Passwords are generally not stored in plaintext in a log file. However if they are trying to access the server through unencrypted means you can packet sniff the passwords using tcpdump which will allow you to read the packets in plaintext (granted they are NOT encrypted like if they try SMTP w/TLS or IMAPS or HTTPS.