Improve non-auth login error handling
Login can fail for a bunch of reasons other than just incorrect passwords. The account may be access limited (Password expiry, Google & Outlook.com requiring a web form to be filled out), the user name is wrong, the server has restricted numbers of connections, etc. We should gracefully handle this, prompting to change the login or go to a web form if possible.
This needs some research done into how different servers behave under certain circumstances, and some design work about what classes of errors to report and how to prompt the user to take some action.
IMAP
RFC 3501 and RFC 5530 define a number of IMAP response codes that should be considered, including: ALERT
, UNAVAILABLE
, AUTHENTICATIONFAILED
, AUTHORIZATIONFAILED
, EXPIRED
, and PRIVACYREQUIRED
. GMail also uses a proprietary WEBALERT
.
Known server behaviours:
- GMail: Sends both
ALERT
with end-user text and a URL, alsoWEBALERT
with just a URL when the user needs to fill in a capcha to log in - Outlook.com:
AUTHORIZATIONFAILED
with end-user text when user needs to fill in a capcha to log in - Yahoo! Mail:
AUTHORIZATIONFAILED
when the login name is incorrect(!)
SMTP
TBD, but see also #353.