ddeca Well your way is kinda *overkill* for this.
A simpler way:
An iTCL script on a timer that will scan the ioFTPD.log file for a banned entry from ioZS. Then using ITCL commands...
[client kill virtualpath "/the/vpath/logged/*"]
[file delete -force [resolve pwd "/the/vpath/logged/"]]
Then if deleting the dir failed (because a script/user is still in it) you could set a timer to wait a second or two and try again.
Basically, it kicks the user, and deletes it. (Now the release is still in the dupelog and they can't recreate it)
But the ultimate solution would be, if ioZS did this for you. (It would much more efficient and less overhead, compared to continually scanning a log file, espically when they are a few mb)
My 2 cents