POP3 is a very very old protocol. POP3 only lets you download email from the server, and tell the server that you downloaded the email, so the email can be deleted from the server, if you set it to do so.
This was a good thing back in the day when storage space was very expensive, and a mailbox of 50mb online was a big thing.
But storage got cheaper, and the downside of POP3 being that if your computer crashed, you lost email, and having your email on multiple devices being a hastle, a new standard was invented to simplify things. This is where IMAP comes in.
IMAP is a different protocol that uses most of the POP3 functionality, and added to that. Instead of expecting email to be downloaded to the client so it can be removed, IMAP aims to keep the email online until deleted, so that the read status of an email can be synchronised across clients.
IMAP itself is an old protocol too however, which is where Exchange came in. Exchange is like a successor of IMAP with many many more features. To run an exchange server, the hardware will have to be good. Exchange requires a lot of memory. For this reason, the IMAP protocol is not obsolete, and many cheaper webhosting services, only support POP3/IMAP. Because POP3 and IMAP are very similar in how they operate, and most clients when you select internet email will automatically assume that if it can do IMAP, it can also do POP3, that's why any service that runs IMAP can also run POP3.
There are still providers that only do POP3, but they are so old, and mostly only because they just keep the service up until the last customer stops. Most have migrated to both services anyway.
So why does a tracert find an imap server where pop3 is expected? Because it is the very same server.
2
In many cases, POP3, IMAP, SMTP, and Exchange Services are all on the same server with the same IP address... DNS doing a standard lookup (like ping or tracert) should come back the same IP address for pop3.mail.com, imap.mail.com, and smtp.mail.com (in fact, it does come back with same address). As far as what they look like in a sniffer, have you looked at the capture samples at https://wiki.wireshark.org/SampleCaptures because there are examples there that clearly show what you are looking for.
– acejavelin – 2018-10-20T07:32:37.230thanks a lot @acejavelin! However, I still don't understand why I'm able to login in an IMAP server with the same credentials as in a POP3 server. Is this something the service provider set up on purpose? – Natiya – 2018-10-20T10:40:09.027
You've to understand that both IMAP and POP are only protocols that are used by your mail client to download emails. Both IMAP & POP has its pros and cons but you should know that you're using your mailbox credentials to login or use it for POP/IMAP/SMTP or even web login. In simple answer, your username and password can be used for POP/IMAP/SMTP or even web login if supported by your mail provider. – Biku B. – 2018-10-20T10:45:05.410
@acejavelin not true actually. In many cases POP3, IMAP and SMTP are on the same server, and yes, Exchange servers support the other 3, but aren't always enabled. That said, most servers do NOT run exchange, because exchange is very memory intensive, and thus expensive to run. – LPChip – 2018-10-20T12:14:02.390