Next: Commands omitted on purpose
Up: Characteristics of a POP3
Previous: RFC 1081 and security
  Contents
Most commands will be allowed to pass through with no modifications, checking
just the number and format of the arguments. The checks performed will be:
- USER will only be allowed in the AUTHORIZATION state. Will
be passed if one and only one argument is specified. If the last command specified
was USER (no password was specified), or if the maximum number of login
attempts has been exceeded, it will be denied.
- PASS will only be allowed in the authorization state, after a USER
command has been issued. Will be passed if one and only one argument is specified.
Each time it is called it will check and increment the counter for maximum login
attempts.
- QUIT will be passed with no arguments. If arguments were specified
by the client, they will be chopped.
- RSET, LAST, STAT and LIST will only be allowed
in TRANSACTION state. They will be passed with no arguments. If arguments
were specified by the client, they will be chopped. RSET will clear
the deleted messages table.
- RETR and DELE will only be allowed in TRANSACTION
state. They will only be allowed with one and only one numeric argument. This
argument will first be checked for validity against the list of deleted messages,
disallowing already deleted messages, and the maximum message number.
- TOP will only be allowed in TRANSACTION state. It will be
allowed with two and only two numeric algorithms, and only after checking the
first argument against the deleted messages table.
Next: Commands omitted on purpose
Up: Characteristics of a POP3
Previous: RFC 1081 and security
  Contents
Gunnar Wolf
2001-03-12