>I have lately been trying to use the smtp server offered by BT >Internet, which seems to defeat the authentication of nmh >post. Sundry other muas are fine, including claws and various >smartphone apps (ugh). The tale has been slightly round-about, but I >will try my best to cut to the core and be succinct. >[...] >(tls-decrypted) <= 250-AUTH=LOGIN [Huh? See below.]
Aw, poop. So, THIS is an old, OLD pre-SASL mechanism. And while I was vaguely aware of it, in the instances where I saw it it was always listed AFTER the standards-based SASL "AUTH" token. And so ... I guss we get this wrong. I'm not sure it's documented anywhere. A quick Google suggests that it is around for compatibility with old clients like Outlook 2003. Obviously, we should just ignore any AUTH= tokens. Let me chew on this a bit and see if I can get you a patch. --Ken