on memory usage to avoid
DoSing it.
RFC2971 is saying Field strings MUST NOT be longer than 30 octets. Value
strings MUST NOT be longer than 1024 octets. Implementations MUST NOT send
more than 30 field-value pairs.
IMHO, dovecot is handling ID command before successful login successfully
. Implementations MUST
NOT send more than 30 field-value pairs.
IMHO, dovecot is handling ID command before successful login
successfully only if the length of the whole command is less than 1024
octets (exactly 861 octets is working fine, over that Input buffer
full occurs).
I tried finding