HELP WANTED

[felixhammerl]

HELP WANTED

I am not actively maintaining this library anymore. But this is the only IMAP client for JS that I am aware of, so I feel this library still has its value. Please let me know if you're interested in helping out, either via email or reply here.

The work that's on the horizon is:

• Removing the tcp-socket shim and use node's net and tls directly
• Adding features as per requests
• Refactor to allow streaming and cut down memory consumption
• Stay up to date with developments in the IMAP protocol
• Maintenance of the other related emailjs libraries
• Maintenance and update of emailjs.org

[guettli]

I think the fundamental issue is that JS executed in a common web browser, can't access the IMAP protcoll.

I would love to see a solution.

I guess a https-gateway would be needed:

JS in browser talks to https-gateway. This gateway talks to the IMAP server.

[felixhammerl]

We had a solution for this here: https://github.com/emailjs/emailjs-tcp-proxy The socket itself had a corresponding socket.io implementation: https://github.com/emailjs/emailjs-tcp-socket/blob/master/src/socketio-socket.js

The problem with this approach is that it is very hard to scale and secure properly. Also, it's a very leaky abstraction. We've used this for a while in the whiteout.io mail client (https://github.com/whiteout-io/mail), but we've abandoned it and I am not convinced that this is a good way forward. For electron-based apps you can use net and tls, but for the web there's nothing secure. The problem is that you would have to terminate TLS in JS in the browser, which is not impossible but offers terrible UX as you're essentially rebuilding and managing the certificate chain in the app. Too many hoops to jump through, too little payoff.

[guettli]

A solution would be to have a http ReST API which wraps the IMAP protocol.

I guess we are not the first people who have this problem. Maybe someone already implemented this.

[larsdecker]

Hi together,

we use emailjs quite a while in a nodejs environment. It works very well for us. It would be good if we could use the net and tls implementation for the server-side apps instead of relying on the shim in the future.

Did anyone has an Idea, how we can use net and tls for Environments that have the Support?

For Browser we need to find another solution. A nodejs based IMAP to HTTP Interface, can be also be an approach.

[felixhammerl]

the shim uses net and tls underneath, as it detects which socket type is supported. is someone puts their hands up for refactoring the tcp-socket out of the imap client, be my guest :)

[cuuupid]

We attempted a pure TLS approach and didn't have too much fun in electron -- it's very finnicky and using it without IPC in Electron freezes up everything so we ended up having to develop an IPC "api" for it which really doesn't save time compared to using socket.io. We also tried devving a pure IMAP-to-HTTP proxy for web but that was not much fun either, there are often very large payloads in IMAP that HTTP isn't ideal for, and the frequent querying and nature of opening/maintaining a connection is best suited for keep-alive connections (nice use case for Socket.io!).

I do however think it might be a good idea to keep a TCP shim; one use I can think of is supporting further systems with a shim.

For example in React Native world we don't have TLS out of the box, there's a react-native-tls shim that builds on top of another shim, react-native-tcp. It's just one example but it would definitely be nice to be able to support any framework with this by adding a strategy for the framework in the TCP shim itself!

Or for supporting common browsers, it may be possible to replace the TLS bits with a socket interface and provide a socket.io proxy (if I'm not mistaken I think it already does this?).

[guettli]

Maybe it would be wise to build on JMAP and not IMAP. JMAP is an official standard since some weeks. Fastmail provides free accounts for testing.

[nifgraup]

I published a new Minor version today, it exposes responses for upload and copy commands and allows for getting server capabilities before logging in.

I can merge in pull requests once in a while and make releases. The list by @felixhammerl (thank you for your work on emailjs!) looks good if it's possible to switch from the tcp-socket shim to a node shim. I'm currently using chrome.socket API, it still exists in the Chromium source tree.