3.2.1.1 POP3 State Model

Figure 3: Server POP3 state model

The abstract data model for the NTLM POP3 Extension has the following states:

1. Start:

   This is the state of the server before the POP3_AUTH_NTLM_Initiation_Command is received.

2. State 2: received_authentication_request

   This is the state of the server after the POP3_AUTH_NTLM_Initiation_Command is received.

3. State 1: inside_authentication

   This is the state entered by a server after the server sends a POP3_NTLM_Supported_Response. In this state, the server initializes the NTLM subsystem and repeats the following steps:

   • Waits for a message from the client.

   • De-encapsulates the received POP3 message-data from the other party and obtains the embedded NTLM message data.

   • Passes the data to the NTLM subsystem.

   • Encapsulates the NTLM message returned by the NTLM subsystem into a POP3 message.

   • Sends the POP3 message to the other party.

     This state terminates when:

   • The NTLM subsystem reports completion with either a success or failed authentication status, upon which the server sends the client a POP3_AUTH_NTLM_Succeeded_Response or POP3_AUTH_NTLM_Fail_Response, as specified in [RFC1734]. These are the only responses returned to the client.

4.  Stop: completed_authentication

   This is the state of the server after it exits the inside_authentication state. The rules for exiting the inside_authentication state are defined in section 3.2.5. The behavior of POP3 in this state is defined in [RFC1734]—it represents the end_state of the authentication protocol.