Scroll to navigation

PUBLIC-INBOX-POP3D(1) public-inbox user manual PUBLIC-INBOX-POP3D(1)


public-inbox-pop3d - POP3 server for sharing public-inboxes


  public-inbox-pop3d [OPTIONS]


public-inbox-pop3d provides a POP3 daemon for public-inbox. It uses options and environment variables common to all read-only public-inbox-daemon(8) implementations, but requires additional read-write storage to keep track of deleted messages on a per-user basis.

Like public-inbox-imapd(1), "public-inbox-pop3d" will never require write access to the directory where the public-inboxes are stored.

It is designed for anonymous access, thus the password is always "anonymous" (all lower-case).

Usernames are of the format:


Where $UUID is the output of the uuidgen(1) command. Dash ("-") characters in UUIDs are ignored, and "[A-F]" hex characters are case-insensitive. Users should keep their UUIDs private to prevent others from deleting unretrieved messages. Users may switch to a new UUID at any time to retrieve previously-retrieved messages.

Historical slices of 50K messages are available by suffixing the integer $SLICE, where 0 is the oldest.


It may be run as a different user than the user running public-inbox-watch(1), public-inbox-mda(1), or public-inbox-fetch(1).

To save storage, "publicinbox.pop3state" only stores the highest-numbered deleted message


See common options in "OPTIONS" in public-inbox-daemon(8).

In addition to the normal "-l"/"--listen" switch described in public-inbox-daemon(8), the "PROTOCOL" prefix (e.g. "pop3://" or "pop3s://") may be specified to force a given protocol.

For STARTTLS and POP3S support, the "cert" and "key" may be specified on a per-listener basis after a "?" character and separated by ",". These directives are per-directive, and it's possible to use a different cert for every listener.

The default TLS certificate for optional STARTTLS and POP3S support if the "cert" option is not given with "--listen".

If using systemd-compatible socket activation and a TCP listener on port 995 is inherited, it is automatically POP3S when this option is given. When a listener on port 110 is inherited and this option is given, it automatically gets STARTTLS support.

The default private TLS certificate key for optional STARTTLS and POP3S support if the "key" option is not given with "--listen". The private key may be concatenated into the path used by "--cert", in which case this option is not needed.


Aside from "publicinbox.pop3state", "public-inbox-pop3d" uses the same configuration knobs as public-inbox-nntpd(1), see public-inbox-nntpd(1) and public-inbox-config(5).

A directory containing per-user/mailbox account information; must be writable to the "public-inbox-pop3d" process.
The newsgroup name maps to a POP3 folder name.


Feedback welcome via plain-text mail to <>

The mail archives are hosted at <>, and <nntp://>, <nntp://4uok3hntl7oi7b4uf4rtfwefqeexfzil2w6kgk2jn5z2f764irre7byd.onion/inbox.comp.mail.public-inbox.meta>


Copyright all contributors <>

License: AGPL-3.0+ <>


git(1), git-config(1), public-inbox-daemon(8), public-inbox-config(5), public-inbox-nntpd(1), uuidgen(1)

1993-10-02 public-inbox.git