POP3
SASL
SASL AUTH NTLM
SASL AUTH PLAIN
SASL DOWNGRADE
RFC1734
RFC5034
#
# Server-side
AUTH NTLM PLAIN
REPLY "AUTH NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
REPLY AHVzZXIAc2VjcmV0 +OK Login successful
From: me@somewhere
To: fake@nowhere
body
--
yours sincerely
#
# Client-side
pop3
NTLM
SSL
!SSPI
POP3 NTLM authentication with SASL downgrade
pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret
#
# Verify data after the test has been "shot"
CAPA
AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
AUTH PLAIN
AHVzZXIAc2VjcmV0
RETR %TESTNUMBER
QUIT