RFC 3206 (rfc3206) - Page 2 of 6
The SYS and AUTH POP Response Codes
Alternative Format: Original Text Document
RFC 3206 The SYS and AUTH POP Response Codes February 2002
1. Introduction
RFC 2449 [POP3-EXT] defined extended [POP3] response codes, to give
clients more information about errors so clients can respond more
appropriately. In addition to the mechanism, two initial response
codes were defined (IN-USE and LOGIN-DELAY), in an attempt to
differentiate between authentication failures related to user
credentials, and other errors.
In practice, these two response codes, while helpful, do not go far
enough. This memo proposes two additional response codes: SYS and
AUTH, which enable clients to unambiguously determine an optimal
response to an authentication failure.
In addition, a new capability (AUTH-RESP-CODE) is defined.
2. Conventions Used in this Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [KEYWORDS].
3. Background
RFC 2449 [POP3-EXT] introduced the IN-USE and LOGIN-DELAY response
codes. The intent is to allow clients to clearly determine the
underlying cause of a failure in order to respond. For example,
clients need to know if the user should be asked for new credentials,
or if the POP3 session should simply be tried again later. (Some
deployed POP3 clients attempt to parse the text of authentication
failure errors, looking for strings known to be issued by various
servers which indicate the mailbox is locked.)
IN-USE indicates that an exclusive lock could not be obtained for the
user's mailbox, probably because another POP3 session is in progress.
LOGIN-DELAY informs the client that the user has not waited long
enough before authenticating again.
However, there are other error conditions which do not require new
credentials, some of which should be brought to the user's attention.
Despite the IN-USE and LOGIN-DELAY responses, clients cannot be sure
if any other error requires new user credentials.
Gellens Standards Track