IMAP (Internet Message Access Protocol) is one of the most commonly used protocols by industry for accessing email through a web browser. IMAP is now supported by all major email providers and mail servers and is commonly used in parallel with POP (Post Office Protocol) for end-users who prefer to use email client software such as Microsoft Outlook. Originally used by popular free email service providers such as Yahoo, AOL, Hotmail, and Google’s Gmail, its now rare to find an email provider who does not include IMAP alongside POP.
What is IMAP (Internet Message Access Protocol)?
IMAP (Internet Message Access Protocol) resides at the Application Layer under the OSI Model. The protocol allows access to email located on a remote mail server and is defined by RFC 3501 (current version is IMAP version 4, revision 1). IMAP servers traditionally use port 143 while IMAPS (IMAP over SSL) uses port 993. The current version of IMAP supports both off-line and online modes of operations. This allows concurrent use of email clients and web access to email with messages only being deleted with explicit action on the end-user’s part. Earlier versions of IMAP would remove messages from the server if accessed via email client (using POP) which could result in a negative experience for the end-user.
When an email is received by a service supporting IMAP, it is saved in the recipient’s email inbox on the email server. The majority of email service providers today leverage SMTP to send email, and both IMAP and POP to allow consumers to retrieve email via multiple email clients (if desired). Some email service providers will use proprietary protocols (IBM and Microsoft) when communicating with Lotus Mail and Microsoft Exchange servers respectively; however, maintain compatibility with IMAP, POP, and SMTP protocols. This support allows popular email clients such as Mozilla Thunderbird and Pegasus Mail to inter-operate with just about any available email server technology on the market today.
How Does POP Email Work?
The POP email protocol will download email to the local computer email client by default. Depending on the end-user’s configuration, it may delete the email from the Internet Service Provider’s (ISP’s) email server. Although this saves space on the email server, prior to the adoption of IMAP across email providers, it would prevent consumers from being able to access the same email on a different computer or networked device. The primary advantage of POP is that it actually downloads the email to the client computer so it can be accessed when not connected to the network or Internet. It can prove challenging; however, to keep multiple client-side email clients synchronized for computer users who have multiple devices they use to access email. This includes both sent email, new, and old messages. POP is only used to download email from the mail server, while SMTP is commonly used to send mail from email services relying on the POP protocol.
What is SMTP?
The Simple Mail Transfer Protocol (SMTP) was first released in the 1980s when Internet usage consisted primarily of government, academic, and research use. As a result, the original SMTP protocol lacked a number of security features. One of the most abused security loopholes in the protocol is faking email headers and is still used by rogue actors today. This vulnerability allows hackers to send email that appears to be from a legitimate person that contains a virus as an attachment or a link to a malicious website.
The Simple Mail Transfer Protocol is solely used to send outgoing email and works with both IMAP and POP. The protocol includes a listing of codes that make the process of sending email between two or more servers fairly straightforward. The codes included with outgoing mail by SMTP allow email servers to break up the message into various components to include the message recipient’s, message body, and title or subject. When writing an email message on a web interface or email program, the application will transfer the content into the SMTP format when the end-user clicks the “send” button abstracting the protocol format from the user.
The other primary purpose of the protocol is to coordinate communication on email between email servers. This includes identification, error handling, and dealing with other issues such as bad email addresses. One of the most encountered SMTP communications sessions, an email server will provide and identification and the type of operation it intends to conduct. The server on the receiving end will determine if it will allow the operation and if so provide the authorization to the requesting email server. If there is an issue with the desired communication, an error message will be sent to the requesting server as well.
The IMAP protocol was originally created in 1986 by Mark Crispin to serve as a remote mailbox protocol. Previous names for the protocol included the Internet mail Access Protocol, Interactive Mail Access Protocol (RFC 1064), and the Interim Mail Access Protocol. The original protocol was implemented as a TOPS-20 server and as a Xerox Lisp machine client. IMAP2 would replace the original implementation and was defined by RFC 1064 in 1988. IMAP2 was the first publicly distributed version of the protocol and included command/response tagging.
IMAP3 was designed to be a counter proposal to the IMAP2 update (RFC 1176), but never widely accepted by industry. It would last only two years before being classified as a “historic” protocol by the IESG in 1993.
In the early 1990s, the IETF formed an IMAP working group that took over responsibility of the protocol’s design. Existing work on IMAP2BIS was re-branded under the IMAP4 name and officially changed the name of the acronym to the Internet Message Access Protocol.
IMAP Advantages Over POP Email
Compared to classic POP email use where an email application or client will only connect to an email server long enough to download new email, IMAP4 allows end-users to programatically access email accounts as long as the email interface being used remains active. For those who deal with large volumes of email (or extremely large email sizes), this improvement in functionality helps increase end-user efficiency. Some of the additional advantages of IMAP include:
Simultaneous Access to Email Mailboxes
Unlike the POP email protocol, IMAP allows multiple client applications to access an email box simultaneously. It also provides a means for the clients to automatically detect changes made by the concurrent access which is outlined in RFC 3501. The POP protocol on the other hand, will only allow one email program or client to connect to the email inbox at a time. It also does not include functionality to notify multiple clients regarding previous interactions with the mailbox prior to their respective connection.
Partial Fetch and MIME Message Component Access
The majority of commercial email sent is in MIME format. This allows the mail to have a tree structure where “leaf nodes” of the message can be any one of the legal content types and “non-leaf” nodes of the message to be one of the allowed multi-part types of content. IMAP allows an email client to retrieve the different MIME portions of an email message separately or on demand. This allows end-users to view a message, but not download attachments unless they choose to do so helping to save time and bandwidth. The same functionality also supports streaming the content when the request is sent by the client application.
Updated Message Status for Email
With the implementation of IMAP4, email programs or clients can update the status of messages stored in the email inbox on the mail server. For example, if a new message is read, deleted, or replied to, the current state will be stored. Then, if an individual accesses the email box from a different application or interface, the state of the message will be saved on the server. There is no similar functionality provided by POP mail preventing synchronization between multiple email clients or interfaces. IMAP4 also provides for extensions to predefined system flags or states which are included in popular IMAP-based email services such as Gmail.
Supports More than One Mailbox on the Mail Server
IMAP allows email clients to create, delete, and rename email boxes on the server as well as conduct operations between the boxes such as moving or copying messages. This functionality is typically presented to the end-user as being able to create a folder vice making an entirely new email box. This capability also allows email servers to provide access to public or shared folders to authorized users and can make use of RFC 4314, IMAP4 Access Control List (ACL), to administrate access to the shared resources.
Supports Server-side Email Search
Unlike POP, the IMAP4 protocol allows email clients to conduct searches on the email saved on the server. The search capability includes the message body, subject line, and message originator and does not require all of the messages to be downloaded to the email client to conduct the search.
Includes Built-In Extension Mechanisms
Addressing the shortcomings of many of the early Internet-based protocols, the IMAP4 standard includes mechanisms for the base standard or protocol to be extended. As a result, other standards such as POP now include extensions.
Disadvantages of IMAP
Although the current IMAP protocol addresses a number of the shortcomings of the POP protocol, there are still a number of disadvantages associated with using IMAP.
One of the predominant gripes with IMAP is that implementation of the protocol by software developers can be overly complex. This complexity comes from the protocol allowing concurrent access to the email mailbox by one or many client applications. As a result, many IMAP implementations address the complexity through server-side databases or other work-arounds.
Tendency to Consume Server Resources
Depending on the method used to implement email searching and storage algorithms on the email server, a large number of server resources can be used when users conduct email searches on large email mailboxes. Additionally, under IMAP4, email client programs have to maintain an open connection (TCP/IP) to the email server to receive notification of new email. To alleviate this issue, most IMAP implementations work around having to have an “always on” network connection to save resources.
Redundant Message Delivery
The baseline protocol requires a sent email message to be sent once to SMTP for transmission and a second time to the IMAP server to be stored in the sent folder. The IETF Lemonade Working Group developed extensions RFC 4467 and RFC 4469 to work around this shortcoming of IMAP. Instead of requiring the sent mail to be stored directly in the sent folder on the server, it can be configured to save a copy of the outgoing message on the local computer.
Got Something To Say: