maybe it's a security risk, but has anybody tried to keep the secrets normally stored in sasldb in an LDAP tree? i guess a rewrite of db_berkeley.c using ldap, calling it db_ldap.c, should be sufficient when access control to the LDAP tree can be enforced. this would allow the usage of AUTH authentication with distributed IMAP servers in a cluster environment. otherwise the synchronization of the berkely daytabase files would be a PITA.