diff --git a/.gitignore b/.gitignore
index 50d22a22..79a4dc3c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,7 @@
 #################################################
 
 .env
+compose.override.yaml
 docs/site/
 docker-data/
 
diff --git a/mailserver.env b/mailserver.env
index 8a4dc834..4151c483 100644
--- a/mailserver.env
+++ b/mailserver.env
@@ -423,6 +423,10 @@ GETMAIL_POLL=5
 # --- OAUTH2 Section ----------------------------
 # -----------------------------------------------
 
+# empty => OAUTH2 authentication is disabled
+# 1 => OAUTH2 authentication is enabled
+ENABLE_OAUTH2=
+
 # empty => verySecretId
 # Specify the OAuth2 client ID
 OAUTH2_CLIENT_ID=
diff --git a/target/scripts/start-mailserver.sh b/target/scripts/start-mailserver.sh
index 1dc27bf3..2476e466 100755
--- a/target/scripts/start-mailserver.sh
+++ b/target/scripts/start-mailserver.sh
@@ -62,16 +62,16 @@ function _register_functions() {
       _register_setup_function '_setup_ldap'
       ;;
 
-    ( 'OAUTH2' )
-      _environment_variables_oauth2
-      _register_setup_function '_setup_oauth2'
-      ;;
-
     ( * )
       _dms_panic__invalid_value "'${ACCOUNT_PROVISIONER}' is not a valid value for ACCOUNT_PROVISIONER"
       ;;
   esac
 
+  if [[ ${ENABLE_OAUTH2} -eq 1 ]]; then
+      _environment_variables_oauth2
+      _register_setup_function '_setup_oauth2'
+  fi
+
   if [[ ${ENABLE_SASLAUTHD} -eq 1 ]]; then
     _environment_variables_saslauthd
     _register_setup_function '_setup_saslauthd'
diff --git a/target/scripts/startup/setup.d/oauth2.sh b/target/scripts/startup/setup.d/oauth2.sh
index 4a217c25..adc33e6d 100644
--- a/target/scripts/startup/setup.d/oauth2.sh
+++ b/target/scripts/startup/setup.d/oauth2.sh
@@ -4,7 +4,6 @@ function _setup_oauth2() {
   _log 'debug' 'Setting up OAUTH2'
 
   sed -i -e '/\!include auth-oauth2\.conf\.ext/s/^#//' /etc/dovecot/conf.d/10-auth.conf
-  sed -i -e '/\!include auth-passwdfile\.inc/s/^/#/' /etc/dovecot/conf.d/10-auth.conf
 
   _log 'trace' "Configuring Dovecot OAUTH2"