1.7 Versioning and Capability Negotiation
This document covers versioning issues in the following areas:
Security and Authentication Methods: The NT LAN Manager (NTLM) Authentication: Simple Mail Transfer Protocol (SMTP) Extension supports the NTLM version 1 and NTLM version 2 authentication methods, as specified in [MS-NLMP].
Capability Negotiation: The NTLM Authentication: SMTP Extension does not support negotiation of the NTLM Authentication Protocol (as specified in [MS-NLMP]) version to use. Instead, the NTLM Authentication Protocol (as specified in [MS-NLMP]) version is configured on both the client and the server prior to authentication. NTLM Authentication Protocol (as specified in [MS-NLMP]) version mismatches are handled by the NTLM Authentication Protocol (as specified in [MS-NLMP]) implementation, and not by SMTP.
The SMTP Service Extension for Authentication (as specified in [RFC2554]) does document the framework within which SMTP clients might discover (and SMTP servers might advertise) the capability to perform any given authentication mechanism, including (in particular) NTLM.
The client discovers if the server supports NTLM AUTH through the SMTP-EHLO, at which time the server responds with a standard EHLO response, as specified in [RFC2821]. The EHLO keyword that is advertised if NTLM authentication is supported is "NTLM". NTLM is an SASL mechanism (as defined in [RFC2554] section 3 bullet 3). The messages involved are formally specified in other sections of this document.