Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
POPA3D(8)		     System Administration		     POPA3D(8)

       popa3d -	Post Office Protocol (POP3) server

       popa3d [-D] [-V]

       popa3d is a Post	Office Protocol	version	3 (POP3) server.

       A  POP3	server	operates  on  local  mailboxes on behalf of its	remote
       users.  Users can connect at any	time to	check their mailbox and	 fetch
       the  mail  that has accumulated.	 The advantage of this "pull" approach
       is that any user	with a simple POP3-capable mail	reader program can re-
       ceive  mail,  eschewing the need	for a full-fledged Mail	Transfer Agent
       (MTA) and a permanent network connection.

       Note that POP3 can only be used to retrieve mail, not to	send  it.   To
       send mail, the SMTP protocol is commonly	used.

       For access to a mailbox through POP3, the username must be in the pass-
       word database.  Additionally, popa3d does not permit null passwords and
       will refuse to serve mail for root (UID 0) users.

       -D     Standalone server	mode.  In this mode, popa3d will become	a dae-
	      mon, accepting connections on the	pop3 port (110/tcp) and	 fork-
	      ing  child  processes  to	 handle	them.  This has	lower overhead
	      than starting popa3d from	an inetd equivalent (which popa3d  as-
	      sumes  by	 default) and is thus useful on	busy servers to	reduce
	      load.  In	this mode popa3d also does quite a few checks to  sig-
	      nificantly reduce	the impact of connection flood attacks.

       -V     Print version information	and exit.

       A  normal  POP3 session progresses through three	states:	AUTHORIZATION,

       After the TCP connection	opens, the client must authenticate itself  to
       the  server during the AUTHORIZATION state.  The	following commands are
       supported in the	AUTHORIZATION state (all command names are case-insen-

       USER name
	      Authenticate as user name.

       PASS string
	      Authenticate using password string.

       QUIT   Quit; do not enter UPDATE	state.

       When  authorization  is	successful,  the server	enters the TRANSACTION
       state.  The client can now list and retrieve messages or	mark  messages
       for  deletion.  The following commands are supported in the TRANSACTION

       DELE msg
	      Mark message for deletion.

       LAST   Show highest message number accessed (obsolete).

       LIST [msg]
	      List message number and size.

       NOOP   Do nothing.

       QUIT   Quit; enter UPDATE state.

       RETR msg
	      Retrieve message.

       RSET   Clear deletion marks.

       STAT   Return total number of messages and total	size.

       TOP msg n
	      Show top n lines of message body.

       UIDL [msg]
	      List message number and digest.

       When the	client issues the QUIT command in the TRANSACTION  state,  the
       server  enters  the  UPDATE  state.   All messages that were marked for
       deletion	are now	removed.  The server then closes the connection.

       POP3 transmits passwords	in plaintext and thus, if you care  about  the
       security	 of  your individual user accounts, should only	be used	either
       in trusted networks or tunneled over encrypted channels.

       There exist extensions to the protocol that are supposed	 to  fix  this
       problem.	  popa3d  does not support them	yet, partly because this isn't
       going to	fully fix the problem.	In fact, APOP and the  weaker  defined
       SASL  mechanisms	 such  as CRAM-MD5 may potentially be even less	secure
       than transmission of plaintext passwords	 because  of  the  requirement
       that plaintext equivalents be stored on the server.

       Solar Designer <solar at>

       This manual page	is based heavily on the	one Camiel Dobbelaar wrote for

       Official	Internet Protocol Standard STD 53, also	known as RFC 1939.

Openwall Project		 2 March 2003			     POPA3D(8)


Want to link to this manual page? Use this URL:

home | help