[SASAG] Decipher Exchange SMTP Logs
bri at ifokr.org
Mon Jan 26 14:36:50 PST 2009
On 2009-01-26 13:02 -0800, Eric Kahklen chatted:
> We are having a problem where an attachment over 1 MB is being denied by
> the destination mail server. They have told me they are not limiting
> incoming email size. They are able to receive email with an attachment
> less than 1 MB from my users. I've sent the same attachment from my
> personal email account that is not using Exchange and have not yet
> received a bound message yet, but have not heard from them if they got the
> message. Is there a way to know what their mail server's message size
> limits are?
You can only know the first hop. If they have mail go from your
machine to their machine to one or more machines after their first,
you have no idea what they'll accept. But that first one you can
usually infer size limits based on SMTP header.s
> My smtp logs show <, 250 SIZE 1048576 which should be 1 MB.
That looks like their SMTP header. Try hitting their public
mail server on port 25. You can figure out where the mail should
$ host -t mx example.com
then hit port 25 and issue an EHLO, e.g.
$ telnet their.mx.machine.example.com 25
220 their.mx.machine.example.com ESMTP InferiourMail
EHLO my.domain.example.com < You type this
quit < You type this
Connection closed by foreign host.
This shows what they're advertizing as a hard inbound message
size in the 'SIZE' line. If you can show them this says
the 1048576 (1M) that you seem to have already found, this
should help them.
Note that to send an email with a 1MB attachment means encoding
it in 7bit ascii, which bloats it up beyond 1MB.
Brian Hatch "I use pico on any Unix that
Systems and didn't ship with vi."
Security Engineer -- Francois Caen
Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: Digital signature
More information about the Members