It is unfortunately common for email client software to silently fall back to insecure submission if TLS or AUTH fail in any way :-(
yup. though I believe I tried to address this in my document. Keith