My clients will not authenticate either with Outlook via IMAP (even with the SSL settings enabled) unless the cleartext option is enabled.

With cleartext enabled, does it send both the username and password in cleartext? If so, that can't be good. A simple packet sniff could obtain credentials.