Dave Mills has recently posted this article on EHLO to help admins understand some of the logic for why Exchange handles NDR's and large messages the way it does. It also shows good reasons why message size limits are so important. I know for me this is a change of perspective I have had over the last couple of years. I used to not believe in message size limits, but over the last 4 - 5 years have changed my mind and fully recommend them.
As Ewan mentioned a little while ago, there are some pretty extreme things going on in some our customer’s Exchange environments. One of the things that I could definitely relate to was the customer who sent a message that was 2.4GB that was successfully delivered. While Exchange is quite capable of transferring huge messages, using it to do so usually results in severe performance issues. In fact, one customer that I worked with was experiencing major problems due to a 6 GB message traveling through their Exchange server. To make things even more interesting, the 6 GB message that we found was actually a non-delivery report (NDR) that was generated to tell a user that the 6 GB message that they had sent was over the maximum message size allowed for the organization.
Once we had the server back up there were a number of questions to be answered…
Why did the Exchange Information Store accept the message in the first place if it exceeded the configured size limits?
The Exchange Information Store accepts the message since it can’t tell whether a message exceeds configured size limits until it receives the entire message.
Why can’t we just modify Exchange’s behavior to stop accepting data as soon as it knows that the message is too big?
Doing this would actually result in a bigger problem – Outlook would just try to send the data again and again, resulting in a never-ending stream of data being sent to the Exchange server. In addition to the obvious performance problems, this would result in a large amount of transaction log files being generated in a manner similar to the problem that Jeremy Kelly describes here.
Why did the Exchange Information Store pass it off to the categorizer?
Prior to Exchange 2003 SP1 and the Exchange 2000 Post-SP3 August 2004 hotfix roll-up the Information Store only performed size checks against per-user limits and not the global limit. This greatly exaggerated the performance impact of large messages being sent through the system since the check against the global limit was performed much later in the message submission process.
With current versions of Exchange the check is now performed by the Information Store immediately upon message submission. What this means is that Outlook clients in online mode will receive an immediate failure upon trying to send a message that is too large. If Outlook is in cached mode, offline mode, or configured to connect to an Exchange server and use a PST as its delivery location then an NDR will be generated by the Information Store; since the message goes no further the impact on server performance will be much less.
Won’t that large NDR for non-online mode clients cause performance issues on the client, server, and network?
Yes, it will. So, like all good software companies, we listened to our customers and have done a significant amount of work in both Outlook and Exchange to address this problem. Here are the changes we made….
The first change we needed to make was to provide Outlook with a way to ask the Exchange server what limits have been configured. We added this functionality to Exchange and you can get it today by installing any of the following:
The second part of the solution was for Outlook to use this newly exposed functionality in Exchange to determine whether a message is over configured size limits before sending it. This work has also been completed, and you can get it today by installing Office 2003 SP2.
Once your Exchange servers and your Outlook clients have been updated you will start seeing the new behavior. Specifically, if a message is sent that is over configured size limits, either per-mailbox or global, an error will be displayed as when Outlook goes to send the message to the server; no additional data will be sent across the wire and no load will be placed on the Exchange server.
As an added bonus, Outlook will also check to make sure that the mailbox is not over its quota before sending the message. This keeps data from being sent to the server if Outlook knows that the message would be rejected with an NDR as soon as it is received by the server. In addition, if your mailbox is over its quota then you will be presented with mailbox cleanup dialog to help you get it back under quota.
Where can I find more information?
Read KB 894795 for detailed information on the exact messages that users may see with this new functionality, a full description of the exact order of checks performed, and a description of how global vs. per-user limits are evaluated.