? Imho are these just arguments for people not being able to setup
an
environment correctly.
I do not intend to start a flame on this topic, it is just my opinion.
But writing it down like this is still educating people (incorrectly).
It's not about the correct environment (you can google for it and you will found a pretty good setup even when you are newbie) but about the potential vulnerabilities related to each component of the system: if the system has less components the probability to have issues is smaller.
Yes but this is reasoning backwards, and even then, it is not complete because you have multiple layers of security. Eg only dovecot is public facing and can have an exploit that would be limited to just by os uid environment. If you are proficient with selinux you could even enhance the os rules for access.
Also you can have cases when you really want to have system users ( like using the same server as samba server or so) and in this case the opposite approach is better.
It is not about sharing, it is about how many people are looking and reporting authentication/authorisation issues and specialize in this area. You should choose the tool made for its purpose. When having a nail you choose a hammer. Obviously you can also use a hammer on a screw.
Your argumentation though is not really solid. Forcing your system to be aware of all the users that are valid for mail delivery is not necessarely a good idea.
My argument is solely reasoned from the perspective of security and authentication etc and not even particularly aimed at dovecot but any application taking over the role of users and authentication. A multi user environment is the core of linux/unix over decades.
E.g. it will sometimes make shared folder configuration unnecessarely difficult.
So this would be an argument to switch to different auth methods. Just having unfounded security hunch is not an argument.
It will also make your system aware of all the possible mail users.
I don't see the relevance of your system being or not being aware of users that use mail. I even like it, so I can resource throttle some users when I need to.
If you are doing multi-domain hosting, it becomes even more difficult, now your system needs to be aware of users from multiple different domains with potentially overlapping usernames.
These are all valid arguments to do things differently. The only problem I have is when people start stating that it is more secure to have virtual users. In my setup the multi domain is not an issues at all, and to ensure uniqueness you can use overlays in ldap.
In the end you get no practical gains from going through OS authentication for just storing & accessing emails, but you sure get lots of complications.
If that were the case, dovecot would not be utilizing different uids for virtual users and use these to write files/spawn processes(? not entirely sure how this currently is)