[Extra] Review: draft-ietf-extra-imap4rev2-11

"Bron Gondwana" <brong@fastmailteam.com> Wed, 29 January 2020 12:09 UTC

Return-Path: <brong@fastmailteam.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 232CB120113 for <extra@ietfa.amsl.com>; Wed, 29 Jan 2020 04:09:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=bpoptMAt; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=QOJJmf/z
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 9XtW2scNTEZS for <extra@ietfa.amsl.com>; Wed, 29 Jan 2020 04:09:09 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BCBA1200F5 for <extra@ietf.org>; Wed, 29 Jan 2020 04:09:09 -0800 (PST)
Received: from compute2.internal (compute2.nyi.internal []) by mailout.west.internal (Postfix) with ESMTP id 511396DF; Wed, 29 Jan 2020 07:09:08 -0500 (EST)
Received: from imap28 ([]) by compute2.internal (MEProxy); Wed, 29 Jan 2020 07:09:08 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=mime-version:message-id:date:from:to:cc :subject:content-type; s=fm1; bh=L0AtBic0iw2aK0WDAHr8yAcHZzBTFpR 40bZ6P8jEoV8=; b=bpoptMAtGmnK43lnJpdJcup6FlJmzyBt5AI0TMKHnMDMeMm FGao3bF3zdoHGj91GeVnUqkwXXE1e4QvbHTkLhSfuKuAP69Hr6BsaJyqYF6y9n3x 1DT93mvAdlugPRwYeUnGVn3v4q3bCFl3MsYtcseBstHLoXn1IimlPbHy2lBw0w1J oXhwW88t7TkX3rLXkYXpMeQvYdqKsenhlI5Go78yUNVeWzK4JC7GVNKIdxibbVVk PXyOZoltr/ZPGsJSzXt6qjydhY9GX0ZHX/91HrxcMdZSRVPaSJTZIukQzjcL4bOf Jkevsqou/7lU0SBYpnE6RVHylE/LPXEI+sE2xlA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=L0AtBic0iw2aK0WDAHr8yAcHZzBTF pR40bZ6P8jEoV8=; b=QOJJmf/z8+4jGhPHNFagMhQxtElhxJIslOU6wGolKChQK 3yxNUjKyindU4AfvItRj2amw+Phlh3AK6SoGOGDoJ4eaIWxCK77uHoqVAn2mfxYn vtGmtBLSf/7HDc8Y7PzWezljJ/2PNuRjtKg3lMx5r94ifaEMfa394Gwf7NHQnjbt x7GlA0vMXP1xb5+ChQHwYE7ycsAPuGXqjNd3Gg3SPbS9XHNtehvqq/2Qj5OGp44L ovTFXU3hhJVSxJ60KuEkJ0dlXxXIVeW4YVliB4DEhslYBT5XPHgJw/iqOqNX3HCs elB+8KBcbkLt90c/qCOPG8xXJW9OnyT5MKUWhlkZQ==
X-ME-Sender: <xms:43UxXos6cHV8NVy1Y4MTI5C_Z7cdZvjctkD5qfkORDaPR-msuiMWUg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrfeeigdefhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfffhffvufgtsegrtderreerredtnecuhfhrohhmpedfuehrohhnucfi ohhnugifrghnrgdfuceosghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhmqeenuc ffohhmrghinhepihgrnhgrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr rghmpehmrghilhhfrhhomhepsghrohhnghesfhgrshhtmhgrihhlthgvrghmrdgtohhm
X-ME-Proxy: <xmx:43UxXs7GVwksEUUZJxAKGfMmKnVEq0tDmbGcfl9O_WBGSUu5Q4wzdw> <xmx:43UxXhLCYvWpNRJofmFCjkmezeVhbQJfRsf3xOgXSDT8HoJXI7hkMw> <xmx:43UxXk5Ry6Lbr8QFzsaC-WehNHW6HuXs1lBZfhWx018MAconZ9Y5hw> <xmx:43UxXg6EVccM2VGSym1qpkJ2McXlYQFdR8OzoJi8eR8MNkjNH-cGaA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 885F924009E; Wed, 29 Jan 2020 07:09:07 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-850-ga703523-fmnext-20200128v1
Mime-Version: 1.0
Message-Id: <9fdfa8e8-147d-4248-a0c1-48de171ac675@dogfood.fastmail.com>
Date: Wed, 29 Jan 2020 23:08:55 +1100
From: "Bron Gondwana" <brong@fastmailteam.com>
To: extra@ietf.org
Cc: "Barry Leiba" <barryleiba@computer.org>, "Alexey Melnikov" <alexey.melnikov@isode.com>
Content-Type: multipart/alternative; boundary=fbdff0f53f704b33ac63771ed8444276
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/2Q9VMmAGotHq47PMwQtr8KA_Uxk>
Subject: [Extra] Review: draft-ietf-extra-imap4rev2-11
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jan 2020 12:09:13 -0000

Sorry about the delay in doing this! I was supposed to be doing the shepherding write-up, and so I figured I should read it properly.

 I've had a full read through over some very many days (I admit, I skimmed through the ABNF) and I have comments. It's long, and hopefully comprehensive - though I'm sure I missed things.

*2.1 Link level

Is it appropriate to mention TLS on 993 here? It's mentioned deep within the document, but not here.

*2.2.1 Client protocol*
*"A different tag is generated by the client for each command".* There's no "MUST" on this, and certainly I've seen clients which don't. Do we want to make that more strict in rev2? It would be a bit of a pain on the commandline where I normally use ".", but it's also annoying as a server author that you can't rely on tag uniqueness.

Maybe the client SHOULD generate a different tag for every command, but a server MUST accept tag reuse (could restrict concurrency, a tag can only be reused after it's been "returned")

* UID Attribute
*"The next unique identifier value MUST NOT change unless new messages are added to the mailbox". * I would very much like that first MUST NOT to be weakened to "SHOULD NOT". My reasoning is that you could have a virtual mailbox which used a global sequence number per message. It would behave to clients as if a message had been delivered and then immediately expunged. I'm pretty sure clients don't care - they'll fetch the range, discover that nothing new has appeared, and stay happy. The second MUST is obviously correct, that the UIDNEXT must increase when messages are delivered.

Both UID and UIDVALIDITY say "unsigned 32-bit value" - but strictly (as seen later in the ABNF) they aren't allowed to be zero. It would be good to say "non-zero" when each is first mentioned, but I don't care strongly about this one.

*2.3.2 Flags Message Attribute

formatting issue: $Forwarded is duplicated 3 times and $MDNSent is duplicated twice in the plain-text format.

Should this section also reference https://www.iana.org/assignments/imap-jmap-keywords/imap-jmap-keywords.xhtml ?

*5.1 Mailbox Naming

This doesn't solve one of my naming bugbears. The spec says things like *"servers MAY accept a de-normalized UTF-8 mailbox name and conver it to Net-Unicode prior to mailbox creation." -*** **there is no clear way to know what the SELECTable name will be after creating a mailbox.

If I was designing this myself from scratch I would say that "SELECT of the same octets that were passed to CREATE MUST open that same mailbox" or something to that effect. Since we're messing with how mailbox naming works somewhat for imap4rev2, I'd be keen to add this restriction on server behaviour so that clients don't fall into a "CREATE -> ALREADY EXISTS / SELECT -> DOESN'T EXIST" loop.

It still doesn't mean that you can reliably tell the correct octets for the matching mailbox from the LIST response though :(

*6.3.1 ENABLE command

The example shows a conversation with an imap4rev1 only server.

The examples don't clearly show that only the newly enabled responses are correct, e.g. the sequence:

C1 OK foo
C2 OK foo

The second doesn't say "ENABLED CONDSTORE" because it was already enabled earlier on this connection.

(AKA: clients MUST remember what they have enabled)

*6.3.2 SELECT command

The [UIDNEXT <n>] response is duplicated with two different pieces of text.

*When deselecting a selected mailbox, the server MUST return an untagged OK response with the "[CLOSED]" response code when the currently selected mailbox is closed (see Paragraph 10). *- I'm not sure where "Paragraph 10" is.

The last paragraph of this section has the word "deprecated" spelled as "depractated".

I also saw somewhere that the server can unilaterally send a "* [CLOSED]" response at any point if it's had to close the mailbox (e.g. it got deleted, or IO errors). I'm not sure if that requires opt-in to IMAP4REV2, since otherwise clients will not be aware to watch for it. This may need to be clarified. Current behaviour of our server right now is to drop the connection entirely, which is ugly - but it's rare and all clients already need to handle it cleanly, so it guarantees no messed up data model for the clients.

*6.3.4 and 6.3.5 CREATE and DELETE

Can we make it illegal to "DELETE" a mailbox with children rather than make it a \NoSelect mailbox pretty pretty please? I'm just looking at some patches to deal with Outlook misbehaving with this precise situation, and it's all horrible. Because of mailboxId requirements for JMAP we've been forced to keep these things around as "intermediate" mailboxes anyway, and it's been the source of tons of bugs.

*6.3.6 RENAME *

I thought we had agreed to strongly recommend against clients using RENAME INBOX Other, but maybe I've forgotten. I don't see it in the minutes, so maybe it's just my wishful thinking.

We definitely have an option in Cyrus IMAP to make subscriptions follow RENAME. It's one of the warts (largely due to Thunderbird showing greyed out folders and confusing people).


Speak of the devil. Lots of sites violate the MUST NOT unilaterally remove rule. Should we weaken it to SHOULD? The justification for the MUST is "the server site might choose to do X" - well, if the server site is doing that, then maybe they SHOULDN'T unilaterally remove the subscriptions, but otherwise it's a better user experience and what people want.

(also: by enabling a non-default break the rules config, it's what our server does!)


*This command returns a tagged OK response only if the unsubscription is successful. *- this is not clear on what happens if the mailbox is not currently subscribed - does it silently succeed, or is there an expected error?

For what it's worth, our server just says "OK Completed" even if it's already been unsubscrbed - and likewise for subscribe if it's already subscribed it just say "yep, all good".

. create INBOX.foo
. OK [MAILBOXID (7eca8f55-e233-4458-9d48-af854fb4b279)] Completed
. subscribe INBOX.foo
. OK Completed
. unsubscribe INBOX.foo
. OK Completed
. unsubscribe INBOX.foo
. OK Completed
. subscribe INBOX.foo
. OK Completed
. subscribe INBOX.foo
. OK Completed

*6.3.9 LIST

There's a weird line wrapping near the top of page 44 where a paragraph is split in half:

   The reference and mailbox name arguments are interpreted into a
   canonical form that represents an unambiguous left-to-right
   hierarchy.  The returned mailbox names will be in the interpreted

   that we call "canonical LIST pattern" later in this document.  To
   define the term "canonical LIST pattern" formally: it refers to the
   canonical pattern constructed internally by the server from the
   reference and mailbox name arguments.

* LIST Return Options

The CHILDREN item is duplicated with two different pieces of text.


We've kinda half-added SPECIAL-USE, but we don't reference it, and it isn't shown in these examples.


We've created a conflict here. The NAMESPACE command contains prefix strings for the individual namespaces, and says:

   The prefix string allows a client to do things such as automatically
   creating personal mailboxes or LISTing all available mailboxes within
   a namespace.

Which contradicts the advice we gave back in the LIST command not to use prefix. Perhaps we should change the LIST advice to be "only use the empty prefix or prefixes given in the NAMESPACE response"?

*6.3.11 STATUS

      Note: The STATUS command is intended to access the status of
      mailboxes other than the currently selected mailbox.  Because the
      STATUS command can cause the mailbox to be opened internally, and
      because this information is available by other means on the
      selected mailbox, the STATUS command SHOULD NOT be used on the
      currently selected mailbox.

This advice is all well and good, but it says nothing about what the server may or may not do when it gets one of these STATUS commands. This is particularly relevant in the context of LIST RETURN STATUS, where it's hard to construct list patterns which explicitly avoid the currently selected mailbox.

Likewise with the: *MUST NOT be used as a "check for new messages in the selected mailbox" *assertion. Plenty of clients will do a STATUS run across folders and if they're doing LIST RETURN STATUS they're gonna find out about the new messages if the server returns it. Clients can not rely on it working is a more honest representation of what happens.

I'd like to see that IMAP4REV2 servers MUST implement STATUS of the currently selected mailbox. Yes, it's a special codepath - but if you're already testing if it's the currently open mailbox then you're at exactly the right place to do the right thing:

 /* use the index status if we can so we get the 'alive' Recent count */
 if (!strcmpsafe(mbentry->name, index_mboxname(imapd_index)) && imapd_index->mailbox)
 return index_status(imapd_index, sd);

 /* fall back to generic lookup */
 return status_lookup_mbentry(mbentry, imapd_userid, statusitems, sd);

*6.4.4 SEARCH

   For example,
   the criteria DELETED FROM "SMITH" SINCE 1-Feb-1994 refers to all
   deleted messages from Smith that were placed in the mailbox since
   February 1, 1994.

That's not strictly true - SAVEDATE would be "placed in the mailbox". The wording should say "with INTERNALDATE greater than February 1, 1994" or so.

* SAVE Result

I'm not sure I understand the interaction here with closing and re-opening a mailbox. I would expect that closing a mailbox would wipe the SAVED result, and that trying to use a SAVED result when there isn't one should return an error.

Speaking of which, Example 5 is wrong: It says that the second search command leads to the variable containing no messages, but the second search command did not contain the RETURN SAVE option, so it should not have altered the variable.

*7.1 Status Responses

Using 'o' as a tag in the ALREADYEXISTS item is confusing, it looks like an attempt to do dot points!

*7.2.3 LIST Response

This is the interesting bit for SPECIAL-USE - it should reference that here - as well as referencing the registry since it reproduces some of it inline.


*7.4.2 FETCH Response

I remember past bugs with UID in "unsolicited" FLAGS responses. Do we need to require that including UID only happen after ENABLE IMAP4REV2 (as it is for ENABLE QRESYNC)?

*Appendix C: Changes

Right now it's still stated as "the planned changes" and there's still some TODO in there (some of which I think could be well handled by referencing the registries rather than replicating them inline).

 Bron Gondwana, CEO, Fastmail Pty Ltd