SMTP AUTH via TLS works from 1 client, fails from other

Hello everybody!

This one is really puzzling me: I have postfix running on
a SuSE 8.2 and try to achieve the following:

- users want to relay mail via that server from anywhere
- anyone who wants to relay mail via that server, needs to
do an SMTP AUTH
- SMTP AUTH can only be done when the connection is encrypted
using TLS
- mail users are no linux users, mail users exist only in
/etc/sasldb2


So, I got something like this in main.cf:

broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination


I test it with Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6),
it seems to work like a charm for me and I see lines as the
following in /var/log/mail:

connect from <...>
TLS connection established from <...>: TLSv1 with cipher RC4-MD5
(128/128 bits)
client=<...>, sasl_method=PLAIN, sasl_username=<...>

Mail gets relayed, fine.

However, when a person at a different site tests the same (Mozilla 1.6
under Windows, *identical* mail account configuration), it fails and
in the log I see lines like:

connect from <...>
TLS connection established from <...>: TLSv1 with cipher RC4-MD5
(128/128 bits)
warning: SASL authentication failure: Password verification failed
warning: <...>: SASL PLAIN authentication failed
warning: <...>: SASL LOGIN authentication failed
lost connection after AUTH from <...>

Any idea where my blind spot in this story lies?


Thanks in advance...
Christian