Customizable Recipient Limits in Office 365

Published 02-19-2020 01:50 PM 73K Views

In 1997 Exchange introduced the Recipient Limits setting on user mailboxes. This limits the total number of recipients to which a user can send a single message (the total number of recipients added to the To, CC, and BCC lines of a message). By default, in the Office 365 multi-tenant service this is set to 500 for all mailboxes, and prior to January 2020 customers couldn’t change this setting.

Some email admins want to increase the recipient limit for a handful of mailboxes – for example, to support recurring mailings like end-of-the-month billing statements -- while others want to reduce the recipient limit, say to 50 or 20, as a way to better protect against potential spam-like abuse from rogue employees or hacked email accounts. While the Exchange Online Protection service (part of Office 365) already includes features to help detect abuse by a rogue employee or a hacked email account, making recipient limits customizable by the email admin is another option admins can use as part of a defense-in-depth strategy to help improve the security posture of their organization.

Office 365 tenant admins can now customize the Recipient Limits setting from 1 to 1000. Admins can make changes either via Remote PowerShell (RPS) or via the Exchange Admin Center (EAC). The full complement of customization capabilities is available via RPS, while a sub-set of those are available in the Exchange Admin Center.

Customizing Recipient Limits via Remote PowerShell

Using Remote PowerShell an admin can perform the following updates for recipient limits:

  • Update a single mailbox
  • Update multiple mailboxes
  • Update the default for new mailboxes created in the future
  • New! Update the tenant level setting - go here

Below are examples for how to do this.

Update a single mailbox


Set-Mailbox -RecipientLimits 20


Update multiple mailboxes


(Get-Mailbox | where {$_.RecipientTypeDetails -ne "DiscoveryMailbox"}) | % {Set-Mailbox $_.Identity -RecipientLimits 10}


Update the default for new mailboxes created in the future (all plans)


Get-MailboxPlan | Set-MailboxPlan -RecipientLimits 50


Customizing Recipient Limits for a Single Mailbox in the Classic Exchange Admin Center (EAC)

In the classic EAC admins can customize the Recipient Limits from 1 to 1000 for individual mailboxes. The Recipient limit setting can be found in Recipients > Mailboxes > Mailbox Features > Mail Flow > View details.

Customizable Recipient Limits 1 .png

Customizing Recipient Limits for Multiple Mailboxes in the Modern EAC

While the classic EAC only offers email admins the ability to customize the recipient limit for one mailbox at a time, the modern EAC (currently in preview) offers admins the ability to bulk edit multiple mailboxes a time.

From the Recipients option in the left navigation bar select the more options (. . .) menu item and from the fly-out menu select Set recipient limit as shown in the screen shots below:

Customizable Recipient Limits 2.png

Customizable Recipient Limits 3 .png

At the time of this writing the modern EAC is still a work in progress and not yet automatically exposed to tenant admins. However, once a tenant admin has logged into the Office 365 portal they can access the modern EAC, and the feature to bulk edit recipients limits, by entering the following URL into their browser’s address bar:

While customizable Recipient Limits might not possess the exciting pizazz of a bright and shiny new major feature in Office 365, giving tenant admins the ability to control this setting is just one example of how we’ll continue to work to give admins more “knobs and dials” that they can use to better control and protect their organization’s email.

The Exchange Team


OK, using client-side filters, shame on you!

Senior Member

Go easy on them @Vasil Michev :)

Occasional Contributor

Finally this feature is enabled in Exchange Online and is very useful. Thanks 

Senior Member

I doubt efficiency of this this feature, to expand limitation. Is it possible to send a email to so many recipients, even 500 recipients(default limitation number) , without identified as SPAM sender by various Office 365 security functions?


Occasional Contributor

Hello @TakuyaHirose 

As per my observation and experience in working in this related field, a user with sending even 50 mail also treat as spam. 

In on-premises Exchange, we can modify the recipients' limit but in Exchange online there is by default limit to 500. Why Microsoft make it default 500 don't know? But now it's better to modify and need to decrease for security purposes.  

   If we can sent mail even up to 500 recipients without spam it will be the best solution for bulk mail.

Regular Visitor

Good news, but this limit is still far from expectation. 

For instance the HR can't address email to All the users of our tenant ( about 17.000) for legitimate announcement or  important communication....



Senior Member

 This could perhaps be out of scope for this, but how can I limit the amount of e-mail sent OUT.


An example is internal to internal spam- when they hit the limit they're restricted. How can I lower their limit so they're restricted sooner to limit the scope of their attacks? 

Regular Visitor


it is possible to change it to "unlimited"? Because is see unlimited options for few mailboxes already.




Frequent Contributor

"Unlimited" in this case would translate 400 (used to be 500, before it was silently lowered to 400) to 1000 (the new default, up from the old default of 500).


Can't imagine why 0 isn't allowed, instead we can only go as low as 1.  It's a miss for sure. 


EDIT:  My bad, the 400 is Recipient ProxyAddress limit.  The new RecipientLimit default is 1000, which is double the previous of 500, so I have no complaints there, sorry for the misinfo in my first sentence.

Senior Member

From a few talks with MS, it varies on the user and the campaign being sent. I had two users, both compromised and sent about 9K spam e-mails each. One got off they 9K in about 2 minutes, the other was restricted from sending. It was the same email (content and subject). 


Why one was flagged and the other was not is beyond me, and I was told those limits are like guidelines. They can still send more, much more, quickly, just something flagged the other one and restricted the user, but the other one was...fine? Eh. 




If you are trying to send to 17,000 users from a single message, you could try using a distribution list.   That only counts as one recipient.  A moderated DL or one with sending restrictions will also mitigate any "reply-all" storms you might encounter.

Occasional Visitor

From a GDPR perspective it would be useful to be able to specify different limits for To, Cc and Bcc. The reason for this is that many external addresses in To and Cc might pose a privacy incident if the subject/body has a medical context. For instance a mail to a medical support group, if the recipient sees other e-mail addresses, they might incur that those people suffer from the same illness.  The best way to avoid this, is use the Bcc field for those e-mails (apart from using a mailinglist). So we would like to keep To and Cc numbers low, while Bcc number can be large.

Super Contributor

Hi @beamzer,


using RestrictExtRecips tool you can limit only TO:/CC: recipients.

Occasional Visitor

I don't have those buttons in my modern EAC exchange admin center :

set recipients limit and others are missing, please guys suggest anything i should do to get them (i already opened a support ticket at microsoft but they are not calling me back)



Occasional Visitor

Same issue for me.

Occasional Visitor

As microsoft never answered me i hope you'll enjoy my answer as i had the issue and solved it quite simply

the trick is quite simple though i'm surprised no one answered

anyhow here is how to get it 

in the modern EAC you have to tick first the dot on the top of the list so you can select ALL mailboxes 

once done you'll get the 3 dots ... and you'll be able to access it 


Occasional Visitor

I'm sending an email in a java program and got the too many recipients  error. However, after I set the recipient limit to 1000. I still got the same error. There are 507 recipients and the email can only be sent successfully after I reduce the number of recipient down to 500. Anyone knows why? Thanks in advance.

Occasional Visitor

How long does it takes for the changes to take effect?

Occasional Visitor

In the old days of on-premise Exchange servers, we can set "MessageRateLimit" and "MessageRateLimit" for more detailed management.

However, O365 cannot support these parameters now, hope to restore the functions of these two parameters.


Occasional Visitor

Hi All


How does the above fit in with Outbound SPAM policies in a Hybrid setup?


With an outbound spam policy I can set a recipient limit also and set up alert policies to notify admins etc


Surely this is the best way as we can target security groups or even an all user group for tenant wide recipient list


@amyabul @The_Exchange_Team 


Version history
Last update:
‎Aug 06 2020 01:30 PM
Updated by: