Here is another option that may provide some help: http://johnny.chadda.se/article/mail...rey-and-dspam/
Search for the work 'quota' in the page. You will want to look through the comments too. It uses virtual users (don't know if you do or not) and the POP/IMAP application rather than Postfix to enforce quotas. It may work without virtual users.
You may be able to do this with disk quotas, but I suspect that the effect will be to "push the problem elsewhere", much like the pipe leaks in cartoons where they put their finger on one leak and it springs up somewhere else. In order to use disk quota, you will need to put the mail into a directory and assign limits to that directory, or user, or something, somehow. Not sure how you would do it, but it sounds like it would work. Note, 'virtual users' still stores the mail in a directory. It is just in a central location such as /var instead of the user's home directory.
The problem I think you will see with disk limits is that if someone goes over the quota, the mail programs won't see it that way. Instead they will see a disk error and defer the mail rather than bounce and that this could cause a clog in your Postfix queues or cause a bunch of bad traffic for rejected and deferred mail that will cause issues.