[exim] TLS SASL authentiation error 535

I'm trying to figure out what's going on with sending mail from my phone
through my server. It had been working for a while but suddenly
stopped. I am authenticating using saslauthd for outgoing mail. I can
check the authentication with testsaslauthd and that returns OK and I
can also test with swaks (from a machine on the local network) and that
authenticates. But when I put in the same login information into the
phone (via remote network), I get the incorrect authentication data error.

I ran exim in debug mode. I see that $auth2 is populated with the user
name and $auth3 has the password.

The configured authenticator is:

plain_saslauthd_server:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$auth2}{$auth3}}{1}{0}}
server_set_id = $auth2
server_prompts = :
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}

I compared two runs in debug mode, one from the swaks test and one from
the phone test. I looked for the authentication portion and they appear
to match in the operations but the result is differen (password and user
removed but I did verify that the plain text entries are identical):

swaks test:
20937 Calling gnutls_record_recv(0xb82b4440, 0xb8473d60, 4096)
20937 SMTP<< AUTH PLAIN AGFnY<encrypted password>
20937 plain_saslauthd_server authenticator server_condition:
20937 $auth1 =
20937 $auth2 = user
20937 $auth3 = plaintextpassword
20937 $1 =
20937 $2 = user
20937 $3 = plaintextpassword
20937 Running saslauthd authentication for user "user"
20937 saslauthd userid='user' servicename='' realm=''
20937 Answer 'OK' received.
20937 saslauthd: success (OK)
20937 expanded string: 1

phone test:
20952 Calling gnutls_record_recv(0xb8f3e440, 0xb90fdd60, 4096)
20952 SMTP<< AUTH PLAIN AGFnY<encrypted password>
20952 plain_saslauthd_server authenticator server_condition:
20952 $auth1 =
20952 $auth2 = user
20952 $auth3 = plaintextpassword
20952
20952 $1 =
20952 $2 = user
20952 $3 = plaintextpassword
20952
20952 Running saslauthd authentication for user "user"
20952 saslauthd userid='user' servicename='' realm=''
20952 Answer 'NO' received.
20952 saslauthd: access denied (NO)
20952 expanded string: 0


Both tests were using TLS authentication. I'm a bit lost why they
behave differently. I would appreciate any help to further debug.