Topic Last Modified: 2007-01-08

The Microsoft® Exchange Server Analyzer Tool reads the following registry entry to determine if the default MIME header limits in Exchange have been changed:


If the Exchange Server Analyzer finds that any value for LimitRecipients has been set, a non-default configuration alert is displayed.

Exchange 2000 Server Service Pack 2 (SP2), and later versions of Exchange Server include updated functionality in the store process (store.exe) that defines how large or irregularly formed MIME is handled. This functionality was added to further secure Exchange as a target against denial of service attacks by both malicious and exceptional (unintentionally large and complex) MIME messages. Some examples of the limits imposed on MIME messages submitted to the store include limiting the number of recipients, limiting the number of embedded messages, and limiting the size of the individual MIME headers. In previous versions of Exchange, where unbounded MIME headers are allowed to enter the Exchange store for processing, excessively large or complex MIME messages may consume nearly all resources (mainly CPU) as a result of parsing, indexing, and processing the MIME.

The default values for these various MIME header limits are set within the store process. However, if a registry key has been set to define any one of these limits, the registry key will override the default store.exe value. When any one of the various limits is exceeded in a MIME message, a non-delivery report (NDR) is sent to the sender.

If the LimitRecipients registry key has been set, it is likely the result of advice from Microsoft Product Support Services, as this key has not been published. As such, Microsoft does not recommend changing this setting.

The default value for LimitRecipients (if no registry key exists) in the store process is 65,535 recipients per MIME message.