIST, RETR, and DELE can
be used to list, download, and delete the messages from the server, respectively. Messages set to be
deleted are not actually removed from the server until the POP client sends the QUIT command to
end the session. At this point, the POP server enters the Update State, where it deletes the flagged
messages and cleans up any resources remaining from this session.
POP is a much simpler protocol than IMAP, due to the fact that fewer commands can be sent between
the client and the server. POP is also somewhat more popular, although most major email clients can
use either protocol quite well.
Most POP users only have one system that they use to read email, and they download their messages to
that machine for storage. POP also works well if you do not have a constant connection to the Internet
or network containing your mail server, although IMAP can now be configured to store messages
locally so that you can view them when disconnected from the network.
Several RFCs cover the POP protocol, but RFC-1939 defines the basic outline of POP3, the current
version.
Occasionally, you may run into lesser-used POP protocol variants:
• APOP — POP3 with MDS authentication, where an encoded hash of your password is sent from
the email client to the server rather sending the password in plaintext.