Still get no idea about the behavior of ispconfig2. On user creation it simply adds the user password at the end of /etc/shadow and on ANY modification to the user, for ex. activation of antispam, the whole group of users will be rewritten at the end of the file /etc/shadow.
Thats the normal behaviour in ISPConfig 2. It does not cause any problems. I never had a corruption of any password on my servers in the last years.