2nd reasonable looking patch not incorporated upstream. This one
appears to add some documentation:
~/lib/imapoptions
line 93:
-are listed with ``<none>''.
+are listed with ``<none>''. It is also possible to override options by
+specifying them as <service_id>_<optionname>. One example is
``lmtp_admins'',
+which overrides ``admins'' just for the lmtp service. The <service_id>
is the
+one you specified in the \fB/etc/cyrus.conf\fR file.
line 146:
-/* Allow the use of cleartext passwords on the wire. */
+/* Allow the use of cleartext passwords on the wire.
+.PP
+ To allow the use of plaintext passwords for authentication, you can
+ set ``allowplaintext: yes'' in imapd.conf. This will still allow PLAIN
+ under TLS, but IMAP LOGIN commands will now fail.
+.PP
+ If you only list plaintext authentication mechanisms in
``sasl_mech_list''
+ and set ``allowplaintext: no'', only users on encrypted sessions (TLS or
+ SSL) will be able to authenticate. On the other hand, if you list no
+ plaintext authentication options in ``sasl_mech_list'',
+ ``allowplaintext: yes'' would have no effect. */
