IMAP Module

The Internet Message Access Protocol allows client computers to work with messages stored in Mailboxes on remote mail servers. A computer running a mailer (mail client) application connects to the mail server computer and provides account (user) name and the password. If access to the specified user account is granted, the mail application sends protocol commands to the mail server. These protocol commands tell the server to list all messages in the Mailbox, to retrieve certain messages, to delete messages, to search for messages with the certain attributes, to move messages between Mailboxes, etc.

CommuniGate Pro IMAP supports various Internet standards (RFCs) and has many additional unique features.

Use the WebAdmin Interface to configure the IMAP module. Open the Access page in the Settings realm:

Use the Log setting to specify the type of information the IMAP module should put in the Server Log. Usually you should use the Major (message transfer reports) or Problems (message transfer and non-fatal errors) levels. But when you experience problems with the IMAP module, you may want to set the Log Level setting to Low-Level or All Info: in this case protocol-level or link-level details will be recorded in the System Log as well. When the problem is solved, set the Log Level setting to its regular value, otherwise your System Log files will grow in size very quickly.

The IMAP module records in the System Log are marked with the IMAP tag.

When you specify a non-zero value for the Maximum Number of Channels setting, the IMAP module creates a so-called "Listener". The module starts to accept all IMAP connections that mail clients establish in order to retrieve mail from your server. The setting is used to limit the number of simultaneous connections the IMAP module can accept. If there are too many incoming connections open, the module will reject new connections, and the mail client should retry later.

By default, the IMAP module Listener accepts clear text connections on the TCP port 143, and secure connections - on the TCP port 993. Follow the listener link to tune the IMAP Listener.

The IMAP module supports the STARTTLS command that allows client mailers to establish a connection in the clear text mode and then turn it into a secure connection.

Send 'Running' every

If this setting is not set to Never, the IMAP module monitors how long it take to execute the APPEND, COPY, and SEARCH operations. If any of these operations takes longer than the specified period of time, the module sends an "untagged" response to the client application. This feature can be used to prevent client application time-outs, and it can also help in dealing with various NAT boxes that tend to close connections if they show no activity.

While many other IMAP servers "lock" opened Mailboxes, the CommuniGate Pro IMAP module is designed to provide simultaneous access to any Mailbox for any number of clients.

The IMAP module uses the CommuniGate Pro Mailbox Manager that provides simultaneous access for all types of protocols and clients. See the Mailboxes section for the details.

The IMAP module supports RFC2086 (IMAP4 ACL extension). This protocol extension allows IMAP users to grant access to their Mailboxes to other users.

See the Mailboxes section for the detailed description of Mailbox ACLs.

In order to set Access Rights, a client should use a decent IMAP client that supports the ACL protocol extension. If such a client is not available, Mailbox access rights can be set using the WebUser Interface.

CommuniGate Pro allows account users to access Mailboxes in other Accounts. See the Mailboxes section for the details.

Many popular IMAP clients do not support foreign Mailboxes. There is a workaround for IMAP mailers that use the "subscription" scheme. Subscription is a list of Mailbox names that the mailer keeps on the server. Usually, mailers build the subscription list when you configure them for the first time. Later, they show only the Mailboxes included into the subscription list.

By using a different IMAP client or the WebUser Interface, a user can add a foreign Mailbox name (such as ~sales/processed or ~public/news/company) to the subscription list. This will make the old IMAP client show the foreign Mailbox along with the regular account Mailboxes, and the user will be able to work with that foreign Mailbox.

Some IMAP clients do not support foreign Mailboxes at all. To let those clients access shared Mailboxes in other Accounts, Mailbox Aliases can be used.

The IMAP module allows users to employ all authentication methods supported with the CommuniGate Pro Server.

If the Domain CLRTXT Login Method option is switched off, and the connection is not encrypted using SSL/TLS, the Server adds the LOGINDISABLED keyword into the list of its supported capabilities.

The CommuniGate Pro IMAP module provides access to Mailboxes of all Classes (Calendar, Contacts, etc.). Some clients and/or users can be confused when they see a non-Mail Mailbox.

The module includes non-Mail Mailboxes into its IMAP LIST command response if:

• the Account Non-Mail Mailboxes visible in IMAP setting is enabled, or
• the IMAP LIST command has the CLASS extension, or
• the IMAP ENABLE EXTENSIONS command has been executed.

The CommuniGate Pro IMAP module checks for any pending alert message sent to the authenticated Account. The alert messages are transferred to the client mailer using the standard IMAP [ALERT] response code.

The CommuniGate Pro IMAP module checks for alert messages right after the user is authenticated, and it can detect and send alert messages at any time during an IMAP session.

The IMAP module supports RFC2221 (Login Referrals).
As explained in the Access section all user addresses provided with mail clients are processed with the Router.
If the specified user name is routed to an external Internet address (handled with the SMTP module) the IMAP module returns a negative response and provides a login referral. If an IMAP client supports login referrals, it will automatically switch to the new address.

Sample:

A user account j.smith has been moved from your server to the account John at the othercompany.com server. In order to reroute the user mail you have created an alias record in the Router:
<j.smith> = John@othercompany.com
Now, when this user tries to connect to his old j.smith account on your server, the server rejects the user name, but provides a login referral:
1234 NO [REFERRAL IMAP://John;AUTH=*@othercompany.com/] account has been moved to a remote system
If the mail client supports login referrals, it will automatically try to connect to the server othercompany.com as the user John.

You can monitor the IMAP module activity using the WebAdmin Interface. Click the Access link in the Monitors realm to open the IMAP Monitoring page:

ID

This field contains the IMAP numeric session ID. In the CommuniGate Pro Log, this session records are marked with the IMAP-nnnnn flag, where nnnnn is the session ID.

Address

This field contains the IP address the client has connected from.

Account

This field contains the name of the client Account (after successful authentication).

Connected

This field contains the connection time (time since the client opened this TCP/IP session).

Status

This field contains either the name of the operation in progress or, if there is not pending operation, the current session status (Authenticating, Selected, etc.)

Running

If there is an IMAP operation in progress, this field contains the time since operation started.

If an IMAP connection is used for a MAPI session, the connection row is displayed with a green background.

IMAP activity can be monitored using the CommuniGate Pro Statistic Elements.

The CommuniGate Pro IMAP module implements many IMAP extensions. Some of these extenstions work in the implementation-specific manner.

QUOTA

Each account has its own Quota Root

NAMESPACE

The standard CommuniGate Pro "account name" prefix. The tilda (~) symbol can be used to access Mailboxes in other Accounts.
The ~public prefix is reported as the Public Namespace prefix, but it is the responsibility of the Domain Administrator to ensure that the Account public is created in the proper Domain.

UNSELECT

This IMAP command is equivalent to the CLOSE command, but it does not expunge any message marked as \Deleted

The CommuniGate Pro IMAP module provides several protocol extensions that are not part of the IMAP standard and are not included into the existing IMAP Extention standards.

UNSELECT

This IMAP command is equivalent to the CLOSE command, but it does not expunge any message marked as \Deleted

COPY

The ENCRYPTED certificateData parameter can be specified after the target Mailbox name. certificateData is either a base64-encoded PKI Certificate, or the asterisk (*) symbol, referring to the personal S/MIME Certificate of the authenticated user.
The copied messages are S/MIME-encrypted using the specified certificate.

MOVE, UID MOVE

These IMAP commands are equivalent to the COPY commands, but if messages have been copied successfully, they are deleted. If messages are moved within the same Account, the Mailbox storage Quota is not checked.

STATUS

The STATUS command can use the following additional data item names:

INTERNALSIZE

The data item included into the response is a number. This number specifies the size of the Mailbox as it is stored on the server. This size is close to, but not exactly the same as the sum of the RFC822.SIZE attributes of all messages stored in the Mailbox.

OLDEST

The data item included into the response is a date_time string. It specifies the INTERNALDATE of the oldest message stored in the Mailbox. If the Mailbox has no messages, this data item is not included into the response.

UNSEENMEDIA

The data item included into the response is the number of messages that have the Media flag set but do not have the Seen flag set.

Example:

A001 STATUS mailbox (UNSEEN OLDEST INTERNALSIZE UNSEENMEDIA)
* STATUS mailbox (UNSEEN 14 OLDEST "23-Feb-2002 07:59:42 +0000" INTERNALSIZE 2345678 UNSEENMEDIA 1)
A001 OK completed

LIST

The LIST command can use additional options along with the options specified in the LISTEXT extension standard:

UIDVALIDITY, CLASS, MESSAGES, UIDNEXT, UNSEEN, INTERNALSIZE, OLDEST, UNSEENMEDIA

The data items included into the response have the following format:

\option_name(option_value)

Example:

A001 LIST (CHILDREN CLASS UNSEEN INTERNALSIZE) "" "ma%"
* LIST (\HasNoChildren CLASS("IPF.Contact") \UNSEEN(14) \INTERNALSIZE(2345678) \Unmarked) mailbox
A001 OK completed

APPEND

The APPEND command can use additional options:

REPLACESUID(number)

If this extension is specified, after the message is appended, the message with the specified UID (if it exists) is removed from the target Mailbox. Appending and removing is performed as an atomic operation.

CHECKOLDEXISTS

If this extension is specified, it should be specified together with the REPLACESUID extension. When this extension is specified, the message is appended only if the message with the UID specified with the REPLACESUID extension still exists in the target Mailbox. Otherwise an error condition is generated.

Example:

A001 APPEND "Drafts" (\Seen \Draft) "20-JAN-2010" (REPLACESUID(30675) CHECKOLDEXISTS) {3450}"
+ Send the message text

Additional message flags.

The $MDN, $Hidden, and $Media IMAP message flags are supported, to allow manipulation with these message flags. Adding a $Service message flag to a message effectively removes the message from the "Mailbox view".

ENABLE EXTENSIONS

After this IMAP command has been executed:

• messages with the special $Service message flag become visible
• non-Mail Mailboxes become visible