Robert,
If you wish, you can go one step further and configure postfix to reject mail -5.X.X DSN- when user is over quota instead of having the mail waiting in the postfix mail queue for considering it a temporary delivery problem -4.X.X DSN-. When the problem is considered temporary postfix will retry to send the e-mail several times (sometimes for a whole week) and the sender wouldn't even know that their message didn't get to the recipient. With a permanent error, the sender is immediately informed that their mail couldn't make it to the recipient's inbox.
In order to do this, you need to tell postfix and dovecot to talk together using the LMTP protocol.
To achieve this, two things :
1/ In dovecot : configure the lmtp service and tell it that postfix will talk to it through the /var/spool/postfix/private/dovecot-lmtp unix socket. In conf.d/10-master.conf :
service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } }
Here, dovecot will create the socket in postfix's chroot directory just to make sure it can access it (in case it runs chrooted, which is the default in debian). Should you have created the socket outside of postfix's chroot, then postfix wouldn't have access to it. In order for dovecot to create that socket it needs to connect as the postfix system user and group. In Debian, postfix chroot is /var/spool/postfix/.
2/ In postfix : use the lmtp service as your transport and set the "next hop" (postfix's jargon) to the unix dovecot-lmtp socket (that dovecot will create for you). This is done by editing postfix's main.cf :
virtual_transport = lmtp:unix:private/dovecot-lmtp
you should also find an lmtp line in master.cf, it should read like this :
lmtp unix - - - - - lmtp
you can leave that unchanged.
If you do 1/ and 2/, dovecot will inform postfix (via the LMTP protocol) that the user is over quota and mail should be rejected (not held in queue), postfix will then bounce to the sender, informing them that their message couldn't be delivered :
This is the mail system at host my.mailserver.tld
I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.
[...]
<s.merrouche@my.mailserver.tld>: host
my.mailserver.tld[private/dovecot-lmtp] said: 552 5.2.2
<s.merrouche@my.mailserver.tl> Quota exceeded (mailbox for user is full) (in reply to end of DATA command)
-- Yassine