NAME

       popa3d - Post Office Protocol (POP3) server

SYNOPSIS

       popa3d [-D] [-V]

DESCRIPTION

       popa3d is a Post Office Protocol version 3 (POP3) server.

       A  POP3  server operates on local mailboxes on behalf of its remote users.  Users can connect at any time
       to check their mailbox and fetch the mail that has accumulated.  The advantage of this "pull" approach is
       that  any  user with a simple POP3-capable mail reader program can receive mail, eschewing the need for a
       full-fledged Mail Transfer Agent (MTA) and a permanent network connection.

       Note that POP3 can only be used to retrieve mail, not to send it.  To send mail,  the  SMTP  protocol  is
       commonly used.

       For  access  to  a  mailbox  through  POP3, the username must be in the password database.  Additionally,
       popa3d does not permit null passwords and will refuse to serve mail for root (UID 0) users.

OPTIONS

       -D     Standalone server mode.  In this mode, popa3d will become a daemon, accepting connections  on  the
              pop3  port  (110/tcp)  and  forking  child processes to handle them.  This has lower overhead than
              starting popa3d from an inetd equivalent (which popa3d assumes by default) and is thus  useful  on
              busy  servers  to  reduce load.  In this mode popa3d also does quite a few checks to significantly
              reduce the impact of connection flood attacks.

       -V     Print version information and exit.

COMMANDS

       A normal POP3 session progresses through three states: AUTHORIZATION, TRANSACTION, and UPDATE.

       After the  TCP  connection  opens,  the  client  must  authenticate  itself  to  the  server  during  the
       AUTHORIZATION  state.  The following commands are supported in the AUTHORIZATION state (all command names
       are case-insensitive).

       USER name
              Authenticate as user name.

       PASS string
              Authenticate using password string.

       QUIT   Quit; do not enter UPDATE state.

       When authorization is successful, the server enters the TRANSACTION state.  The client can now  list  and
       retrieve messages or mark messages for deletion.  The following commands are supported in the TRANSACTION
       state.

       DELE msg
              Mark message for deletion.

       LAST   Show highest message number accessed (obsolete).

       LIST [msg]
              List message number and size.

       NOOP   Do nothing.

       QUIT   Quit; enter UPDATE state.

       RETR msg
              Retrieve message.

       RSET   Clear deletion marks.

       STAT   Return total number of messages and total size.

       TOP msg n
              Show top n lines of message body.

       UIDL [msg]
              List message number and digest.

       When the client issues the QUIT command in the TRANSACTION state, the server  enters  the  UPDATE  state.
       All messages that were marked for deletion are now removed.  The server then closes the connection.

BUGS

       POP3  transmits  passwords  in plaintext and thus, if you care about the security of your individual user
       accounts, should only be used either in trusted networks or tunneled over encrypted channels.

       There exist extensions to the protocol that are supposed to fix this problem.  popa3d  does  not  support
       them yet, partly because this isn't going to fully fix the problem.  In fact, APOP and the weaker defined
       SASL mechanisms such as CRAM-MD5 may potentially be even  less  secure  than  transmission  of  plaintext
       passwords because of the requirement that plaintext equivalents be stored on the server.

AUTHORS

       Solar Designer <solar at openwall.com>

       This manual page is based heavily on the one Camiel Dobbelaar wrote for OpenBSD.

SEE ALSO

       Official Internet Protocol Standard STD 53, also known as RFC 1939.

       http://www.openwall.com/popa3d/