diff --git a/webui/config.php b/webui/config.php
index 505e81aa..1182ec8c 100644
--- a/webui/config.php
+++ b/webui/config.php
@@ -158,6 +158,7 @@ $config['RESTRICTED_AUDITOR'] = 0;
 
 $config['SHOW_ENVELOPE_JOURNAL'] = 0;
 $config['BULK_DOWNLOAD_FOR_USERS'] = 1;
+$config['MAX_DOWNLOAD_PER_HOUR'] = 0;
 
 $config['MAX_CGI_FROM_SUBJ_LEN'] = 34;
 $config['PAGE_LEN'] = 20;
diff --git a/webui/controller/message/download.php b/webui/controller/message/download.php
index 3567a0c5..860fa0e3 100644
--- a/webui/controller/message/download.php
+++ b/webui/controller/message/download.php
@@ -14,11 +14,14 @@ class ControllerMessageDownload extends Controller {
 
       $this->load->model('search/search');
       $this->load->model('search/message');
+      $this->load->model('audit/audit');
 
       $this->document->title = $this->data['text_message'];
 
       $this->data['id'] = @$this->request->get['id'];
 
+      if(!$this->model_audit_audit->can_download()) { die("you cannot download at the moment"); }
+
       if(!verify_piler_id($this->data['id'])) {
          AUDIT(ACTION_UNKNOWN, '', '', $this->data['id'], 'unknown id: ' . $this->data['id']);
          die("invalid id: " . $this->data['id']);
diff --git a/webui/controller/message/headers.php b/webui/controller/message/headers.php
index 8906ed0d..e2da6051 100644
--- a/webui/controller/message/headers.php
+++ b/webui/controller/message/headers.php
@@ -14,7 +14,7 @@ class ControllerMessageHeaders extends Controller {
 
       $this->load->model('search/search');
       $this->load->model('search/message');
-
+      $this->load->model('audit/audit');
       $this->load->model('user/user');
 
       $this->document->title = $this->data['text_message'];
@@ -39,6 +39,8 @@ class ControllerMessageHeaders extends Controller {
 
       $this->data['message'] = $this->model_search_message->get_message_headers($this->data['piler_id']);
 
+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
       $this->render();
    }
 
diff --git a/webui/controller/message/journal.php b/webui/controller/message/journal.php
index e59422a3..02ee677c 100644
--- a/webui/controller/message/journal.php
+++ b/webui/controller/message/journal.php
@@ -39,6 +39,8 @@ class ControllerMessageJournal extends Controller {
 
       $this->data['data'] = $this->model_search_message->get_message_journal($this->data['piler_id']);
 
+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
       $this->render();
    }
 
diff --git a/webui/controller/message/view.php b/webui/controller/message/view.php
index 17284b11..cab22339 100644
--- a/webui/controller/message/view.php
+++ b/webui/controller/message/view.php
@@ -80,6 +80,8 @@ class ControllerMessageView extends Controller {
 
       $this->data['images'] = array();
 
+      $this->data['can_download'] = $this->model_audit_audit->can_download();
+
       foreach($this->data['attachments'] as $a) {
          if(preg_match("/image/", $a['type'])) {
             $attachment = $this->model_search_message->get_attachment_by_id($a['id']);
diff --git a/webui/model/audit/audit.php b/webui/model/audit/audit.php
index 8c6a014b..95b3dfcd 100644
--- a/webui/model/audit/audit.php
+++ b/webui/model/audit/audit.php
@@ -155,6 +155,22 @@ class ModelAuditAudit extends Model {
    }
 
 
+   public function can_download() {
+
+      if(MAX_DOWNLOAD_PER_HOUR <= 0 || Registry::get('auditor_user') == 1) { return 1; }
+
+      $session = Registry::get('session');
+
+      $email = $session->get("email");
+
+      $query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_AUDIT . " WHERE email=? AND ts > ? AND action=?", array($email, NOW-3600, ACTION_DOWNLOAD_MESSAGE));
+
+      if($query->row['num'] <= MAX_DOWNLOAD_PER_HOUR) { return 1; }
+
+      return 0;
+   }
+
+
 }
 
 ?>
diff --git a/webui/view/theme/default/templates/message/headers.tpl b/webui/view/theme/default/templates/message/headers.tpl
index 6b240ba8..7f3cfbd7 100644
--- a/webui/view/theme/default/templates/message/headers.tpl
+++ b/webui/view/theme/default/templates/message/headers.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">
 
 <p>
+<?php if($can_download == 1) { ?>
    <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
    <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
diff --git a/webui/view/theme/default/templates/message/journal.tpl b/webui/view/theme/default/templates/message/journal.tpl
index fb743281..e3726860 100644
--- a/webui/view/theme/default/templates/message/journal.tpl
+++ b/webui/view/theme/default/templates/message/journal.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">
 
 <p>
+<?php if($can_download == 1) { ?>
    <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
    <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
diff --git a/webui/view/theme/default/templates/message/view.tpl b/webui/view/theme/default/templates/message/view.tpl
index 8dc771a1..1c8b7a89 100644
--- a/webui/view/theme/default/templates/message/view.tpl
+++ b/webui/view/theme/default/templates/message/view.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">
 
     <p>
+    <?php if($can_download == 1) { ?>
        <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+    <?php } ?>
     <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
        <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
     <?php } else { ?>
diff --git a/webui/view/theme/mobile/templates/message/headers.tpl b/webui/view/theme/mobile/templates/message/headers.tpl
index 609f2a98..9d907de2 100644
--- a/webui/view/theme/mobile/templates/message/headers.tpl
+++ b/webui/view/theme/mobile/templates/message/headers.tpl
@@ -11,7 +11,9 @@
 </div>
 
 <p>
+<?php if($can_download == 1) { ?>
    <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
    <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
diff --git a/webui/view/theme/mobile/templates/message/journal.tpl b/webui/view/theme/mobile/templates/message/journal.tpl
index 993f1440..08328928 100644
--- a/webui/view/theme/mobile/templates/message/journal.tpl
+++ b/webui/view/theme/mobile/templates/message/journal.tpl
@@ -11,7 +11,9 @@
 </div>
 
 <p>
+<?php if($can_download == 1) { ?>
    <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php } ?>
 <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
    <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } else { ?>
diff --git a/webui/view/theme/mobile/templates/message/view.tpl b/webui/view/theme/mobile/templates/message/view.tpl
index f7db4e7a..1539baf6 100644
--- a/webui/view/theme/mobile/templates/message/view.tpl
+++ b/webui/view/theme/mobile/templates/message/view.tpl
@@ -13,7 +13,9 @@
 <div class="messageheader">
 
     <p>
+    <?php if($can_download == 1) { ?>
        <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+    <?php } ?>
     <?php if(SMARTHOST || ENABLE_IMAP_AUTH == 1) { if(Registry::get('auditor_user') == 1) { ?>
        <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-gift"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
     <?php } else { ?>