Although Exchange Server is harden out of the box, however there’re still a few things that you should consider doing to further limit the possibility of something like trying to attach a really large file, say perhaps someone trying to share a DVD home video .ISO with their friends and coworkers. It all begins with "reasonable" size limits. So the question everyone asks is "what is reasonable?" The answer is that your mileage will certainly vary with your hardware, drive space, number of users, availability requirements, etc. For Exchange 2007, the typical size limits we see are in the range of 10-30 MB. There are business cases where larger messages are required. However, not all hardware is equally equipped to handle it.
Full Article: Exchange Team blog