When an user is created, useradd creates a /var/mail/$USER mailbox
with
the mode 0660 (owned by $USER:mail).
I heard this causes some issues for dovecot, and a solution could
be to
move to mode 0600.
IIRC, it was a problem for the support of shared mailboxes.
Index files are created whose permissions mimic the mailbox'
permissions.
The 'mail' group ownership would require dovecot to be in the mail
group.
I assume that this could be solved internally by dovecot, but it
would be
easier (and safer) to move to a 0600 policy.