In an effort to limit the abuse that can occur when an email account has been compromised, rate limits have been set on mail sent through the Microsoft 365 servers, including:
- mail (including calendar-related mail) sent from webmail;
- mobile devices such as the iPhone that use Activesync connections to the Microsoft 365 servers; and
- OS X iCal.
Rate limits do not apply to desktop email programs that are configured to make a direct smtp connection to smtp.stanford.edu.
The rate limits apply to both the total number of messages sent by an account as well as the total number of recipients addressed, both within a specified window of time. (For security reasons, the precise threshold we use is not published here.) A report will be sent to University IT staff to take appropriate action on accounts that exceed the limits. Rate-limit thresholds may be adjusted over time to accommodate account usage patterns.
Once an account reaches this rate limit threshold, the account holder will not be able to send mail using the clients listed above. New mail will continue to arrive and the account holder will otherwise have normal access to their email and calendar. If the account is found to have been compromised it will be temporarily disabled.
If these thresholds are triggered for legitimate reasons, the University IT Service Desk has tools available to reset them and re-enable the account to send mail again. Contact 725-4357 or submit a Help ticket.
