Comment 71 for bug 24220

Interesting data point. If I leave the connection as "STARTTLS" and uncheck "use secure authentication" then things work. So is the problem just that the server doesn't support CRAM-MD5? In that case, why is this happening at all? PLAIN or LOGIN auth over STARTTLS is "secure", right? So checking this box in the UI should not cause failure here.

Put another way, as a user I feel unsafe because I have to uncheck "use secure authentication" to connect to this server. Is this feeling justified? If not, then we have a bug.