Should one prevent reconnection before expunge?

[Jack Cecil]

Hello. From my understanding the 'autoexpunge' feature activates on 
user disconnect.
But could you help me understand the 'doveadm expunge' feature better?If a Maildir has 20 thousand messages and user is reading it over IMAP I 
have a suspicion it is not a good idea to be rewriting the dovecot cache 
at the same time.
Should I temporarily prevent login (e.g. with passwd-file deny) and then 
kick them before the expunge?
Thank you.