Dovecot 对某些用户的身份验证失败

我有一个典型的 Dovecot + Postfix 设置，带有 Apache 和 Roundcube（在 VPS 中）。昨天我设置好了一切，一切顺利。没错，但今天我醒来时惊讶地发现一些用户根本无法登录。客户端给出如下消息（roundcube 案例）：

Login failed for $user from $ip. AUTHENTICATE PLAIN: Authentication failed.

最糟糕的是，其他用户可以登录，这很奇怪，因为身份验证方法等是全局的。我在网上搜索解决方案，但一无所获。我阅读了 Dovecot wiki 中有关密码方案、密码数据库、身份验证机制等的内容。每当我尝试使用 telnet/openssl 登录时，我都会得到：

$ openssl s_client -connect imap.domain.tld:143 -starttls imap
a login $user $password
a NO [AUTHENTICATIONFAILED] Authentication failed.

最疯狂的是密码是正确的！passdb 和 userdb 设置正确（它们在我之前的服务器中工作正常，并且已使用doveadm user和确认doveadm user）。如果这还不够，日志什么都没说！！（即使使用最详细的配置、启用调试等）

这是我的鸽舍配置：

$ dovecot -n
# 2.2.29.1 (e0b76e3): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: Linux 4.9.155-gnu-0-lts x86_64  
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login cram-md5
auth_verbose = yes
auth_verbose_passwords = yes
mail_location = maildir:~/Maildir
mail_plugins = " quota"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character         vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Sent {
    auto = subscribe
    special_use = \Sent
  }
  mailbox Spam {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/passwd-file
  auth_verbose = yes
  driver = passwd-file
}
plugin {
  quota = maildir:Cuota de usuario
  quota_warning = storage=95%% quota-warning 95 %u
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap pop3 sieve
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
  user = root
}
service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
  user = root
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
  inet_listener pop3s {
    port = 995
    ssl = yes
  }
}
ssl = required
ssl_protocols = TLSv1.2 TLSv1.1 !SSLv3
userdb {
  args = /etc/passwd-file
  auth_verbose = yes
  driver = passwd-file
}
verbose_ssl = yes
protocol imap {
  mail_plugins = " quota imap_quota imap_sieve"
  ssl_cert = </etc/letsencrypt/live/server/fullchain.pem
  ssl_key =  # hidden, use -P to show it
}
protocol pop3 {
  ssl_cert = </etc/letsencrypt/live/server/fullchain.pem
  ssl_key =  # hidden, use -P to show it
}
protocol sieve {
  ssl_cert = </etc/letsencrypt/live/server/fullchain.pem
  ssl_key =  # hidden, use -P to show it
}
protocol lmtp {
  mail_plugins = " quota sieve"
}

请帮帮我，这让我很生气 :/