3.2.1.1 SMTP State Model
Figure 3: SMTP NTLM authentication server state model
The abstract data model for the NT LAN Manager (NTLM) Authentication: Simple Mail Transfer Protocol (SMTP) Extension has the following states:
start
This is the state of the server before the SMTP_AUTH_NTLM_Initiation_Command (section 2.2.1.1) message has been received.
received_authentication_request
This is the state of the server after the SMTP_AUTH_NTLM_Initiation_Command message has been received.
sent_response
This is the state entered by the server after it has sent an SMTP_NTLM_Supported_Response (section 2.2.1.2) or SMTP_AUTH_NTLM_BLOB_Response (section 2.2.1.3) message.
During this state the server waits for SMTP_AUTH_NTLM_BLOB_Command (section 2.2.1.7) from the client and transition the state to received_response after receiving the SMTP_AUTH_NTLM_BLOB_Command.
The server comes back to this state after it has sent SMTP_AUTH_NTLM_BLOB_Response to the client.
received_command
This is the state entered by the server after it has received the SMTP_AUTH_NTLM_Initiation_Command with NTLM_NEGOTIATE_MESSAGE or SMTP_AUTH_NTLM_BLOB_Command.
During this state the server passes the SMTP_AUTH_NTLM_Initiation_Command with NTLM_NEGOTIATE_MESSAGE or SMTP_AUTH_NTLM_BLOB_Command to the NTLM software. If the NTLM software returns SMTP_AUTH_NTLM_BLOB_Response message the server sends it back to the client.
The server transitions the state to sent_response after it sends the SMTP_AUTH_NTLM_BLOB_Response.
The server comes back to this state after receiving SMTP_AUTH_NTLM_BLOB_Command.
The server MUST transition the state to completed_authentication when it sends SMTP_AUTH_NTLM_Succeeded_Response (section 2.2.1.6) or SMTP_AUTH_Fail_Response (section 2.2.1.4) or SMTP_AUTH_Other_Failure_Response (section 2.2.1.5) to the client.
completed_authentication
This is the state of the server upon successfully or unsuccessfully completing authentication. Section 3.1.5 defines the rules for how this state is reached. The completed_authentication represents the end state of the authentication protocol.
This document does not address the behavior of SMTP in this state.