I have a workstation which uses KDE Kontact, but also has a postfix server, mainly used as client. Since Google requires xoauth2 for sending email via KMail and via postfix, postfix needs the packet sasl-xoauth2 which puts a plugin in /usr/lib64/sasl2/ for supporting xoauth2 in postfix. There is also a plugin kdexoauth2 which supports xoauth2 for e-mail send by KMail via smtp.gmail.com using akonadi. When the plugin from sasl-xoauth2 is present in /usr/lib64/sasl2/ I am unable to send email from KMail via smtp.gmail.com. Removing the plugin restores the KMail functionality. Apparently the akonadi process to send email using authorization with xoauth2 does not use the plugin kdexoauth2, but more likely the plugin from sasl-xoauth2, which fails. "pluginviewer -c" with both plugins present shows: Installed and properly configured SASL (client side) mechanisms are: GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 XOAUTH2 XOAUTH2 PLAIN LOGIN ANONYMOUS Available SASL (client side) mechanisms matching your criteria are: GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 XOAUTH2 XOAUTH2 PLAIN LOGIN ANONYMOUS List of client plugins follows Plugin "gssapiv2" [loaded], API version: 4 SASL mechanism: GSS-SPNEGO, best SSF: 256 security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP Plugin "gssapiv2" [loaded], API version: 4 SASL mechanism: GSSAPI, best SSF: 256 security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN Plugin "digestmd5" [loaded], API version: 4 SASL mechanism: DIGEST-MD5, best SSF: 128 security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP Plugin "EXTERNAL" [loaded], API version: 4 SASL mechanism: EXTERNAL, best SSF: 0 security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION Plugin "crammd5" [loaded], API version: 4 SASL mechanism: CRAM-MD5, best SSF: 0 security flags: NO_ANONYMOUS|NO_PLAINTEXT features: SERVER_FIRST Plugin "sasl-xoauth2" [loaded], API version: 4 SASL mechanism: XOAUTH2, best SSF: 60 security flags: NO_ANONYMOUS|PASS_CREDENTIALS features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION Plugin "kdexoauth2" [loaded], API version: 4 SASL mechanism: XOAUTH2, best SSF: 0 security flags: NO_ANONYMOUS|PASS_CREDENTIALS features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION Plugin "plain" [loaded], API version: 4 SASL mechanism: PLAIN, best SSF: 0 security flags: NO_ANONYMOUS|PASS_CREDENTIALS features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION Plugin "login" [loaded], API version: 4 SASL mechanism: LOGIN, best SSF: 0 security flags: NO_ANONYMOUS|PASS_CREDENTIALS features: SERVER_FIRST Plugin "anonymous" [loaded], API version: 4 SASL mechanism: ANONYMOUS, best SSF: 0 security flags: NO_PLAINTEXT features: WANT_CLIENT_FIRST Note "sasl-xoauth2" shows an SSF of 60, which to my knowledge is a priority, which differs from the SSF of "kdexoauth2", which is 0. From the information in the packet sasl-xoauth2 this 60 is needed to make it work in postfix.