The IBM® Lotus® Domino® server supports the Internet Mail Access Protocol (IMAP4rev1), defined in RFC 2060, for reading mail. The Domino IMAP service lets users with IMAP mail clients access mail files on a Domino server. The IMAP service differs from the POP3 service in that users are not required to download messages to a local computer to read and manipulate them. Users can work with messages over the network, while the messages remain on the server.
The Domino IMAP service acts as an intermediary for communications between IMAP mail clients and the Domino mail server. By default, the IMAP service monitors TCP port 143 for IMAP client requests. After connecting to the IMAP service, IMAP mail clients can:
IMAP is a mail access protocol only and does not stipulate any method for sending mail. To ensure that IMAP users can send outbound mail, you must provide them with access to an SMTP server. The SMTP server can be the Domino server running the IMAP service, another Domino server, or a non-Domino SMTP server.
When a user connects to the IMAP service, rather than verifying the user's identity by checking an IBM® Lotus® Notes® ID file, the IMAP service uses name-and-password authentication, SSL, or both. Because Notes ID files are not used, an IMAP user does not have to be a registered Notes user. To access mail through the IMAP service, users need a mail file on the server and a Person document (including an Internet password) in the Domino Directory. Only users who receive encrypted Notes mail or access Domino applications must be registered Notes users. The IMAP service can authenticate users from entries in the primary Domino Directory or any secondary directory used by the server.
To authenticate IMAP users, Domino relies on authentication methods built into the Internet protocols. The methods available depend on the server ports you configure the IMAP service to use. The IMAP service can use a TCP/IP port, or a Secure Sockets Layer (SSL) port, or both the TCP/IP and SSL ports.
If IMAP uses the TCP/IP port only (the default), the server uses basic name-and-password authentication to identify users. The name under which a user can log in to the IMAP service must match one of several fields in the user's Person document. The set of names that the server accepts as valid depends on the setting in the Internet authentication field on the Security tab of the Server document.
If the IMAP SSL port is enabled, you can specify whether a client certificate is required to authenticate (SSL authentication), and whether clients must also supply a name and password.