I need to set message size limit for outgoing/incoming mail separately

Posted on 2013-01-08
Medium Priority
Last Modified: 2013-01-28
I am trying to set the message size limit for outgoing/incoming mail separately so internal users can only send messages no larger than 2Mb but be able to receive messages up to 10Mb.
Is there any way to do it?.

I am using

postfix as MTA and courierimap
Question by:Ludwig Diehl
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +4
LVL 13

Expert Comment

ID: 38755417

Author Comment

by:Ludwig Diehl
ID: 38755561
Thx for the quick response. Indeed I actually read that article before posting my question here. The problem is that my main.conf file has these settings:

mailbox_size_limit = 0
message_size_limit = 2097152

But it limits both, incoming and outgoing messages to 2Mb. I only want to set 2Mb limit for outgoing messages and 10Mb for incoming.
LVL 13

Expert Comment

ID: 38755634
i'm sorry. i could not find on the web. I'm a beginner :(
Quick Cloud Training

Looking for some quick training on the cloud in 2 hours or less? Check out these how-to guides in AWS, Linux, OpenStack, Azure, and more!


Author Comment

by:Ludwig Diehl
ID: 38756475
no prob. Thx for trying anyway ;)
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 38758735
Backup your main.cf file, then edit:

message_size_limit = 10240000

restart postfix

Author Comment

by:Ludwig Diehl
ID: 38760665
thx for your reply. Unfortunately what I need is to limit the outgoing message size to 2Mb and the incoming message size to 10Mb. So users cannot send messages above 2Mb nor receive messages above 10Mb.
If I try your solution it will limit both incoming/outgoing messages to 9.77Mb.
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 38816029
I'm thinking that message_size_limit is only influencing the max size of messages on your postfix mail server (both in and out). This is what you want to set to 10Mb. Now about sending messages: your remote MTA should be configured not to accept messages larger than 2Mb. So you'd either have to setup a second postfix instance that you send through (configured for a message_limit of 2Mb) or have someone configure the remote MTA for you.
LVL 37

Assisted Solution

ArneLovius earned 800 total points
ID: 38816594
message_size_limit is a global size limit, this is because Postfix is an MTA rather than a "mailbox server" such as Exchange.

If your postfix server is behind NAT and you have two public IP addresses, use one address for mx.domain.com which is configured as your MX record and the other as mail.domain.com which is the address that your mail clients use.

The actual server still only needs one address.

Use PAT to forward inbound port 25 for mx.domain.com to a "high" port running on Postfix (with a 10mb limit) , this delivers to your users "mailboxes"

Use PAT to forward port 25 on mail.domain.com to port 25, where you have either another instance of Postfix, or qmail/sendmail/exim etc, and here you have a 2mb limit, this instance of Postfix is setup just as an MTA, with all inbound mail forwarded to the other instance of Postfix running on the high port, it should NOT be configured to deliver to your users "mailboxes" having two email servers pointing at the same place can lead to  corruption of email.

You should now have a mail server that will accept inbound mail of 10mb, while restricting users to 2mb.
LVL 23

Accepted Solution

Mysidia earned 1200 total points
ID: 38817082
Postfix size limits are a global setting.  Depending on where you are in your deployment, there may be some options.  My suggestion would be to  edit /etc/postfix/master.cf

Setup an additional listening service on a different port;  For example, port 587 is commonly used for mail submission.

Either use a separate IP address that you publish in MX, that is different from the IP address your local users are allowed to use;

Or Disable relay on Port 25,  or allow SMTP authentication only on port 587, and force local users to use port 587;  with port 25 for incoming mail only.

Or Use iptables  DNAT  or  redirect rules,  to divert TCP  connections from local IP addresses to port 587.

For example, a   /etc/postfix/master.cf   entry might  contain things like inet    n    -    y    -    -    smtpd
-o message_size_limit=2097152
-o smtpd_recipient_limit=200
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_sender_restrictions = reject_unlisted_sender,reject_sender_login_mismatch,permit_mynetworks,reject
 -o soft_bounce=no
 -o smtpd_helo_required=no
 -o bounce_notice_recipient=postmaster
 -o smtpd_client_connection_count_limit=20
 -o smtpd_helo_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o mynetworks=,
 -o strict_rfc821_envelopes=no
 -o smtpd_error_sleep_time=0
 -o smtpd_soft_error_limit=1001
 -o smtpd_hard_error_limit=1000
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38823729
User properties
Check this limits

- Rancy
LVL 37

Expert Comment

ID: 38824011
@Rancy, this is on Postfix, not Exchange
LVL 23

Expert Comment

ID: 38824555
Although Postfix does not support per-sender limits, or applying a different limit to certain IPs;

Another option is to configure Postfix to the _highest_ limit you ever use, and implement  a Content filter,  Policy daemon, or before-queue Milter plugin,  
to enforce lower limits when required.

Such as

See here, about Postfix support for Milter plugins:

It may be more useful to use CBPolicyd
and set an  _aggregate_   number of megabytes transferred per user quota, than a per-message quota.

For example:  "Each user can send up to a rolling average of 20 Megabytes of messages per day"

That could be   up to  10    2 Megabyte messages,
or up to 20  1 Megabyte messages,
up to 40  500 kilobyte messages,

up to 80  250 kilobyte messages,
or up to 160 125 kilobyte messages,
for example.

In other words:  An aggregate quota prevents users from defeating the  1 Megabyte size limit anymore to send  a  2 Gigabyte file,  by   splitting that big file into   2000  separate e-mails, and sending all those e-mails out.

Which (IMO)  is a little bit more useful than simply limiting to 1MB.
Although the 1MB limit will definitely remain useful for low-bandwidth WANs,
as it  provides a limitation of the total SMTP session delay, and therefore,
helps eliminate one situation that can cause very poor mail server performance.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
This Micro Tutorial demonstrates  how Internet marketers work with competitive analysis data, and a common task in data preparation is creating separate column for domains. You will then extract from a list of URLs.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month11 days, 19 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question