diff --git a/server/lib/classes/cron.d/100-mailbox_stats_hourly.inc.php b/server/lib/classes/cron.d/100-mailbox_stats_hourly.inc.php
new file mode 100644
index 0000000000000000000000000000000000000000..4ad612f601341b0426711c512b044ac879fe2efe
--- /dev/null
+++ b/server/lib/classes/cron.d/100-mailbox_stats_hourly.inc.php
@@ -0,0 +1,113 @@
+<?php
+
+/*
+Copyright (c) 2024, Herman van Rink, Initfour websolutions
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class cronjob_mailbox_stats_hourly extends cronjob {
+
+	// job schedule
+	protected $_schedule = '0 * * * *';
+	protected $mailbox_traffic = array();
+	protected $mail_boxes = array();
+	protected $mail_rewrites = array();
+
+	/* this function is optional if it contains no custom code */
+	public function onPrepare() {
+		global $app;
+
+		parent::onPrepare();
+	}
+
+	/* this function is optional if it contains no custom code */
+	public function onBeforeRun() {
+		global $app;
+
+		return parent::onBeforeRun();
+	}
+
+	public function onRunJob() {
+		global $app, $conf;
+
+		$sql = "SELECT mailuser_id FROM mail_user WHERE server_id = ?";
+		$records = $app->db->queryAllRecords($sql, $conf['server_id']);
+    if(count($records) > 0) {
+			$this->update_last_mail_login();
+		}
+
+		parent::onRunJob();
+	}
+
+	/* this function is optional if it contains no custom code */
+	public function onAfterRun() {
+		global $app;
+
+		parent::onAfterRun();
+	}
+
+	// Parse the dovecot/postfix logs to update the last login time for mail_user's.
+	private function update_last_mail_login() {
+		global $app;
+
+		// used for all monitor cronjobs
+		$app->load('monitor_tools');
+		$this->_tools = new monitor_tools();
+
+		// Get the data of the log
+		$log_lines = $this->_tools->_getLogData('log_mail', 10000000);
+
+		$updatedUsers = [];
+
+		// Loop over all lines.
+		$line = strtok($log_lines, PHP_EOL);
+		while ($line !== FALSE) {
+			$matches = [];
+			// Match pop3/imap logings, or alternately smtp logins.
+			if (preg_match('/(.*) (imap|pop3)-login: Login: user=\<([\w\.@-]+)\>/', $line, $matches) || preg_match('/(.*) sasl_method=PLAIN, sasl_username=([\w\.@-]+)/', $line, $matches)) {
+				$user = $matches[3] ?? $matches[2];
+				$updatedUsers[] = $user;
+			}
+
+			// get the next line
+			$line = strtok(PHP_EOL);
+		}
+
+		$uniqueUsers = array_unique($updatedUsers);
+
+		$app->log('Updating last_access stats for ' . count($uniqueUsers) . ' mail users', LOGLEVEL_DEBUG);
+
+		// Date/time rounded to hours.
+		$now = time() - (time() % (60 * 60 * 24));
+		$nowFormatted = date('Y-m-d H:i:s', $now);
+		$sqlStatement = "UPDATE mail_user SET last_access=? WHERE email=?";
+
+		// Save to master db.
+		foreach ($uniqueUsers as $user) {
+			$ret = $app->dbmaster->query($sqlStatement, $now, $user);
+		}
+	}
+}
diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php
index 86fe3e672dbeb1c7638aa33b8aa6f38ba9710ff2..c6128fc7b502addb8f5a0c93b00155e58ed57841 100644
--- a/server/lib/classes/monitor_tools.inc.php
+++ b/server/lib/classes/monitor_tools.inc.php
@@ -677,14 +677,14 @@ class monitor_tools {
 				$log = 'Logfile path error.';
 			} else {
 				if (is_readable($logfile)) {
-					$log = $this->_getOutputFromExecCommand('tail -n '.intval($max_lines).' ' . escapeshellarg($logfile));
+					$log = $this->_getOutputFromExecCommand('tail -n '.intval($max_lines).' ' . escapeshellarg($logfile), $max_lines);
 				} else {
 					$log = 'Unable to read ' . $logfile;
 				}
 			}
 		} else {
 			if($journalmatch != ''){
-				$log = $this->_getOutputFromExecCommand('journalctl -n '.intval($max_lines).' --no-pager ' . escapeshellcmd($journalmatch));
+				$log = $this->_getOutputFromExecCommand('journalctl -n '.intval($max_lines).' --no-pager ' . escapeshellcmd($journalmatch), $max_lines);
 			}else{
 				$log = 'Unable to read logfile';
 			}
@@ -694,7 +694,7 @@ class monitor_tools {
 		return $log;
 	}
 
-	private function _getOutputFromExecCommand ($command) {
+	private function _getOutputFromExecCommand ($command, $max4k = 1000) {
 		$log = '';
 		$fd = popen($command, 'r');
 		if ($fd) {
@@ -702,7 +702,7 @@ class monitor_tools {
 			while (!feof($fd)) {
 				$log .= fgets($fd, 4096);
 				$n++;
-				if ($n > 1000)
+				if ($n > $max4k)
 					break;
 			}
 			fclose($fd);