Internet-Draft | JMAP Email Delivery Push | November 2024 |
Jenkins | Expires 19 May 2025 | [Page] |
This document specifies an extension to the JSON Meta Application Protocol (JMAP) that allows clients to receive an object via the JMAP push channel whenever a new email is delivered that matches a client-defined filter. The object can also include properties from the email, to allow a user notification to be displayed without having to make a further request.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 19 May 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The JSON Meta Application Protocol (JMAP) [RFC8620] defines a mechanism for creating a push subscription, allowing a client to be efficiently notified whenever the state on the server changes for a data type the client is interested in. This can be used to trigger a resync of that data in the client.¶
Many email clients wish to show the user a notification when a new email arrives. Email clients implementing JMAP for Mail [RFC8621] may subscribe to changes in the pseudo-type "EmailDelivery" to be notified just whenever a new email is delivered to the store (as opposed to whenever changes are made to the Email data in general, which may be caused by user actions such as reading, organising, or deleting their mail). However, this does not meet the needs of some email clients in constrained environments, particularly on mobile:¶
To address these issues, this document defines a way to receive a new EmailDelivery object via the JMAP push subscription. Clients can request a filter be applied to precisely restrict which messages they are notified about. Clients may request certain properties of the email sent in the EmailDelivery object, so it has sufficient information to show the user a notification having to make any further requests to the server.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
Type signatures, examples, and property descriptions in this document follow the conventions established in Section 1.1 of [RFC8620].¶
The same terminology is used in this document as in the core JMAP specification, see Section 1.6 of [RFC8620].¶
The term Email (with this specific capitalization) is used to refer to the data type defined in Section 4 of [RFC8621].¶
The capabilities object is returned as part of the JMAP Session object; see Section 2 of [RFC8620]. This document defines an additional capability URI.¶
The urn:ietf:params:jmap:emailpush
capability support for the extensions to PushSubscription described in this document. The value of this property in the JMAP Session "capabilities" property is an empty object.¶
Accounts for which email delivery push is supported MUST have this capability in the account's "accountCapabilities" property. The value is an empty object.¶
Note, this capability may be supported in servers or accounts that do not support the urn:ietf:params:jmap:mail
capability — in such servers, notification of new emails is supported but any further interaction will require use of a different protocol, such as IMAP [RFC9051].¶
An EmailDelivery object represents a new message that has been delivered to the store. It has the following properties:¶
String
Id
Email
The PushSubscription object is defined in Section 7.2 of [RFC8620]. This document defines an extra property for this object:¶
Id[EmailDeliveryConfig]|null
urn:ietf:params:jmap:emailpush
capability. The server will push EmailDelivery objects for these accounts when a new message arrives, in accordance with the associated EmailDeliveryConfig options for the account.¶
An EmailDeliveryConfig object has the following properties:¶
FilterOperator|FilterCondition|null
A filter to apply to determine which new messages to push an EmailDelivery object for. The FilterCondition is as defined in Section 4.4.1 of [RFC8621].¶
If urn:ietf:params:jmap:mail
capability is not supported for an account, support for the "inMailbox" and "inMailboxOtherThan" filter conditions is OPTIONAL. However, if the server supports IMAP access to the same account with the ObjectID extension [RFC8474], it MUST support using mailbox ids discovered via IMAP with these filter conditions.¶
String[]
The list of properties to include in the "email" value of the EmailDelivery object. This is the same as the properties argument in "Email/get", as defined in Section 4.2 of [RFC8621].¶
If urn:ietf:params:jmap:mail
capability is supported the server MUST support all the properties it supports for the "Email/get" method. Otherwise, it MUST support the following properties:¶
If the server supports IMAP ObjectID [RFC8474], it MUST also support the following properties:¶
An email client connects to a server over IMAP ([RFC9051]) and after authenticating, sees the OBJECTID [RFC8474] and JMAPACCESS [I-D.ietf-extra-jmapaccess] capabilities advertised.¶
The JMAPACCESS IMAP capability gives it the URL for the JMAP session resource, and guarantees the client can use the same credentials to authenticate that it used for IMAP. The client fetches the JMAP Session object and finds the following JMAP capabilities present:¶
The server doesn't support urn:ietf:params:jmap:mail
yet, so the client can't switch over to using JMAP fully instead of IMAP, but it does support urn:ietf:params:jmap:emailpush
, so the client can now use JMAP to receive push notifications.¶
The user has asked the client to notify it of any message delivered to the inbox, plus any message delivered to another folder that has the $notify
keyword set. The client discovers the mailbox id of the inbox over IMAP using ObjectId, then creates a push subscription by making the following API request:¶
The server creates the push subscription and immediately pushes a PushVerification object to the client. The client updates the PushSubscription object with this value to validate it as per Section 7.2.2 of [RFC8620]. With this done, the server will now push an EmailDelivery object whenever a new message arrives that's delivered to the mailbox with id "674cc240-95db-49ce-a8a2-054f4f733095", or has the "$notify" keyword. As the "types" property is the empty array, the server will not push any StateChange objects. For example, a message arrives and the server pushes the following:¶
All security considerations of JMAP [RFC8620] apply to this specification. Additional considerations are detailed below.¶
With the push defined in JMAP Core, no user data travels over the push channel, only state strings. The EmailDelivery object on the other hand contains sensitive user data. As specfied in Section 8.7 of [RFC8620], to ensure confidentiality and integrity of the user's data, the client MUST specify encryption keys when establishing the PushSubscription and ignore any push notification received that is not encrypted with those keys.¶
IANA will register the "emailpush" JMAP Capability as follows:¶