3.1.5.1 Receiving an SMTP_NTLM_Supported_Response Message
When the client state equals sent_authentication_request and on receiving this message, a client MUST generate the first NTLM message by calling the NTLM software. The NTLM software then generates NTLM NEGOTIATE_MESSAGE, as specified in [MS-NLMP]. The client MUST then encapsulate the NTLM message, as defined in section 2.2.3, and send it to the server.
Note The server will send the SMTP_NTLM_Supported_Response message only if the client did not embed an NTLM NEGOTIATE_MESSAGE in the SMTP_AUTH_NTLM_Initiation_Command [initial-response] optional parameter.
The state of the client MUST be changed to received_response.
The command sent by the client determines whether the server response is interpreted as an SMTP_NTLM_Supported_Response or an SMTP_AUTH_NTLM_BLOB_Response. Based on ABNF syntax alone, SMTP_NTLM_Supported_Response and SMTP_AUTH_NTLM_BLOB_Response messages appear identical, making a successful distinction between the two impossible. Therefore, the parser MUST distinguish between these messages as follows:
If the client previously sent an SMTP_AUTH_NTLM_Initiation_Command without an [initial-response], the server response MUST be parsed as an SMTP_NTLM_Supported_Response message with a human-readable-string. The human-readable-string SHOULD be ignored by the client, except to facilitate troubleshooting and debugging. This string has no consequence on the operation of the protocol.
If the client previously sent an SMTP_AUTH_NTLM_Initiation_Command with an [initial-response], the server response MUST be parsed as an SMTP_AUTH_NTLM_BLOB_Response message with a base64-encoded string. The client MUST NOT ignore the base64-encoded string and it MUST be processed by the NTLM software, as described in this document.
Note Status code 334 is also returned by the SMTP_AUTH_NTLM_BLOB_Response message.