There is no state-of-the art SASL authentication method available in KMail. DIGEST-MD5 was moved to "historic" by RFC 6331 in year 2011. And the MD5 hash algorithm must not be used for security purposes for years. There is a powerful SCRAM authentication mechanism described in RFC 5802, but it is not supported by KMail. Reproducible: Always Steps to Reproduce: 1. Open the configure dialogue 2. configure an IMAP access 3. Try to select a powerful SASL authentication mechanism Actual Results: No strong authentication mechanism selectable. Expected Results: SCRAM-SHA1 is selectable as a SASL authentication mechanism If it would help you, I can provide you with a test account on an IMAP- and Sieve server supporting SCRAM-SHA1.