Dovecot uses 2 seperate login databases to authenticate. One is for the system passwords. This is called “shadow” and uses the /etc/shadow file. The other is for virtual pop accounts. They live in the /etc/virtual/domain.com/passwd files.
A valid email account of either type will only exists in one of these database, not both, but both are checked to attempt to validate the user. If the email account does not exist in the first one, then the error will show up, even though it exists in the 2nd database. This is normal.
Sample message
Nov 7 00:59:47 server dovecot[13778]: auth(default): shadow(user@domain.com,127.0.0.1): unknown user Nov 7 00:59:47 server dovecot[13778]: auth(default): passwd(user@domain.com,127.0.0.1): unknown user
You can hide these errors by setting
auth_verbose = no auth_debug = no
in the ”## Authentication processes” section of your /etc/dovecot.conf