📧 POP3 Protocol

Post Office Protocol Version 3 - Interactive Learning Module

What is POP3?

POP3 (Post Office Protocol version 3) is an application-layer protocol used by email clients to retrieve emails from a mail server. It operates over TCP port 110 (or 995 for SSL/TLS) and provides a simple, straightforward method for downloading messages to your local device.

🎯 Key Characteristic: POP3 is designed for offline email access - it downloads messages from the server to your device and typically deletes them from the server afterward.

Why Learn POP3?

🔍 Protocol Analysis

Understanding POP3 helps you analyze network traffic and troubleshoot email connectivity issues.

🛡️ Security Awareness

Learn how email protocols work to identify security vulnerabilities and implement proper protections.

💡 Foundational Knowledge

POP3 is fundamental to understanding email systems and client-server communication patterns.

POP3 vs. IMAP vs. SMTP

  • POP3: Downloads emails to local device, typically removes from server
  • IMAP: Syncs emails across devices, keeps messages on server
  • SMTP: Sends outgoing emails (different protocol entirely)

POP3 Commands & Responses

Client Commands

USER Auth

Specifies the username for authentication.

C: USER john.doe
S: +OK User accepted
PASS Auth

Provides the password for authentication.

C: PASS mypassword
S: +OK Logged in
STAT Info

Requests mailbox statistics (message count and total size).

C: STAT
S: +OK 5 3420
LIST Info

Lists all messages with their sizes.

C: LIST
S: +OK 5 messages
S: 1 820
S: 2 1240
S: .
RETR Retrieve

Retrieves the full content of a specific message.

C: RETR 1
S: +OK 820 octets
S: [message content]
S: .
DELE Delete

Marks a message for deletion (deleted on QUIT).

C: DELE 1
S: +OK Message deleted
NOOP Utility

No operation - keeps connection alive.

C: NOOP
S: +OK
RSET Utility

Resets session, unmarks deleted messages.

C: RSET
S: +OK Reset
QUIT Session

Ends session and commits deletions.

C: QUIT
S: +OK Goodbye

Server Responses

+OK Success

Positive response - command successful.

+OK [optional message]
-ERR Error

Negative response - command failed.

-ERR [error description]

Interactive POP3 Simulator

POP3 Session Terminal
Server: mail.example.com:110
=== POP3 Interactive Simulator ===
Click "Connect" to start a session or try Quick Scenarios below.

💡 Tips for Using the Simulator

  • Start by clicking "Connect to Server" or try a Quick Scenario
  • After connecting, authenticate with: USER username then PASS password
  • Try commands like STAT, LIST, RETR 1, DELE 1, and QUIT
  • Watch the server responses to understand the protocol flow

POP3 Session Flow

Typical POP3 Session Sequence

1
Connection Establishment
Client connects to server on TCP port 110. Server sends greeting.
S: +OK POP3 server ready
2
Authorization - Username
Client sends username using USER command.
C: USER john.doe
S: +OK User accepted
3
Authorization - Password
Client sends password using PASS command.
C: PASS mypassword
S: +OK Logged in, 5 messages
4
Transaction - Get Status
Client queries mailbox statistics.
C: STAT
S: +OK 5 3420
5
Transaction - List Messages
Client requests list of messages with sizes.
C: LIST
S: +OK 5 messages (3420 octets)
S: 1 820
S: 2 640
S: ...
6
Transaction - Retrieve Messages
Client downloads message content.
C: RETR 1
S: +OK 820 octets
S: [message headers and body]
S: .
7
Transaction - Delete Messages (Optional)
Client marks messages for deletion.
C: DELE 1
S: +OK Message 1 deleted
8
Update - Session Termination
Client quits, server commits deletions and closes connection.
C: QUIT
S: +OK Goodbye
⚠️ Important: Messages marked with DELE are only permanently deleted when the QUIT command is issued successfully. Using RSET before QUIT will unmark all deletions.

Quick Reference Guide

Command Parameters Purpose Example Response
USER username (max 40 chars) Authenticate username +OK User accepted
PASS password (max 40 chars) Authenticate password +OK Logged in
STAT none Get message count and total size +OK 5 3420
LIST [message number] List message(s) with size +OK 1 820
RETR message number Retrieve message content +OK 820 octets
DELE message number Mark message for deletion +OK Message deleted
NOOP none Keep connection alive +OK
RSET none Reset session state +OK
QUIT none End session, commit changes +OK Goodbye

Protocol Specifications

  • Port: TCP 110 (plaintext) or 995 (SSL/TLS)
  • RFC: RFC 1939 (Official Specification)
  • Response Codes: +OK (success), -ERR (failure)
  • Max Response Length: 512 characters
  • Command Terminator: CRLF (Carriage Return + Line Feed)
  • Multi-line Response Terminator: Period (.) on a line by itself

Security Considerations

🔓 Plain Text Transmission

Standard POP3 sends credentials in clear text. Always use POP3S (port 995) or STARTTLS for secure connections.

🗑️ Message Deletion

Once deleted and committed (QUIT), messages are permanently removed from the server. Plan your email retention strategy carefully.

🔐 Authentication Methods

Modern implementations support APOP (encrypted password) and SASL authentication mechanisms for enhanced security.