The IMAP service
The Domino server supports the Internet Mail Access Protocol (IMAP4rev1), defined in RFC 2060, for reading mail. The Domino IMAP service lets users with IMAP mail clients access mail files on a Domino server. The IMAP service differs from the POP3 service in that users are not required to download messages to a local computer to read and manipulate them. Users can work with messages over the network, while the messages remain on the server.

The Domino IMAP service acts as an intermediary for communications between IMAP mail clients and the Domino mail server. By default, the IMAP service monitors TCP port 143 for IMAP client requests. After connecting to the IMAP service, IMAP mail clients can:

Supporting outbound mail service for IMAP clients

IMAP is a mail access protocol only and does not stipulate any method for sending mail. To ensure that IMAP users can send outbound mail, you must provide them with access to an SMTP server. The SMTP server can be the Domino server running the IMAP service, another Domino server, or a non-Domino SMTP server.

For information about specifying the SMTP server that an IMAP client uses for outbound mail, see the topic Configuring IMAP client software.

Authenticating with the server

When a user connects to the IMAP service, rather than verifying the user's identity by checking a Notes ID file, the IMAP service uses name-and-password authentication, SSL, or both. Because Notes ID files are not used, an IMAP user does not have to be a registered Notes user. To access mail through the IMAP service, users need a mail file on the server and a Person document (including an Internet password) in the Domino Directory. Only users who receive encrypted Notes mail or access Domino applications must be registered Notes users. The IMAP service can authenticate users from entries in the primary Domino Directory or any secondary directory used by the server.

To authenticate IMAP users, Domino relies on authentication methods built into the Internet protocols. The methods available depend on the server ports you configure the IMAP service to use. The IMAP service can use a TCP/IP port, or a Secure Sockets Layer (SSL) port, or both the TCP/IP and SSL ports.

If IMAP uses the TCP/IP port only (the default), the server uses basic name-and-password authentication to identify users. The name under which a user can log in to the IMAP service must match one of several fields in the user's Person document. The set of names that the server accepts as valid depends on the setting in the Internet authentication field on the Security tab of the Server document.

For more information on configuring how Domino authenticates Internet clients, see the topic Controlling the level of authentication for Internet clients.

If the IMAP SSL port is enabled, you can specify whether a client certificate is required to authenticate (SSL authentication), and whether clients must also supply a name and password.

For information on setting up an SSL server, see Setting up SSL for Domino servers. For information on setting up clients for SSL, see Setting up clients for SSL server authentication.

See Also