One more piece of the puzzle: the explanatory comment text in /etc/dovecot/conf.d/auth-system.conf.ext:

LDA and LMTP needs to look up users only from the userdb. This of course

doesn't work with static userdb because there is no list of users.

Normally static userdb handles this by doing a passdb lookup. This works

with most passdbs, with PAM being the most notable exception. If you do

the user verification another way, you can add allow_all_users=yes to

the args in which case the passdb lookup is skipped.

This explains why the static userdb prevented the system user from being recognized, since it was in PAM not /etc/passwd.

-- Randall Gellens Opinions are personal; facts are suspect; I speak for myself only -------------- Randomly selected tag: --------------- The first ninety percent of the task takes ninety percent of the time, and the last ten percent takes the other ninety percent.