I tried to see if it would just work incase it was apart of a library and not just documented in the docs as being available, but it doesn’t. It doesn’t even try to auth.


That auth method is obsoleted and md5 is insecure long time already.

Also, that method isn’t part of the SMTP library anymore because of that reason.

I didn’t realize CRAM was deprecated for SASL. Even as old as it is, I thought the Android Java smtp library the only options are plain, CRAM or Oauth2 and when used along with TLS is just an extra layer server side should the auth db be exploited.

I though Oauth was strictly for dealing with Google but it looks like I can setup my own Oauth server. Will look into that first before plain passwords in the db.