]> Fastmail

Level 2, 114 William St Melbourne VIC 3000 Australia brong@fastmailteam.com https://www.fastmail.com

Stalwart Labs LLC

1309 Coffeen Avenue, Suite 1200 Sheridan WY 82801 USA mauro@stalw.art https://stalw.art

mailmaint Internet-Draft This document updates (IMAP4rev1) with persistent identifiers on mailboxes and messages to allow clients to more efficiently reuse cached data when resources have changed location on the server. This document obsoletes by making all object identifier types optional, introducing the OBJECTIDBIS capability with mandatory ENABLE negotiation, and extending the framework to include account-level context through the ACCOUNTID identifier. The ENABLE requirement ensures that servers can implement the extension without altering the IMAP grammar for clients that do not understand the extension. The account identifier extension enables IMAP servers to provide account-level context for mailboxes when multiple accounts are accessible through a single IMAP connection, facilitating interoperability with the JSON Meta Application Protocol (JMAP) in multi-account scenarios.

Introduction IMAP stores are often used by many clients. Each client may cache data from the server so that it does not need to redownload information. states that a mailbox can be uniquely referenced by its name and UIDVALIDITY, and a message within that mailbox can be uniquely referenced by its mailbox (name + UIDVALIDITY) and unique identifier (UID). The triple of mailbox name, UIDVALIDITY, and UID is guaranteed to be immutable. defines a COPYUID response that allows a client that copies messages to know the mapping between the UIDs in the source and destination mailboxes and, hence, update its local cache. If a mailbox is successfully renamed by a client, that client will know that the same messages exist in the destination mailbox name as previously existed in the source mailbox name. The result is that the client that copies (or moves ) messages or renames a mailbox can update its local cache, but any other client connected to the same store cannot know with certainty that the messages are identical, so it will redownload everything. This extension adds new properties to a message (EMAILID) and mailbox (MAILBOXID). These properties allow a client to quickly identify messages or mailboxes that have been renamed by another client. This extension also adds an optional thread identifier (THREADID) to messages, which can be used by the server to indicate messages that it has identified to be related. Additionally, this document introduces the ACCOUNTID object identifier, which specifies the account to which a mailbox or message belongs. This is particularly relevant for environments where IMAP mailboxes include shared mailboxes from multiple JMAP accounts, as defined in . All object identifier types defined in this specification are optional. A server that supports this extension MAY return NIL for any object identifier type that it does not implement. This design permits partial implementation, allowing servers to provide identifiers for the types they support without requiring full implementation of all identifier types. This extension requires the use of the ENABLE command, as defined in , to activate the extended response syntax. The ENABLE requirement ensures that servers can implement the extension without introducing incompatible changes to the IMAP grammar for clients that do not understand the extension. Until the client issues ENABLE OBJECTIDBIS, the server MUST NOT return any of the extended response formats defined in this document.

Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

CAPABILITY Identification IMAP servers that support this extension MUST include "OBJECTIDBIS" in the response list to the CAPABILITY command. A server MAY advertise both the "OBJECTID" capability defined in and the "OBJECTIDBIS" capability defined in this document. When both capabilities are advertised, the server MUST conform to the behaviour specified in unless and until the client issues ENABLE OBJECTIDBIS, at which point the server MUST conform to the behaviour specified in this document. If the client has not issued ENABLE OBJECTIDBIS, the server MUST NOT return any of the extended response formats defined in this document, including OBJECTID response codes, OBJECTID status attributes, OBJECTID fetch data items, or ACCOUNTID attributes. This restriction ensures that the IMAP grammar remains unaltered for clients that do not understand the extension.

ENABLE Requirement The OBJECTIDBIS extension MUST be activated by the client through the ENABLE command as defined in . A client that wishes to use the facilities defined in this document MUST issue ENABLE OBJECTIDBIS before relying on any of the extended responses. Example:

After the server confirms that OBJECTIDBIS has been enabled, the extended response formats defined in this document become active for the remainder of the IMAP session.

OBJECTID Compound Identifier The OBJECTID is a compound data item that aggregates all object identifiers relevant to a given context into a single response element. The composition of the OBJECTID depends on whether it pertains to a mailbox or a message.

Mailbox Context When used in the context of a mailbox (response codes for CREATE, SELECT, and EXAMINE; STATUS attributes), the OBJECTID compound contains the following elements: Syntax: "OBJECTID" SP "(" "MAILBOXID" SP objectid-or-nil SP \ "ACCOUNTID" SP objectid-or-nil ")" The MAILBOXID element contains the mailbox identifier, and the ACCOUNTID element contains the account identifier. Either element MAY be NIL if the server does not support the corresponding identifier type.

Message Context When used in the context of a message (FETCH data items), the OBJECTID compound contains the following elements: Syntax: "OBJECTID" SP "(" "EMAILID" SP objectid-or-nil SP \ "ACCOUNTID" SP objectid-or-nil SP \ "THREADID" SP objectid-or-nil ")" The EMAILID element contains the email identifier, the ACCOUNTID element contains the account identifier, and the THREADID element contains the thread identifier. Any element MAY be NIL if the server does not support the corresponding identifier type.

Relationship to Individual Attributes The OBJECTID compound is functionally equivalent to requesting each of its constituent identifiers individually. A server MUST return the same values for identifiers whether they are requested individually or as part of an OBJECTID compound. For example, the MAILBOXID returned within an OBJECTID STATUS response MUST be identical to the MAILBOXID returned when requested as a standalone STATUS attribute. The OBJECTID compound is provided as a convenience for clients that wish to retrieve all available identifiers in a single request without enumerating each attribute separately.

ACCOUNTID Object Identifier The ACCOUNTID is a server-allocated identifier that specifies the account to which a mailbox or message belongs. When used in conjunction with MAILBOXID, the ACCOUNTID provides complete disambiguation of mailboxes in environments where multiple accounts are accessible through a single IMAP session. The ACCOUNTID is represented as an opaque string using the same character set and syntactic constraints as other object identifiers defined in this specification (see ). The server MUST return the same ACCOUNTID for all mailboxes and messages that belong to the same account. Conversely, the server MUST NOT return the same ACCOUNTID for mailboxes or messages that belong to different accounts, even if accessed within the same IMAP session. When a server advertises the "JMAPACCESS" capability as defined in , it MUST ensure that the ACCOUNTID returned via IMAP matches the accountId property of the corresponding account in JMAP, as defined in . This correspondence is essential for clients to correlate mailboxes and messages across the two protocols. When a mailbox or message is accessed exclusively through IMAP and does not have a corresponding representation in JMAP, the server MAY still assign an ACCOUNTID to maintain consistency in the IMAP representation. However, such ACCOUNTIDs need not correspond to any JMAP account identifier. The ACCOUNTID is conceptually immutable for a given account within an IMAP session. However, if the underlying account is deleted or the user's access to that account is revoked, the associated mailboxes will no longer be accessible via IMAP, and their ACCOUNTIDs become irrelevant. The server MAY return NIL for ACCOUNTID if it does not support account identifiers.

MAILBOXID Object Identifier The MAILBOXID is a server-allocated unique identifier for each mailbox. The server MUST return the same MAILBOXID for a mailbox with the same name and UIDVALIDITY. The server MUST NOT report the same MAILBOXID for two mailboxes at the same time. The server MUST NOT reuse the same MAILBOXID for a mailbox that does not obey all the invariants that defines for a mailbox that does not change name or UIDVALIDITY. The server MUST keep the same MAILBOXID for the source and destination when renaming a mailbox in a way that keeps the same messages (but see for the special case regarding the renaming of INBOX, which is treated as creating a new mailbox and moving the messages). The server MAY return NIL for MAILBOXID if it does not support mailbox identifiers for a given mailbox (for example, for virtual folders).

New Response Code for CREATE This document extends the CREATE command to include object identifiers in the response code on successful mailbox creation. When OBJECTIDBIS has been enabled, the server MUST include the OBJECTID response code in the tagged OK response to all successful CREATE commands. Example:

Example (MAILBOXID not supported):

New Response Code for RENAME This document extends the RENAME command to include the OBJECTID response code in the tagged OK response on successful mailbox rename when OBJECTIDBIS has been enabled. The OBJECTID response code in the RENAME response conveys the object identifiers of the mailbox after the rename operation has been completed. The MAILBOXID and ACCOUNTID returned MAY differ from those of the source mailbox, depending on server implementation and whether the rename operation crosses account boundaries. When a mailbox is renamed within the same account, the server SHOULD return the same MAILBOXID and ACCOUNTID as the source mailbox, unless the server does not support persistent mailbox identifiers across rename operations. When a mailbox is renamed across account boundaries (for example, from a personal namespace to a shared namespace belonging to a different account), the server MAY return a different ACCOUNTID, a different MAILBOXID, or both, reflecting the new account context and any server-specific identifier allocation policy. Example (local rename, identifiers preserved):

Example (cross-account rename, new identifiers issued):

In the first example, the mailbox "foo" is renamed to "renamed-foo" within the same account, and the server preserves both the MAILBOXID and the ACCOUNTID. In the second example, the mailbox "bar" is renamed into a shared namespace belonging to a different account, and the server issues both a new MAILBOXID and a new ACCOUNTID reflecting the destination account.

New OK Untagged Response for SELECT and EXAMINE This document adds a new untagged response code to the SELECT and EXAMINE commands. When OBJECTIDBIS has been enabled, the server MUST return an untagged OK response with the OBJECTID response code on all successful SELECT and EXAMINE commands. Example:

New Attributes for STATUS This document adds the MAILBOXID, ACCOUNTID, and OBJECTID attributes to the STATUS command using the extended syntax defined in . A server that has OBJECTIDBIS enabled MUST support the MAILBOXID, ACCOUNTID, and OBJECTID status attributes. The MAILBOXID status attribute returns the mailbox identifier for the specified mailbox. The ACCOUNTID status attribute returns the account identifier for the specified mailbox. The OBJECTID status attribute returns both the mailbox identifier and the account identifier as a compound value. The server MAY return NIL for any identifier that it does not support. Example:

When the LIST-STATUS IMAP capability defined in is also available, the STATUS command can be combined with the LIST command. Example:

This example demonstrates how clients can efficiently retrieve object identifiers for multiple mailboxes, including mailboxes belonging to different accounts, using the extended LIST command with STATUS return option.

EMAILID Object Identifier and THREADID Correlator

EMAILID Identifier for Identical Messages The EMAILID data item is an ObjectID that uniquely identifies the content of a single message. Anything that must remain immutable on a {name, uidvalidity, uid} triple must also be the same between messages with the same EMAILID. The server MUST return the same EMAILID for the same triple; hence, EMAILID is immutable. The server MUST return the same EMAILID as the source message for the matching destination message in the COPYUID pairing after a COPY or MOVE command . The server MAY assign the same EMAILID as an existing message upon APPEND (e.g., if it detects that the new message has exactly identical content to that of an existing message). NOTE: EMAILID only identifies the immutable content of the message. In particular, it is possible for different messages with the same EMAILID to have different keywords. This document does not specify a way to STORE by EMAILID. The server MAY return NIL for EMAILID if it does not support email identifiers (for example, for virtual messages).

THREADID Identifier for Related Messages The THREADID data item is an ObjectID that uniquely identifies a set of messages that the server believes should be grouped together when presented. THREADID calculation is generally based on some combination of References, In-Reply-To, and Subject, but the exact logic is left up to the server implementation. describes some algorithms that could be used; however, this specification does not mandate any particular strategy. The server MUST return the same THREADID for all messages with the same EMAILID. The server SHOULD return the same THREADID for related messages, even if they are in different mailboxes; for example, messages that would appear in the same thread if they were in the same mailbox SHOULD have the same THREADID, even if they are in different mailboxes. The server MUST NOT change the THREADID of a message once reported. THREADID is OPTIONAL; if the server does not support THREADID or is unable to calculate relationships between messages, it MUST return NIL to all FETCH responses for the THREADID data item, and a SEARCH for THREADID MUST NOT match any messages. The server MUST NOT use the same ObjectID value for both EMAILIDs and THREADIDs. If they are stored with the same value internally, the server can generate prefixed values (as shown in the examples below with M and T prefixes) to avoid clashes.

New Message Data Items in FETCH and UID FETCH Commands This document defines the following FETCH request items: Syntax: "EMAILID" The EMAILID message data item causes the server to return EMAILID FETCH response data items. Syntax: "THREADID" The THREADID message data item causes the server to return THREADID FETCH response data items. Syntax: "ACCOUNTID" The ACCOUNTID message data item causes the server to return ACCOUNTID FETCH response data items. Syntax: "OBJECTID" The OBJECTID message data item causes the server to return OBJECTID FETCH response data items containing all email-related object identifiers as a compound value. This document defines the following FETCH response items: Syntax: "EMAILID" SP objectid-or-nil The EMAILID response data item contains the server-assigned ObjectID for each message, or NIL if the server does not support email identifiers. Syntax: "THREADID" SP objectid-or-nil The THREADID response data item contains the server-assigned ObjectID for the set of related messages to which this message belongs. NIL is returned when the server does not support THREADID calculation. Syntax: "ACCOUNTID" SP objectid-or-nil The ACCOUNTID response data item contains the account identifier for the message, or NIL if the server does not support account identifiers. Syntax: "OBJECTID" SP "(" "EMAILID" SP objectid-or-nil SP \ "ACCOUNTID" SP objectid-or-nil SP \ "THREADID" SP objectid-or-nil ")" The OBJECTID response data item contains all email-related object identifiers as a compound value. Example (EMAILID and THREADID):

Example (OBJECTID compound value):

Example (no THREADID support):

Example (OBJECTID with no THREADID support):

Example (no EMAILID support):

New Filters on SEARCH Command This document defines the filters EMAILID, THREADID, and ACCOUNTID on the SEARCH command. The EMAILID and THREADID filters require ENABLE OBJECTIDBIS to be in effect. However, if the server also advertises the OBJECTID capability defined in , it MAY support the EMAILID and THREADID filters without requiring ENABLE OBJECTIDBIS, using the syntax defined in . The ACCOUNTID filter is only available when OBJECTIDBIS has been enabled. Syntax: "EMAILID" SP objectid-atom Messages whose EMAILID is exactly the specified ObjectID. Syntax: "THREADID" SP objectid-atom Messages whose THREADID is exactly the specified ObjectID. Syntax: "ACCOUNTID" SP objectid-atom Messages whose ACCOUNTID is exactly the specified ObjectID. Example: (as if run before the MOVE shown above when the mailbox had three messages)

Formal Syntax The following syntax specification uses the Augmented Backus-Naur Form (ABNF) notation. Elements not defined here can be found in the formal syntax of the ABNF , IMAP , IMAP ABNF extensions , and IMAP ENABLE specifications. Except as noted otherwise, all alphabetic characters are case insensitive. The use of uppercase or lowercase characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case-insensitive fashion. Please note specifically that ObjectID values are case sensitive.

Implementation Considerations

Assigning Object Identifiers All ObjectID values are allocated by the server. In the interest of reducing the possibilities of encoding mistakes, ObjectIDs are restricted to a safe subset of possible byte values; in order to allow clients to allocate storage, they are restricted in length. An ObjectID is a string of 1 to 255 characters from the following set of 64 codepoints: a-z, A-Z, 0-9, _, -. These characters are safe to use in almost any context (e.g., filesystems, URIs, IMAP atoms). These are the same characters defined as base64url in . For maximum safety, servers should also follow defensive allocation strategies to avoid creating risks where glob completion or data type detection may be present (e.g., on filesystems or in spreadsheets). In particular, it is wise to avoid: IDs starting with a dash IDs starting with digits IDs that contain only digits IDs that differ only by ASCII case (for example, A vs. a) the specific sequence of three characters NIL in any case (because this sequence can be confused with the IMAP protocol expression of the null value) A good solution to these issues is to prefix every ID with a single alphabetical character.

Interaction with Special Cases The case of RENAME INBOX may need special handling because it has special behavior, as defined in . It is advisable (though not required) to have MAILBOXID be globally unique, but it is only required to be unique within messages offered to a single client login to a single server hostname. For example, a proxy that aggregates multiple independent servers MUST NOT advertise the OBJECTIDBIS capability unless it can guarantee that different objects will never use the same identifiers, even if backend object identifiers collide. The ACCOUNTID provides additional disambiguation in multi-account environments, ensuring that even if two backend servers use the same MAILBOXID, the combination of ACCOUNTID and MAILBOXID remains unique within the IMAP session.

Client Usage Servers that implement both and this specification should optimize their execution of commands like UID SEARCH OR EMAILID 1234 EMAILID 4321. Clients can assume that searching the all-mail mailbox using OR/ EMAILID or OR/THREADID is a fast way to find messages again if some other client has moved them out of the mailbox where they were previously seen. Clients that cache data offline should fetch the EMAILID of all new messages to avoid redownloading already-cached message details. Clients should fetch the MAILBOXID for any new mailboxes before discarding cache data for any mailbox that is no longer present on the server so that they can detect renames and avoid redownloading data. Clients that support both IMAP and JMAP SHOULD use the ACCOUNTID when available to maintain accurate mappings between IMAP mailboxes and JMAP Mailbox objects. This is particularly important for clients that use JMAP Email Delivery Push notifications, as these notifications include the accountId property. By correlating the accountId from a push notification with the ACCOUNTID, clients can efficiently determine which IMAP mailbox corresponds to a newly delivered message without requiring additional synchronization operations. Clients SHOULD be prepared to handle servers that return NIL for any of the object identifier types. In such cases, clients should gracefully degrade functionality to use only the supported object identifier types and fall back to the guarantees of .

Interaction with the OBJECTID Capability A server that advertises both the OBJECTID capability defined in and the OBJECTIDBIS capability defined in this document MUST behave as follows: When OBJECTIDBIS has not been enabled, the server MUST conform to the behaviour specified in for all OBJECTID-related responses. The server MUST NOT return OBJECTID response codes, OBJECTID status attributes, ACCOUNTID attributes, or NIL values for MAILBOXID or EMAILID. When OBJECTIDBIS has been enabled, the server MUST conform to the behaviour specified in this document. The server MUST use OBJECTID response codes in place of MAILBOXID response codes for CREATE, SELECT, and EXAMINE commands. The server MUST support ACCOUNTID, MAILBOXID, and OBJECTID as STATUS attributes and FETCH data items. This design allows servers to support both the original and extended specifications without breaking the IMAP grammar for clients that understand only one of the two extensions.

Advice to Client Implementers In cases of server failure and disaster recovery, or misbehaving servers, it is possible that a client will be sent invalid information, e.g., identical ObjectIDs or ObjectIDs that have changed where they MUST NOT change according to this document. In a case where a client detects inconsistent ObjectID responses from a server, it SHOULD fall back to relying on the guarantees of . For simplicity, a client MAY instead choose to discard its entire cache and resync all state from the server. Client authors protecting against server misbehavior MUST ensure that their design cannot get into an infinite loop of discarding cache and fetching the same data repeatedly without user interaction.

Future Considerations This extension is intentionally defined to be compatible with the data model in JMAP for Mail. A future extension could be proposed to give a way to SELECT a mailbox by MAILBOXID rather than name. A future extension to could allow fileinto by MAILBOXID rather than name. An extension to allow fetching message content directly via EMAILID and message listings by THREADID could be proposed.

IANA Considerations

IMAP Capabilities Registry IANA is requested to add the following entry to the "IMAP Capabilities" registry located at https://www.iana.org/assignments/imap-capabilities: Capability Reference OBJECTIDBIS This document The existing "OBJECTID" entry in the "IMAP Capabilities" registry, registered by , remains unchanged. Servers MAY advertise both OBJECTID and OBJECTIDBIS as described in this document.

IMAP Response Codes Registry IANA is requested to add the following entry to the "IMAP Response Codes" registry located at https://www.iana.org/assignments/imap-response-codes: Response Code Reference OBJECTID This document The existing "MAILBOXID" entry in the "IMAP Response Codes" registry, registered by , remains unchanged.

Security Considerations

Object Identifier Generation It is strongly advised that servers generate ObjectIDs that are safe to use as filesystem names and unlikely to be autodetected as numbers. See implementation considerations. If a digest is used for ID generation, it must have a collision- resistant property, so server implementations are advised to monitor current security research and choose secure digests. As the IDs are generated by the server, it will be possible to migrate to a new hash by just using the new algorithm when creating new IDs. This is particularly true if a prefix is used on each ID, which can be changed when the algorithm changes. The use of a digest for ID generation may be used as proof that a particular sequence of bytes was seen by the server. However, this is only a risk if IDs are leaked to clients who don't have permission to fetch the data directly. Servers that are expected to handle highly sensitive data should consider this when choosing how to create IDs. See also the security considerations in .

Account Identifier Exposure The account identifier component of MAILBOXID reveals information about the account structure of the server and which mailboxes belong to which accounts. While this information is generally not considered sensitive in the context of an authenticated IMAP session, servers that wish to minimize information disclosure MAY choose to generate account identifiers using unpredictable values (such as UUIDs) rather than sequential numbers or other patterns that might reveal information about account creation order or the total number of accounts on the server.

Cross-Account Information Leakage Servers MUST ensure that the MAILBOXID mechanism does not inadvertently grant users access to information about accounts they are not authorized to access. In particular, servers MUST NOT return account identifiers for accounts that the authenticated user does not have permission to access, even if such accounts exist on the server.

Consistency with JMAP Authentication When a server advertises both "OBJECTID" (or "OBJECTID=MAILBOXID") and "JMAPACCESS" capabilities, the server MUST ensure that the same authentication credentials used for the IMAP session would grant access to the corresponding JMAP accounts. Inconsistencies in authentication or authorization between IMAP and JMAP could lead to situations where a client receives account identifiers that it cannot subsequently use to access the corresponding JMAP resources, potentially revealing the existence of accounts the user cannot access.

Privacy in Multi-Tenant Environments In multi-tenant or hosted environments, servers SHOULD generate account identifiers in a manner that does not reveal relationships between accounts or organizational structures that users should not be aware of. For example, if multiple accounts belong to the same organization, the account identifier generation mechanism should not use patterns that would allow users to infer these relationships unless such information is explicitly intended to be visible.

The Internet Message Access Protocol, Version 4rev1 (IMAP4rev1) allows a client to access and manipulate electronic mail messages on a server. IMAP4rev1 permits manipulation of mailboxes (remote message folders) in a way that is functionally equivalent to local folders. IMAP4rev1 also provides the capability for an offline client to resynchronize with the server. IMAP4rev1 includes operations for creating, deleting, and renaming mailboxes, checking for new messages, permanently removing messages, setting and clearing flags, RFC 2822 and RFC 2045 parsing, searching, and selective fetching of message attributes, texts, and portions thereof. Messages in IMAP4rev1 are accessed by the use of numbers. These numbers are either message sequence numbers or unique identifiers. IMAP4rev1 supports a single server. A mechanism for accessing configuration information to support multiple IMAP4rev1 servers is discussed in RFC 2244. IMAP4rev1 does not specify a means of posting mail; this function is handled by a mail transfer protocol such as RFC 2821. [STANDARDS-TRACK] The UIDPLUS extension of the Internet Message Access Protocol (IMAP) provides a set of features intended to reduce the amount of time and resources used by some client operations. The features in UIDPLUS are primarily intended for disconnected-use clients. [STANDARDS-TRACK] Over the years, many documents from IMAPEXT and LEMONADE working groups, as well as many individual documents, have added syntactic extensions to many base IMAP commands described in RFC 3501. For ease of reference, this document collects most of such ABNF changes in one place. This document also suggests a set of standard patterns for adding options and extensions to several existing IMAP commands defined in RFC 3501. The patterns provide for compatibility between existing and future extensions. This document updates ABNF in RFCs 2088, 2342, 3501, 3502, and 3516. It also includes part of the errata to RFC 3501. This document doesn't specify any semantic changes to the listed RFCs. [STANDARDS-TRACK] This document describes a language for filtering email messages at time of final delivery. It is designed to be implementable on either a mail client or mail server. It is meant to be extensible, simple, and independent of access protocol, mail architecture, and operating system. It is suitable for running on a mail server where users may not be allowed to execute arbitrary programs, such as on black box Internet Message Access Protocol (IMAP) servers, as the base language has no variables, loops, or ability to shell out to external programs. [STANDARDS-TRACK] Internet technical specifications often need to define a formal syntax. Over the years, a modified version of Backus-Naur Form (BNF), called Augmented BNF (ABNF), has been popular among many Internet specifications. The current specification documents ABNF. It balances compactness and simplicity with reasonable representational power. The differences between standard BNF and ABNF involve naming rules, repetition, alternatives, order-independence, and value ranges. This specification also supplies additional rule definitions and encoding for a core lexical analyzer of the type common to several Internet specifications. [STANDARDS-TRACK] This document describes the base-level server-based sorting and threading extensions to the IMAP protocol. These extensions provide substantial performance improvements for IMAP clients that offer sorted and threaded views. [STANDARDS-TRACK] Many IMAP clients display information about total number of messages / total number of unseen messages in IMAP mailboxes. In order to do that, they are forced to issue a LIST or LSUB command and to list all available mailboxes, followed by a STATUS command for each mailbox found. This document provides an extension to LIST command that allows the client to request STATUS information for mailboxes together with other information typically returned by the LIST command. [STANDARDS-TRACK] This document defines an IMAP extension consisting of two new commands, MOVE and UID MOVE, that are used to move messages from one mailbox to another. [STANDARDS-TRACK] This document updates RFC 3501 (IMAP4rev1) with persistent identifiers on mailboxes and messages to allow clients to more efficiently reuse cached data when resources have changed location on the server. This document defines an IMAP extension to let clients know that the messages in this IMAP server are also available via the JSON Meta Application Protocol (JMAP), and how. It is intended for clients that want to migrate gradually to JMAP or use JMAP extensions within an IMAP client. Most IMAP extensions are used by the client when it wants to and the server supports it. However, a few extensions require the server to know whether a client supports that extension. The ENABLE extension allows an IMAP client to say which extensions it supports. [STANDARDS-TRACK] In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. Some IMAP message stores include special-use mailboxes, such as those used to hold draft messages or sent messages. Many mail clients allow users to specify where draft or sent messages should be put, but configuring them requires that the user know which mailboxes the server has set aside for these purposes. This extension adds new optional mailbox attributes that a server may include in IMAP LIST command responses to identify special-use mailboxes to the client, easing configuration. [STANDARDS-TRACK] This specification defines a Uniform Resource Name namespace for UUIDs (Universally Unique IDentifier), also known as GUIDs (Globally Unique IDentifier). A UUID is 128 bits long, and can guarantee uniqueness across space and time. UUIDs were originally used in the Apollo Network Computing System and later in the Open Software Foundation\'s (OSF) Distributed Computing Environment (DCE), and then in Microsoft Windows platforms. This specification is derived from the DCE specification with the kind permission of the OSF (now known as The Open Group). Information from earlier versions of the DCE specification have been incorporated into this document. [STANDARDS-TRACK] This document describes the commonly used base 64, base 32, and base 16 encoding schemes. It also discusses the use of line-feeds in encoded data, use of padding in encoded data, use of non-alphabet characters in encoded data, use of different encoding alphabets, and canonical encodings. [STANDARDS-TRACK] This document specifies a protocol for clients to efficiently query, fetch, and modify JSON-based data objects, with support for push notification of changes and fast resynchronisation and for out-of- band binary data upload/download.

Ideas for Implementing Object Identifiers Ideas for calculating account identifiers: Universally Unique Identifier (UUID) Server-assigned sequence number (guaranteed not to be reused) Hash of the JMAP accountId (if JMAP integration is provided) Ideas for calculating mailbox identifiers: Universally Unique Identifier (UUID) Server-assigned sequence number (guaranteed not to be reused) Ideas for implementing EMAILID: Digest of message content (RFC822 bytes) -- expensive unless cached UUID Server-assigned sequence number (guaranteed not to be reused) Ideas for implementing THREADID: Derive from EMAILID of first seen message in the thread. UUID Server-assigned sequence number (guaranteed not to be reused) There is a need to index and look up reference/in-reply-to data at message creation to efficiently find matching messages for threading. Threading may be either across mailboxes or within each mailbox only. The server has significant leeway here.

Changes from RFC 8474 This document obsoletes and introduces the following changes: Replaced the OBJECTID capability with the OBJECTIDBIS capability, which requires activation through the ENABLE command. Introduced the OBJECTID compound response format, which combines multiple object identifiers into a single response element. For mailboxes, the OBJECTID response includes MAILBOXID and ACCOUNTID. For emails, the OBJECTID response includes EMAILID, ACCOUNTID, and THREADID. Added the ACCOUNTID object identifier, which specifies the account to which a mailbox or message belongs, enabling correlation with JMAP account identifiers. Added ACCOUNTID as a standalone STATUS attribute, FETCH data item, and SEARCH filter. Added the OBJECTID response code to the RENAME command, enabling clients to track mailbox identifier changes across rename operations, including renames that cross account boundaries. Added OBJECTID as a compound STATUS attribute and FETCH data item that returns all relevant identifiers for the context. Added the ENABLE requirement to ensure backward compatibility with clients that do not understand the extended response syntax. Defined coexistence rules for servers that advertise both the OBJECTID capability from and the OBJECTIDBIS capability from this document. Revised the formal syntax to introduce the objectid-atom, objectid, and objectid-or-nil productions, providing consistent parenthesization and NIL handling across all response types. Corrected the THREADID response syntax from , which inconsistently applied parenthesization between the objectid and NIL alternatives. Updated IANA registrations to include the OBJECTIDBIS capability and OBJECTID response code. Added security considerations for account identifier exposure, cross-account information leakage, JMAP authentication consistency, and privacy in multi-tenant environments.

Acknowledgements The authors would like to thank the members of the IETF mailmaint working group for their contributions to this specification.

Changes [[This section to be removed by RFC Editor]] draft-gondwana-degennaro-imap-objectid-bis-00 Initial version