I had a problem with a spammer using an over quota email account to bounce back spam to other users. I blocked this specific spammer by setting the account to :fail: and blocking his IP address but I expect that this can and will happen again. I am going to ban all use of catch-all addresses on our servers but that doesn't stop someone from using another full email account to bounce back spam. It just makes them harder to find. Here's a suggestion on how to reject mail for users over quota instead of bouncing it. Has anyone tried this? http://www.timj.co.uk/linux/rcpt-time-quota-maildir.php Does cpanel create a list of users over quota that I could scan for this purpose? Thanks.