? Imho are these just arguments for people not being able to setup an environment correctly.
I do not intend to start a flame on this topic, it is just my opinion.
But writing it down like this is still educating people (incorrectly).
It's not about the correct environment (you can google for it and you will found a pretty good setup even when you are newbie) but about the potential vulnerabilities related to each component of the system: if the system has less components the probability to have issues is smaller.
Yes but this is reasoning backwards, and even then, it is not complete because you have multiple layers of security. Eg only dovecot is public facing and can have an exploit that would be limited to just by os uid environment. If you are proficient with selinux you could even enhance the os rules for access.
Also you can have cases when you really want to have system users ( like using the same server as samba server or so) and in this case the opposite approach is better.
It is not about sharing, it is about how many people are looking and reporting authentication/authorisation issues and specialize in this area. You should choose the tool made for its purpose. When having a nail you choose a hammer. Obviously you can also use a hammer on a screw.