This is dangerous when Dovecot is configured to use Single Instance Storage. In this configuration, attachments over some size are stored separately as files in the filesystem. If several users in the system receive the same attachment, only a copy is stored in the server.
Deleting is tricky because the attachments keep a reference counter. If we just simply delete the user mailbox we will leak her attachments. Those files will be there forever.
Deletion must be done with care. The steps I do are:
Reconfigure the user: no more incoming email, forbidden access to the IMAP4. Kick out the user if she is connected just now.
The effect of this is to avoid third party changes in the user IMAP4 account.
Tag all messages of the user as Deleted:
Notice the double backslash.
Expunge the messages:
Actually get rid of the messages and their attachments:
Delete the user and her IMAP4 directory for real.
I found the email thread How to Delete an user and Purge attachements with a common directory mail_attachment_dir with SIS for all users after devising these steps. The expunge step documented there doesn't work in my Dovecot version. I get this error message:
Fatal: expunge: To avoid accidents, each branch in search query must contain something else besides MAILBOX (e.g. just add "all" if you want everything).
My approach works.