Well, I don't know how you feel about it, but you could always go with something similar to what courier does and call it "doveauth" while keeping the real "dovecot" user for the reset of the processes.
It's eight characters, reminds you of the login process, and very easy to understand for anyone who sees it for the first time.
/my two cents...
So "dovecot" could be reused for 2. And it would no longer be a mortal sin to use dovecot user for owning mail files. For 1. there would be a new user. I'd use "dovelogin", but apparently tools still don't much like usernames that are longer than 8 characters. Like ps could show numeric uid instead of 9 character long username. So .. any suggestions? "dovlogin" could be one possibility I guess. It would be nice if the name somehow reminded of login processes, but maybe something else could be used too, like: dovenil, dovenull, dovezero, dovenone, dovevoid, doveint, dovedown, dovein, dove0