I notice this advice in the post describing the use of groups: Please note that when users are deleted, all messages they have sent, all attachments, message and download log, user dropbox configuration and api keys, ... for that user will be deleted as well. As we are subject to a number of audit and archival requirements by legislation, our initial solution has been to change the passwords and email addresses on these accounts. Could we add a method for effectively disabling these accounts ? Could we also hide the disabled accounts via a GUI toggle?