[Dovecot] NTLM authentication from Outlook

[Lars Skovgaard]

Hi all

I've enabled ntlm authentication in dovecot, and use dovecot sasl in  
postfix as well.

Authentication with ntlm works well from Mac OS X Mail.app, as well  
as from Outlook Express, but fails with Outlook. Strangely enough,  
ntml authentication works in Outlook when using smtp (via postfix),  
but neither from imap or pop3 (both dovecot). As dovecot sasl handles  
all authentication against a mysql userdb, this strikes me as very  
strange.

I've instructed my clients with Outlook to fetch mail using a ssl- 
encrypted connection, and to send using ntlm-authentication. This  
works, but I would like to have ntlm available as an option to all my  
clients, without forcing them to change mail-clients.

I've turned on auth_verbose, auth_debug and auth_debug_passwords, and  
compared the passwordstring with the one calculated using dovecotpw,  
and they match. The only odd thing is that the username is returned  
from Outlook as an all-caps string, so user at domain.tld becomes  
USER at DOMAIN.TLD. I don't know if it matters, but I don't think so, as  
changing the user-login to an all-caps version doesn't solve the  
problem.

Any hints will be most welcome.

/Lars