I have a 8mb limit for each files and 64mb in total for an upload. up to now I have avoided png as it creates larger files onto my server than jpg does.
regarding below formats, what should one avoid or what format can create harm if uploaded? I'm thinking formats like gz,.rar,.tar,.tgz,.zip who could contain malicious files
Well, if you're on a dedicated machine you'll want to make sure any malware scanner or virus definitions on the machine are up to date regularly which should scan all of your attachments (including any archive extensions which are not password protected).
Its up to you to set whatever file limitations you'd like; I offer programs and often have software creators on one of my forums which use archives to include program files or multiple files so we allow .gz/.rar/.tgz/.zip which are common web archive formats.
If you don't see the need to support .pdfs, don't support it.
As for .png and .jpg/,jpeg; you asked which formats apple devices produce by default, those are .jpeg (images) and .png (screen shots).