Authentication service
We mentioned the authentication service quite a few times in the previous section, but what exactly is the authentication service and what does it do? When a user makes a POP3, IMAP, or SMTP request to NGINX, authenticating the connection is one of the first steps. NGINX does not perform this authentication itself, but rather makes a query to an authentication service that will fulfill the request. NGINX then uses the response from the authentication service to make the connection to the upstream mail server.
This authentication service may be written in any language. It need only conform to the authentication protocol required by NGINX. The protocol is similar to HTTP, so it will be fairly easy for us to write our own authentication service.
NGINX will send the following headers in its request to the authentication service:
HostAuth-MethodAuth-UserAuth-PassAuth-SaltAuth-ProtocolAuth-Login-AttemptClient-IPClient-HostAuth-SMTP-HeloAuth-SMTP-FromAuth...
