How to reject the attachment which exceed filesize limit in Exchange Server 2007 before it gets received by the HT server

Posted on 2009-05-12
Last Modified: 2012-05-06
Hi All,

Is there any way to change the precedence of email sending attachment validation ?

because at the moment, a user sent 80 MB email attachment and he got the Forefront error of false positive rather than the "polite" Exchange Server NDR.

any help would be appreciated.

Error Message:
From: []
Sent: Wednesday, 13 May 2009 11:37 AM
To: Joe Adams
Cc: mail-admin
Subject: Microsoft Forefront Security for Exchange Server detected a virus
Microsoft Forefront Security for Exchange Server has detected a virus.
Virus name: "Exceedingly compressed size"
File name: ""
State: Removed
Subject Line: "FW: CES Client 5.4.2"
Sender: "Joe Adams"
Location: "Itree Software/Exchange Administrative Group (FYDIBOHF23SPDLT)/ExServer (Realtime Scan Job\Joe Adams\Outbox)"
Name                MaxMessageSize
----                --------------
Send Connector      20000KB       
Name                       MaxMessageSize
----                       --------------
Receive Connector          20000KB

Open in new window

Question by:jjoz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24372210
You can configure max send and receive size globally to reject messages above that size.
Configure attacment filtering, if you want to filter on the type of file.

AV scans the email first and then it goes through all the AntiSpam agents in a Hub Transport Server.

Author Comment

ID: 24372356
ok, so in this case the AV take precedence over the filesize.
i think it's a bit of waste of CPU resource checking the file attachment which was supposed to be rejected at the HT level before continuing to the Forefront layer.
but thanks anyway for the reply.
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24372477
But, you wouldn't want hub trasnport server to go through checking all virus messages.
Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.


Author Comment

ID: 24372497
unfortunately my server has got all of the role:
HT-CAS-MBx + Forefront Security for Exchange 2007 (5 AV Engine)
LVL 24

Expert Comment

by:Rajith Enchiparambil
ID: 24372551
So, the forefront picks up the virus messages so that Exchange hub doesn't have to go through all anti spam rules.

Author Comment

ID: 24373183
yes this is not what i want ;-| I'd like to know if it is possible to re-arrange the order of validation.
LVL 24

Accepted Solution

Rajith Enchiparambil earned 500 total points
ID: 24373224
No. That is hard coded in Exchange.

Author Closing Comment

ID: 31580855
ok thanks for your help sir !

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit If you want to manage em…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question