diff --git a/src/kmanagesieve/session.h b/src/kmanagesieve/session.h
--- a/src/kmanagesieve/session.h
+++ b/src/kmanagesieve/session.h
@@ -73,7 +73,7 @@
     bool allowUnencrypted() const;
 
 private Q_SLOTS:
-    void setErrorMessage(const QString &msg);
+    void setErrorMessage(int error, const QString &msg);
     void processResponse(const KManageSieve::Response &response, const QByteArray &data);
     KManageSieve::AuthDetails requestAuthDetails(const QUrl &url);
     void authenticationDone();
diff --git a/src/kmanagesieve/session.cpp b/src/kmanagesieve/session.cpp
--- a/src/kmanagesieve/session.cpp
+++ b/src/kmanagesieve/session.cpp
@@ -112,7 +112,7 @@
                 qCDebug(KMANAGERSIEVE_LOG) << objectName() << "Sieve server ready & awaiting authentication.";
                 if (m_state == PreTlsCapabilities) {
                     if (!allowUnencrypted() && !QSslSocket::supportsSsl()) {
-                        setErrorMessage(KIO::buildErrorString(KIO::ERR_SLAVE_DEFINED, i18n("Cannot use TLS since the underlying Qt library does not support it.")));
+                        setErrorMessage(KTcpSocket::UnknownError, i18n("Cannot use TLS since the underlying Qt library does not support it."));
                         disconnectFromHost();
                         return;
                     }
@@ -122,7 +122,7 @@
                                                                    "You can choose to try to initiate TLS negotiations nonetheless, or cancel the operation."),
                                                               i18n("Server Does Not Advertise TLS"), KGuiItem(i18n("&Start TLS nonetheless")), KStandardGuiItem::cancel(),
                                                               QStringLiteral("ask_starttls_%1").arg(m_url.host())) != KMessageBox::Continue) {
-                        setErrorMessage(KIO::buildErrorString(KIO::ERR_USER_CANCELED, i18n("TLS encryption requested, but not supported by server.")));
+                        setErrorMessage(KTcpSocket::UnknownError, i18n("TLS encryption requested, but not supported by server."));
                         disconnectFromHost();
                         return;
                     }
@@ -163,7 +163,7 @@
             m_thread->startSsl();
             m_state = None;
         } else {
-            setErrorMessage(KIO::buildErrorString(KIO::ERR_SLAVE_DEFINED, i18n("The server does not seem to support TLS. Disable TLS if you want to connect without encryption.")));
+            setErrorMessage(KTcpSocket::UnknownError, i18n("The server does not seem to support TLS. Disable TLS if you want to connect without encryption."));
             disconnectFromHost();
         }
         break;
@@ -328,13 +328,17 @@
     qCDebug(KMANAGERSIEVE_LOG) << objectName() << "TLS negotiation done, m_state=" << m_state;
 }
 
-void Session::setErrorMessage(const QString &msg)
+void Session::setErrorMessage(int error, const QString &msg)
 {
     if (m_currentJob) {
         m_currentJob->setErrorMessage(msg);
     } else {
-        qCWarning(KMANAGERSIEVE_LOG) << objectName() << "No job for reporting this error message!" << msg << " m_url " << m_url.host();
-        KMessageBox::error(nullptr, i18n("Server:%1\n%2", m_url.host(),msg));
+        // Don't bother the user about idle timeout
+        if (error != KTcpSocket::RemoteHostClosedError &&
+            error != KTcpSocket::SocketTimeoutError) {
+            qCWarning(KMANAGERSIEVE_LOG) << objectName() << "No job for reporting this error message!" << msg << "host" << m_url.host() << "error" << error;
+            KMessageBox::error(nullptr, i18n("Server:%1\n%2", m_url.host(), msg));
+        }
     }
 }
 
diff --git a/src/kmanagesieve/sessionthread.cpp b/src/kmanagesieve/sessionthread.cpp
--- a/src/kmanagesieve/sessionthread.cpp
+++ b/src/kmanagesieve/sessionthread.cpp
@@ -211,8 +211,9 @@
 {
     Q_ASSERT(QThread::currentThread() == thread());
 
-    qCWarning(KMANAGERSIEVE_LOG) << Q_FUNC_INFO << m_socket->errorString();
-    Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_CONNECT, m_socket->errorString()));
+    qCWarning(KMANAGERSIEVE_LOG) << Q_FUNC_INFO << m_socket->error() << m_socket->errorString();
+
+    Q_EMIT error(m_socket->error(), m_socket->errorString());
     doDisconnectFromHost(false);
 }
 
@@ -222,6 +223,13 @@
     QMetaObject::invokeMethod(this, &SessionThread::doStartAuthentication, Qt::QueuedConnection);
 }
 
+// Called in secondary thread
+void SessionThread::handleSaslAuthError()
+{
+    Q_EMIT error(KTcpSocket::UnknownError, KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE, QString::fromUtf8(sasl_errdetail(m_sasl_conn))));
+    doDisconnectFromHost(true);
+}
+
 // Called in secondary thread
 void SessionThread::doStartAuthentication()
 {
@@ -236,27 +244,24 @@
 
     result = sasl_client_new("sieve", m_url.host().toLatin1().constData(), nullptr, nullptr, callbacks, 0, &m_sasl_conn);
     if (result != SASL_OK) {
-        Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE, QString::fromUtf8(sasl_errdetail(m_sasl_conn))));
-        doDisconnectFromHost(true);
+        handleSaslAuthError();
         return;
     }
 
     do {
         result = sasl_client_start(m_sasl_conn, m_session->requestedSaslMethod().join(QLatin1Char(' ')).toLatin1().constData(), &m_sasl_client_interact, &out, &outlen, &mechusing);
         if (result == SASL_INTERACT) {
             if (!saslInteract(m_sasl_client_interact)) {
-                Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE, QString::fromUtf8(sasl_errdetail(m_sasl_conn))));
+                handleSaslAuthError();
                 sasl_dispose(&m_sasl_conn);
-                doDisconnectFromHost(true);
                 return;
             }
         }
     } while (result == SASL_INTERACT);
 
     if (result != SASL_CONTINUE && result != SASL_OK) {
-        Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE, QString::fromUtf8(sasl_errdetail(m_sasl_conn))));
+        handleSaslAuthError();
         sasl_dispose(&m_sasl_conn);
-        doDisconnectFromHost(true);
         return;
     }
 
@@ -288,17 +293,16 @@
 
     if (response.operationResult() == Response::Other) {
         if (!saslClientStep(data)) {
-            Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE, QString::fromUtf8(sasl_errdetail(m_sasl_conn))));
-            doDisconnectFromHost(true);
+            handleSaslAuthError();
             return;
         }
     } else {
         sasl_dispose(&m_sasl_conn);
         if (response.operationSuccessful()) {
             qCDebug(KMANAGERSIEVE_LOG) << "Authentication complete.";
             Q_EMIT authenticationDone();
         } else {
-            Q_EMIT error(KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE,
+            Q_EMIT error(KTcpSocket::UnknownError, KIO::buildErrorString(KIO::ERR_COULD_NOT_AUTHENTICATE,
                                                i18n("Authentication failed.\nMost likely the password is wrong.\nThe server responded:\n%1", QString::fromLatin1(response.action()))));
             doDisconnectFromHost(true);
         }
diff --git a/src/kmanagesieve/sessionthread_p.h b/src/kmanagesieve/sessionthread_p.h
--- a/src/kmanagesieve/sessionthread_p.h
+++ b/src/kmanagesieve/sessionthread_p.h
@@ -52,9 +52,11 @@
 
     void startSsl();
 
+    enum { AuthenticationError = 1500 }; // "extend" KTcpSocket::Error
+
 Q_SIGNALS:
     void responseReceived(const KManageSieve::Response &response, const QByteArray &data);
-    void error(const QString &error);
+    void error(int errorCode, const QString &error);
     void authenticationDone();
     void sslDone();
     void sslError(const KSslErrorUiData &data);
@@ -81,6 +83,7 @@
     bool saslInteract(void *in);
     bool saslClientStep(const QByteArray &challenge);
     void sslResult(bool encrypted);
+    void handleSaslAuthError();
 
 private:
     Q_DISABLE_COPY(SessionThread)