Thanks for your help. Unfortunately it won't work.
By the way, a ")" is missing after "$message" here : ...$message, TRUE, FALSE...
It looks like the $user is not quoted at this stage. I've put authdaemond in debug mode again, to see what's going on. As far as I understand, roundcube tries 2 different login methods. The first one uses CRAM-MD5. When the IMAP server and Roundcube try to resolve the challenge, they find a quoted username:
imapd: Connection, ip=[127.0.0.1]
authdaemond: received auth request, service=imap, authtype=cram-md5
authdaemond: authuserdb: trying this module
authdaemond: cram: challenge=**********, response=***********
authdaemond: cram: decoded challenge/response, username [B]'"MY_LOGIN"'[/B]
authdaemond: userdb: opened /usr/local/etc/userdb.dat
authdaemond: userdb: entry not found
authdaemond: authuserdb: REJECT - try next module
authdaemond: FAIL, all modules rejected
Just after that, Roundcube falls back in "login" authtype, and you can see the username is good (no double quotes):
authdaemond: received auth request, service=imap, authtype=login
authdaemond: authuserdb: trying this module
authdaemond: userdb: opened /usr/local/etc/userdb.dat
authdaemond: userdb: looking up [B]'MY_LOGIN'[/B]
authdaemond: userdb: home=/home/MY_LOGIN, uid=1001, gid=0, shell=/usr/local/bin/bash, mail=, quota=, gecos=MY NAME, options=
authdaemond: found systempw in userdbshadow
authdaemond: authuserdb: sysusername=, sysuserid=1001, homedir=/home/MY_LOGIN, address=MY_LOGIN, fullname=MY NAME, maildir=, quota=, options=
authdaemond: authuserdb: clearpasswd=, passwd=*
authdaemond: supplied password 'MY_PASSWORD' does not match encrypted password '*'
authdaemond: authuserdb: REJECT - try next module
authdaemond: FAIL, all modules rejected
no quotes -> login found, but unfortunately the userdb does not include a real system password (systempw). The userdb is configured so that only CRAM-MD5 challenge authentication is possible.
As I said earlier, Squirrel Mail and other IMAP clients use CRAM-MD5 with success, because the login is provided to the server without double quotes.
I think the problem may be in the CRAM-MD5 code of RoundCube, but I don't know where to look...