libsasl + smtp w/o clear passwd storage?

[Jan Parcel via Cyrus-devel]

I think there MUST be a way to use libsasl with smtp without storing 
passwords in the clear, and ESPECIALLY not on each local system, but 
nowhere in the docs is an example for how to do so.

I would think the ldapdb auxprop plugin might be able to do that, or 
some kind of use_pam? Or ldap without the ldapdb plugin?

(I realize Kerberos might handle that but I'm looking for a non-Kerberos 
solution in addition.)

Thanks for any hints,

Jan Parcel