* Gerard E. Seibert <postfix-users@postfix.org>: > Thank you for that quick and accurate answer. I was just wondering, is > this a bug in 'libsasl' or is it due to a change in Outlook? My setup > had been working for years without any errors.
It's very likely not a bug, but simply how SASL works. Unless configured explicitly to act different (any) SASL will always try to use the mechanism that offers the highest security strengh factor. OAUTH2 offers higher security than PLAIN, simply because PLAIN sends the identity (username, password) BASE64 encoded only. Encrypted connections are out of scope of the PLAIN mech. This said I do assume your system upgrade added OAUTH2 mechs, where there had been none on your old system. And what used to work because PLAIN was the only mech and therefore had the highest security strengh factor suddenly began to fail because now OAUTH2 was preferred over PLAIN. Limiting the list of SASL mechs that may be used, just like Wietse wrote, explicitly configures Cyrus SASL to ignore any other mechs except for those on the list. p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
