From b68cb14669af59d1860d66534fbe3517bacdf6c7 Mon Sep 17 00:00:00 2001
From: Barry Warsaw
Date: Mon, 3 Jan 2011 20:28:38 -0500
Subject: Better wording given by Patrick Ben Koetter.

---
 src/mailman/mta/docs/authentication.txt | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/mailman/mta/docs/authentication.txt b/src/mailman/mta/docs/authentication.txt
index 9f494be61..9f78859a0 100644
--- a/src/mailman/mta/docs/authentication.txt
+++ b/src/mailman/mta/docs/authentication.txt
@@ -3,8 +3,17 @@ SMTP authentication
 ===================
 
 The SMTP server may require authentication.  Mailman supports setting the SMTP
-user name and password.  When the user name and password match what's expected
-by the server, everything is a-okay.
+user name and password.  The actual authentication mechanism used is
+determined by Python's `smtplib module`_, which tries the more secure
+`CRAM-MD5` method first, followed by the less secure mechanisms `PLAIN` and
+`LOGIN`.
+
+When sending authentication data between Mailman and the MTA over an unsecured
+network, the submission (mail) server should offer `CRAM-MD5` as mechanism to
+have Python's `smtplib module` automatically choose the more secure mechanism.
+
+When the user name and password match what's expected by the server,
+everything is a-okay.
 
     >>> mlist = create_list('test@example.com')
 
@@ -54,3 +63,6 @@ But if the user name and password does not match, the connection will fail.
     bperson@example.com: (571, 'Bad authentication')
 
     >>> config.pop('auth')
+
+
+.. _`smtplib module`: http://docs.python.org/library/smtplib.html
-- 
cgit v1.2.3-70-g09d2