3.2.1.1 POP3 State Model
Figure 3: Server POP3 state model
The abstract data model for the NTLM POP3 Extension has the following states:
Start:
This is the state of the server before the POP3_AUTH_NTLM_Initiation_Command is received.
State 2: received_authentication_request
This is the state of the server after the POP3_AUTH_NTLM_Initiation_Command is received.
State 1: inside_authentication
This is the state entered by a server after the server sends a POP3_NTLM_Supported_Response. In this state, the server initializes the NTLM subsystem and repeats the following steps:
Waits for a message from the client.
De-encapsulates the received POP3 message-data from the other party and obtains the embedded NTLM message data.
Passes the data to the NTLM subsystem.
Encapsulates the NTLM message returned by the NTLM subsystem into a POP3 message.
Sends the POP3 message to the other party.
This state terminates when:
The NTLM subsystem reports completion with either a success or failed authentication status, upon which the server sends the client a POP3_AUTH_NTLM_Succeeded_Response or POP3_AUTH_NTLM_Fail_Response, as specified in [RFC1734]. These are the only responses returned to the client.
Stop: completed_authentication
This is the state of the server after it exits the inside_authentication state. The rules for exiting the inside_authentication state are defined in section 3.2.5. The behavior of POP3 in this state is defined in [RFC1734]—it represents the end_state of the authentication protocol.