Exchange Server 2007/2010 does not support AUTH=PLAIN common method.
- RFC: 3501 http://www.ietf.org/rfc/rfc3501.txt
- Title: Internet Message Access Protocol – Version 4rev1
- Updated by: 4466, 4469, 4551, 5032, 5182
- Obsoletes: 2060
- Exchange 2010 specific: Implemented by Exchange 2010 (AUTH=PLAIN not supported)
AUTH=PLAIN common method description:
- “The mechanism consists of a single message from the client to the server. The client sends the authorization identity (identity to login as), followed by a US-ASCII NULL character, followed by the authentication identity (identity whose password will be used), followed by a US-ASCII NULL character, followed by the clear-text password. The client may leave the authorization identity empty to indicate that it is the same as the authentication identity.”
- In other words, the correct form of the AUTH PLAIN value is ‘authiduseridpasswd’ where ” is the null byte.
- After the client has sent the AUTH PLAIN command to the server, the server responds with a 334 reply code. Then the username and password are sent from the client to the server. The username and password are combined to one string and BASE64 encoded. Although the keyword PLAIN is used, the username and password are not sent as plain text over the Internet they are always BASE64 encoded.