Symfony version(s) affected

4.3-6.1

Description

When throwing a TransportException during authentication in EsmtpTransport, multiple authenticators are tried and their exceptions are collected in an array.
To generate the exception message for the resulting TransportException, this array is iterated and the exception is cast to string, leading to a full stack trace being passed inside the exception message.

        # https://github.com/symfony/mailer/blob/6.1/Transport/Smtp/EsmtpTransport.php:190
        $message = sprintf('Failed to authenticate on SMTP server with username "%s" using the following authenticators: "%s".', $this->username, implode('", "', $authNames));
        foreach ($errors as $name => $error) {
            $message .= sprintf(' Authenticator "%s" returned "%s".', $name, $error);
        }

When displaying the exception message to a user, there is way too much information about the backend inside and it is unreadable.

How to reproduce

Use a mailer with SMTPS, with invalid credentials and catch the resulting exception.
echo $exception->getMessage()

Possible Solution

Instead of the exception being cast to a string, $error->getMessage() should be used.

        $message = sprintf('Failed to authenticate on SMTP server with username "%s" using the following authenticators: "%s".', $this->username, implode('", "', $authNames));
        foreach ($errors as $name => $error) {
-            $message .= sprintf(' Authenticator "%s" returned "%s".', $name, $error);
+            $message .= sprintf(' Authenticator "%s" returned "%s".', $name, $error->getMessage());
        }

Additional Context

I'm happy to provide a PR.