@@ -933,6 +933,13 @@ int recvloop_th(int *socketds, unsigned nsockets, struct cl_engine *engine, unsi

 	logg("Archive support disabled.\n");

     }

+    if (optget(opts, "BlockMax")->enabled) {

+        logg("BlockMax heuristic detection enabled.\n");

+        options |= CL_SCAN_BLOCKMAX;

+    } else {

+        logg("BlockMax heuristic detection disabled.\n");

+    }

+

     if(optget(opts, "AlgorithmicDetection")->enabled) {

 	logg("Algorithmic detection enabled.\n");

 	options |= CL_SCAN_ALGORITHMIC;

@@ -447,6 +447,11 @@ Default: yes

 With this option enabled OLE2 files with VBA macros, which were not detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".

 .br 

 Default: no

+.TP

+\fBBlockMax BOOL\fR

+ Flag files with "Heuristics.Limits.Exceeded" when scanning is incomplete due to exceeding a scan or file size limit.

+.br 

+Default: no

 .TP 

 \fBScanPDF BOOL\fR

 This option enables scanning within PDF files.

@@ -189,6 +189,9 @@ Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).

 \fB\-\-block\-macros[=yes/no(*)]\fR

 Mark OLE2 files containing VBA macros as viruses (Heuristics.OLE2.ContainsMacros).

 .TP 

+\fB\-\-block\-max[=yes/no(*)]\fR

+Flag files with "Heuristics.Limits.Exceeded" when scanning is incomplete due to exceeding a scan or file size limit.

+.TP 

 \fB\-\-max\-filesize=#n\fR

 Extract and scan at most #n bytes from each archive. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option protects your system against DoS attacks (default: 25 MB, max: <4 GB)

 .TP 

@@ -570,6 +570,10 @@ Example

 # Default: 25M

 #PCREMaxFileSize 100M

+# When BlockMax is set, files exceeding the MaxFileSize, MaxScanSize, or MaxRecursion limit will be flagged

+# with the virus "Heuristic.Limits.Exceeded".

+# Default: no

+#BlockMax yes

 ##

 ## On-access Scan Settings

@@ -175,7 +175,6 @@ const struct clam_option __clam_options[] = {

     { NULL, "no-phishing-restrictedscan", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "max-ratio", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "max-space", 0, CLOPT_TYPE_SIZE, MATCH_SIZE, 0, NULL, 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

-    { NULL, "block-max", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMSCAN, "", "" },

     { NULL, "unzip", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "unrar", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     { NULL, "arj", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

@@ -187,6 +186,8 @@ const struct clam_option __clam_options[] = {

     { NULL, "deb", 0, CLOPT_TYPE_STRING, NULL, -1, "foo", 0, OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },

     /* config file/cmdline options */

+    { "BlockMax", "block-max", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, "", "" },

+

     { "PreludeEnable", "prelude-enable", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD, "Enable prelude"},

     { "PreludeAnalyzerName", "prelude-analyzer-name", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_CLAMD, "Name of the analyzer as seen in prewikka"},