IMAP - Internet Message Access Protocol ========================================= .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is IMAP?** IMAP stands for Internet Message Access Protocol. It’s a standard email protocol used by email clients to retrieve messages from a mail server. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Why is IMAP useful?** * Access your email from multiple devices (e.g., phone, laptop, tablet). * Keep your emails synchronized across all devices. * Store emails on the server, so they’re not lost if your device is damaged or lost. * Organize emails into folders on the server. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How it works?** * You open your email app (like Outlook, Gmail, Thunderbird). * The app connects to the mail server using IMAP. * It displays a copy of your emails stored on the server. * When you read, delete, or move an email, the change is made on the server. * Any other device connected to the same account sees the updated status. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Where is IMAP used?** * Email clients (e.g., Apple Mail, Microsoft Outlook, Mozilla Thunderbird). * Webmail services (e.g., Gmail, Yahoo Mail, Outlook.com). * Corporate email systems that need centralized email access. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which OSI layer does this protocol belong to?** * IMAP is a protocol used by applications (like email clients) to access and manage email on a server. * It does not deal with how data is transmitted, but rather what data is transmitted and how it’s interpreted by the application. * It relies on lower layers (like TCP at Layer 4) to handle the actual data transport. * Therefore, IMAP belongs to the Application Layer (Layer 7) of the OSI model. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Does IMAP support email folders?** Yes. IMAP lets users: * Create custom folders. * Move, copy, and delete messages. * Keep folder structure synced across devices. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What email clients support IMAP?** All major ones: * Gmail * Outlook / Microsoft 365 * Mobile Mail apps (iOS, Android) .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What are the limitations of IMAP?** * Depends on server storage capacity. * Slightly more bandwidth use than POP3. * Offline access limited to cached emails unless explicitly downloaded. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Does IMAP download full emails or just headers?** By default, only headers are downloaded. Full emails (body and attachments) are fetched when opened. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What are some applications that use IMAP?** * Email Clients (Desktop-Based) * Mobile Email Apps * Webmail Interfaces * Server Software with IMAP Support .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is the working flow of IMAP?** * **Email is Received by Mail Server** * An email arrives at your mail server (e.g., Gmail, Outlook). * It is stored on the server, not downloaded. * **Email Client Connects to IMAP Server** * You open your email app (e.g., Outlook, Thunderbird, Gmail app). * The client connects to the IMAP server using: * Port 993 (SSL/TLS) * Or port 143 (STARTTLS) * **User Authenticates** * The email client logs in with: * Username (email address) * Password * **Email Headers Are Fetched** * IMAP downloads only email headers first (subject, sender, date). * The full message is not yet downloaded. * **User Views or Opens an Email** * When you click on an email, the client requests the full content from the server. * Body and attachments are downloaded temporarily. * **Actions Are Synced with Server** * Any action you take (read, delete, move, mark as unread) is sent to the server. * This keeps everything synced across devices (PC, mobile, webmail). * **Folders Are Managed on Server** * IMAP allows the client to access: * Inbox, Sent, Drafts, Trash * Custom folders (e.g., “Work” or “Receipts”) * You can create/move folders and emails, and changes reflect on all devices. * **Client Disconnects (Gracefully)** * Once you’re done, the client may close the session using LOGOUT. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is IMAP suitable for mobile devices?** Yes. IMAP is ideal for syncing mail between desktop, web, and mobile clients. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is IMAP Windows specific?** * **No**, **IMAP** is not **Windows-specific**. * It is a platform-independent protocol that can be used on various operating systems such as **Windows**, **Linux**, **macOS**, and **mobile devices**. * Most modern email clients (e.g., **Outlook**, **Thunderbird**, **Mail** on macOS) support **IMAP** regardless of the underlying operating system. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is IMAP Linux specific?** * **No**, **IMAP** is not **Linux-specific**. * Similar to other platforms, **IMAP** can be used on **Linux** systems through various email clients such as **Thunderbird**, **Evolution**, and **Mutt**. * IMAP is supported across all major operating systems, and Linux systems can access **IMAP** email servers with no issues. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Transport Protocol is used by IMAP?** * **IMAP** uses the **TCP** (Transmission Control Protocol) for communication between the client and the server. * This is because **IMAP** requires reliable, connection-oriented communication to manage the status of messages on the server and synchronize them with the client. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Port is used by IMAP?** * The standard port used by **IMAP** is **port 143**. * For **IMAP over SSL/TLS** (IMAPS), the default port is **port 993**, ensuring secure encrypted communication between the client and the server. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is IMAP using Client-Server Model?** * Yes, **IMAP** follows a **client-server model**. * The **client** (e.g., an email client like **Thunderbird** or **Outlook**) communicates with the **server** (e.g., an **IMAP server** like **Dovecot** or **Microsoft Exchange**) to retrieve, organize, and manage emails stored on the server. * The server stores emails, and the client only downloads or syncs the email content, leaving the original messages on the server. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`IMAP Version&RFC Details ` * :ref:`IMAP Basic Setup on Ubuntu using IPv4 ` * :ref:`IMAP Basic Setup on Ubuntu using IPv6 ` * :ref:`IMAP Protocol Packet Details ` * :ref:`IMAP Usecases ` * :ref:`IMAP Basic Features ` * :ref:`IMAP Feature : Remote Email Access ` * :ref:`IMAP Feature : Multi Device Synchronization ` * :ref:`IMAP Feature : Selective Downloading ` * :ref:`IMAP Feature : Folder Management ` * :ref:`IMAP Feature : Message Flags ` * :ref:`IMAP Feature : Concurrent Access ` * :ref:`IMAP Feature : Offline Access Support ` * :ref:`IMAP Feature : Search Capability ` * :ref:`IMAP Feature : Partial Fetch ` * :ref:`IMAP Feature : Server Side Storage ` * :ref:`Reference links ` .. _IMAP_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _IMAP_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _IMAP_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _IMAP_step5: .. tab-set:: .. tab-item:: IMAP Version&RFC Details .. csv-table:: :file: ./IMAP/IMAP_RFC.csv :widths: 1,10,10,10,30 :header-rows: 1 .. _IMAP_step20: .. tab-set:: .. tab-item:: IMAP Basic Setup on Ubuntu using IPv4 **IMAP Email Server Setup Test Case (Postfix + Dovecot)** * This test verifies the setup of an IMAP email server using Postfix and Dovecot on Ubuntu. It includes package installation, configuration, user creation, service management, and IMAP functionality testing via Telnet from a client machine. * Server: 192.168.56.10 * Client: 192.168.56.11 * Step-1: Install Required Packages (on Server) .. code-block:: shell test1:~$ sudo apt update test1:~$ sudo apt install postfix dovecot-imapd dovecot-pop3d -y During Postfix installation: - Select **Internet Site** - Use default system hostname (e.g., localhost) * Postfix - Mail Transfer Agent (MTA) * Dovecot - IMAP/POP3 mail retrieval service * Step-2: Configure Postfix Edit the main configuration file: .. code-block:: shell test1:~$ sudo nano /etc/postfix/main.cf home_mailbox = Maildir/ * Step-3: Configure Dovecot Set mail location: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir Configure authentication mechanisms: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/conf.d/10-auth.conf Modify these lines or add: disable_plaintext_auth = no auth_mechanisms = plain login Configure the IMAP listener and Postfix auth socket: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/conf.d/10-master.conf Update the configuration as follows: service imap-login { inet_listener imap { port = 143 } } service auth { unix_listener auth-userdb { mode = 0600 user = dovecot group = dovecot } unix_listener /var/spool/postfix/private/auth { mode = 0666 user = postfix group = postfix } user = dovecot } * Step-4: Create Mail User .. code-block:: shell test1:~$ sudo adduser testuser Optionally, manually create Maildir: .. code-block:: shell test1:~$ sudo mkdir /home/testuser/Maildir test1:~$ sudo chown -R testuser:testuser /home/testuser/Maildir Or send a test email to auto-create the Maildir: .. code-block:: shell test1:~$ echo "Welcome" | mail -s "Test Mail" testuser * Step-5: Restart Mail Services .. code-block:: shell test1:~$ sudo systemctl restart postfix test1:~$ sudo systemctl restart dovecot * Step-6: Allow Firewall Ports (if UFW is enabled) .. code-block:: shell test1:~$ sudo ufw allow 25/tcp # SMTP test1:~$ sudo ufw allow 143/tcp # IMAP * Step-7: Telnet Test from Client (192.168.56.11) Connect to the IMAP server using Telnet: .. code-block:: shell test2:~$ telnet 192.168.56.10 143 Issue the following IMAP commands: .. code-block:: shell a1 LOGIN testuser yourpassword a2 SELECT INBOX a3 LIST "" "*" a4 NOOP a5 FETCH 1 BODY[HEADER] a6 LOGOUT * Step-8: Expected Results - IMAP server responds with greeting and capabilities - Login command returns OK - INBOX is selected successfully - Mail headers are returned for message 1 - LOGOUT completes the session * Step-9: Wireshark Capture Capture IMAP traffic between client and server on port 143. - Verify plaintext IMAP commands and responses - Confirm correct authentication and mail retrieval :download:`Download wireshark capture ` **Mail Server Setup Test Case (SMTP + IMAP over IPv4)** * This test verifies the setup and end-to-end functionality of a basic mail server using Postfix (SMTP) and Dovecot (IMAP) over IPv4. * Server IP: 192.168.56.10 * Client IP: 192.168.56.11 * Protocols: SMTP (25/tcp), IMAP (143/tcp) * Mail Storage: Maildir format * Step-1: Setup Mail Server (192.168.56.10) Update system packages: .. code-block:: shell test1:~$ sudo apt update && sudo apt upgrade -y Install Postfix: .. code-block:: shell test1:~$ sudo apt install postfix -y During setup: - Choose: **Internet Site** - System mail name: `mail.localdomain` Configure Postfix: .. code-block:: shell test1:~$ sudo nano /etc/postfix/main.cf myhostname = mail.localdomain myorigin = /etc/mailname mydestination = localhost, localhost.localdomain, mail.localdomain relayhost = mynetworks = 192.168.56.0/24, 127.0.0.0/8 inet_interfaces = all inet_protocols = ipv4 home_mailbox = Maildir/ Set mail name: .. code-block:: shell test1:~$ echo "mail.localdomain" | sudo tee /etc/mailname Restart Postfix: .. code-block:: shell test1:~$ sudo systemctl restart postfix Create Mail User: .. code-block:: shell test1:~$ sudo adduser testuser Create Maildir for the user: .. code-block:: shell test1:~$ sudo -u testuser maildirmake.dovecot /home/testuser/Maildir test1:~$ sudo chown -R testuser:testuser /home/testuser/Maildir Install Dovecot (IMAP): .. code-block:: shell test1:~$ sudo apt install dovecot-imapd -y Configure Dovecot: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir Comment out or remove `mbox:` entries if present. Restart Dovecot: .. code-block:: shell test1:~$ sudo systemctl restart dovecot Allow Required Ports via Firewall: .. code-block:: shell test1:~$ sudo ufw allow 25/tcp # SMTP test1:~$ sudo ufw allow 143/tcp # IMAP test1:~$ sudo ufw reload * Step-2: Test from Client 1. Send Mail via SMTP (from client): .. code-block:: shell test2:~$ telnet 192.168.56.10 25 HELO client.localdomain MAIL FROM: RCPT TO: DATA Subject: Hello testuser This is a test mail sent via SMTP. . QUIT 2. Check Mail Delivery on Server: .. code-block:: shell test1:~$ ls /home/testuser/Maildir/new/ Use `cat` to read the delivered email: .. code-block:: shell test1:~$ sudo cat /home/testuser/Maildir/new/ 3. Read Mail via IMAP (from client): .. code-block:: shell test2:~$ telnet 192.168.56.10 143 a login testuser yourpassword a select inbox a search all a fetch 1 body[header] a logout Expected: You should see the subject **Hello testuser** in the response. * Step-3: Logs (Optional Debugging) To monitor real-time logs for troubleshooting: .. code-block:: shell test1:~$ sudo tail -f /var/log/mail.log * Expected Results: - Mail sent via SMTP from the client is accepted by Postfix - Mail is stored in `/home/testuser/Maildir/new/` in Maildir format - IMAP session from the client successfully reads and fetches the mail * Step-4: Wireshark Capture. :download:`Download Wireshark capture ` .. _IMAP_step21: .. tab-set:: .. tab-item:: IMAP Basic Setup on Ubuntu using IPv6 **IPv6 IMAP Server Setup Test Case (Postfix + Dovecot)** * This test verifies the configuration and connectivity of an IMAP email server (Dovecot + Postfix)over IPv6. It ensures the server is reachable, Dovecot listens on IPv6, and IMAP commands can be issued from a client machine using Telnet. * Server IPv6 Address: fd00:56::10 * Client IPv6 Address: fd00:56::11 * Step-1: Configure Dovecot to Listen on IPv6 Edit the Dovecot main configuration file: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/dovecot.conf listen = * , :: This ensures Dovecot listens on both IPv4 and IPv6 addresses. * Step-2: Allow IMAP Port 143 Through Firewall (IPv6) Enable IPv6 in UFW if not already enabled: .. code-block:: shell test1:~$ sudo nano /etc/default/ufw IPV6=yes Reload UFW to apply: .. code-block:: shell test1:~$ sudo ufw reload Allow IMAP (port 143) over IPv6: .. code-block:: shell test1:~$ sudo ufw allow proto tcp from any to any port 143 comment 'Allow IMAP IPv6' Verify UFW rules: .. code-block:: shell test1:~$ sudo ufw status numbered * Step-3: Test IMAP Connectivity Over IPv6 (Telnet) From the client machine, connect to the server using IPv6: .. code-block:: shell test2:~$ telnet -6 fd00:56::10 143 Expected output: Connected to fd00:56::10 * OK [CAPABILITY IMAP4rev1 ...] Dovecot ready. * Step-4: IMAP Login and Command Execution (Telnet) Once connected via Telnet, issue the following IMAP commands: .. code-block:: shell a1 LOGIN testuser yourpassword a2 SELECT INBOX a3 LIST "" "*" a4 NOOP a5 FETCH 1 BODY[HEADER] a6 LOGOUT Expected results: - Login is successful - INBOX is accessible - Folder structure is returned - Mail headers are fetched - Session is closed cleanly * Step-5: Wireshark Capture (Optional) Capture traffic using Wireshark on client or server interface. - Filter: `ipv6 && tcp.port == 143` - Observe IMAP session and IPv6 transport :download:`Download Wireshark capture ` Final Outcome: - Dovecot listens on IPv6 (::) and responds to IMAP requests - IMAP login and mailbox access function correctly over IPv6 - UFW allows required traffic through IPv6 - IMAP traffic verified using Telnet and optionally captured with Wireshark **Mail Server Setup Test Case (SMTP + IMAP over IPv6)** * This test verifies the setup and end-to-end functionality of a basic mail server using Postfix (SMTP) and Dovecot (IMAP) over IPv6. * Server IP: fd00:56::10 * Client IP: fd00:56::11 * Protocols: SMTP (25/tcp), IMAP (143/tcp) * Mail Storage: Maildir format * Step-1: Setup Mail Server (fd00:56::10) Update system packages: .. code-block:: shell test1:~$ sudo apt update && sudo apt upgrade -y Install Postfix: .. code-block:: shell test1:~$ sudo apt install postfix -y During setup: - Choose: **Internet Site** - System mail name: `mail.localdomain` Configure Postfix: .. code-block:: shell test1:~$ sudo nano /etc/postfix/main.cf myhostname = mail.localdomain myorigin = /etc/mailname mydestination = localhost, localhost.localdomain, mail.localdomain relayhost = mynetworks = fd00:56::/64, 127.0.0.0/8 inet_interfaces = all inet_protocols = ipv6 home_mailbox = Maildir/ Set mail name: .. code-block:: shell test1:~$ echo "mail.localdomain" | sudo tee /etc/mailname Restart Postfix: .. code-block:: shell test1:~$ sudo systemctl restart postfix Create Mail User: .. code-block:: shell test1:~$ sudo adduser testuser Create Maildir for the user: .. code-block:: shell test1:~$ sudo -u testuser maildirmake.dovecot /home/testuser/Maildir test1:~$ sudo chown -R testuser:testuser /home/testuser/Maildir Install Dovecot (IMAP): .. code-block:: shell test1:~$ sudo apt install dovecot-imapd -y Configure Dovecot: .. code-block:: shell test1:~$ sudo nano /etc/dovecot/conf.d/10-mail.conf mail_location = maildir:~/Maildir Comment out or remove `mbox:` entries if present. Restart Dovecot: .. code-block:: shell test1:~$ sudo systemctl restart dovecot Allow Required Ports via Firewall: .. code-block:: shell test1:~$ sudo ufw allow 25/tcp # SMTP test1:~$ sudo ufw allow 143/tcp # IMAP test1:~$ sudo ufw reload * Step-2: Test from Client 1. Send Mail via SMTP (from client): .. code-block:: shell test2:~$ telnet fd00:56::10 25 HELO client.localdomain MAIL FROM: RCPT TO: DATA Subject: Hello testuser This is a test mail sent via SMTP. . QUIT 2. Check Mail Delivery on Server: .. code-block:: shell test1:~$ ls /home/testuser/Maildir/new/ Use `cat` to read the delivered email: .. code-block:: shell test1:~$ sudo cat /home/testuser/Maildir/new/ 3. Read Mail via IMAP (from client): .. code-block:: shell test2:~$ telnet fd00:56::10 143 a login testuser yourpassword a select inbox a search all a fetch 1 body[header] a logout Expected: You should see the subject **Hello testuser** in the response. * Step-3: Logs (Optional Debugging) To monitor real-time logs for troubleshooting: .. code-block:: shell test1:~$ sudo tail -f /var/log/mail.log * Expected Results: - Mail sent via SMTP from the client is accepted by Postfix - Mail is stored in `/home/testuser/Maildir/new/` in Maildir format - IMAP session from the client successfully reads and fetches the mail * Step-4: Wireshark Capture. :download:`Download Wireshark capture ` .. _IMAP_step6: .. tab-set:: .. tab-item:: IMAP Protocol Packet Details **IMAP COMMAND LINE Packet** .. csv-table:: :file: ./IMAP/IMAP_Command_Line_Packet.csv :widths: 10,20,30,10 :header-rows: 1 **IMAP RESPONSE LINE Packet** .. csv-table:: :file: ./IMAP/IMAP_Response_Line_Packet.csv :widths: 10,20,30,10 :header-rows: 1 **IMAP LITERAL DATA BLOCK Packet** .. csv-table:: :file: ./IMAP/IMAP_Literal_Data_Block.csv :widths: 10,20,30,10 :header-rows: 1 .. _IMAP_step7: .. tab-set:: .. tab-item:: IMAP Usecases .. csv-table:: :file: ./IMAP/IMAP_Use_Cases.csv :widths: 10,20,30 :header-rows: 1 .. _IMAP_step8: .. tab-set:: .. tab-item:: IMAP Basic Features .. csv-table:: :file: ./IMAP/IMAP_Features.csv :widths: 10,10,30 :header-rows: 1 .. _IMAP_step9: .. tab-set:: .. tab-item:: IMAP Feature : Remote Email Access **Remote Email Access - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature1_Remote_Email_Access_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step10: .. tab-set:: .. tab-item:: IMAP Feature : Multi Device Synchronization **Multi Device Synchronization - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature2_Multi_device_Synchronization_Test_cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step11: .. tab-set:: .. tab-item:: IMAP Feature : Selective Downloading **Selective Downloading - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature3_Selective_Downloading_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step12: .. tab-set:: .. tab-item:: IMAP Feature : Folder Management **Folder Management - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature4_Folder_Management_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step13: .. tab-set:: .. tab-item:: IMAP Feature : Message Flags **Message Flags - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature5_Message_Flags_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step14: .. tab-set:: .. tab-item:: IMAP Feature : Concurrent Access **Concurrent Access - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature6_Concurrent_Access_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step15: .. tab-set:: .. tab-item:: IMAP Feature : Offline Access Support **Offline Access Support - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature7_Offline_Access_Support_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step16: .. tab-set:: .. tab-item:: IMAP Feature : Search Capability **Search Capability - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature8_Search_Capability_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step17: .. tab-set:: .. tab-item:: IMAP Feature : Partial Fetch **Partial Fetch - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature9_Partial_Fetch_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step18: .. tab-set:: .. tab-item:: IMAP Feature : Server Side Storage **Server Side Storage - Testcases** .. csv-table:: :file: ./IMAP/IMAP_Feature10_Server_side_Storage_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _IMAP_step19: .. tab-set:: .. tab-item:: Reference links * Reference links