12.9.2 Specifying Absolute Message Size Limits (Sun Java System Messaging Server 6.3 Administration Guide)

Sun Java System Messaging Server 6.3 Administration Guide

12.9.2 Specifying Absolute Message Size Limits

Keywords: blocklimit, noblocklimit, linelimit, nolinelimit, sourceblocklimit

Although fragmentation can automatically break messages into smaller pieces, it is appropriate in some cases to reject messages larger than some administratively defined limit, (for example, to avoid service denial attacks).

The blocklimit, linelimit, and sourceblocklimit keywords are used to impose absolute size limits. Each of these keywords must be followed by a single integer value.

The keyword blocklimit specifies the maximum number of blocks allowed in a message. The MTA rejects attempts to queue messages containing more blocks than this to the channel. An MTA block is normally 1024 bytes; this can be changed with the BLOCK_SIZE option in the MTA option file.

The keyword sourceblocklimit specifies the maximum number of blocks allowed in an incoming message. The MTA rejects attempts to submit a message containing more blocks than this to the channel. In other words, blocklimit applies to destination channels; sourceblocklimit applies to source channels. An MTA block is normally 1024 bytes; this can be changed with the BLOCK_SIZE option in the MTA option file.

Source block limits can also be specified on a per sender basis by specifying a user LDAP attribute with the MTA option LDAP_SOURCEBLOCKLIMIT, and adding this attribute to the senders LDAP entry. Source block limits are also supported based on the sender’s domain. Specify a domain LDAP attribute with the MTA option LDAP_DOMAIN_ATTR_SOURCEBLOCKLIMIT, and adding this attribute to the sender’s domain LDAP entry. There are no defaults for either of these values.

The keyword linelimit specifies the maximum number of lines allowed in a message. The MTA rejects attempts to queue messages containing more than this number of lines to the channel. The keywords, blocklimit and linelimit, can be imposed simultaneously, if necessary.

The MTA options LINE_LIMIT and BLOCK_LIMIT can be used to impose similar limits on all channels. These limits have the advantage that they apply across all channels. Therefore, the MTA servers can make them known to mail clients prior to obtaining message recipient information. This simplifies the process of message rejection in some protocols.

The nolinelimit and noblocklimit channel keywords are the default and mean that no limits are imposed, other than any global limits imposed via the LINE_LIMIT or BLOCK_LIMIT MTA options.