you can add nopassword attribute to the end. See https://wiki.dovecot.org/PasswordDatabase/ExtraFields


---
Aki Tuomi
Dovecot oy

-------- Original message --------
From: J Doe <general@nativemethods.com>
Date: 07/07/2018 02:39 (GMT+02:00)
To: dovecot@dovecot.org
Subject: Question about password field in passwd-file

Hello,

I have a question regarding the password field of the passwd-file [1].

According to the wiki, the password field assumes a {SCHEME} of CRYPT when the {SCHEME} is not prefixed
to this field.

So, a passwd-file like:

    user:password: . . .

… is equivalent to:

    user:{CRYPT}password: . . .

Does that mean an example passwd-file with NEITHER {SCHEME} or password, like:

    user@example.com:: . . . (note no scheme or password specified between colons)

…means that the user@example.com user does not have any valid crypted password and therefore the
user@example.com user cannot be authenticated ?

For example, if I use doveadm to create a null CRYPT password:

    $ sudo doveadm pw -s CRYPT -p “” -u user@example.com

… gives the result:

    {CRYPT}txR1JRq9140Qk

… which differs from the example password field having NEITHER {SCHEME} or password, like:

    user@example.com:: . . .

… so if I attempt to logon using a null password for user@example.com when nothing is specified in the
password field for the passwd-file:

    /etc/dovecot/passwd
        user@example.com:: . . .

    $ sudo doveadm auth test user@example.com
    password:
    passdb: user@example.com auth failed

… it is impossible to logon as user@example.com with ANY PASSWORD and/or a NULL password ?

Thanks,

- J

Sources:

    [1] https://wiki2.dovecot.org/AuthDatabase/PasswdFile