POP3 SASL SASL AUTH DIGEST-MD5 SASL AUTH PLAIN SASL DOWNGRADE RFC1734 RFC2831 RFC5034 # Server-side AUTH DIGEST-MD5 PLAIN REPLY "AUTH DIGEST-MD5" + Rubbish REPLY * -ERR AUTH exchange cancelled by client REPLY "AUTH PLAIN" + REPLY %b64[%00user%00secret]b64% +OK Login successful From: me@somewhere To: fake@nowhere body -- yours sincerely # Client-side pop3 !SSPI Debug crypto digest POP3 DIGEST-MD5 authentication with SASL downgrade pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret # Verify data after the test has been "shot" CAPA AUTH DIGEST-MD5 * AUTH PLAIN %b64[%00user%00secret]b64% RETR %TESTNUMBER QUIT