Plus Dovecot complains that the policy service is only supposed to be used in the RCPT stage. So clearly this is a bad approach.
I want to explore this more. I tried it and also see:
dovecot[1096]: quota-status(26164): Warning: Received policy query from MTA in unexpected state END-OF-MESSAGE (service can only be used for recipient restrictions)
Why? Why does dovecot even care? Quota plugin is sent a user and a size, it looks up quota for that user and computes if size will put the user over limit and returns an answer. Why does dovecot care or even know at what stage this is done? Why is it bad to check quota after getting the real size? Seems like its designed to allow spoofing from an evil mail client.
What is the harm being done that causes this log warning? What is the harm in ignoring the warning?