On that note, has anyone written a tool that "harmonises" users mail directories' permissions - ideally reading the dovecot configuration to assess where *THE* mail directories are actually used by dovecot?
doveadm user $user
which will supply the second half: it will spit out the UID, GID, home and mail directories of a user as specified by dovecot's configuration.
I was surprised by the pickiness of the group ownership/permissions issues, though reflecting on things, I can see why you'd at least want some logging by default for those conditions.
This is a consequence of writing secure software: it employs least privilege so that a fault will not result in someone being able to mess around with someone else's mail (or indices). GID can also govern access to shared mailboxes.
Joseph Tam jtam.home@gmail.com