Secure Internet Message Access Protocol
Internet Message Access Protocol, IMAP Protocol, or IMAP over SSL v3/TLSv1 uses the STARTTLS extension mechanism to provide secure message transport. The server first sends an OK IMAP4rev1 indicating the service is ready. The first response from the client, if TLS is to be used, is a request for the servers capabilities. If the STARTTLS extension is included in the capabilities responce then the client can request the STARTTLS. The server then responds with an OKto signal the start of the TLS negotiation. After the negotiation has completed the client requests the servers capabilities again because they can change after the negotiation is completed. After this the standard message format continues over the TLS connection that was negotiated. Below is an example of the client-server communication to set-up Secure IMAP. RFC 3501 Standard RFC 2595 Standard