Quoting BlackVoid <blackvoid+dovecot@fantas.in>:
I'm currently working on a control panel which is using postfix, dovecot and other applications and I want to add application specific passwords to increase security.
I found one solution [1], however it requires the password to be included in the query which is something I do not want to do, because the query may be written in clear-text to log-files. So I'm wondering if there is a way to have multiple passwords with dovecot without risking passwords being leakied in clear-text to log-files.
[1]http://wiki2.dovecot.org/AuthDatabase/SQL#Password_verification_by_SQL_serve...
You can run your query by host (or port - not sure if that variable is available in the query) and make it complex..
For example - (MySQL) SELECT if ('%r'!='127.0.0.1', webmail_pass, enc_password) as password from user where userid = %u
http://komlenic.com/254/mysql-nested-if-in-select-queries/
If you're using Dovecot as an auth backend for your control panel, I'd use a custom port only accessible from the web server(s) like 145 for IMAP+Control Panel.
Rick