Exchange 2013 - Receive Connector not blocking emails

I'm testing out message size limits. From my understanding between the Org level and Connector level, it's the most restrictive that takes precedence. Our Org level is 100MB, but Receive connecotrs are default at 35MB. During testing I'm able to receive messages over 35MB. Any idea why?
Scotch TechITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Are you sure you have set it correctly everywhere?

Generally, the most restrictive should apply.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
check if test accounts you are using is part of any message restrictions transport rules or if any limit set on mailbox level, those restrictions will take precedence over whatever set in org or server level

Also if you are exchanging messages within org, you should be able to send / receive more that 35 MB
Scotch TechITAuthor Commented:
How come messages within an org are not limited by the receive connector, it does it the default receive connector.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

messages sent within organization will not pass through receive connector, they are handled by RPC / MAPI transport on mailbox (hub servers)

Check if from external senders you can receive message more than 35 MB, then it would be an problem
Mahesh is correct,
The restrictions would apply on the mailbox or server limits in case email is internal.
Zaheer IqbalTechnical Assurance & ImplementationCommented:
Restart the Transport Service and test again.
Scotch TechITAuthor Commented:
Thanks. I am testing External to Internal, but the message still gets through. I have no special limits on my mailbox and there are no transport rules to exclude this that I can see. I could restart the service but nothing changed in the past year and these servers have been rebooted many times for patching, so I don't think that would be it.
Scotch TechITAuthor Commented:
anybody know of a site where I can send test emails to myself from the outside with attachment to increase the size?
Scotch TechITAuthor Commented:
Ok, I found something interesting, in the smtp protocol logs I found the handshake, and one of the permissions granted to this email is:


I believe this permissions is the result of the Exchange Servers group assigned to the Default Receive connector. If this is the case, why would the default connector have this permission, essentially deeming the size restriction on it meaningless.
Scotch TechITAuthor Commented:
By the way, emails within the Org do use the Receive Connector. It's because clients are authenticated they are assigned special permssions from this connector, as I mentioned above this is the permissions: BypassMessageSizeLimit
Implicit Receive connectors in the Mailbox Transport Delivery service on Mailbox servers
In addition to the Receive connectors are created during the installation of Exchange 2016 servers, there's a special implicit Receive connector in the Mailbox Transport Delivery service on Mailbox servers. This implicit Receive connector is automatically available, invisible, and requires no management. The primary function of this connector is to accept mail from the Transport service on the local Mailbox server or remote Mailbox servers in your organization.
Scotch TechITAuthor Commented:
Thanks Ronin, great article. This makes sense that there is a hidden connector on the Mailbox Transport to accept emails from the Transport service, either on the local or remote server. However the Default Receive connector is still used at the Transport service as well.
Scotch TechITAuthor Commented:
Thanks All.

The reason the emails got through were because our Inbound emails go to our internal Mail Security appliance before hitting Exchange, when the appliance sends it to Exchange it his our custom Relay connector which is set at 100MB.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.