I suspect this has something to do with the client (knee.xtime.com) trying to use CRAM-MD5 with a server that uses authpam as it's authentication
Correct.
backend. Even if I change the 'esmtpd' configuration on the server to:
ESMTPAUTH="PLAIN"
The authentication fails with the same error as before, indicating that the client (knee.xtime.com) is still trying to use CRAM-MD5 passwords.
You must restart the server so that its configuration gets reread.
pgp00000.pgp
Description: PGP signature
