NTLM fails: dovecot: auth: Fatal: Unknown authentication mechanism 'NTLM'

Sun Jan 23 00:22:55 UTC 2022

After upgrading Debian to 11 I found Dovecot at version 2.3.13 
(89f716dc2).  Now auth method NTLM fails and is not even listed:

# doveadm pw -l
SHA1 SSHA512 SCRAM-SHA-256 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA 
DES-CRYPT CRYPT SSHA MD5-CRYPT PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 
SHA512-CRYPT CLEAR CLEARTEXT ARGON2I ARGON2ID SSHA256 MD5 PBKDF2 SHA256 
CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5 LDAP-MD5

/var/log/dovecot.log
Jan 22 16:20:32 auth: Fatal: Unknown authentication mechanism 'NTLM'
Jan 22 16:20:32 master: Error: service(auth): command startup failed, 
throttling for 2.000 secs
Jan 22 16:20:34 auth: Fatal: Unknown authentication mechanism 'NTLM'
Jan 22 16:20:34 master: Error: service(auth): command startup failed, 
throttling for 4.000 secs
Jan 22 16:20:38 auth: Fatal: Unknown authentication mechanism 'NTLM'
Jan 22 16:20:38 master: Error: service(auth): command startup failed, 
throttling for 8.000 secs
Jan 22 16:20:46 auth: Fatal: Unknown authentication mechanism 'NTLM'
Jan 22 16:20:46 master: Error: service(auth): command startup failed, 
throttling for 16.000 secs

# doveconf -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.10.0-11-amd64 x86_64 Debian 11.2
# Hostname: imail.khmfdbyekekelj1rmytwnfh1bc.dx.internal.cloudapp.net
auth_mechanisms = plain login ntlm
debug_log_path = /var/log/dovecot-debug.log
info_log_path = /var/log/dovecot-info.log
log_path = /var/log/dovecot.log
maildir_stat_dirs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace compat {
   alias_for =
   hidden = yes
   inbox = no
   list = no
   location =
   prefix = INBOX.
   separator = .
}
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix =
   separator = .
}
passdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
plugin {
   mail_plugins = " quota trash sieve"
   sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap sieve"
service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0666
     user = postfix
   }
   unix_listener auth-client {
     mode = 0660
   }
}
service stats {
   unix_listener stats-reader {
     group = vmail
     mode = 0660
     user = vmail
   }
   unix_listener stats-writer {
     group = vmail
     mode = 0660
     user = vmail
   }
}
ssl_cert = </etc/letsencrypt/live/imail1.sutinen.com/fullchain.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   driver = sql
}
protocol lmtp {
   mail_plugins = " quota trash sieve"
   postmaster_address = admin-kosmosisland.com at kosmosisland.com
}
protocol lda {
   mail_plugins = " quota trash sieve"
}

Regards,
David Koski