Simple Talk is now part of the Redgate Community hub - find out why

Increasing Email Size Limits for your High Profile Users in Exchange 2010

If you ever need to set up fine-grained rules to control the maximum size of messages a subset of your picky users' can send or receive, Krishna Kumar has you covered. His step-by-step instructions will tell you everything you need to know to keep emails sizes under control.

A huge amount of business happens through the medium of email and, as such, email is naturally one of the Business Critical applications in almost every organization. With that in mind, maximizing the performance of your Exchange infrastructure is clearly a priority, and restricting the average message size which your users can send/receive is a good step in that direction. However, in the course of conducting said business, High Profile email users may have to share large attachments between other internal and external users, and indeed may do so regularly and urgently.

An organization’s High Profile users tend to be people in positions of authority or influence, and those of us in IT are their backbone, providing the support they need to run the business. As such, we need to make changes in our Infrastructure to meet shifting business needs, and we need to make sure that our users’ needs are met. So, asking your CIO to upload attachments to start using an FTP server or SharePoint to distribute files is not really an ideal solution. What your CIO wants is to be able to send a large email to their counter-part in another company as soon as possible in order to close a business deal, so we’re going to look at how you can quickly and easily make that possible.

To put this situation into a simple context, let’s say that, for whatever reason, a new set of business requirements have been drafted which mean that a subset of your email users now need to be able to send emails with attachments up to 30MB in size:


Bearing in mind that we need to have minimal disruption for both sets of users, we can achieve this in one of two ways; you just need to decide which solution will best fit with your organization. I’ll guide you, step-by-step, through each solution, and demonstrate where appropriate.

As an aside, you also need to remember to factor content conversion into your storage provisioning. When Exchange converts a message from MAPI/Exchange format to Internal/ MIME Message format and vice versa, this normally increases the message size by 30 percent.

Solution 1

This solution would be ideal for a very smaller organization, when it’s feasible for the administrator to make configuration adjustments on individual mailboxes when required. It’s perhaps not the most elegant solution available, but it’s quick and it works.

Global Transport Organization Configuration

First we need to make changes to the Transport Organization (Global) configuration. The command below gives us the details of the current MaxSendSize and MaxReceiveSize limits:


Figure 1. The current MaxSendSize and MaxReceiveSize limits

As we see in the Figure 1. Current MaxSendSize and MaxReceiveSize is set to 10MB. This Global configuration is naturally applied to all the Exchange Hub Transport Servers. Let’s see how to Increase the MaxSend and MaxReceive Size limits on the Organization level.


Figure 2. Setting the new MaxSend and MaxReceive size limits.

I know that we only want to increase the limits for a sub-set of users and yet we’ve just made a global configuration change to MaxReceive and MaxSend. If you’re wondering why that is, I’ll show you how we can limit the scope of this size increase in just a moment.

Active Directory Configuration

Exchange 2010 uses Active Directory (AD) site topology to determine the lowest-cost path to route email along if the destination user is located in a different site. If Message to be delivered to the remote AD size is larger then the limits set on Site link then message delivery will failed. Thankfully, MaxMessageSize on the AD Site link is set to unlimited by default. If we are changing the Maxsize limitation, it’s important that you check if there are any limits set on the AD site link…


Figure 3. Confirming the message size limit of the AD site link.

…and change it accordingly if required. Strictly speaking, we don’t need to adjust the link in this instance, but we’ll do so to ensure this walkthrough is comprehensive. Below is the command to set the new MaxMessageSize for the AD link:

Send Connector Configuration

Although we just made global configuration changes to allow users to send and receive bigger email, this configuration will only affect items sent and received internally. To Send bigger emails out to the Internet, we need to make sure that the appropriate Send connectors are configured correctly with the appropriate message size. To get the current MaxMessageSize configuration on the send connecters, use this command:


Figure 4. Confirming the maximum message size limit for the “To Internet” Send Connector.

Once you’ve confirmed that the connector needs to be reconfigured, we can use a simple PowerShell command to set the MaxMessageSize limit:

Receive Connector Configuration

Bearing in mind that sending a large email requires that message to first be sent from the user’s Outlook or OWA session to the Hub Transport server, you also need to make sure that you increase the Max Message size on the Hub Transport Server’s Default Receive connector to 30 MB. This is regardless of what limits you want to apply to messages coming from the internet.

That’s got you covered for sending out larger emails, but now we need to turn our attention to those messages coming from the Internet, as our requirement is that High Profile users should also be able to receive larger emails. For this, we need to reconfigure the receive connector which receives email from Internet. To get the current size limit on the appropriate receive connector, we use the command below:


Figure 5. Determining the current maximum message size limit on the appropriate Receive Connector

To Set the MaxMessage size to 30 MB, we then need to use the below command for the same connector:

User Mailbox Configuration

At this stage, we are pretty much done with the configuration on the organization and Connectors end of things. Now the final step is to increase the Message Size restriction on the appropriate users’ mailboxes. By default, all users will be able to send and receive emails based on the global configuration, and if any users want to send or receive larger emails, then we need to increase the global Sending and Receiving MaxMessageSize from mailbox configuration. This is because, if you try and adjust the limit on a per-user basis, there is a gotcha here which you should know about:

Setting higher limits on the individual recipients’ mailboxes will bypass the global size limits, but it is only internal. Mailboxes which are individually configured with higher limits cannot send or receive larger emails to or from the Internet, but they will be able to send and receive emails containing attachments within the global size limits.

This is the reason why we have to configure higher message-size limits and higher connecter limits on an organization-wide basis, in order for users to send and receive larger emails. However, with the higher Transport Organization size limits, all users will now be able to send and receive larger emails, and we wanted only a few select users to have this ability, and the rest to retain the original 10 MB limit. For this, we need to change the maximum message size limit on the individual mailbox configurations of all our users except the high profile ones (as I’ve already mentioned, setting individual mailbox limits will override the organization limits).

So, to get started, the command below will get you the current Send and Receive Size configuration on a given mailbox. By default, it is currently set to unlimited, give that it is using the Global size limits:


Figure 6. Determining the maximum send and receive message limits for an individual user’s mailbox.

To then set the size limits on the Individual mailbox, you need to use the Set-Mailbox command. As we have configured the Global Maximum message size to 30 MB, now we wanted to restricted all non-high profile users to a mere 10 MB limits, and below is way to do that for a single user:


Figure 7. Setting the new mailbox size limit for the Administrator user.

Solution 2

This solution will be ideal for organizations with a larger number of users; as an administrator, you will naturally want to minimize the manual work needed to provide the best possible solution for the organization. As a general rule, you probably want to ensure that you’re providing a one-time solution which is easily scalable, if required. Our second solution will fit these requirements.

To start with, we have to follow few of the steps which we discussed in Solution 1. Let’s take a brief look at these preliminary configuration steps.

Global Transport Organization Configuration

Global Transport configuration was discussed in Solution1 (Figure 2), and should be repeated. These changes will allow everyone within the organization to send and receive emails up to 30MB in size.

Active Directory Configuration

Ad-Sitelink MaxMessage size is unlimited by default and, as before, you need to make the MaxMessage size adjustments as required (Figure 3).

Send Connector Configuration

As mentioned earlier, the two configuration changes above will allow users to send and receive larger emails within the organization, and if you want to enable internal users to send bigger emails to the external world, then you need make the configuration changes on the Send connectors which we discussed earlier (Figure 4).

Receive Connector Configuration

By now our users can send and receive larger emails both internally and also out to the Internet. Given that we also want internal users to be able to receive bigger emails, we need to make some configuration changes to the receive connector (Figure 5).

Transport Rules

As with solution 1, by this point we are essentially done with the configurations on the organization level. Now, all users are able to send and receive 30 MB emails, but our requirement is still to allow only 1000 users to have this ability. This final piece of the puzzle can be configured with Transport rules, as I’ll show you now.

Before configuring Transport rules, let’s create a Distribution group whose members are just the High Profile users. You can create the group using the cmdlet below, and then you can add the required (1000) users to this group.

Now let’s create a new Transport rule. Open your Exchange Management console, expand the Organization Configuration, and click on Hub Transport Server. In the Results pane, click on the Transport Rules Tab, and then click on New Transport Rule in the Action pane.


Figure 8. Creating a new Transport Rule.

  1. Provide a suitable name (and, if you find it helpful, an explanatory comment) for the new transport rule. If there are multiples rules in your Exchange environment, then a suitably unique name will help make it easy to identify rules if you have to adjust the High Profile attachment size limits again. Once this is done, click on Next.
  2. On the Conditions screen, Select the When the size of any attachment is greater than or equal to <limit> option, enter the value 10240 (10 MB) in the edit pane at the bottom of the window (see figure 9), and click on Next.


    Figure 9. Setting the conditions of the new Transport Rule

  3. On the Actions screen, select the Send rejection message to the sender with enhanced status code option, and enter the appropriate bounce message and error code (see figure 10). Enabling this option will restrict users from sending emails with attachments larger than 10 MB, and if they try and send a larger email, then this will be the error message which the offending users will be getting in return. This message should be very clear, as your users should be able to quickly identify the issue themselves, and then send a smaller email attachment. Once you’ve crafted a suitable message, click on Next.


    Figure 10. Configuring the transport rule to reject overly large messages, and return an appropriate explanatory bounce message to the over-ambitious sender.

  4. Lastly we need to select when (if ever) there are any exceptions to our new rule. In this case, we create an exception for situations when the message is sent to or from a member of the recently-created High Profile Users distribution group (see figure 11). Given that have designed this new Transport rule to not apply to our High Profile set of users, their maximum message size is now set as 30 MB, as this is the global configuration which we created at the start of the solution. With this rule restricting the email sizes for the vast majority of your users, only the High Profile communicators can enjoy the privilege of emails with bigger attachments. Obviously, this setup is dependent on the High Profile distribution group, so you’ll need to make sure that any new High Profiles users are added to the distribution group as necessary. Once you’re happy that you’ve set the exception correctly, click on Next.


    Figure 11. Creating an exception for the High Profile users, allowing them to enjoy larger email size limits.

  5. Finally, click on New to create this transport rule. Once this rule is created, any user sending an email with attachments larger than 10 MB, unless it is sent to or from the members of High Profile group, will have their email rejected and receive the bounce back message with an explanation of why their email can’t be sent.


    Figure 11. A final check of the details for the new Transport Rule.


A transport rule is simply a method to control the flow of emails based on a predetermined set of conditions, as set up by the SysAdmin. These rules exist on the Hub Transport server, through which all emails pass, and so actions can be applied to all emails as necessary, depending on which ones match your necessary conditions. You can create quite sophisticated mail flow control systems using these rules, and the situation I’ve described here is really just a simple implementation to solve a specific problem.

In terms of raising the attachment size limit for a subset of your users, a solution employing transport rules would be the easiest option in all but the most niche cases. The ability to achieve that without having to make changes on individual mailboxes, and the ability to rapidly scale this solution to everyone in the organization (i.e. just by removing the transport rule) makes this method both powerful and efficient.

If I were an administrator for an organization of around 50-100 users, then I probably wouldn’t mind increasing the email size limit for my CIO and a few other High Profile users, but in a larger organization I would certainly deploy transport rules. That being said, you naturally have the choice to use either solution, as you are the best person to decide which solution is a better fit for your organization.

Whichever solution you choose, bear in mind that bigger emails will cause additional load on your SMTP servers and Hub Transport servers, and you may also need to provision addition storage for the mailbox servers as well. If you’re going to implement larger email limits for any of your users, you need to make sure that you have sufficient infrastructure in place to support this decision. Making any configuration changes without considering these points could bring your environment into an unstable condition, which will undermine the whole point of the exercise.

How you log in to Simple Talk has changed

We now use Redgate ID (RGID). If you already have an RGID, we’ll try to match it to your account. If not, we’ll create one for you and connect it.

This won’t sign you up to anything or add you to any mailing lists. You can see our full privacy policy here.


Simple Talk now uses Redgate ID

If you already have a Redgate ID (RGID), sign in using your existing RGID credentials. If not, you can create one on the next screen.

This won’t sign you up to anything or add you to any mailing lists. You can see our full privacy policy here.