I'm adding the finishing touch to the Postfix Dovecot plug-in, to be released with snapshot 20051223. The plug-in code quality is generally very good.
I had two observations, both of minor importance:
The authentication server protocol uses the TAB character as a delimiter, so it is critical that legitimate user names don't contain this character. This is of course trivial to ensure with the authentication server implementation, so I will not worry about it.
I noticed that the plug-in did not satisfy one Postfix principle, namely that operations be bounded in time. I added a time limit for connect, read and write operations. Postfix will time-bound all operations anyway, but the diagnostics of the watchdog timer are less specific and therefore less useful.
Wietse