Exchange Size Limits

Exchange Size Limits KB ID 0001368

Problem

When attempting to send an email from Outlook via Exchange,  you see a message like the one below.

The following files weren’t attached because adding them would cause the message to exceed the maximum size limit of {Size} MB: {File-Name}

Or, when someone attempts to send a message to one of your mailbox users they get an NDR that looks like this.

Remote Server returned ‘550 5.2.3 RESOLVER.RST.RecipSizeLimit; message too large for this recipient’

Solution: Exchange Size Limits

There are a few places this can be set, (three main places and few obscure ones!), Let’s deal with the most common one first.

Transport ‘System Wide Settings’: Exchange Size Limits

TransportConfig: This has a maximum send and a maximum receive size, to view yours use the following command.

[box]

Get-TransportConfig | format-list MaxSendSize, MaxReceiveSize

[/box]

If one of them is tripping you up, you can change the sizes with the following command.

[box]

Set-TransportConfig -MaxSendSize 100MB -MaxReceiveSize 100MB

[/box]

Send & Receive Connectors: Exchange Size Limits (PowerShell)

Send Connector: This has a maximum message size, to view yours use the following command.

[box]

Get-SendConnector | format-list Name, name,maxmessagesize

[/box]

To change the limit on a specific send connector , use the following command.

[box]

Set-SendConnector "{connector-name}" -MaxMessageSize 100MB

[/box]

To change the limit on all send connectors , use the following command.

[box]

Get-SendConnector | Set-SendConnector -MaxMessageSize 100MB

[/box]

ReceiveConnector: This has a maximum message size, to view yours, use the following command.

[box]

Get-ReceiveConnector | format-table Name, MaxMessageSize

[/box]

You will have many, the one you probably want to change is called “Default Frontend {Server-name}” To change the limit, use the following command;

[box]

Set-ReceiveConnector "{connector-name}" -MaxMessageSize 100MB

[/box]

To change the limit on all receive connectors , use the following command.

[box]

Get-ReceiveConnector | Set-SendConnector -MaxMessageSize 100MB

[/box]

Send & Receive Connectors: Exchange Size Limits (Exchange Admin Center)

Send Connector: If you prefer to do things in the GUI, then Mail flow > Send Connectors > Select the send connector > Edit > Maximum Send Message (MB) > Set accordingly > Save.

Receive Connector: Mail Flow > Receive Connectors > Select the receive connector (usually the Default Frontend  {server-name} connector > Edit > Maximum Receive Message Size > Save.

User ‘Mailbox’: Exchange Size Limits (PowerShell)

You can set individual limits on a particular mailbox. BUT Remember MOST RESTRICTIVE LIMITS WILL APPLY, so if you set a mailbox to 50o0Mb send receive, then, if the connectors the mail travels through, have a more restrictive figure, or the global transport figure is more restrictive the message WILL BE BLOCKED. UNLESS: The message is between two mailboxes internally. So it’s sensible practice to only set a mailbox restriction to LOWER than the connectors or system wide settings.

[box]

Set-Mailbox -Identity "user-name" -MaxSendSize 100MB -MaxReceiveSize 100MB

[/box]

To ensure that worked or view max limits for a particular user use the following syntax.

[box]

Get-Mailbox -Identity "user-name" | format-table MaxSendSize,MaxReceiveSize

[/box]

User ‘Mailbox’: Exchange Size Limits (Exchange Admin Center)

Again this can also be done front the web management console > Recipients > Mailboxes > Select the user to be changed > Edit > Mailbox Features > Message Size Restrictions > View Details > Set accordingly > OK > Save.

I’ve Done All This And It Still Wont Work? 

Sometimes the settings above don’t take effect until all the AppPools in IIS (on the CAS servers) have been restarted, an IISRESET command should solve the problem, (or a reboot if you can handle the downtime.) However even then in some cases you will continue to see the same error message. There are three places that it can still be misconfigured.

OWA Config File

Open the File located at;

%ExchangeInstallPath%ClientAccess\owa\web.config

Locate and set the maxRequestLength (NOTE: the value is in Kilobits)

EWS Config File

Open the File located at;

%ExchangeInstallPath%ClientAccess\exchweb\ews\web.config

Locate and set the maxRequestLength (NOTE: the value is in Kilobits)

ActiveSync (Sync)  Config File

Open the File located at;

%ExchangeInstallPath%ClientAccess\Sync\web.config

Locate and set the maxRequestLength (NOTE: the value is in Kilobits)

Having changed these values, perform an IISRESET;

Repeat for any additional servers.

Related Articles, References, Credits, or External Links

Message Size Limits on Exchange 2003

Exchange – Message Not Sent ‘Because there are too many recipients’

Exchange 2010 – Error in IIS Manager When Editing Authentication

KB ID 0000340 

Problem

Whist in IIS Manager and attempting to edit the authentication for the Exchange directory you see the following error,

Error reads,

There was an error while performing this operation.

Details

Filename: ?C:Program FilesMicrosoftExchange ServerV14ClientAccessowaweb.config. Line number: 30 Error: Configuration section not allowed to be set below application.

Solution

1. Navigate to C:Program FilesMicrosoftExchange ServerV14ClientAccessowa > Locate the web.config file and save a copy to your desktop as a backup.

2. Edit the original file and go to line 30 (use the arrow down key and count if you don’t have a code editor) I simply used notepad. At Line 30 delete the line that contains “<authentication mode=”windows” />” then save the file.

3. Then restart web services, click Start > in the run/search box type cmd{enter} > Execute the following command,

[box]iisreset /noforce[/box]

 

Related Articles, References, Credits, or External Links

NA

Backup and Restore a Cisco Firewall.

KB ID 0000076

Problem

There are many different versions of PIX and ASA Firewalls. So, if you want to get a backup of the configuration and save it elsewhere,  (so in the event of a failure, (or more likely someone tinkering and breaking the firewall)). you will be able to recall and restore that configuration. By far the easiest method is to use a TFTP server – and it works on ALL versions, so learn it once and use it many times.

Note: Some people flatly refuse to use command line, if that’s you, you can also backup and restore from the ASDM click here.

OK for starters you need to get a TFTP server – while this sounds very grand, its a little piece of software that will run on just about any windows PC, I use an application called 3CDeamon and I’ve put information on how to get it and how to set it up (about 5 min’s work) HERE. Or if you have a Mac it’s built in.

I’ll assume at this point you have the TFTP server installed and running, and you know the IP address of machine that’s running it.

NOTE: TFTP uses UDP Port 69, if you have firewalls in between the one you are working on, and the TFTP server then this port needs to be open.

Solution

1. Connect to the firewall via Telnet, Console Cable or SSH, then go to enable mode, type in the enable password.

[box]

Petes-ASA> enable
Password:*********
Petes-ASA#

[/box]

2. To back up the firewall you need to specify the IP address of where you want to send it(i.e. the TFTP server), what you want to call the backup, and you tie them together with a “Write Net” command. The syntax is,

write net {ip address}:{filename}

[box]

Petes-ASA# write net 172.254.1.2:firewall_backup
Building configuration...
INFO: Default tftp-server not set, using highest security interface
Cryptochecksum: 85c211cb 3099b392 9e7206e6 e1548bcd
!
[OK]
Petes-ASA#

[/box]

3. On your TFTP server you will see that a file has been received.

4. If you look in the TFTP server root directory you will find the file, though it has no file extension you can open it and view it using a text editor like notepad or wordpad, just remember NOT to save it with a txt or rtf extension when you close it again. Keep it safe you will need it if you ever want to restore.

Restore

1. To restore you must have already backed up the firewall earlier and have that backup in the TFTP servers root directory.

2. Connect to the firewall via Telnet, Console Cable or SSH, then go to enable mode, type in the enable password.

[box]

Petes-ASA> enable
Password:*********
Petes-ASA#

[/box]

3. Enter configuration mode using the “conf t” command.

[box]

Petes-ASA# configure terminal
Petes-ASA(config)# 

[/box]

4. Unlike when you backed up the firewall to restore the configuration you use the copy tftp start command.

[box]

Petes-ASA(config)# copy tftp start

[/box]

5. Supply it with the IP address of your TFTP Server.

[box]

Address or name of remote host []? 172.254.1.2

[/box]

6. Supply it with the name of the file you backed up earlier.

[box]

Source filename []? firewall_backup

[/box]

7. The file will get copied over.

[box]

Accessing tftp://172.254.1.2/firewall_backup...!
Writing system file...
!
2974 bytes copied in 0.90 secs
Petes-ASA(config)#

[/box]

8. On your TFTP server you will see the file being “copied out”

9. Not finished yet, the file now lives in the “Startup” configuration so its not been loaded from memory yet, the best way to do this is to reboot the firewall. To do this issue the reload command, and confirm by pressing enter.

[box]

Petes-ASA(config)# reload

Proceed with reload? [confirm] {Enter}

Petes-ASA(config)#

*** *** — START GRACEFUL SHUTDOWN — Shutting down isakmp Shutting down webvpn Shutting down File system

 

** *** — SHUTDOWN NOW —

 

[/box]

10. After the reboot, you will be running on the restored configuration.

Note: With a Version 6 Firewall – restoring a config from TFTP simply “Merges” the new one with the config on the firewall, in most cases this is NOT what you want, to get round this place the following command at the top of the config you are restoring

clear config all

Backup a Cisco 5500 firewall from the ASDM

1. Connect to the firewall via ASDM, then Tools > Backup Configuration > Browse to a Location to Save the File > If you have certificates to backup, then choose and confirm a password > OK.

2. Watch the progress > Close > OK.

Restore a Cisco 5500 firewall from the ASDM

1. Connect to the firewall via ASDM, then Tools > Restore Configuration  >Browse to the .zip file you saved earlier > Select File > Next > Restore.

2. If you are restoring certificates enter the password you used above > OK > Then choose whether to ‘replace‘ the config on the firewall, or ‘merge‘ the restored config with the one on the firewall.

 

3. The ASDM will detect theres been a change, just drag that window to one side, Wait for the restore to finish > Close. You will probably need to reconnect to the firewall now.

 

Related Articles, References, Credits, or External Links

MAC OS X TFTP Software

Backup and Restore a Cisco Router with TFTP

Install and Use a TFTP Server