From 5ffeca35e78544f239b73c46bf82605ec9baa3fe Mon Sep 17 00:00:00 2001
From: Peter <peter@smitmail.eu>
Date: Thu, 18 Dec 2014 13:58:18 +0200
Subject: [PATCH 1/2] Add option to use CRAM-MD5 as authentication method in
 the mailer

---
 modules/mailer/mailer.go | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/modules/mailer/mailer.go b/modules/mailer/mailer.go
index 6d75fa3f2..daee5d76e 100644
--- a/modules/mailer/mailer.go
+++ b/modules/mailer/mailer.go
@@ -108,14 +108,21 @@ func sendMail(settings *setting.Mailer, from string, recipients []string, msgCon
 		}
 	}
 
-	auth_available, _ := client.Extension("AUTH")
+	auth_available, options := client.Extension("AUTH")
 
-	// Possible improvement: only plain authentication is now available.
-	// Maybe in future CRAM MD5 as well?
 	if auth_available && len(settings.User) > 0 {
-		auth := smtp.PlainAuth("", settings.User, settings.Passwd, host)
-		if err = client.Auth(auth); err != nil {
-			return err
+		var auth smtp.Auth
+
+		if strings.Contains(options, "PLAIN") {
+			auth = smtp.PlainAuth("", settings.User, settings.Passwd, host)
+		} else if strings.Contains(options, "CRAM-MD5") {
+			auth = smtp.CRAMMD5Auth(settings.User, settings.Passwd)
+		}
+
+		if auth != nil {
+			if err = client.Auth(auth); err != nil {
+				return err
+			}
 		}
 	}
 

From eca42bcb4480d23c3bd0c3bda05f1f7e185053cd Mon Sep 17 00:00:00 2001
From: Peter <peter@smitmail.eu>
Date: Thu, 18 Dec 2014 14:15:13 +0200
Subject: [PATCH 2/2] Prefer CRAM-MD5 over PLAIN authentication

---
 modules/mailer/mailer.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/mailer/mailer.go b/modules/mailer/mailer.go
index daee5d76e..234723590 100644
--- a/modules/mailer/mailer.go
+++ b/modules/mailer/mailer.go
@@ -113,10 +113,10 @@ func sendMail(settings *setting.Mailer, from string, recipients []string, msgCon
 	if auth_available && len(settings.User) > 0 {
 		var auth smtp.Auth
 
-		if strings.Contains(options, "PLAIN") {
-			auth = smtp.PlainAuth("", settings.User, settings.Passwd, host)
-		} else if strings.Contains(options, "CRAM-MD5") {
+		if strings.Contains(options, "CRAM-MD5") {
 			auth = smtp.CRAMMD5Auth(settings.User, settings.Passwd)
+		} else if strings.Contains(options, "PLAIN") {
+			auth = smtp.PlainAuth("", settings.User, settings.Passwd, host)
 		}
 
 		if auth != nil {