12.9 Limits on Messages, Quotas, Recipients, and Authentication Attempts

This section describes keywords that set size limits on messages, user quotas, and privileges. It consists of the following sections:

• 12.9.1 Limits on Unsuccessful Authentication Attempts

• 12.9.2 Specifying Absolute Message Size Limits

• 12.9.3 Retargeting Messages Exceeding Limit on Size or Recipients

• 12.9.4 Handling Mail Delivery to Over Quota Users

• 12.9.5 Handling SMTP Mail with Lines Exceeding 1000 Characters

• 12.9.6 Controlling the Length of General and Filename Content-type and Content-disposition Parameters

• 12.9.7 Limiting Message Recipients

• 12.9.8 Limiting Header Size

12.9.1 Limits on Unsuccessful Authentication Attempts

Keywords: disconnectbadauthlimit

This keyword can be used to place a limit on the number of unsuccessful authentication attempts that will be allowed in a session before the session is disconnected. The default value for this option is 3.

12.9.2 Specifying Absolute Message Size Limits

Keywords: blocklimit, noblocklimit, linelimit, nolinelimit, sourceblocklimit

Although fragmentation can automatically break messages into smaller pieces, it is appropriate in some cases to reject messages larger than some administratively defined limit, (for example, to avoid service denial attacks).

The blocklimit, linelimit, and sourceblocklimit keywords are used to impose absolute size limits. Each of these keywords must be followed by a single integer value.

The keyword blocklimit specifies the maximum number of blocks allowed in a message. The MTA rejects attempts to queue messages containing more blocks than this to the channel. An MTA block is normally 1024 bytes; this can be changed with the BLOCK_SIZE option in the MTA option file.

The keyword sourceblocklimit specifies the maximum number of blocks allowed in an incoming message. The MTA rejects attempts to submit a message containing more blocks than this to the channel. In other words, blocklimit applies to destination channels; sourceblocklimit applies to source channels. An MTA block is normally 1024 bytes; this can be changed with the BLOCK_SIZE option in the MTA option file.

Source block limits can also be specified on a per sender basis by specifying a user LDAP attribute with the MTA option LDAP_SOURCEBLOCKLIMIT, and adding this attribute to the senders LDAP entry. Source block limits are also supported based on the sender’s domain. Specify a domain LDAP attribute with the MTA option LDAP_DOMAIN_ATTR_SOURCEBLOCKLIMIT, and adding this attribute to the sender’s domain LDAP entry. There are no defaults for either of these values.

The keyword linelimit specifies the maximum number of lines allowed in a message. The MTA rejects attempts to queue messages containing more than this number of lines to the channel. The keywords, blocklimit and linelimit, can be imposed simultaneously, if necessary.

The MTA options LINE_LIMIT and BLOCK_LIMIT can be used to impose similar limits on all channels. These limits have the advantage that they apply across all channels. Therefore, the MTA servers can make them known to mail clients prior to obtaining message recipient information. This simplifies the process of message rejection in some protocols.

The nolinelimit and noblocklimit channel keywords are the default and mean that no limits are imposed, other than any global limits imposed via the LINE_LIMIT or BLOCK_LIMIT MTA options.

12.9.3 Retargeting Messages Exceeding Limit on Size or Recipients

Keywords: alternatechannel, alternateblocklimit, alternatelinelimit, alternaterecipientlimit

The MTA provides the ability to retarget messages that exceed a specified limit on the number of recipients, message size, or message lines to an alternate destination channel. This is implemented as a set of the following channel keywords alternatechannel, alternateblocklimit, alternatelinelimit, and alternaterecipientlimit that can be placed on any destination channel. The alternatechannel keyword takes a single argument specifying the name of the alternate channel to use. The other keywords each accept an integer argument specifying a corresponding threshold. A message that exceeds any of these thresholds will be enqueued to the alternate channel instead of the original destination channel.

In the following channel block example, large messages over 5,000 blocks, that would have gone out the tcp_local channel to the Internet, instead go out the tcp_big channel:

tcp_local smtp ... other keywords... alternatechannel tcp_big alternateblocklimit 5
tcp-daemon


tcp_big smtp ...rest of keywords...
tcp-big-daemon

tcp_local smtp ...other keywords... alternatechannel tcp_big alternateblocklimit 5
tcp-daemon


tcp_big smtp ...rest of keywords...
tcp-big-daemon

Here are some examples of how the alternate* channel keywords can be used:

• If you want to deliver large messages at a delayed or an off-hours time, you can control when the alternatechannel (for example, tcp_big) runs.

  One method is to use the imsimta qm utility’s STOP channel_name and START channel_name commands, executing these commands periodically via your own custom periodic job that is run by the Job Controller or via a cron job.

• When you want the Job Controller to process large messages or messages with many recipients in their own pool, you might also use the alternatechannel.

  You can separate small messages or messages with few recipients from the large messages or messages with many recipients, since the latter might take longer for remote SMTP servers to process and accept; you might not want the larger messages to delay delivery of the smaller messages.

  Note that the Job Controller’s regular scheduling of messages and assigning of messages to threads and processes are acceptable in most configurations.

• When you want to set special TCP/IP channel time-out values for large messages or for messages with many recipients, you can use the alternatechannel.

  In particular, setting special TCP/IP channel time-out values can be helpful if you want to send messages to remote hosts that take exceptionally long to receive large messages or messages with many recipients.

  Note that the default automatic time-out adjustment should be sufficient for most configurations. At most, you might want to adjust the values from the defaults and not use a special channel. In particular, see the channel options STATUS_DATA_RECV_PER_ADDR_TIME and STATUS_DATA_RECV_PER_BLOCK_TIME in the Sun Java System Messaging Server 6.3 Administration Reference.

• When you want special MIME message fragmentation for especially large messages, you can use the alternatechannel and the alternateblocklimit channel keywords along with the maxblocks channel keyword.

  Typically, you would put the desired maxblocks size on your regular outbound TCP/IP channels, when you want to fragment messages over a specified size. The maxblocks channel keyword is normally both the threshold at which to perform fragmentation and the size to make the fragments.

  But, if you want to have a larger threshold trigger and make smaller actual fragments, you can use the alternatechannel and alternateblocklimit on the outbound TCP/IP channel. You can then use the maxblock size on your alternate channel to fragment messages over a particular size.

• You might use the alternatechannel in conjunction with special filtering. For instance, a message with many recipients might need more careful scrutiny of its content in case it is spam. You might want to do different filtering based on the outgoing channel (See the destinationfilter channel keyword in 12.12.4 Specifying Mailbox Filter File Location.

  If you are performing relatively resource-intensive scanning (such as virus filtering) via the conversion channel, very large messages might have a resource issue. You might want to use an alternate conversion channel. Or, you might want to do special conversion procedures within the regular conversion channel, based on the outgoing channel.

• You can use the alternatechannel when you want large outgoing messages to go out their own channel, so that they stand out when you analyze the mail.log* file or in counters displays.

  Furthermore, if you are trying to do careful analysis of delivery statistics, it is useful to process large messages in their own channel. This is because large messages or messages with many recipients that are sent to remote SMTP hosts are likely to take longer to finish processing, thus creating different delivery statistics for larger messages than for typical messages.

12.9.4 Handling Mail Delivery to Over Quota Users

Keywords: holdexquota, noexquota

The noexquota and holdexquota keywords control the handling of messages addressed to Berkeley mailbox users (UNIX), that is, users delivered to uid the native channel, who have exceeded their disk quotas.

noexquota tells the MTA to return messages addressed to over quota users to the message’s sender. holdexquota tells the MTA to hold messages to over quota users; such messages remain in the MTA queue until they can either be delivered or they time out and are returned to their sender by the message return job.

12.9.5 Handling SMTP Mail with Lines Exceeding 1000 Characters

Keywords: rejectsmtplonglines, wrapsmtplonglines, truncatesmtplonglines

rejectsmtplonglines adds the option of rejecting messages that contain lines longer than the 1000 characters (including CRLF) that SMTP allows. The other options in this area are wrapsmtplonglines, which wraps overly long lines, and the default truncatesmtplonglines, which truncates overly long lines. Both of these keywords must be applied to the initial channel used for submission (such as tcp_local). It will not affect any channel that is switched to subsequently.

12.9.6 Controlling the Length of General and Filename Content-type and Content-disposition Parameters

Keywords: parameterlengthlimit and nameparameterlengthlimit

parameterlengthlimit controls the points at which general content-type and content-disposition parameters are truncated. It defaults to 1024. nameparameterlengthlimit controls the points at which the name content-type and the filename content-disposition parameters are truncated. It defaults to 128. Note that only the outermost message header is processed unless MIME processing is being performed on the message. MIME processing can be enabled in a variety of ways including, but not limited to, the inner keyword or the use of charset conversions.

12.9.7 Limiting Message Recipients

Keywords: recipientlimit and recipientcutoff

recipientlimit specifies the total number of recipient addresses that will be accepted for the message. recipientcutoff compares the total number of recipients that were presented to the MTA to the specified value. No message will be accepted for delivery if the limit if the value is exceeded. Both keywords accept a single integer argument. The default for both infinite unless the corresponding channel keyword is specified.

Recipient limits can also be set on a sender or sender’s domain. This is done by specifying a user or domain LDAP attribute with the appropriate MTA option: LDAP_RECIPIENTLIMIT, LDAP_RECIPIENTCUTOFF, LDAP_DOMAIN_ATTR_RECIPIENTLIMIT, LDAP_DOMAIN_ATTR_RECIPIENTCUTOFF, and adding the attribute to the sender’s user entry or domain entry.

12.9.8 Limiting Header Size

Keywords: headerlimit

Imposes a limit on the maximum size of the primary (outermost) message header. The primary message headers are silently truncated when the limit is reached. If the global MTA option, HEADER_LIMIT, is set, it overrides this channel-level limit. Default is no limit.