POP3 SASL SASL AUTH NTLM SASL AUTH PLAIN SASL DOWNGRADE RFC1734 RFC5034 # # Server-side AUTH NTLM PLAIN REPLY "AUTH NTLM" + REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY AHVzZXIAc2VjcmV0 +OK Login successful From: me@somewhere To: fake@nowhere body -- yours sincerely # # Client-side pop3 NTLM SSL !SSPI POP3 NTLM authentication with SASL downgrade pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # # Verify data after the test has been "shot" CAPA AUTH NTLM TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= * AUTH PLAIN AHVzZXIAc2VjcmV0 RETR %TESTNUMBER QUIT