4 Protocol Example

The following is an example of the use of the AUTH LOGIN extension. The example demonstrates SMTP authentication using the AUTH LOGIN extension. In this example, the user name is "Charlie" and the password is "password". The following diagram illustrates the sequence of events following the client's initial connection to the SMTP server.

Example Authentication Exchange

Figure 2: Example Authentication Exchange

  1. The initial response by the SMTP server ("220 SMTP.example.com") is the greeting by the server as specified in [RFC5321].

  2. The client sends the EHLO command.

  3. The server responds with, among other things, an indication of support for AUTH LOGIN.

  4. The client then issues the AUTH LOGIN command. In this example, the client omits the username in the AUTH LOGIN command.

  5. The server responds with the username challenge.

  6. The client responds with "Q2hhcmxpZQ==", which is the username "Charlie", encoded with base64 encoding.

  7. The server stores the value "Q2hhcmxpZQ==" then issues the password challenge.

  8. The client responds with "cGFzc3dvcmQ=", which is the password "password", encoded with base64 encoding.

  9. The server base64-decodes the username and password and verifies that the username "Charlie" and the password "password" are valid credentials. The server then responds with "235 authentication successful".