The attached patch modifies mail-source.el to use a netrc (~/.authinfo)
file for IMAP fetching.  It will be triggered when
mail-source-authinfo-file is not nil.  It will override the :user and
:password parameters set in mail-sources unconditionally.  This allows
users to store their passwords for an IMAP mail source in the authinfo
file, encrypted if necessary.  I use this for my IMAP fetching and it
worked fine; please test (also if you don't use the feature, make sure
your IMAP fetching works OK).  I won't commit until I get confirmations
it works, since mail fetching is a sensitive area for improvements.

I plan to add this to POP and webmail fetching as well, possibly through
mail-source-bind instead of in each individual fetching function.
Please let me know what you think.

Also, I think instead of the current variables

(setq
 nnimap-authinfo-file "~/.authinfo.enc"
 nntp-authinfo-file "~/.authinfo.enc"
 mail-source-authinfo-file "~/.authinfo.enc"
 smtpmail-auth-credentials "~/.authinfo.enc")

Gnus should have a single specification:

(setq
 authinfo-files '(('nnimap "~/.imap-authinfo.enc")
                  (t "~/.authinfo.enc")))

Then we can derive each of those variables at runtime, if they are not
set:

(setq nnimap-authinfo-file
 (or nnimap-authinfo-file (gnus-get-authinfo-file 'nnimap)))

WDYT?

Ted