Disable Unzip Feature
There should be a configuration option to disable the "unzip feature" (or zip file processing) completely (as in, the file is never checked to see if it is a zip file and no action is taken based on that extension). It chews up a lot of memory and if you're running it on an older server with users uploading large zip files it can cause server crashes.
There is a configuration option to set the number of files extracted from a zip file "unzip_attachments_count". Set it to 0