This is a thought, and if anyone has implemented this, please tell me!

I have mysql/courier/postfix working.. My company has numerous clients, and we
setup new e-mail accounts for them all the time, but first we obviously have to
get passwords from them.

So my thought is this:

What if for a particular user in mysql (or any auth mechanism really), upon
first connection if the password field is blank, the pop3 server (or imap) would
insert the used password into the database?

So->

User jo...@joe.com connects with login jo...@joe.com and password abc123 Lookup in mysql... user exists but password field is blank. Insert abc123 into the password field and successfully authenticate the user.

It's not really a security concern because it would be a new account, and it
would be obvious if someone were to miraculously figure this out and "hijack"
the account because a password would have been set.

Anther use of this would be, let's say you're migrating from a mail server which
has encrypted passwords so you don't know all of your users' passwords. Just
setup the usernames and the passwords will automatically get filled in as users
check their mail. Or if you start hosting someone's e-mail, they could just
give you their list of usernames without having to reset all of their passwords
(since 99% of them probably don't know what password they have stored in Outlook
Express).

This could probably also be taken a step further and have courier create users
on the fly/mysql entries. You could enable it for particular domain for a short
time period, tell your new client to have all of their users check mail, then
shut it off and all of the accounts will have been created automatically.

My programming knowledge is limited so if anyone could suggest how this could be
accomplished that would be great. Thoughts??

--Josh