"if available" options considered harmful -->
<username>%EMAILLOCALPART%</username>
<authentication>DIGEST-MD5plain</authentication> <!-- TODO Backend doesn't seem to be so differentiated, or does it automatically. The UI and IDL API only knows "secure" auth on/off, whatever "secure" may mean. So, allowed values for now: plain, secure
<!-- anonymous,
plain,
KerberosV4,
GSSAPI (Kerberos v5),
TODO Backend doesn't seem to be so differentiated, or does it automatically. The UI and IDL API only knows "secure" auth on/off, whatever "secure" may mean.
-->
<pop3>