Dovecot: robustness; better msg on missing mech.
If the dovecot protocol response doesn't include the MECH message for
the SMTP AUTH protocol the client has requested, that's not a protocol
failure, don't log it as such. Instead, explicitly log that it didn't
advertise the mechanism we're looking for. This lets administrators fix
either their Exim or their Dovecot configurations.
Also: make the Dovecot handling more resistant to bad data from the auth
server; handle too many fields with debug-log message to explain what's
going on, permit lines of 8192 length per spec and detect if the line is
too long, so that we can fail auth instead of becoming unsynchronised.
Stop using the CUID from the server as the AUTH id counter. They're
different, by my reading of the spec.
TESTED: works against Dovecot 2.1.10.
Thanks to Brady Catherman for reporting the problem with diagnosis.
projects / exim.git / commit