Network Working Group M. Gahrns
Request for Comments: 2221 Microsoft
Category: Standards Track October 1997
Network Working Group M. Gahrns
Request for Comments: 2221 Microsoft
Category: Standards Track October 1997
IMAP4 Login Referrals
IMAP4登录转介
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (1997). All Rights Reserved.
版权所有(C)互联网协会(1997年)。版权所有。
When dealing with large amounts of users and many IMAP4 [RFC-2060] servers, it is often necessary to move users from one IMAP4 server to another. For example, hardware failures or organizational changes may dictate such a move.
在处理大量用户和多台IMAP4[RFC-2060]服务器时,通常需要将用户从一台IMAP4服务器移动到另一台IMAP4服务器。例如,硬件故障或组织变化可能会导致这样的移动。
Login referrals allow clients to transparently connect to an alternate IMAP4 server, if their home IMAP4 server has changed.
登录引用允许客户端在其主IMAP4服务器发生更改时透明地连接到备用IMAP4服务器。
A referral mechanism can provide efficiencies over the alternative 'proxy method', in which the local IMAP4 server contacts the remote server on behalf of the client, and then transfers the data from the remote server to itself, and then on to the client. The referral mechanism's direct client connection to the remote server is often a more efficient use of bandwidth, and does not require the local server to impersonate the client when authenticating to the remote server.
参考机制可以提供替代“代理方法”的效率,其中本地IMAP4服务器代表客户端与远程服务器联系,然后将数据从远程服务器传输到自身,然后再传输到客户端。引用机制到远程服务器的直接客户端连接通常是更有效的带宽使用,并且在向远程服务器进行身份验证时不需要本地服务器模拟客户端。
In examples, "C:" and "S:" indicate lines sent by the client and server respectively.
在示例中,“C:”和“S:”分别表示客户端和服务器发送的行。
A home server, is an IMAP4 server that contains the user's inbox.
家庭服务器是包含用户收件箱的IMAP4服务器。
A remote server is a server that contains remote mailboxes.
远程服务器是包含远程邮箱的服务器。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC-2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC-2119]中所述进行解释。
IMAP4 servers that support this extension MUST list the keyword LOGIN-REFERRALS in their CAPABILITY response. No client action is needed to invoke the LOGIN-REFERRALS capability in a server.
支持此扩展的IMAP4服务器必须在其功能响应中列出关键字LOGIN-REFERRALS。在服务器中调用LOGIN-REFERRALS功能不需要客户端操作。
A LOGIN-REFERRALS capable IMAP4 server SHOULD NOT return a referral to a server that will return a referral. A client MUST NOT follow more than 10 levels of referral without consulting the user.
支持登录转介的IMAP4服务器不应向将返回转介的服务器返回转介。在未咨询用户的情况下,客户不得遵循超过10个级别的推荐。
A LOGIN-REFERRALS response code MUST contain as an argument a valid IMAP server URL as defined in [IMAP-URL].
LOGIN-REFERRALS响应代码必须包含[IMAP-URL]中定义的有效IMAP服务器URL作为参数。
A home server referral consists of either a tagged NO or OK, or an untagged BYE response that contains a LOGIN-REFERRALS response code.
家庭服务器转介由标记的“否”或“确定”或包含登录转介响应代码的未标记的“BYE”响应组成。
Example: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/] Remote Server
Example: A001 NO [REFERRAL IMAP://user;AUTH=*@SERVER2/] Remote Server
NOTE: user;AUTH=* is specified as required by [IMAP-URL] to avoid a client falling back to anonymous login.
注:用户;AUTH=*是根据[IMAP-URL]的要求指定的,以避免客户端返回匿名登录。
A home server referral may be returned in response to an AUTHENTICATE or LOGIN command, or it may appear in the connection startup banner. If a server returns a home server referral in a tagged NO response, that server does not contain any mailboxes that are accessible to the user. If a server returns a home server referral in a tagged OK response, it indicates that the user's personal mailboxes are elsewhere, but the server contains public mailboxes which are readable by the user. After receiving a home server referral, the client can not make any assumptions as to whether this was a permanent or temporary move of the user.
家庭服务器引用可以作为对身份验证或登录命令的响应返回,也可以出现在连接启动横幅中。如果服务器以标记无响应返回家庭服务器引用,则该服务器不包含用户可访问的任何邮箱。如果服务器在标记的OK响应中返回家庭服务器引用,则表示用户的个人邮箱在其他位置,但服务器包含用户可读的公共邮箱。在收到家庭服务器转介后,客户端无法对这是用户的永久移动还是临时移动做出任何假设。
An IMAP4 server MAY respond to a LOGIN or AUTHENTICATE command with a home server referral if it wishes to direct the user to another IMAP4 server.
如果IMAP4服务器希望将用户引导到另一台IMAP4服务器,则可以通过家庭服务器引用响应登录或身份验证命令。
Example: C: A001 LOGIN MIKE PASSWORD S: A001 NO [REFERRAL IMAP://MIKE@SERVER2/] Specified user is invalid on this server. Try SERVER2.
示例:C:A001登录密码S:A001否[转诊IMAP://MIKE@SERVER2/]指定的用户在此服务器上无效。试试服务器2。
Example: C: A001 LOGIN MATTHEW PASSWORD S: A001 OK [REFERRAL IMAP://MATTHEW@SERVER2/] Specified user's personal mailboxes located on Server2, but public mailboxes are available.
Example: C: A001 LOGIN MATTHEW PASSWORD S: A001 OK [REFERRAL IMAP://MATTHEW@SERVER2/] Specified user's personal mailboxes located on Server2, but public mailboxes are available.translate error, please retry
Example: C: A001 AUTHENTICATE GSSAPI <authentication exchange> S: A001 NO [REFERRAL IMAP://user;AUTH=GSSAPI@SERVER2/] Specified user is invalid on this server. Try SERVER2.
示例:C:A001验证GSSAPI<authentication exchange>S:A001否[Reference IMAP://user;AUTH=GSSAPI@SERVER2/]指定的用户在此服务器上无效。试试服务器2。
An IMAP4 server MAY respond with an untagged BYE and a REFERRAL response code that contains an IMAP URL to a home server if it is not willing to accept connections and wishes to direct the client to another IMAP4 server.
如果IMAP4服务器不愿意接受连接并希望将客户端指向另一台IMAP4服务器,则可以使用未标记的BYE和包含IMAP URL的转介响应代码进行响应。
Example: S: * BYE [REFERRAL IMAP://user;AUTH=*@SERVER2/] Server not
accepting connections. Try SERVER2
Example: S: * BYE [REFERRAL IMAP://user;AUTH=*@SERVER2/] Server not
accepting connections. Try SERVER2
The following syntax specification uses the augmented Backus-Naur Form (BNF) as described in [ABNF].
以下语法规范使用[ABNF]中所述的增广巴科斯诺尔形式(BNF)。
This amends the "resp_text_code" element of the IMAP4 grammar described in [RFC-2060]
这修改了[RFC-2060]中所述IMAP4语法的“resp_text_code”元素
resp_text_code =/ "REFERRAL" SPACE <imapurl>
; See [IMAP-URL] for definition of <imapurl>
; See [RFC-2060] for base definition of resp_text_code
resp_text_code =/ "REFERRAL" SPACE <imapurl>
; See [IMAP-URL] for definition of <imapurl>
; See [RFC-2060] for base definition of resp_text_code
The IMAP4 login referral mechanism makes use of IMAP URLs, and as such, have the same security considerations as general internet URLs [RFC-1738], and in particular IMAP URLs [IMAP-URL].
IMAP4登录引用机制使用IMAP URL,因此具有与一般互联网URL[RFC-1738]相同的安全考虑,特别是IMAP URL[IMAP-URL]。
A server MUST NOT give a login referral if authentication for that user fails. This is to avoid revealing information about the user's account to an unauthorized user.
如果用户身份验证失败,服务器不得提供登录引用。这是为了避免向未经授权的用户透露有关用户帐户的信息。
With the LOGIN-REFERRALS capability, it is potentially easier to write a rogue 'password catching' server that collects login data and then refers the client to their actual IMAP4 server. Although referrals reduce the effort to write such a server, the referral response makes detection of the intrusion easier.
有了登录转介功能,编写一个恶意的“密码捕获”服务器来收集登录数据,然后将客户端转介到实际的IMAP4服务器可能会更容易。尽管转介减少了编写此类服务器的工作量,但转介响应使入侵检测更容易。
[RFC-2060], Crispin, M., "Internet Message Access Protocol - Version 4rev1", RFC 2060, December 1996.
[RFC-2060],Crispin,M.,“互联网消息访问协议-版本4rev1”,RFC 2060,1996年12月。
[IMAP-URL], Newman, C., "IMAP URL Scheme", RFC 2192, Innosoft, September 1997.
[IMAP-URL],纽曼,C.,“IMAP URL方案”,RFC 2192,Innosoft,1997年9月。
[RFC-1738], Berners-Lee, T., Masinter, L. and M. McCahill, "Uniform Resource Locators (URL)", RFC 1738, December 1994.
[RFC-1738],Berners Lee,T.,Masinter,L.和M.McCahill,“统一资源定位器(URL)”,RFC 17381994年12月。
[RFC-2119], Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, March 1997.
[RFC-2119],Bradner,S.,“RFC中用于表示需求水平的关键词”,RFC 211997年3月。
[ABNF], DRUMS working group, Dave Crocker Editor, "Augmented BNF for Syntax Specifications: ABNF", Work in Progress.
[ABNF],DRUMS工作组,Dave Crocker编辑,“语法规范的增强BNF:ABNF”,工作正在进行中。
Many valuable suggestions were received from private discussions and the IMAP4 mailing list. In particular, Raymond Cheng, Mark Crispin, Mark Keasling Chris Newman and Larry Osterman made significant contributions to this document.
从私人讨论和IMAP4邮件列表中收到了许多有价值的建议。特别是,雷蒙德·程、马克·克里斯宾、马克·凯斯林·克里斯·纽曼和拉里·奥斯特曼对本文件做出了重大贡献。
Mike Gahrns Microsoft One Microsoft Way Redmond, WA, 98072
Mike Gahrns Microsoft One Microsoft Way雷德蒙德,华盛顿州,98072
Phone: (206) 936-9833 EMail: mikega@microsoft.com
电话:(206)936-9833电子邮件:mikega@microsoft.com
Copyright (C) The Internet Society (1997). All Rights Reserved.
版权所有(C)互联网协会(1997年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published andand distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。”