How to set size limits for messages in Exchange Server 2000/2003

This article describes the different kinds of limits that you can set on message size in Microsoft Exchange 2000 Server and in Microsoft Exchange Server 2003. It also explains how you can set these limits.
Size limits for messages depend on various settings. Settings can vary across users. You can customize the settings for the Exchange 2000 or Exchange 2003 organization, a specific connector, a specific virtual server, and an individual user.
Senders may receive a non-delivery report (NDR) that is similar to the following example if their messages are larger than their size limits:

Your message did not reach some or all of the intended recipients.

Subject: Test
Sent: 7/18/2002 2:40 PM
The following recipient(s) could not be reached:
Test Recipient on 7/18/2002 2:41 PM
This message is larger than the current system limit or the recipient’s mailbox is full. Create a shorter message body or remove attachments and try sending it again.
<server.domain.com #5.2.3>

Global setting

This setting determines the maximum size of the messages in the Exchange 2000 organization; the messages can be incoming, outgoing, or internal.

To configure the global setting, follow these steps:

  1. Start Exchange System Manager. To do this, click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
  2. Expand Global Settings.
  3. Right-click Message Delivery, and then click Properties.
  4. Click the Default tab to configure the global settings.

Connector setting

The settings for each connector control the maximum size of outgoing messages that users can send through the connector.

To configure the connector settings, follow these steps:

  1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
  2. Expand Administrative Groups, and then expand Administrative Group Name, where Administrative Group Name is the name of your administrative group.
  3. Expand Routing Groups, and then expand Routing Group Name, where Routing Group Name is the name of your routing group.
  4. Expand Connectors, right-click the connector that you want to configure, and then click Properties.
  5. On the Content Restrictions tab, under Allowed sizes, click to select the Only messages less than (KB) check box, and then type the size (in KB) that you want to permit.

SMTP virtual server setting

This setting determines the maximum size of a message that is permitted to pass through a virtual server. The virtual server advertises the limit by means of the Extended Simple Mail Transfer Protocol (ESMTP) SIZE command verb (RFC 1870).

Note The protocol size restriction is meant to reject messages on boundaries with other e-mail systems. These restrictions are effective for individual servers and should not be used as methods to limit the message size in an Exchange enterprise server group. Administrators can set the message delivery option in the global settings to limit and to control the message size restriction across an organization that uses Exchange 2000 or Exchange 2003. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

326154 The OAB does not replicate if you set a message size restriction at the transport level

To configure the Simple Mail Transfer Protocol (SMTP) virtual server setting, follow these steps:

  1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
  2. Expand Administrative Groups, and then expand Your Administrative Group Name, where Your Administrative Group Name is the name of your administrative group.
  3. Expand Servers, and then expand Your Server Name, where Your Server Name is the name of your server.
  4. Expand Protocols, and then expand the SMTP node.
  5. Right-click SMTP Virtual Server Name, where SMTP Virtual Server Name is the name of your SMTP virtual server, and then click Properties.
  6. Click the Messages tab to set the maximum size that you want to permit.

User mailbox setting

This setting determines the maximum size of a message that users can send or receive through their mailboxes. User mailbox settings are enforced by the information store instead of by the message categorizer. The information store prevents an oversized message from being sent to Transport if the message size exceeds the user mailbox maximum message size setting.

To configure an individual user’s mailbox settings, follow these steps:

  1. Start the Active Directory Users and Computers snap-in, and then locate the user account that you want to configure.
  2. Right-click the user’s account, and then click Properties.
  3. Click the Exchange General tab, and then click Delivery Restrictions to set the maximum size that you want to permit.

Note The size of SMTP messages that are sent between routing groups and to the Internet increase by about 30 percent if they contain binary attachments or other 8-bit data.

Examples of effective size limits

Example 1

In this example, the following size limits have been configured:

  • The global setting is set to 5 MB.
  • The Exchange SMTP connector is set to 3 MB.
  • The SMTP virtual server is set to 4 MB.
  • The user mailbox setting is set to 2 MB.

Because of these settings, users in the Exchange 2000 or Exchange 2003 organization can send and receive messages that are a maximum of 5 MB. Users can send messages through the connector that are a maximum of 3 MB. All mail that passes through the SMTP Virtual Server (sending or receiving) is limited to 4MB. The individual user, whose mailbox setting is 2 MB, is also limited to sending and receiving messages that are a maximum of 2 MB.

Example 2

In this example, the following size limits have been configured:

  • The global setting is set to 2 MB.
  • The Exchange 2000 SMTP connector is set to 5 MB.
  • The SMTP virtual server is set to 2 MB.
  • The user mailbox setting is set to 3 MB.

The global setting is 2 MB. Therefore, all the users who are using the default global setting in the Exchange 2000 Server organization or in the Exchange Server 2003 organization are limited to sending and receiving messages that are a maximum of 2 MB. If an individual user has a mailbox setting of 3 MB, that user overrides the global setting.

Note All Internet e-mail messages use the global setting for limits on sending and on receiving. The message categorizer evaluates the sender’s sending limit and the recipient’s receiving limit. In example 2 earlier, a user with a user mailbox limit of 3 MB could receive messages from another user with a 3-MB sending limit. Because Internet users use the global setting, they can send only a 2-MB message.

Quarantine in Exchange Server IMF

 

Exchange 2003 IMF and Exchange 2007 Content Filter do have their own Quarantine functionality.  In Exchange 2003 you can Quarantine Emails into an archive directory.  You can then use one of the freely available Archive viewers to release emails. This is a little fiddly to do.

 

 Exchange 2007 provides the Quarantine by routing blocked emails to a central mailbox.

 

 In addition both versions support routing emails to the user Junk Email folder. In this manner users can review filtered spam on their own. In order to release the email more configuration is required

The disadvantages of quarantining spam inside Exchange or in user mailboxes are as follows:

– Once in the Exchange server the spam has already wasted processing resources. There may be many thousands of spam email!

– Once in the Exchange server the spam has already wasted storage resources

– If using a central quarantine, the admin has to manually review and release spam using limited tools to browse the quarantine and identify the spam vs non spam email

– If spam goes to user mailboxes then the administrator cannot easily mass-delete blocked spam for users

– If spam goes to user mailboxes then the administrator cannot easily add specific blocks and reject rules based on the  blocked spam to prevent similar spam even arriving in the quarantine in future.

–  If spam goes to user mailboxes then the users may inadvertently trigger malware or scripts or open attachments in the spam email and infect their machines. Any images shown in the spam may track their viewing

of the spam and notify the spammer that the email address is active.

So it seems its best to keep spam (as email) away from the user mailboxes, and quarantine it outside of Exchange.

Hexamail Guard allows you to  quarantine spam BEFORE it reaches Exchange. The advantages of this approach:

– Eliminate  processing and storage requirements on Exchange.

– The Administrator can review spam in large volumes, grouped by subject, block rule, country code, ip address etc.

– The Administrator can perform batch operations such as deleting all spam of a similar nature

– The Administrator can perform batch operations such as releasing all nonspam of a similar nature

– The Administrator can use blocked spam to setup new rules to automatically  reject or delete future spam before it is even quarantined

– The Administrator can whitelist nonspam senders so that in future they are never blocked.

– Users can review their spam using a web interface that is entirely safe, only the text of the email is rendered so no scripts or attachments can be triggered.

– Users can whitelist non spam senders for their specific account so that they will receive email from those senders unhindered in future.

– Users on restricted bandwidth (such as mobile devices) don’t have to waste time downloading spam email. They can review the headers and delete or accept email in a fully responsive web app.

Some of the features of the administrator spam quarantine are shown here

antispamquarantine

batch-action

Challenge Response in Exchange

challenge–response is another  technique for filtering spam that automatically sends a reply to email from new senders with a “challenge” to the (alleged) sender of the  e-mail. The reply contains a link allowing the sender to verify that they did in fact send the email. They may be asked to enter a captcha to prove that they are a human and not a robot.

The advantage of this system is that senders add themselves to a whitelist by verifying that they sent the email so email from the same sender is never challenged again. The technique can be used to block a lot of Exchange Server spam. The only disadvantage is that email such as newsletters and other mail-shot/group/list email may be challenged and a challenge sent to an automated script that cannot verify. In these cases a good challenge -response system ALSO quarantines the incoming email to allow the recipient to release (and whitelist) it.

Microsoft Exchange  does not by default support Challenge Response. It can be added using options in Hexamail Guard, or Hexamail Nexus which can filter and challenge email before they get to Exchange. Both products also feature a quarantine allowing users to release email such as newsletters that may inadvertently be stopped using this technique

challengesettingspage

Adding Greylisting to Exchange Server 2013 Antispam

Greylisting (or graylisting) is a method of spam protection. A mail server using greylisting temporarily rejects any email from a sender it does not recognize. If the originating server is  areal email server it will rety to send the email after a short delay. The receiving server will accept the email on the next attempt. Spammers often use poorly scripts that do not retry. In this way most spam from bot-nets is avoided. The only disadvantage of greylisting is that there is ashort (configurable) delay for incoming email from new senders. This can be as short as 10 minutes.

To add greylisting features to Exchange server you can use a tool such as Hexamail Guard

This allows greylisting options to be easily added to an existing Microsoft Exchange or Small Business Server, with lots of flexible options controlling and managing the greylist and clear and concise logging.

Hexamail is the only product that allows the greylist to be optionally used depending on the country of origin and time of day of the email. For example you may want to only greylist email during the night, so daytime email are not delayed in any way, and over night all email is greylisted when a short delay is of no consequence.

spamblockergreylist

Greylisting Options in Hexamail Guard

Similarly you can greylist only email from other countries. If most of your customers are in your timezone then the delay to email from other countries will not be noticeable:

spamblockergreylistlocation

Once greylisted a sender’s email will travel unimpeded through to the mailserver.