diff --git a/CHANGELOG b/CHANGELOG
index 135d352f8..9f3c383b3 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -26,6 +26,7 @@ CHANGELOG Roundcube Webmail
 - Add (different) attachment icon for messages of type multipart/report (#1486165)
 - Prevent from inserting empty link when composing HTML message (#1486944)
 - Add caching support in id2uid and uid2id functions (#1487019)
+- Add SASL proxy authentication for SMTP (#1486693)
 
 RELEASE 0.4.2
 -------------
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index bbf614996..16a61b5c2 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -117,6 +117,9 @@ $rcmail_config['smtp_pass'] = '';
 // best server supported one)
 $rcmail_config['smtp_auth_type'] = '';
 
+// Optional SMTP authorization identifier to be used as authorization proxy
+$rcmail_config['smtp_authzid'] = null;
+
 // SMTP HELO host 
 // Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
 // Leave this blank and you will get the server variable 'server_name' or 
diff --git a/program/include/rcube_smtp.php b/program/include/rcube_smtp.php
index 5acc156c6..6b25cd1c6 100644
--- a/program/include/rcube_smtp.php
+++ b/program/include/rcube_smtp.php
@@ -44,10 +44,11 @@ class rcube_smtp
    * @param string Server port
    * @param string User name
    * @param string Password
+   * @param string Optional authorization ID to be used as authorization proxy
    *
    * @return bool  Returns true on success, or false on error
    */
-  public function connect($host=null, $port=null, $user=null, $pass=null)
+  public function connect($host=null, $port=null, $user=null, $pass=null, $authz=null)
   {
     $RCMAIL = rcmail::get_instance();
   
@@ -59,10 +60,11 @@ class rcube_smtp
   
     // let plugins alter smtp connection config
     $CONFIG = $RCMAIL->plugins->exec_hook('smtp_connect', array(
-      'smtp_server' => $host ? $host : $RCMAIL->config->get('smtp_server'),
-      'smtp_port'   => $port ? $port : $RCMAIL->config->get('smtp_port', 25),
-      'smtp_user'   => $user ? $user : $RCMAIL->config->get('smtp_user'),
-      'smtp_pass'   => $pass ? $pass : $RCMAIL->config->get('smtp_pass'),
+      'smtp_server'    => $host ? $host : $RCMAIL->config->get('smtp_server'),
+      'smtp_port'      => $port ? $port : $RCMAIL->config->get('smtp_port', 25),
+      'smtp_user'      => $user ? $user : $RCMAIL->config->get('smtp_user'),
+      'smtp_pass'      => $pass ? $pass : $RCMAIL->config->get('smtp_pass'),
+      'smtp_authzid'   => $authz ? $authz : $RCMAIL->config->get('smtp_authzid'),
       'smtp_auth_type' => $RCMAIL->config->get('smtp_auth_type'),
       'smtp_helo_host' => $RCMAIL->config->get('smtp_helo_host'),
       'smtp_timeout'   => $RCMAIL->config->get('smtp_timeout'),
@@ -105,7 +107,7 @@ class rcube_smtp
 
     if($RCMAIL->config->get('smtp_debug'))
       $this->conn->setDebug(true, array($this, 'debug_handler'));
-    
+
     // try to connect to server and exit on failure
     $result = $this->conn->connect($smtp_timeout);
     if (PEAR::isError($result))
@@ -120,6 +122,11 @@ class rcube_smtp
     $smtp_pass = str_replace('%p', $RCMAIL->decrypt($_SESSION['password']), $CONFIG['smtp_pass']);
     $smtp_auth_type = empty($CONFIG['smtp_auth_type']) ? NULL : $CONFIG['smtp_auth_type'];
 
+    if (!empty($CONFIG['smtp_authzid'])) {
+      $smtp_authz = $smtp_user;
+      $smtp_user  = $CONFIG['smtp_authzid'];
+    }
+
     // attempt to authenticate to the SMTP server
     if ($smtp_user && $smtp_pass)
     {
@@ -127,7 +134,7 @@ class rcube_smtp
       if (strpos($smtp_user, '@'))
         $smtp_user = idn_to_ascii($smtp_user);
 
-      $result = $this->conn->auth($smtp_user, $smtp_pass, $smtp_auth_type, $use_tls);
+      $result = $this->conn->auth($smtp_user, $smtp_pass, $smtp_auth_type, $use_tls, $smtp_authz);
 
       if (PEAR::isError($result))
       {