3.1.5.3 Sending a POP3_AUTH_NTLM_Blob_Command Message

The expected state is inside_authentication.

This section defines the processing of POP3_AUTH_NTLM_Blob_Command messages. These NTLM messages sent by the client are encapsulated as follows to conform to the AUTH mechanism:

  1. Base64 encode the NTLM message data. This is needed because NTLM messages contain data outside the ASCII character range, whereas POP3 only supports ASCII characters.

  2. Send the base64 encoded string.

  3. Suffix the <CR> and <LF> characters (ASCII values 0x0D and 0x0A), as required by POP3.

The ABNF definition of a client message is as follows:

<Base 64-encoded-NTLM-message><CR><LF>

De-encapsulation of these messages by the client adheres to the reverse logic, as follows:

  1. Remove the <CR> and <LF> characters (ASCII values 0x0D and 0x0A).

  2. Base64 decode the POP3 data to produce the original NTLM message data.