Regardless of mailbox size and some other general practices; the problems with virus writers and hackers is: they don't play by the rules. It is always a good idea to limit mailbox sizes so that users can't overload the mail server via their pack rat mail habits, Me included.

However; mail servers can crash in other various ways such as when NDRs fill the drive. What's an NDR? Non-deliverable crap basically, and I have seen methods of using NDR to attack mail servers, whether deliberate or just coincidence? NDRs for Exchange are dumped into a bad mail folder under the mail root and virtual machine name, bad mail folder. It's a good idea to check this often or write some script to empty this folder once a day because there are attacks that will fill that puppy up in a few days, and since the default is the windows root drive, the OS and thus Exchange CRASH. In fact it crashes hard because we all know what happens when the OS drive fills to capacity and it won't stop until it's completely full, down to the last few KBs.

I am no Exchange guru, but in this case I do not know of a method built into Exchange 2k or lower that validates what is in the bad mail folder and deletes it. I just delete the hell out of it because default mail queues will try and deliver mail for 2 days before dumping it there. So it’s gone when I get a hold of it.

This is one way to bring a mail server to its knees. Are you experiencing issues with your server?