Based on the J. Myers POP3 draft, Jan. 96
# Author: David Ascher <david_ascher@brown.edu>
# [heavily stealing from nntplib.py]
# Updated: Piers Lauder <piers@cs.su.oz.au> [Jul '97]
# String method conversion and test jig improvements by ESR, February 2001.
# Added the POP3_SSL class. Methods loosely based on IMAP_SSL. Hector Urtubia <urtubia@mrbook.org> Aug 2003
# Example (see the test function at the end of this file)
__all__ = ["POP3","error_proto"]
# Exception raised when an error or invalid response is received:
class error_proto(Exception): pass
# Line terminators (we always output CRLF, but accept any of CRLF, LFCR, LF)
# maximal line length when calling readline(). This is to prevent
# reading arbitrary length lines. RFC 1939 limits POP3 line length to
# 512 characters, including CRLF. We have selected 2048 just to be on
"""This class supports both the minimal and optional command sets.
Arguments can be strings or integers (where appropriate)
(e.g.: retr(1) and retr('1') both work equally well.
PASS string pass_(string)
LIST [msg] list(msg = None)
Optional Commands (some servers support these):
APOP name digest apop(name, digest)
UIDL [msg] uidl(msg = None)
Raises one exception: 'error_proto'.
NB: the POP protocol locks the mailbox from user
authorization until QUIT, so be sure to get in, suck
the messages, and quit, each time you access the
POP is a line-based protocol, which means large mail
messages consume lots of python cycles reading them
If it's available on your mail server, use IMAP4
instead, it doesn't suffer from the two problems
def __init__(self, host, port=POP3_PORT,
timeout=socket._GLOBAL_DEFAULT_TIMEOUT):
self._tls_established = False
sys.audit("poplib.connect", self, host, port)
self.sock = self._create_socket(timeout)
self.file = self.sock.makefile('rb')
self.welcome = self._getresp()
def _create_socket(self, timeout):
return socket.create_connection((self.host, self.port), timeout)
def _putline(self, line):
if self._debugging > 1: print('*put*', repr(line))
sys.audit("poplib.putline", self, line)
self.sock.sendall(line + CRLF)
# Internal: send one command to the server (through _putline())
if self._debugging: print('*cmd*', repr(line))
line = bytes(line, self.encoding)
# Internal: return one line from the server, stripping CRLF.
# This is where all the CPU time of this module is consumed.
# Raise error_proto('-ERR EOF') if the connection is closed.
line = self.file.readline(_MAXLINE + 1)
raise error_proto('line too long')
if self._debugging > 1: print('*get*', repr(line))
if not line: raise error_proto('-ERR EOF')
# server can send any combination of CR & LF
# however, 'readline()' returns lines ending in LF
# so only possibilities are ...LF, ...CRLF, CR...LF
return line[1:-1], octets
# Internal: get a response from the server.
# Raise 'error_proto' if the response doesn't start with '+'.
resp, o = self._getline()
if self._debugging > 1: print('*resp*', repr(resp))
if not resp.startswith(b'+'):
# Internal: get a response plus following text from the server.
line, o = self._getline()
if line.startswith(b'..'):
line, o = self._getline()
return resp, list, octets
# Internal: send a command and get the response
def _shortcmd(self, line):
# Internal: send a command and get the response plus following text
def _longcmd(self, line):
return self._getlongresp()
def set_debuglevel(self, level):
# Here are all the POP commands:
"""Send user name, return response
(should indicate password required).
return self._shortcmd('USER %s' % user)
"""Send password, return response
(response includes message count, mailbox size).
NB: mailbox is locked by server from here to 'quit()'
return self._shortcmd('PASS %s' % pswd)
Result is tuple of 2 ints (message count, mailbox size)
retval = self._shortcmd('STAT')
if self._debugging: print('*stat*', repr(rets))
numMessages = int(rets[1])
sizeMessages = int(rets[2])
return (numMessages, sizeMessages)
def list(self, which=None):
"""Request listing, return result.
Result without a message number argument is in form
['response', ['mesg_num octets', ...], octets].
Result when a message number argument is given is a
single response: the "scan listing" for that message.
return self._shortcmd('LIST %s' % which)
return self._longcmd('LIST')
"""Retrieve whole message number 'which'.
Result is in form ['response', ['line', ...], octets].
return self._longcmd('RETR %s' % which)
"""Delete message number 'which'.
return self._shortcmd('DELE %s' % which)
One supposes the response indicates the server is alive.
return self._shortcmd('NOOP')
"""Unmark all messages marked for deletion."""
return self._shortcmd('RSET')
"""Signoff: commit changes on server, unlock mailbox, close connection."""
resp = self._shortcmd('QUIT')
"""Close the connection without assuming anything about it."""
sock.shutdown(socket.SHUT_RDWR)
# The server might already have closed the connection.
# On Windows, this may result in WSAEINVAL (error 10022):
# An invalid operation was attempted.
if (exc.errno != errno.ENOTCONN
and getattr(exc, 'winerror', 0) != 10022):
"""Not sure what this does."""
return self._shortcmd('RPOP %s' % user)
timestamp = re.compile(br'\+OK.[^<]*(<.*>)')
def apop(self, user, password):
- only possible if server has supplied a timestamp in initial greeting.
password - mailbox password.
NB: mailbox is locked by server from here to 'quit()'
secret = bytes(password, self.encoding)
m = self.timestamp.match(self.welcome)
raise error_proto('-ERR APOP not supported by server')
digest = m.group(1)+secret
digest = hashlib.md5(digest).hexdigest()
return self._shortcmd('APOP %s %s' % (user, digest))
def top(self, which, howmuch):
"""Retrieve message header of message number 'which'
and first 'howmuch' lines of message body.
Result is in form ['response', ['line', ...], octets].
return self._longcmd('TOP %s %s' % (which, howmuch))
def uidl(self, which=None):
"""Return message digest (unique id) list.
If 'which', result contains unique id for that message
in the form 'response mesgnum uid', otherwise result is
the list ['response', ['mesgnum uid', ...], octets]
return self._shortcmd('UIDL %s' % which)
return self._longcmd('UIDL')
"""Try to enter UTF-8 mode (see RFC 6856). Returns server response.
return self._shortcmd('UTF8')
"""Return server capabilities (RFC 2449) as a dictionary
>>> c=poplib.POP3('localhost')
{'IMPLEMENTATION': ['Cyrus', 'POP3', 'server', 'v2.2.12'],
'TOP': [], 'LOGIN-DELAY': ['0'], 'AUTH-RESP-CODE': [],
'EXPIRE': ['NEVER'], 'USER': [], 'STLS': [], 'PIPELINING': [],
'UIDL': [], 'RESP-CODES': []}
Really, according to RFC 2449, the cyrus folks should avoid
having the implementation split into multiple arguments...
lst = line.decode('ascii').split()
resp = self._longcmd('CAPA')
capnm, capargs = _parsecap(capline)
except error_proto as _err:
raise error_proto('-ERR CAPA not supported by server')
def stls(self, context=None):
"""Start a TLS session on the active connection as specified in RFC 2595.
context - a ssl.SSLContext
raise error_proto('-ERR TLS support missing')
if self._tls_established:
raise error_proto('-ERR TLS session already established')
raise error_proto('-ERR STLS not supported by server')
context = ssl._create_stdlib_context()
resp = self._shortcmd('STLS')
self.sock = context.wrap_socket(self.sock,
server_hostname=self.host)
self.file = self.sock.makefile('rb')
self._tls_established = True
"""POP3 client class over SSL connection
Instantiate with: POP3_SSL(hostname, port=995, keyfile=None, certfile=None,
hostname - the hostname of the pop3 over ssl server
keyfile - PEM formatted file that contains your private key
certfile - PEM formatted certificate chain file
context - a ssl.SSLContext
See the methods of the parent class POP3 for more documentation.
def __init__(self, host, port=POP3_SSL_PORT, keyfile=None, certfile=None,
timeout=socket._GLOBAL_DEFAULT_TIMEOUT, context=None):
if context is not None and keyfile is not None:
raise ValueError("context and keyfile arguments are mutually "
if context is not None and certfile is not None:
raise ValueError("context and certfile arguments are mutually "
if keyfile is not None or certfile is not None:
warnings.warn("keyfile and certfile are deprecated, use a "
"custom context instead", DeprecationWarning, 2)
context = ssl._create_stdlib_context(certfile=certfile,
POP3.__init__(self, host, port, timeout)
def _create_socket(self, timeout):
sock = POP3._create_socket(self, timeout)
sock = self.context.wrap_socket(sock,
server_hostname=self.host)
def stls(self, keyfile=None, certfile=None, context=None):
"""The method unconditionally raises an exception since the
STLS command doesn't make any sense on an already established
raise error_proto('-ERR TLS session already established')
__all__.append("POP3_SSL")
if __name__ == "__main__":
(numMsgs, totalSize) = a.stat()
for i in range(1, numMsgs + 1):
(header, msg, octets) = a.retr(i)
print('-----------------------')
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
