1.7 Versioning and Capability Negotiation

This specification covers versioning issues in the following areas:

  • Security and Authentication Methods: The IMAP4 NTLM extension supports the NTLMv1 and NTLMv2 authentication methods, as described in [MS-NLMP].

  • Capability Negotiation: IMAP4 does not support negotiation of which version of NTLM to use. Instead, the NTLM version has to be configured on both the client and the server prior to authentication. NTLM version mismatches are handled by the NTLM implementation, and not by IMAP4.

The client discovers whether the server supports NTLM authentication by sending the IMAP4 CAPABILITY command, as described in [RFC3501] section 6.1.1. The server responds with a list of supported features, among which authentication mechanisms are listed. If NTLM is supported, the server includes the word "AUTH=NTLM" in the list.