AuthenticateByToken() accepts a one-time token to authenticate the hMailServer.Application object for use in non-interactive daemons that leverage the COM API.
One way to generate and pass a token would be via the %TOKEN% macro from a command-line invoked within hMailServer (such as the External Virus Scanner). Additional mechanisms could be coded to create a trusted process capability.