<username>%EMAILLOCALPART%</username>
<authentication>plain</authentication>
<!-- "plain": Send password in the clear (dangerous, if SSL isn't used either). ANONYMOUS, PLAIN or LOGIN etc.. "secure": Auto-negotiate an encrypted password mechanism. Can be CRAM-MD5, DIGEST-MD5, KerberosV4, GSSAPI (Kerberos v5) etc..
<pop3>
<!-- remove the following and leave to client/user? -->
<inputField key="GRANDMA" label="Grandma">Elise Bauer</inputField>
<!-- Add this only when users (who already have an account) have to do something before the account can work with IMAP/POP or SSL.
Note: Per XML, & (ampersand) needs to be escaped to & . -->
<enableURL