support@majordomo.ru wrote:
Can I solve this problem or it is virtually "bug" of dovecot?
No bug, just the "garbage in, garbage out" principle. Mysql's string matches are case-insensisitive by default, so when dovecot asks mysql for the user information of UsEr1, it will get the information of user1 and therefore assumes that UsEr1 is a valid login. It's not dovecot's fault. If you want the match case-insensitive (so UsEr1 will be rejected), add the BINARY attribute to the userid field or change your query to '... WHERE BINARY userid = "%u"' in password_query and user_query.
If you want to allow logins as UsEr1 (and let him access user1's mail), you have to change your dovecot.conf, I think. Use %h instead of %u there, and let user_query return the home directory with something like 'SELECT CONCAT('/var/spool/vmail/',LOWER(userid)) AS home, ...'.