On May 27, 2009, at 3:15 AM, Max Ivanov wrote:
The alternative that I'm thinking right now is that in the pre- login process Dovecot would only advertise those capabilities that are actually
useful before login. Then after login it would send an updated capability
reply to the client. The important question here is: Are there any clients
that don't update their capabilities?RFC says: A server MAY send capabilities automatically, by using the CAPABILITY response code in the initial PREAUTH or OK responses, and by sending an updated CAPABILITY response code in the tagged OK response as part of a successful authentication. It is unnecessary for a client to send a separate CAPABILITY command if it recognizes these automatic capabilities.
So that's valid approach and any client should support it.
Most IMAP clients are violaing IMAP RFC in many other ways already
anyway. And that doesn't actually require clients to use the
capability, just says it's unnecessary to ask it..