Network Working Group A. Gulbrandsen Internet-Draft Intended status: Standards Track N. Freed Expires: May 30, 2013 Oracle November 26, 2012 Internet Message Access Protocol (IMAP) - MOVE Extension draft-ietf-imapmove-command-04 Abstract This document defines an IMAP extension consisting of two new commands, MOVE and UID MOVE, that are used to move messages from one mailbox to another. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 30, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Gulbrandsen & Freed Expires May 30, 2013 [Page 1] Internet-Draft IMAP - MOVE Extension November 2012 1. Introduction This document defines an IMAP [RFC3501] extension to facilitate moving messages from one mailbox to another. This is accomplished by defining a new MOVE command and extending the UID command to allow UID MOVE. A move function is not provided in the base IMAP specification, so clients have instead had to use a combination of the COPY, STORE, and EXPUNGE commands to perform this very common operation. This has meant needing to cope with partial failures and side effects that can occur when multiple commands are involved. The MOVE extension is present in any IMAP4 implementation which returns "MOVE" as one of the supported capabilities to the CAPABILITY command. 2. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Formal syntax is specified using ABNF [RFC5234]. Example lines prefaced by "C:" are sent by the client and ones prefaced by "S:" by the server. 3. MOVE and UID MOVE 3.1. MOVE Command Arguments: sequence set mailbox name Responses: no specific responses for this command Result: OK - move completed NO - move error: can't move those messages or to that name BAD - command unknown or arguments invalid Gulbrandsen & Freed Expires May 30, 2013 [Page 2] Internet-Draft IMAP - MOVE Extension November 2012 3.2. UID MOVE Command This extends the first form of the UID command (see [RFC3501], Section 6.4.8) to add the MOVE command, defined above, as a valid argument. 3.3. Semantics of MOVE and UID MOVE The MOVE command takes two arguments: a message set (sequence numbers for MOVE, UIDs for UID MOVE) and a named mailbox. Each message included in the set is moved, rather than copied, from the selected (source) mailbox to the named (target) mailbox. This means that a new message is created in the target mailbox, with a new UID, the original message is removed from the source mailbox, and it appears to the client as a single action. This has the same effect for each message as this sequence: 1. [UID] COPY 2. [UID] STORE +FLAGS.SILENT \DELETED 3. UID EXPUNGE Although the effect of the MOVE is the same as the preceding steps, the semantics are not identical: The intermediate states produced by those steps do not occur, and the response codes are different. In particular, though the COPY and EXPUNGE response codes will be returned, response codes for a STORE MUST NOT be generated and the \DELETED flag MUST NOT be set for any message. Because a MOVE applies to a set of messages, it might fail partway through the set. Regardless of whether the command is successful in moving the entire set, each individual message SHOULD either be moved or unaffected. The server MUST leave each message in a state where it is in at least one of the source or target mailboxes (no message can be lost or orphaned). The server SHOULD NOT leave any message in both mailboxes (it would be bad for a partial failure to result in a bunch of duplicate messages). This is true even if the server returns a tagged NO response to the command. Because of the similarity of MOVE to COPY, extensions that affect COPY affect MOVE in the same way. Response codes such TRYCREATE (see [RFC3501] Section 6.4.7), as well as those defined by extensions, are sent as appropriate. See Section 4 for more information about how MOVE interacts with other IMAP extensions. An example: Gulbrandsen & Freed Expires May 30, 2013 [Page 3] Internet-Draft IMAP - MOVE Extension November 2012 C: a UID MOVE 42:69 forble S: * OK [COPYUID 432432 42:69 1202:1229] S: * 22 EXPUNGE S: (more expunges) S: a OK Done Note that the server may send unrelated EXPUNGE responses as well, if any happen to have been expunged at the same time; this is normal IMAP operation. Implementers will need to read [RFC4315] to understand what UID EXPUNGE does, though full implementation of [RFC4315] is not necessary. Note that moving a message to the currently selected mailbox (that is, where the source and target mailboxes are the same) is allowed when copying the message to the currently selected mailbox is allowed. The server may send EXPUNGE (or VANISHED) responses before the tagged response, so the client cannot safely send more commands with message sequence number arguments while the server is processing MOVE. The UID MOVE command does not have this limitation. Both MOVE and UID MOVE can be pipelined with other commands, but care has to be taken. Both commands modify sequence numbers and also allow unrelated EXPUNGE responses. The renumbering of other messages in the source mailbox following any EXPUNGE response can be surprising, and makes it unsafe to pipeline any command that relies on message sequence numbers after a MOVE or UID MOVE. Similarly, MOVE cannot be pipelined with a command that might cause message renumbering. See [RFC3501], Section 5.5, for more information about ambiguities as well as handling requirements for both clients and servers. 4. Interaction with other extensions This section describes how MOVE interacts with some other IMAP extensions. 4.1. RFC 2087, QUOTA The QUOTA extension (defined by [RFC2087]) may interact with MOVE, on some servers, in the sense that a MOVE command may succeed where COPY would cause a quota overrun. Gulbrandsen & Freed Expires May 30, 2013 [Page 4] Internet-Draft IMAP - MOVE Extension November 2012 4.2. RFC 4314, ACL The ACL rights [RFC4314] required for UID MOVE are the union of the ACL rights required for UID STORE, UID COPY and UID EXPUNGE. 4.3. RFC 4315, UIDPLUS Servers supporting UIDPLUS [RFC4315] MUST send COPYUID in response to a UID MOVE command. Servers implementing UIDPLUS are also advised to send the COPYUID response code in an untagged OK before sending EXPUNGE or moved responses. (Sending COPYUID in the tagged OK, as described in the UIDPLUS specification, means that clients first receive an EXPUNGE for a message and afterwards COPYUID for the same message. It can be unnecessarily difficult to process that sequence usefully.) 4.4. RFC 5162, QRESYNC The QRESYNC extension [RFC5162] states that the server SHOULD send VANISHED rather than EXPUNGE in response to the UID EXPUNGE command. The same requirement applies to MOVE, and a QRESYNC-enabled client needs to handle both VANISHED and EXPUNGE responses to a UID MOVE command. 4.5. IMAP Events in Sieve MOVE applies to IMAP events in Sieve [RFC6785] in the same way as COPY does. Therefore, MOVE can cause a Sieve script to be invoked with the imap.cause set to "COPY". Because MOVE does not cause flags to be changed, a MOVE command will not result in a script invocation with the imap.cause set to "FLAG". 5. Formal Syntax The following syntax specification uses the Augmented Backus-Naur Form (ABNF) notation as specified in [RFC5234]. [RFC3501] defines the non-terminals "capability", "command-select", "sequence-set" and "mailbox". Except as noted otherwise, all alphabetic characters are case- insensitive. The use of upper or lower case characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case-insensitive fashion. Gulbrandsen & Freed Expires May 30, 2013 [Page 5] Internet-Draft IMAP - MOVE Extension November 2012 capability =/ "MOVE" command-select =/ move move = "MOVE" SP sequence-set SP mailbox uid = "UID" SP (copy / fetch / search / store / move) 6. Security Considerations MOVE does not introduce any new capabilities to IMAP, and this limits the security impact. However, the transactional semantics of MOVE may interact with specific implementations in ways that could have unexpected consequences. For example, moving messages between mailboxes under the quota root may require temporary suspension of quota checking. An additional area of concern is interaction with antispam, antivirus, and other security scanning and auditing mechanisms. Different mailboxes may have different security policies which could interact with MOVE in complex ways. Scanning with updated rules may also be required when messages are moved even when the underlying policy has not changed. MOVE does relieve a problem with the base specification, since client authors currently have to devise and implement complicated algorithms to handle partial failures of the STORE/COPY/EXPUNGE trio. Incomplete or improper implementation of these algorithms can lead to mail loss. 7. IANA Considerations The IANA is requested to add MOVE to the "IMAP 4 Capabilities" registry, http://www.iana.org/assignments/imap4-capabilities. 8. Acknowledgments An extension like this has been proposed many times, by many people. This document is based on several of those, most recently that by Witold Krecicki. Witold, Adrien W. de Croy, Stephen Farrell, Bron Gondwana, Dan Karp, Christian Ketterer, Murray Kucherawy, Jan Kundrat, Barry Leiba, Alexey Melnikov, Kathleen Moriarty, Pete Resnick, Timo Sirainen, Michael Slusarz, and others provided valuable comments. 9. References Gulbrandsen & Freed Expires May 30, 2013 [Page 6] Internet-Draft IMAP - MOVE Extension November 2012 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1", RFC 3501, March 2003. [RFC4314] Melnikov, A., "IMAP4 Access Control List (ACL) Extension", RFC 4314, December 2005. [RFC4315] Crispin, M., "Internet Message Access Protocol (IMAP) - UIDPLUS extension", RFC 4315, December 2005. [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008. 9.2. Informative References [RFC2087] Myers, J., "IMAP4 QUOTA extension", RFC 2087, January 1997. [RFC5162] Melnikov, A., Cridland, D., and C. Wilson, "IMAP4 Extensions for Quick Mailbox Resynchronization", RFC 5162, March 2008. [RFC6785] Leiba, B., "Support for Internet Message Access Protocol (IMAP) Events in Sieve", RFC 6785, November 2012. Appendix A. Change History RFC Editor: Please delete this section from the final RFC. A.1. Changes since -00 1. Fixed two bad nouns. Mailboxes aren't messages. 2. Adrien's server can easily do UID MOVE but not so easily MSN- based moves. A.2. Changes since -01 1. Changed to Informative, on Barry's suggestion. Or did I ask him? Whatever. 2. Removed the 'reasons to avoid', it was doubleplusungood. Gulbrandsen & Freed Expires May 30, 2013 [Page 7] Internet-Draft IMAP - MOVE Extension November 2012 A.3. Changes since draft-gulbrandsen-imap-move-02 1. Various wording changes from Barry's review. 2. Open issue: Delete the \deleted rule? 3. Back to PS, informative didn't fly in the IESG 4. Turned into a WG document in order to get write access to the IMAP4 capabilities registry 5. Mention VANISHED in 5162 6. Added bad boilerplate to please idnits. This document contains no code. A.4. Changes since -00 1. Added MSN-based move. The consensus seems mildly in favor. I think. We'll see once this is posted. 2. Advise sending COPYUID earlier, to help clients. Requiring out of order processing is unnecessarily nasty. 3. Note that moving to the source inbox has to work. I think it does have to work, but this is a draft, it says so on every page. A.5. Changes since -01 1. (Issue tracker #1) Changed command-select ABNF to conform with the conventions used in RFC 3501. 2. (Issue tracker #2) Banned overlapped pipelined MOVE and UID MOVE. 3. (Issue tracker #3) Added section about interaction with IMAP Sieve. 4. (Issue tracker #4) Revised security considerations. 5. (Issue tracker #5) Removed text that characterized MOVE as the same as COPY/STORE/EXPUNGE. 6. (Issue tracker #6) RFC 4314 is now a normative reference. 7. (Issue tracker #7) Major rewrite of the command description text as a result of AD review. Gulbrandsen & Freed Expires May 30, 2013 [Page 8] Internet-Draft IMAP - MOVE Extension November 2012 8. (Issue tracker #8) Revised abstract. 9. (Issue tracker #9) Added text saying partial failures are allowed. 10. (Issue tracker #10) Some additional tweaks to the security considerations section were made. 11. The abstract and introduction were out of whack as a result of other changes, so some revisions were made to bring them back into sync. A.6. Changes since -02 1. Corrected various typos, clarified several paragraphs discussing MOVE semantics. 2. Added the usual text about the extension only being available when it is reported by the CAPABILITIES command. 3. Revised the text about QRESYNC to make clear what the requirements are. 4. Removed a suggestion about MUA/user behavior from the discussion of the QUOTA extension. 5. Updated the main and running title to conform to other IMAP RFCs. A.7. Changes since -03 1. Corrected another bad noun. Responses aren't messages. 2. More minor editorial changes. 3. The text on command pipelining has been completely rewritten. 4. Added text stating that the effects of setting the \Deleted flag aren't visible. Gulbrandsen & Freed Expires May 30, 2013 [Page 9] Internet-Draft IMAP - MOVE Extension November 2012 Authors' Addresses Arnt Gulbrandsen Schweppermannstr. 8 D-81671 Muenchen Germany Fax: +49 89 4502 9758 Email: arnt@gulbrandsen.priv.no Ned Freed (editor) Oracle 800 Royal Oaks Monrovia, CA 91016-6347 USA Email: ned+ietf@mrochek.com Gulbrandsen & Freed Expires May 30, 2013 [Page 10]