On Tue, 2010-08-31 at 21:07 +0200, Egbert Jan van den Bussche wrote: > > If your /etc/shadow is readable by "shadow" group, you can use > > auth_user=something that uses shadow group as the primary group (maybe > > create a new "doveauth" user). > > > > TNX Timo. I have added vmail to the shadow group. Now it may read > /etc/shadow.
That doesn't sound like such a good idea. Now all imap/pop3/etc processes can read your /etc/shadow. Only auth process needs to do that.