What is the POP3 protocol and what is it for?
The POP3 protocol (Post Office Protocol) or also known as “Post Office Protocol”, is one of the fundamental protocols for managing electronic mail or email. This protocol is used by local email clients to obtain email messages from a remote email server, this server is commonly called a mail server or POP3 server. This protocol belongs to the application level of the TCP / IP model, currently the latest version is used, which is POP3, the rest of the versions are not used because they are outdated, when we refer to the POP protocol we will always refer to the POP3 protocol.
The POP3 protocol uses the transport layer protocol TCP, makes use of the TCP ports 110 for POP3 without data encryption, and the TCP port 995 for POP3 with data encryption. Currently it is very strange that an email service provider does not have support for SSL / TLS in POP3, therefore, we will almost always use TCP port 995 because it provides us with confidentiality, if we use TCP port 110 it means that the traffic of data between the mail server and the local email client is not encrypted, therefore we could have privacy issues.
The POP3 protocol is designed solely and exclusively for receive email, in the download address, from the mail server to the local mail client. POP3 allows you to download the messages from the mail server and delete these emails as soon as they are downloaded, but it also allows us to leave the messages on the mail server, with the aim that another user can also download these emails or ourselves from another device .
All downloaded emails will be stored locally in the email client that has been used, for example, Thunderbird or Windows Outlook, both email clients are widely used by users of any platform, because Thunderbird is cross-platform and Outlook for Windows or « Mail »comes pre-installed in the operating system.
Although the authentication in the mail server via POP3 does not use any type of encryption, and, therefore, the transmission of user names / passwords is carried out in clear text, currently even if we use POP3 we have secure authentication methods, using both data encryption as well as hash functions to prevent our password from falling into the wrong hands. In addition, mail clients such as Thunderbird allow you to configure email accounts using in-app authentication, as with Gmail where the Google login menu will appear to perform secure authentication.
Operation and exchange of messages
The operation of the POP3 protocol is quite simple, the first thing the mail client must do is establish a connection with the POP3 server, either using TCP port 110 (without encryption) or TCP port 995 (with SSL / TLS). Once the connection has been established, the POP server will ask for authentication with username and password, the client will send the username and password securely to authenticate with the server. If the authentication is incorrect, it will ask for authentication again. If the authentication is correct, the POP client will go to the transition state, and we will be able to list the emails, download them and delete them from the server.
The deletion of the server is not carried out until the QUIT command is sent to terminate the POP3 session, at which point the server will begin to update its email database. We must remember that the POP3 client can “leave the messages on the server” so that they are not deleted. If this option is not enabled, the messages from the mail server will be deleted as soon as they are downloaded for the first time.
The strong point of POP3 is that it will allow us to download emails when our connection is intermittent, we must also bear in mind that it is a very simple protocol that does not have too many commands to communicate. However, nowadays what is usually used is IMAP, a more advanced protocol that allows us to synchronize emails and mark them as read, unread, downloaded and even delete them, it is not as basic as POP3.
The configuration of the POP3 protocol in any mail client is very simple, but we will need specific connection data to be able to connect and work correctly. In the case of email providers such as Gmail, Outlook or Yahoo !, these data are public and we can easily find them on the official website of each provider. In the event that you use a third-party mail server, or set up by your own company, the connection data will be different. We are going to give you an example of how to configure Gmail with POP3 in our local Thunderbird mail client.
The first thing we will need is to activate the support of POP3 by Gmail, by default this function is disabled.
Now we will have to decide the policy of the messages when they are going to be accessed via POP3, Gmail allows us to always keep the emails received, mark the copy as read, archive the email or delete the copy from Gmail. This is a global policy and it does not matter what you indicate in the mail client. Depending on what you need, you can choose one option or another.
Once POP3 has been activated in Gmail and the policy to follow when accessed through POP3 is configured, the only thing we will need from our email server is the following information:
- Incoming mail server (domain or IP address), in the case of Gmail it is “pop.gmail.com”
- Whether or not it requires SSL, in the client we must click on this option. Gmail requires SSL mandatory.
- Port: 995
- Full name displayed: your name
- Username: the full email address, for example: email@example.com
- Password: the password that we have put in Gmail.
If you have two-step authentication, then you will have to activate an “application password” and use this password instead of yours, this is completely normal when we want to connect external applications to Google. However, when using advanced programs like Thunderbird, we will get Google’s own authentication to avoid problems and greatly facilitate the connection.
In Thunderbird we will have to put our name, full email account and password, then we will choose between IMAP and POP3 as incoming mail. In this case we will choose POP3, although it is advisable to always use IMAP so that the mail is synchronized between the clients and the mail server. Thunderbird will automatically detect the connection data in its internal database, so we won’t have to do anything else.
We will get the typical Google authentication menu to allow Thunderbird access to our email, if we do not do this, we can give it access manually by activating non-secure applications.
Once done, it will indicate that the account has been created correctly, and it will give us the option to modify certain configuration options.
Finally, all the emails that we have in our email inbox will come out, in addition, Gmail will also notify us that we have a security alert, because we have logged in with Thunderbird, it is a completely normal notice, we do not have to worry about anything.
As you have seen, configuring the POP3 protocol in any mail service is very simple, the only thing we will always need to know is the POP3 connection data that the mail server has configured, for example, in the case of Outlook this information is the next:
- Incoming mail server (domain or IP address), in the case of Outlook it is “outlook.office365.com”
- Whether or not it requires SSL, in the client we must click on this option. Outlook requires SSL / TLS mandatorily.
- Port: 995
With this information, and enabling support for POP3 directly from the official Microsoft Outlook website, we can use any local mail client to connect.