mutt tries DIGEST-MD5 in SMTP AUTH allthough the server does not offer it. As a consequence it fails and succeeds on the second attempt when it downgrades for CRAM-MD5.
Here's output to show the server does not offer DIGEST-MD5 (I've renabled DIGEST-MD5 for the moment just in case anyone does a telnet to verify) my output below: p@x220:~$ telnet mail.state-of-mind.de 587 220 mail.state-of-mind.de ESMTP Submission EHLO foo 250-mail.state-of-mind.de 250-PIPELINING 250-SIZE 61440000 250-ETRN 250-STARTTLS 250-AUTH LOGIN CRAM-MD5 PLAIN 250-AUTH=LOGIN CRAM-MD5 PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN QUIT 221 2.0.0 Bye However mutt tries DIGEST-MD5: Sep 20 09:09:20 mail postfix/smtpd[9574]: warning: 178-26-25-52-dynip.superkabel.de[178.26.25.52]:39458: SASL DIGEST-MD5 authentication failed: no mechanism available Sep 20 09:09:21 mail postfix/smtpd[9574]: NOQUEUE: client=178-26-25-52-dynip.superkabel.de[178.26.25.52]:39458, sasl_method=CRAM-MD5, sasl_username=p...@state-of-mind.de Here's the mutt version I use to mail: p@x220:~$ mutt -v Mutt 1.5.21 (2010-09-15) Copyright (C) 1996-2009 Michael R. Elkins und andere. Mutt übernimmt KEINERLEI GEWÄHRLEISTUNG. Starten Sie `mutt -vv', um weitere Details darüber zu erfahren. Mutt ist freie Software. Sie können es unter bestimmten Bedingungen weitergeben; starten Sie `mutt -vv' für weitere Details. System: Linux 2.6.38-11-generic-pae (i686) ncurses: ncurses 5.7.20101128 (compiled with 5.7) libidn: 1.18 (compiled with 1.18) hcache backend: GDBM version 1.8.3. 10/15/2002 (built Mar 17 2011 08:36:56) Einstellungen bei der Compilierung: -DOMAIN +DEBUG -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE +USE_FCNTL -USE_FLOCK +USE_POP +USE_IMAP +USE_SMTP -USE_SSL_OPENSSL +USE_SSL_GNUTLS +USE_SASL +USE_GSS +HAVE_GETADDRINFO +HAVE_REGCOMP -USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME +CRYPT_BACKEND_GPGME -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +COMPRESSED +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID +USE_HCACHE -ISPELL SENDMAIL="/usr/sbin/sendmail" MAILPATH="/var/mail" PKGDATADIR="/usr/share/mutt" SYSCONFDIR="/etc" EXECSHELL="/bin/sh" MIXMASTER="mixmaster" Um die Entwickler zu kontaktieren, schicken Sie bitte eine Nachricht (in englisch) an <mutt-...@mutt.org>. Um einen Bug zu melden, besuchen Sie bitte http://bugs.mutt.org/. misc/am-maintainer-mode features/ifdef features/xtitles features/trash-folder features/purge-message features/imap_fast_trash features/sensible_browser_position features-old/patch-1.5.4.vk.pgp_verbose_mime features/compressed-folders features/compressed-folders.debian debian-specific/Muttrc debian-specific/Md.etc_mailname_gethostbyname.diff debian-specific/use_usr_bin_editor.diff debian-specific/correct_docdir_in_man_page.diff debian-specific/dont_document_not_present_features.diff debian-specific/document_debian_defaults debian-specific/assumed_charset-compat debian-specific/467432-write_bcc.patch debian-specific/566076-build_doc_adjustments.patch misc/define-pgp_getkeys_command.diff misc/gpg.rc-paths misc/smime.rc upstream/531430-imapuser.patch upstream/537818-emptycharset.patch upstream/543467-thread-segfault.patch upstream/542817-smimekeys-tmpdir.patch upstream/537694-segv-imap-headers.patch upstream/548577-gpgme-1.2.patch upstream/553321-ansi-escape-segfault.patch upstream/568295-references.patch upstream/547980-smime_keys-chaining.patch upstream/528233-readonly-open.patch upstream/228671-pipe-mime.patch upstream/383769-score-match.patch upstream/578087-header-strchr.patch upstream/603288-split-fetches.patch upstream/537061-dont-recode-saved-attachments.patch upstream/608706-fix-spelling-errors.patch upstream/path_max ubuntu/lp-693244-autoview mutt.org Anyone with an idea what is happening here? I know it is usually left to the SASL library to choose the most secure mechanisms and DIGEST-MD5 (allthough marked deprecated since about 3 months) is considered to be more secure than CRAM-MD5 by libsasl... p@rick -- Postfix - Einrichtung, Betrieb und Wartung <http://www.postfix-buch.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
