3.2.5.2 Receiving an SMTP_AUTH_NTLM_BLOB_Command Message

Expected state is sent_response.

When the server state equals sent_response and on receiving this message, a server MUST change its internal state to received_command, de-encapsulate the message, obtain the embedded NTLM message, and pass it to the NTLM software with the GSS_Accept_sec_context call, as specified in [MS-NLMP] section 3.2.4.

De-encapsulation of these messages by the server follows the logic:

1. Remove the <CR> and <LF> characters (ASCII values 0x0D and 0x0A).

2. base64 decode the SMTP data to produce the original NTLM message data.

Once the message has been obtained, the NTLM software does one of the following, as specified in [MS-NLMP]:

• Report success in processing the message and return an NTLM message to continue the authentication.

• Report that authentication completed successfully.

• Report that the authentication failed due to a bad user name or password, as specified in [MS-NLMP].

• Report that the authentication failed, which could be due to some other software error or message corruption.

For an overview of SMTP server authentication, see the SMTP server state model specified in section 3.2.1.1.