Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

How To Increase Message Size Limit For One User

Created: 05 Dec 2012 • Updated: 13 Dec 2012 | 11 comments
This issue has been solved. See solution.

Hi All,

Good Day!

I am managing a SMG appliance and I am relatively new to SMG. The appliance is configured with maximum message size limit of 10MB. 

Now I have received a request to increase the message size for one single user. So I created a Content Filtering Policy with two conditions in it as below:

1. If the Message size is less than 20971520 bytes (20MB).

AND

2. If text in Envelope recipient part of the message header contains Email address from dictionary "Test"  (Dictionary 'Test' with the user's mail ID). 

However, the mails are still getting blocked by the SMG with the message "Rejected message for exceeding size limit".

Also on the Exchange the mailbox size has been increased to accept 20MB messages.

 

I would really appreciate if anyone could assist me with this and let me know if the policy I configured is correct. 

 

Regards,

Faiz

Comments 11 CommentsJump to latest comment

toby's picture

The content filter rule is one part of the concept that might fulfil your request for a particular user.

In any case you may need to increase the MTA message size otherwise you will receive always the bounce by the MTA that will not accept the message in the first place.

For this go to Administration - Configuration - "choose one of the scanners" - SMTP - Advanced Settings...

in here you configure the message size limitations.

 

hope this helps

cheers

  toby

------------------------------------------------------------------

Best regards!

toby

CISSP / STS / MCP 

fahmed's picture

Hi Toby,

Thank you for the response.

However, if I increase the message size as you have suggested I understand that it applies to all the users. So that will allow all the users to send mails with size up to 20MB which is not appropriate. 

I am trying to figure out why the policy is not working and I presume that it is configured right.

Please assist. Thank you.

Regards,

Faiz

toby's picture

Hi Faiz,

so what is you current MTA limit as this will in the first place accept or deny the message.

You are right in this case for the MTA this will apply for everyone in your organization, but will be the only way that the mail will be processed by the MTA.

From that base we can think about the policy... as the message will be accepted by the SMG.

Create a Policy Group and put your email address that should be able to work with 20MB Messages.

So you should have in a simplyfied way the "20MB Message Group" and the "default group" in this order.

Now you create a Content Policy as you described, that will check the message size *10 MB* and apply it to the "default" group only. As action define whatever you want like delete message and send bounce notification or inform your internal user about this message.
 

When you check now in the Groups again you should see under content policy for in and outbound for your created group containing the user`s email address no policy, while for the default group you should see your limitation policy.

 

Now it should work as you wanted.

Thanks,

toby

 

 

------------------------------------------------------------------

Best regards!

toby

CISSP / STS / MCP 

fahmed's picture

Hi Toby,

Thanks again for your detailed reply.

The current message size limit configured on the MTA is 10MB.

So if I understood this right, the message size limitation on the MTA always takes precedence over the same in policy configuration. 

In order to over come this, we configure a Policy Group with email addresses of people who need to send or receive messages with 20MB size.

And then create another policy that will limit all other users to send or receive mails up to 10MB and then  apply to the Defauly group. 

For all this to work, first I will have to raise the message size limit on the MTA to 20MB. Please let me know if this is correct. 

Also, as you have mentioned, the new Policy Group (20MB Message Group) will not contain any policy. I would like to know if I need to apply all other policies for this group; for example the 'Bolck exe policy' etc.

Regards

Faiz

toby's picture

Hi Faiz,

exactly, without the MTA accept a message due to the size it will declined by default and your Content Filter Policy will not even be considered.

So first step is to increase the MTA size limit to 20, what will be your "default" for all messages.

Second item as you described is the limitation. A shall have 20 MB and the rest (B,C,D) should have 10MB.

For this do following...

Create a Group that will hold A with the 20MB limitation

And the existing default group is fine as it will cover all other users...

Now you create you policy that limits everything to a size of 10 MB and apply it to the default group.

Now, just make sure that the Policy Group for the 20MB for A is before the "Default" group and now you have the function.

MTA accept all messages -> IF user A THEN allow 20MB(MTA size limit) -> ELSE (default) THEN delete message and send bounce notification when message size larger 10MB.

 

Hope this solves it

 

cheers, toby

------------------------------------------------------------------

Best regards!

toby

CISSP / STS / MCP 

SOLUTION
zafar1907's picture

 

Hi faiz,

The option for message size is in the Administration tab, under your Hosts configuration. If you select your host and go to the SMTP tab, you can click on the advanced configuration button at the bottom and see all of your size limitations for both inbound and outbound.

Past that you would also want to make sure that there are no size limitations on the downstream server from us. If you telnet to your server and run an "EHLO" instead of the normal "HELO" this will give you a "Size = something" that will tell you if you have any limitations on that server.

 

check it out.

Thanks and Regards,

Mohammad zafar

Please Mark as solution if this comment solved your Issue....

fahmed's picture

Hi Toby,

That was excellent. 

Thank you for the brillaint explanation and making life easy for me. 

I will try this out and let you know the result. 

Thanx Mohammad.

Regards,

Faiz

toby's picture

you are welcome :-)

hope this solves it for you and if yes feel free to mark it as solution.

Othwerise let me know

 

toby

------------------------------------------------------------------

Best regards!

toby

CISSP / STS / MCP 

zafar1907's picture

you are most welcome.

let me if your problem is solved.

Thanks and Regards,

Mohammad zafar

Please Mark as solution if this comment solved your Issue....

fahmed's picture

Hi All,

I have one more query related to this.

I did the configuration as you suggested and it works fine. I have increased the Maximum message size up to 25 MB and tried to send mails and I was able to send mails with attachments up to 18MB. But I tried to send mails with attachments sized 21MB and it did not get delivered. It was rejected because it exceeded size limit . 

I again tested by increasing the maximum message size to 30MB. But even then the mails were not getting delivered. I would like to know, if there is a maximum message size limit for the SMG appliance as a whole. 

Please assist me with this as well. Thank you.

Cheers,

Faiz

toby's picture

Hi Faiz,

 

how you created the 18 and 21 MB files?

If these are zip files you have things to consider like the archive handling. For this check Protocols -> SMTP -> Settings -> Scanning

But I assume your issue might be more related to the encoding. Can you check whether your encoding is base64?

In this case you have your answer why your 18MB message is get through and your 21MB message not.

18MB with base64 encoding is:  ~24MB
21MB with base64 encoding is: ~ 28MB

 

Hope this helps

regards,

toby

------------------------------------------------------------------

Best regards!

toby

CISSP / STS / MCP