IMAP implementations (Was Re: IMAP-2 Implementation)
Bruce Lilly
In article <MS-C.742160549...@ikkoku-kan.panda.com>,
posted to newsgroup comp.mail.sendmail,
m...@Ikkoku-Kan.Panda.COM (Mark Crispin) wrote:
>Dinesh Kulkarni writes:
>> Is there any public domain implementation of IMAP-2 (rfc 1064)
[...]
>I'm not aware of any public-domain versions, but there are a number of
>freeware implementations of IMAP2. The current document, by the way,
>is RFC-1176; however, an IMAP working group has formed within the IETF
>to produce a IMAP standard (based on RFC-1176 and my subsequent
>IMAP2bis work) that will probably supercede RFC-1176.
But RFC 1203 (IMAP version 3) says that RFC 1176 has a number of
serious deficiencies.
What about freely available implementations of IMAP version 3; are there
any?
Is any work being done to correct what I believe is the most serious
deficiency of the POP and IMAP protocols, viz. the fact that they
require a user to send his login name and password combination in
cleartext over the network!?
--
Bruce Lilly ...uupsi!monymsys!sonyd1!blilly!bruce
Mark Crispin
RFC 1203 was the work of a disgruntled individual. Without going into
laborious details, it and the so-called ``IMAP3'' protocol it describes are
dead.
All IMAP work existing today is based on the IMAP2 protocol described in
RFC-1176, as extended by the IMAP2bis extensions described in the file
mail/imap2bis.txt on ftp.cac.washington.edu. There is an IMAP Working Group
in the IETF which is working on a replacement document for RFC-1176 which will
incorporate the IMAP2bis extensions and other changes. This work includes a
definition for pre-authorization (ala BSD r?? protocols) as well as Kerberos,
to solve the problem with passwords being sent in cleartext over the network.
In addition, offline (disconnected) use extensions will also be addressed
by the IMAP Working Group.