Yesterday one of my users was expecting an important, time-sensitive email from a government contact but never received it. Late in the day they sent an email to that contact saying "where's that email?" The government POC replied saying, "I already sent it this morning at 11:00 AM."
I checked our Exchange message tracking logs and confirmed that the email had in fact been sent but had been rejected for exceeding the maximum message size limit (the attachment was evidently pretty big).
By the time we realized what had happened, the government POC was gone for the day and the window of opportunity had closed. Evidently the government POC should have gotten an NDR (at some point) when his email was rejected by our system, but he either didn't get it in a timely manner, didn't notice it, didn't understand it, or didn't care. (The email went out to a pool of potential customers bidding on a new contract, and presumably as long as he did his job by sending the email out, he might not care if it arrived successfully or not.)
How can I be notified when one of my users has an email sent to them that is rejected due to exceeding one of our Exchange 2010 message size limits? If I had seen the rejection when it occurred, we might have had enough time to solve the problem before our opportunity slipped away.
You can create a transport rule including a size-limit for attachments. The mail can then be forwarded to a specific address or sent to another address for moderation or whatever you like. See the TechNet article on transport rules for Exchange 2010, specifically part #32.
Edit: You can always forward specific NDRs to you "postmaster". Look it up here.
How are you enforcing message sizes? The highest restriction in the environment should be set on the Receive Connectors - but I see so many with the limit removed. That would ensure the email is rejected at the point of delivery and an NDR returned.
I have also seen this behaviour when there are multiple servers and the receive connectors are not consistent across them all and the email bounces around. Another cause was a Send Connector pointing back to another Exchange server in the same org - again causing an email loop.
Basically the behaviour you have seen is not to be expected and the question is why it wasn't rejected.
The question you asked about being notified if an email is rejected due to size - that cannot be done. In a correctly functioning environment the reject would happen at the point of delivery, so Exchange wouldn't be able to notify you. To notify the email would have to be accepted and then quarantined, a functionality that Exchange doesn't have.