3.2.5.3 Sending a POP3_AUTH_NTLM_Blob_Response Message

The expected state is inside_authentication.

This section defines the creation of POP3_AUTH_NTLM_Blob_Response messages. These are NTLM messages sent by the server, and they MUST be encapsulated as follows to conform to syntax specified by the AUTH mechanism:

  1. Base-64-encode the NTLM message data.<2>

  2. To the base64 encoded string, prefix the POP3 response code with a plus sign (+).

  3. Suffix the <CR> and <LF> characters (ASCII values 0x0D and 0x0A) as required by POP3.

The ABNF definition of a server message is as follows:

+<SP><Base 64-encoded-NTLM-message><CR><LF>

De-encapsulation of these messages by the client adheres to the reverse logic, as follows:

  1. Remove the <CR> and <LF> characters (ASCII values 0x0D and 0x0A).

  2. Remove the POP3 response code (+) and the space following it.

Decode the base64 encoded POP3 data to produce the original NTLM message data.<3>

Show: