NAME
popa3d —
Post Office Protocol (POP3)
server
SYNOPSIS
popa3d |
[-46DV] |
DESCRIPTION
popa3d is a POP3 server. It offers network
access to user mailboxes through the POP3 protocol. The server uses the TCP
protocol and listens at the port specified in the “pop3”
service specification; see
services(5).
A POP3 server operates on local mailboxes on behalf of its remote users. Users can connect at any time to check their mailbox and fetch the mail that has accumulated. The advantage of this ``pull'' approach is that any user with a simple POP3-capable mail reader program can receive mail, eschewing the need for a full-fledged Mail Transfer Agent (MTA) and a permanent network connection.
Note that POP3 can only be used to retrieve mail, not to send it. To send mail, the SMTP protocol is commonly used; see sendmail(8).
The options are as follows:
-4- In standalone mode (
-D), listen to IPv4 only. -6- In standalone mode (
-D), listen to IPv6 only. -D- With this option set,
popa3dwill detach and become a daemon, accepting connections on the pop3 port and forking child processes to handle them. This has lower overhead than startingpopa3dfrom inetd(8) and is thus useful on busy servers to reduce load.In this mode
popa3dalso does quite a few checks to significantly reduce the impact of connection flood attacks. -V- Show version information and exit.
Alternatively, popa3d can be used through
inetd(8). This requires the following entry to be activated in
/etc/inetd.conf:
pop3 stream tcp nowait root
/usr/sbin/popa3d popa3dor, using tcpd(8) for TCP-wrappers access control:
pop3 stream tcp nowait root
/usr/libexec/tcpd /usr/sbin/popa3dFor access to a mailbox through the POP3 service, the username
must be in the password database. Additionally,
popa3d does not permit null passwords and will
refuse to serve mail for root (uid 0) users.
COMMANDS
A normal POP3 session progresses through three states: authorization, transaction and update.
After the TCP connection opens, the client must authenticate itself to the server in the authorization state. The following commands are supported in the authorization state. All commands are case-insensitive.
| Command | Description |
| USER name | authenticate as user ``name'' |
| PASS string | authenticate using password ``string'' |
| QUIT | quit; do not enter update state |
When authorization is successful, the server enters the transaction state. The client can now list and retrieve messages or mark messages for deletion. The following commands are supported in the transaction state.
| Command | Description |
| DELE msg | mark message for deletion |
| LAST | show highest message number accessed (obsolete) |
| LIST [msg] | list message number and size |
| NOOP | do nothing |
| QUIT | quit; enter update state |
| RETR msg | retrieve message |
| RSET | clear deletion marks |
| STAT | return total number of messages and total size |
| TOP msg n | show top n lines of message body |
| UIDL [msg] | list message number and digest |
When the client issues the QUIT command in the transaction state, the server enters the update state. All messages that were marked for deletion are now removed. The server then closes the connection.
FILES
- /var/mail
- User mail spools
- /etc/hosts.allow, /etc/hosts.deny
- TCP-wrappers access controls may be defined here as described in
hosts_access(5). Valid if
popa3dis started in daemon-mode, or ifpopa3dis running through inetd(8) and is used in combination with tcpd(8).
SEE ALSO
hosts_access(5), inetd(8), sendmail(8), tcpd(8)
Official Internet Protocol Standard STD 53, also known as RFC 1939.
http://www.openwall.com/popa3d/
HISTORY
popa3d first appeared in
OpenBSD 3.0.
AUTHORS
Solar Designer ⟨solar@openwall.com⟩
CAVEATS
POP3 authenticates using cleartext passwords.