MC> After "AUTH LOGIN", your client sent "Y2dhOTk5OQ==" as a SASL initial
MC> response. It should not have sent any initial response for the LOGIN
MC> mechanism. Instead, it should have sent just AUTH LOGIN, and gotten
MC> an initial challenge (for the user name) from the SMTP server ("334
MC> VXNlciBOYW1lAA=="). It then would send the response, get the
MC> challenge for the password, and then send the password.
The "LOGIN" SASL mechanism isn't strictly specified, of course. But
this mechanism is widely understood. A sensible client implementation
strategy would be to respond with the user name to every "Username:"
(VXNlciBOYW1lAA) challenge and respond with the password to every
"Password:" (UGFzc3dvcmQA) challenge, akin to the operation of a "login
chat script" for the "uucico" command. In contrast, "ssmtp" doesn't
even check what the challenges _are_. It blindly sends the username and
password, once each, in a fixed order.
To be honest, having seen "ssmtp", I'd recommend using something else
instead for the task that it purports to do, such as "mini-qmail" with
"qmail-smtpc" replacing "qmail-queue"
./qmail/smtpc.html>), or an ordinary MTS
configured to send everything to a mailhub
or "serialmail" (<URL: http://www.yqcomputer.com/
or "nullmailer" (<URL: http://www.yqcomputer.com/