POP3
SASL
SASL AUTH CRAM-MD5
SASL AUTH PLAIN
SASL DOWNGRADE
RFC1734
RFC2195
RFC5034
#
# Server-side
AUTH CRAM-MD5 PLAIN
REPLY "AUTH CRAM-MD5" + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
From: me@somewhere
To: fake@nowhere
body
--
yours sincerely
#
# Client-side
pop3
crypto
POP3 CRAM-MD5 authentication with SASL downgrade
pop3://%HOSTIP:%POP3PORT/879 -u user:secret
#
# Verify data after the test has been "shot"
CAPA
AUTH CRAM-MD5
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
RETR 879
QUIT