Read all about the Dovecot IMAP server at the canonical site.
The only non-plaintext login supported by Mozilla is CRAM-MD5. Unfortunately, Dovecot speaks only PLAIN or DIGEST-MD5. I use Mozilla on the road and this annoyed me, so I wrote a CRAM-MD5 authentication mechanism. If you want this patch, no warranty etc, download it here. Choose your version:
It's specifically tested and known to authenticate/deny correctly with clients
connecting to Dovecot 0.99.10.2 and CVS of 20031111 running on FreeBSD 5.1 (actually 5-CURRENT), with the various combinations
Generating the HMAC-MD5 context requires a tool. If using Dovecot CVS releases or the 1.0-test series, you can apply the dovecot-xtrahash patch below, which includes the "dovecotpw" hash-generation tool.
I've had some compatability issues with the password hashing and hash string representations from LDAP directories (in particular OpenLDAP, although SunOne uses the same form). Here's a first stab at fixing the impedence mismatch:
This one is not tested beyond my local workstation, so feedback would be very welcome.