Ticket #9488: plain_auth.diff

../django/core/mail.py

@@ -134 +134 @@
                 self.connection.starttls()
                 self.connection.ehlo()
             if self.username and self.password:
-                self.connection.login(self.username, self.password)
+                if settings.EMAIL_FORCE_PLAIN_AUTH:
+                    # Force plain auth: call ehlo() or helo() first to get the
+                    # server's supported methods; then overwrite the results
+                    if not (200 <= self.connection.ehlo()[0] <= 299):
+                        (code, resp) = self.connection.helo()
+                        if not (200 <= code <= 299):
+                            raise SMTPHeloError(code, resp)
+                    self.connection.esmtp_features["auth"] = "LOGIN PLAIN"
+                    self.connection.login(self.username, self.password)
+                else:
+                    self.connection.login(self.username, self.password)
             return True
         except:
             if not self.fail_silently:

django/conf/global_settings.py

@@ -139 +139 @@
 EMAIL_HOST_USER = ''
 EMAIL_HOST_PASSWORD = ''
 EMAIL_USE_TLS = False
+EMAIL_FORCE_PLAIN_AUTH = False
 
 # List of strings representing installed apps.
 INSTALLED_APPS = ()

docs/ref/settings.txt

@@ -373 +373 @@
 This is only used if ``CommonMiddleware`` is installed (see
 :ref:`topics-http-middleware`).
 
+.. setting:: EMAIL_FORCE_PLAIN_AUTH
+
+EMAIL_FORCE_PLAIN_AUTH
+----------------------
+
+Default: ``False``
+
+Force the transmission of the SMTP password (if any) in plain text. This can be 
+useful with certain SMTP servers which falsely claim to support CRAM-MD5.
+
+See also ``EMAIL_HOST_USER`` and ``EMAIL_HOST_PASSWORD``.
+
 .. setting:: EMAIL_HOST
 
 EMAIL_HOST