Internet Message Access Protocol and Post Office Protocol

Internet Message Access Protocol (IMAP) and Post Office Protocol (POP) are the mainstream protocols that most e-mail services use currently. Both have fairly significant differences. Why does it matter how your client is set up? See, you can setup, say, your smartphone's e-mail application to either use POP or IMAP.

IMAP almost always stores the inbox itself (consisting of all emails received) on the central e-mail server. One benefit of this service is that all mail is backed up frequently. In the case that there is some kind of large-scale crash, your data is preserved in more than one server location. Once the outage has been fixed, then the e-mail attached to your account will return to your regular inbox as per usual operation. IMAP employs the use of ciphers, specifically for MD5 and SHA hashes for connections between client and server. If a match fails authentication, then a user must intervene to provide some form of confirmation or risk the connection itself being severed and labeled as suspect. A possible issue affecting this security process is that of a rough connection. Perhaps some packets are lost in transit, thereby weakening the security on one end, which would make authentication that much more complicated.

POP works fairly differently than IMAP. E-mail is stored initially on a server and later saved relatively permanently on the computer being used. However, as a result, the messages will almost always no longer be stored on the server indefinitely unless configured in a special way. So there will be no way to resurrect lost data unless the user has been keeping track. POP uses specific commands with shared secrets for security. Secrets can cause accessing private data to become more complex.

Security-wise

* http://tools.ietf.org/html/rfc3501
* http://tools.ietf.org/html/rfc5321
* http://tools.ietf.org/html/rfc1939