RFC 2384 (rfc2384) - Page 2 of 8
POP URL Scheme
Alternative Format: Original Text Document
RFC 2384 POP URL Scheme August 1998
3. POP Scheme
The POP URL scheme designates a POP server, and optionally a port
number, authentication mechanism, authentication ID, and/or
authorization ID.
The POP URL follows the common Internet scheme syntax as defined in
RFC 1738 [BASIC-URL] except that clear text passwords are not
permitted. If : is omitted, the port defaults to 110.
The POP URL is described using [ABNF] in Section 8.
A POP URL is of the general form:
pop://;auth=@:
Where , , and are as defined in RFC 1738, and some
or all of the elements, except "pop://" and , may be omitted.
4. POP User Name and Authentication Mechanism
An authorization (which mailbox to access) and authentication (whose
password to check against) identity (referred to as "user name" for
simplicity) and/or authentication mechanism name may be supplied.
These are used in a "USER", "APOP", "AUTH" [POP-AUTH], or extension
command after making the connection to the POP server. If the URL
doesn't supply an authentication identifier, the program interpreting
the POP URL SHOULD request one from the user.
An authentication mechanism can be expressed by adding ";AUTH=" to the end of the user name. If the authentication
mechanism name is not preceded by a "+", it is a SASL POP [SASL]
mechanism. If it is preceded by a "+", it is either "APOP" or an
extension mechanism.
When an is specified, the client SHOULD request
appropriate credentials from that mechanism and use the "AUTH",
"APOP", or extension command instead of the "USER" command. If no
user name is specified, one SHOULD be obtained from the mechanism or
requested from the user as appropriate.
The string ";AUTH=*" indicates that the client SHOULD select an
appropriate authentication mechanism. It MAY use any mechanism
supported by the POP server.
If an other than ";AUTH=*" is specified, the client
SHOULD NOT use a different mechanism without explicit user
permission.
Gellens Standards Track