Do not use LOGINDISABLED with TLS connections.
Add support for CRAM-MD5 so it's RFC-3501 compliant to log in without TLS.