Why a tracert to a POP3 server ends up in an IMAP server?

1

I was configuring my email app and I wanted to know the IP of the IMAP server I use. From my Windows cmd, I did

tracert mypop3server.something

and found out that the last hop was an IMAP server. Actually, it turned out that I can set up my email (and log in) using that IMAP server and an IMAP port (143). I was very curious about this and I used a sniffer where the actual protocol shown when login is POP3.

Could anyone explain why this works this way?

Natiya

Posted 2018-10-20T07:14:06.230

Reputation: 179

2

In many cases, POP3, IMAP, SMTP, and Exchange Services are all on the same server with the same IP address... DNS doing a standard lookup (like ping or tracert) should come back the same IP address for pop3.mail.com, imap.mail.com, and smtp.mail.com (in fact, it does come back with same address). As far as what they look like in a sniffer, have you looked at the capture samples at https://wiki.wireshark.org/SampleCaptures because there are examples there that clearly show what you are looking for.

– acejavelin – 2018-10-20T07:32:37.230

thanks a lot @acejavelin! However, I still don't understand why I'm able to login in an IMAP server with the same credentials as in a POP3 server. Is this something the service provider set up on purpose? – Natiya – 2018-10-20T10:40:09.027

You've to understand that both IMAP and POP are only protocols that are used by your mail client to download emails. Both IMAP & POP has its pros and cons but you should know that you're using your mailbox credentials to login or use it for POP/IMAP/SMTP or even web login. In simple answer, your username and password can be used for POP/IMAP/SMTP or even web login if supported by your mail provider. – Biku B. – 2018-10-20T10:45:05.410

@acejavelin not true actually. In many cases POP3, IMAP and SMTP are on the same server, and yes, Exchange servers support the other 3, but aren't always enabled. That said, most servers do NOT run exchange, because exchange is very memory intensive, and thus expensive to run. – LPChip – 2018-10-20T12:14:02.390

Answers

1

Traceroute doesn't care whether the name you give it is pop3.something or imap.something – it's a name like any other, and its only purpose is to be translated to an IP address.

Multiple DNS domain names can point to the same IP address (have identical 'A'/'AAAA' records), and multiple services may be provided by the same server at the same IP address.

In other words, it is perfectly normal for pop.example.com and imap.example.com to return identical IP addresses, and for the same software on the same server to provide both POP3 and IMAP4 services – they're two different methods of accessing the same mailbox, so usually they'll accept the same login information and show you the same data.

However, when tracert receives a reply from some node in the path, it only knows its IP address and has to use rDNS to obtain the name. This 'reverse DNS' for an IP address usually points to just one name – and even if it pointed to multiple, you wouldn't see all of them, just one at random. So it is also not unusual for the final server's name to show up as something completely unrelated to what you entered.

user1686

Posted 2018-10-20T07:14:06.230

Reputation: 283 655

0

POP3 is a very very old protocol. POP3 only lets you download email from the server, and tell the server that you downloaded the email, so the email can be deleted from the server, if you set it to do so.

This was a good thing back in the day when storage space was very expensive, and a mailbox of 50mb online was a big thing.

But storage got cheaper, and the downside of POP3 being that if your computer crashed, you lost email, and having your email on multiple devices being a hastle, a new standard was invented to simplify things. This is where IMAP comes in.

IMAP is a different protocol that uses most of the POP3 functionality, and added to that. Instead of expecting email to be downloaded to the client so it can be removed, IMAP aims to keep the email online until deleted, so that the read status of an email can be synchronised across clients.

IMAP itself is an old protocol too however, which is where Exchange came in. Exchange is like a successor of IMAP with many many more features. To run an exchange server, the hardware will have to be good. Exchange requires a lot of memory. For this reason, the IMAP protocol is not obsolete, and many cheaper webhosting services, only support POP3/IMAP. Because POP3 and IMAP are very similar in how they operate, and most clients when you select internet email will automatically assume that if it can do IMAP, it can also do POP3, that's why any service that runs IMAP can also run POP3.

There are still providers that only do POP3, but they are so old, and mostly only because they just keep the service up until the last customer stops. Most have migrated to both services anyway.

So why does a tracert find an imap server where pop3 is expected? Because it is the very same server.

LPChip

Posted 2018-10-20T07:14:06.230

Reputation: 42 190

so you can log in both servers using the same credentials? thank you! – Natiya – 2018-10-20T13:49:16.650

Yes, just specify the right port and protocol. – LPChip – 2018-10-20T17:41:28.230

Asked: 2018-10-20T07:14:06.230

Viewed: 112 times

Active: 2018-10-21T07:21:17.087