General discussion

Locked

How to enforce E-mail Size Limits

By LordInfidel ·
Network administrators are charged with the undaunting task of keeping their networks alive and well.

But in today's world of increasing file sizes and people using e-mail to communicate with each other. The question is asked, how do we regulatethe size of e-mails without disrupting daily business.

I see problems on multiple fronts.

1. Users lack of knowledge of the purpose and limitations of e-mail, it's servers and the smtp protocol.

2. Mail admins lack of ability to enforce it's policies.

3. Mail admins that are unaware of what their users are doing.

I have personnaly seen 220 megs being sent through our mail server. (Yes I did stop this immediately after having a heart attack).

Our solution. We have instituted a2 meg limit, both incoming and outgoing. Files over 2 megs must be FTP'd using our public ftp server.

Is this the best solution? I don't know. But I do know that we as Net and Mail Admins need to be pro-active in the prevention of this practice.

The abuse of our mail servers is increasing and is showing no signs of slowing down.

Let me know your thoughts, encounters and solutions to this growing problem.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

E-Mail.

by DukeBytes In reply to How to enforce E-mail Siz ...

Come on now - email is THE most important application on the network.....

Isn't that crazy - but true. I have had the accounting server fall on its face and I knew about before the Acct dept did. But when the mail server BSOD one day - I couldn't get out of my office to fix it because of the phone calls. (bet you've been there - done that... :)

Actually what your doing is about the only thing that you can do to help keep it under control. Everywhere I have worked we put a limit of 1.5 - 3 meg on the email sizes because of lack of space.

One other - rather nasty - thing that you can do is to email everyone a copy of the corp user policy and state that the IT department will be monitoring ALL email messages for key words to help determine that the company email system is being used for company reasons - blah blah.... IF your PHB will agree to something like this.

You don't really need to have anything looking at the messages - most of the time it just sort of cleans up all by itself :)

I know - its rotten - but it does work.

Also - keep an eye on your FTP users - you might want to restrict who can and can not FTP up to your system. You will find that there are 4 or 5 people who have a bucket load of games/shareware/freeware software in their home directories - that will cause backup problems faster than you can blink. A good app to keep an eye on that is TreeSize Pro. It lists directories with the size of each dir. Let's you know who has how much qickly.

One thing that we did was to have users call the IT dept when they needed a file FTP'd. After a while we gave the users who needed it (for real) access to be able to FTP. Never had too much problems after that.

Good luck,
Duke

Collapse -

Actually....

by LordInfidel In reply to E-Mail.

I've actually gone to a little more extreme. I guess you can call me a tyrant.

I don't back up the ftp server and it is unprotected. It's bastionized but not behind the firewall. I have standing orders with my users that every friday whatever is on the ftp server will be deleted (by script of course).

They all know that I can read their e-mail at any given time and I block just about every file extension that can pose any threat (exe, vbs, dll, wsh, etc...) You just have to love exchange. Blocking the extensions also helps in preventing large files. Especially mpegs.

But my main goal, hopefully, is to get the user community informed about the proper use of e-mail. Because Our company has to depend on the interaction with other companies, I have been privy to seeing abuse all across the board. I honestly beleive that there are alot of inexperienced admins out there that just don't understand or know what their users are doing.

(funny, a user just came in to the noc to have me pull down an file of the ftp server)

Thanx for sharing with me though. It's nice to know that I'm not alone and my doctrine isn't too far off base.

Collapse -

Limits and Training

by A4U In reply to How to enforce E-mail Siz ...

We have had a number of issues with giant mailboxes. Many users use e-mail to store files instead of e-mail. Two things were done.
1) Limit (with reason) the size of mailboxes.
When the user hits the first limit they get an e-mail warning them.Eventually a third message is sent and will bar them from sending until they reduce the size of their box. If it continues they will also stop getting e-mail. As long as step two is followed this has worked.

2) Training, training training
Not many people have truly been trained on e-mail. Most just pick it up somewhere. Train users to save their files correctly instead of keeping the attachment with an e-mail. Train users to set up folders, archive, and delete. Everything does not need to be saved. Train users on the limits before they even start to use your e-mail system.

This is not a perfect solution, but it can work.

Collapse -

Record Retention Policies

by WonderingAlice In reply to Limits and Training

Why wouldn't email be addressed in terms of record retention policies - just like other types of information ? We are strugling with the legal ramifications of retaining the data more than the space.

Collapse -

You're absolutely right

by McKayTech In reply to Record Retention Policies

Particularly with government agencies where e-mail is (for the most part) considered a public record, the legal ramifications are mind-boggling. Justifications for employee terminations are mingled right in there with bake sale notices and very fewgovernment agencies have a well-defined and court-tested E-mail Retention Policy that separates the wheat from the chaff.

On the one hand, there is a school of thought that compares e-mail with a telephone call (typically transient in nature and only significant if confirmed in formal written form). But as Microsoft found out (over and over again) in it's anti-trust trial, e-mails tend to have a much longer life than a telephone call.

On the other hand, e-mails in many agencies serve as transaction records and/or receipts and therefore may have considerable significance beyond the actual contents. And that's why I have users with 18,000 messages stored in their mailboxes and it would be very imprudent of me to do anything about it without buy-in from the big bananas.

paul

Collapse -

My solution

by LordInfidel In reply to Record Retention Policies

I do keep regular/daily backups of e-mail.

A good backup system can archive e-mail for years. Our backup tapes are routinely taken out of the rotation and permamently stored.

Plus whenever a user is terminated/leaves, their e-mail box is exported and burned to cd. Obviously we make more than one copy of the cd and the cd's are put into archive.

Common sense needs to be applied when it comes to archiving documents and e-mail. You may evenetually need it, so keeping backups are very important.

Collapse -

E-mail size limits

by ewinship In reply to How to enforce E-mail Siz ...

Can you direct me to some industry information on standard e-mail box sizes? What do you use? Also, any information on the cost of storage that would connect for the users i.e. It costs us $X/ user for e-mail storage. Thanks.

Collapse -

Hope this helps

by LordInfidel In reply to E-mail size limits

This is a hard one. Each company is going to be different as will each scenario.

If this is a Brand new install for a company that has never had e-mail, I would say that a standard mailbox would be 50-100 megs.

Now hard drive space is pretty inexpensive these days, so cost should not be too much of a factor. The equation I would use for a company that only sends plain text messages (no files):

No of employees x 100 x 2 x 2 = A + (1/2A) = total size

Basically take the amount of employees that you have times it by 100 megs, times that by 2 for future growth, times that amount by 2 for extra disk space, divide that in half and add it to the total size.

10 employees needs 1 gig x 2 = 2 gigs x 2 = 4 gigs + 2 = 6 gigs total.The key is knowing future growth and how your users are going to be using e-mail. Once you know those factors double it then add it's half.

In our company where we send and receive large files, and since we migrated from a local pst based system. My limit is 400 megs and I am, after a year, working them down to 200 megs per mailbox. Originally they all had 400 megs- 1 gig mailboxes.

One thing that I have found is that management thinks in money. If you are their mail admin, tell them that in order to have huge mailboxes it will cost them cash.

One tip... If you are going with exchange, the standard edition has a maximum mail store of 16 gigs (all mailboxes and database), Enterprise has no limit.

Hope this helps,

Back to IT Employment Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums