According to rfc1939 the standard behavoir of a pop3 server is:
1) The client opens a connection and server gets into the AUTORISATION state.
2) The user authenticate himself and the server gets into the TRANSACTION state, "... the POP3 server then acquires an exclusive-access lock on the maildrop, as necessary to prevent messages from being modified or removed before the session enters the UPDATE state. "
3) The client sends a QUIT command and the server gets into the UPDATE state, updating the repository.
James doesn't perform the exclsive-access lock required by rfc1939