4.1 SMTP Client Successfully Authenticating to an SMTP Server

  • Article

This section illustrates the NT LAN Manager (NTLM) Authentication: Simple Mail Transfer Protocol (SMTP) Extension with an example scenario in which an SMTP client successfully authenticates to an SMTP server using NTLM.

SMTP client successfully authenticating to SMTP server

Figure 4: SMTP client successfully authenticating to SMTP server

  1. The client sends an EHLO to the server. This command is specified in [RFC2821]. 

     EHLO test.com

  2. The server responds with an EHLO-Response (including the EHLO-keyword AUTH) to indicate that the authentication is supported. Among the parameters to the AUTH EHLO-response keyword is the keyword "NTLM", indicating that NTLM authentication is available.

     250-exch-cli-66 Hello [127.0.0.1]
 250-AUTH GSSAPI NTLM
 250-TURN
 250-SIZE 2097152
 250-ETRN
 250-PIPELINING
 250-DSN
 250-ENHANCEDSTATUSCODES
 250-8bitmime
 250-BINARYMIME
 250-CHUNKING
 250-VRFY
 250 OK
 

  3. The client then sends the SMTP AUTH command, SMTP_AUTH_NTLM_Initiation_Command, initiating auth. In this example, the AUTH command being sent is without the optional [initial-response] data.

     AUTH NTLM

  4. The server sends the SMTP_NTLM_Supported_Response message, indicating that it can perform NTLM authentication.

     334 ntlm supported

  5. The client sends an SMTP_AUTH_NTLM_BLOB_Command message containing a base64-encoded NTLM NEGOTIATE_MESSAGE.

     TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFAs4OAAAADw==

  6. The server sends an SMTP_AUTH_NTLM_BLOB_Response message containing a base64-encoded NTLM CHALLENGE_MESSAGE.

     334 TlRMTVNTUAACAAAAFgAWADgAAAA1goriZt7rI6Uq/ccAAAAAAAAAAGwAbABOAAA
 ABQLODgAAAA9FAFgAQwBIAC0AQwBMAEkALQA2ADYAAgAWAEUAWABDAEgALQBDAEwASQ
 AtADYANgABABYARQBYAEMASAAtAEMATABJAC0ANgA2AAQAFgBlAHgAYwBoAC0AYwBsA
 GkALQA2ADYAAwAWAGUAeABjAGgALQBjAGwAaQAtADYANgAAAAAA
 

  7. The client sends an SMTP_AUTH_NTLM_BLOB_Command message containing a base64-encoded NTLM AUTHENTICATE_MESSAGE.

     TlRMTVNTUAADAAAAGAAYAHwAAAAYABgAlAAAABYAFgBIAAAACAAIAF4AAAAWABYAZgA
 AABAAEACsAAAANYKI4gUCzg4AAAAPZQB4AGMAaAAtAGMAbABpAC0ANgA2AHQAZQBzAH
 QARQBYAEMASAAtAEMATABJAC0ANgA2AAZKkK42dvN2AAAAAAAAAAAAAAAAAAAAABvqC
 ZdJZ0NxuuMaNT5PPn5aZ6imuk9cPZkPUjEYNIRezkCGmTwS5G0=

  8. The server sends an SMTP_AUTH_NTLM_Succeeded_Response message.

     235 2.7.0 Authentication successful