Richtlinien für die LRZ-Mailserver

This page describes which guidelines and which restrictions apply when using the LRZ mail systems. The rules also apply to the use of local mail servers at institutes or chairs, as long as the relaying of mails from the Internet is done via the LRZ mail servers.

Maximum size of an email

Emails may be a maximum of 50 MiB (i.e. 52,428,800 bytes) in size. This limit applies to both sending and receiving emails.

(grey lightbulb) ReasonProtection of LRZ mail servers (and thus indirectly MWN mail servers) from flooding. Also foreign mail servers usually accept only a similar size.
(info) NoteThe specified limit is the limit for the raw size, i.e. the size of an email with the encoding of binary data necessary for the transfer. The actual size limit for attached files is about 37.5 MiB.
Filtering out virus infected emails

All emails that pass through LRZ mail systems are checked for viruses. If an infection is detected, the email is quarantined and the sender is informed.

  • the sender is informed if the email comes from inside the MWN,
  • the recipient is informed if the email comes from outside the MWN. (In general, it would be preferable to inform the sender's address in this case as well. However, this would usually fail because this address is often spoofed.)

Quarantined emails are deleted after 30 days.

(grey lightbulb) Reason

Preventing the introduction of malware into MWN and protecting personal computers.

Use of anti-spam measures

Various techniques are used at the LRZ mail relays to ensure that the majority of incoming spam mails are not accepted at all, but are rejected from the outset (e.g. no acceptance of emails from dial-up networks, no acceptance of emails from computers with incorrect DNS configuration, no acceptance of emails with non-existent sender domains). The sender is always informed of the reason for rejection by email.

(grey lightbulb) ReasonProtecting our users and our mail infrastructure from unwanted spam.
(lightbulb) AdviceIn rare cases, regular emails may also be rejected (e.g. if the sending mail server is incorrectly configured). In such cases, please contact us as soon as possible via our service desk and let us know the date, time, sender and recipient address of the failed mail delivery. We will then investigate the issue.
Extended storage of connection data when greylisting

At the LRZ mail relays, so-called greylisting is used for spam prevention, among other things. In this process, certain connection data, namely the IP address of the sending mail server and the mail addresses of the sender and the recipient, are stored for 36 days. The period of 36 days was chosen so that emails that are sent, for example, on the first Monday of every month (e.g. newsletters) are not affected by greylisting-related delays. For connections covered by exception lists (e.g. large providers like, no connection data is stored. For a description of the greylisting technique, see Spam and virus prevention methods.

(grey lightbulb) Reason

Protecting our users and our mail infrastructure from unwanted spam

SMTP port blocking at the transition from the Internet to the MWN

Direct reception of emails from the Internet is only allowed for a few, large and well-maintained mail servers in the MWN (blocking of SMTP port 25 for all other IP addresses). All other mail servers must use one of these excellent servers to receive emails, preferably the LRZ mail relays - see the article Configuration for mail reception from the Internet.

(grey lightbulb) Reason

Protection of mail servers against misuse as relays for sending spam mails - with corresponding negative effects (e.g. inclusion in so-called "denylists").

Limitation of sending emails

The sending of emails is limited to a maximum of 250 addresses per 24 hours. In justified exceptional cases, a higher limit (500 or 1,000) can be applied.

(grey lightbulb) ReasonThe purpose of this restriction is to ensure that only a limited number of emails are sent, even via compromised accounts, thus minimizing the risk of LRZ mail servers ending up on so-called "denylists".
(lightbulb) AdviceIf emails are to be sent repeatedly to the same group of recipients, it is recommended to use mailing lists or Exchange distribution lists (only possible if Exchange is used), as such lists/distribution lists count as one recipient.
Valid sender address for sending emails

Sending emails via the LRZ mail servers is only possible with sender addresses that are registered at the LRZ and may be used by the assigned person. These are the personal addresses and the addresses of the assigned function accounts. In particular, it is not possible to send emails with sender addresses of other providers (such as or

(grey lightbulb) Reason
  1. The valid sending addresses ensure that any error and status messages can be delivered.

  2. The prohibition of using external sending addresses is necessary due to the anti-spam measures of other providers, which refuse to accept emails if the sending mail server is not responsible for the domain of the sending address (keyword SPF, Sender Policy Framework).

(lightbulb) Advice
For sending emails with sender addresses of other providers, the webmailer or SMTP server of the respective provider should be used.
(info) NoteThe restriction described here currently only applies when sending emails via, when sending via, which can only be reached from the MWN, sender addresses of any domains are still accepted. However, the existence of the domain and, in the case of domains from the MWN, whether the address exists are checked.
Retention policy of emails in the Trash folder

On the mailbox servers, all emails are automatically deleted from the trash (folder name "Trash") that have been there for more than a week (Exception: Exchange).

(grey lightbulb) Reason

The trash folders are exempt from the storage space quota so that space can be freed up quickly when the mailbox is full. However, to prevent these folders from growing indefinitely, there is a retention policy.

Exchange: No Outlook/OWA-based forwarding to external addresses

Forwarding based on rules in Outlook or Outlook Web Access (OWA) that point to external addresses will not be executed.

(grey lightbulb) ReasonThis type of forwarding can lead to serious operational problems if the forwarding address is invalid (or becomes so at a later date). This is because so-called mail loops can then occur, with the risk that the respective provider will block the LRZ mail servers and thus generally no more email can be sent to this provider.
(lightbulb) Advice

For accounts that are managed in the Id-Portal of the LRZ, in TUMonline or in the online account management of the Munich University of Applied Sciences, forwardings can be set up at these portals as a alternative. However, no conditions can be specified here, i.e. only blanket forwardings are possible.

(info) Note

Users with corresponding rules are informed once a week by mail that the forwardings will not be executed.