diff --git a/doc/scripts/DocSourcesList.cmake b/doc/scripts/DocSourcesList.cmake
index 9137066337..cf82618377 100644
--- a/doc/scripts/DocSourcesList.cmake
+++ b/doc/scripts/DocSourcesList.cmake
@@ -266,6 +266,7 @@ rest_target(${psd} policy/protocols/ssl/extract-certs-pem.bro)
 rest_target(${psd} policy/protocols/ssl/known-certs.bro)
 rest_target(${psd} policy/protocols/ssl/notary.bro)
 rest_target(${psd} policy/protocols/ssl/validate-certs.bro)
+rest_target(${psd} policy/tuning/defaults/extracted_file_limits.bro)
 rest_target(${psd} policy/tuning/defaults/packet-fragments.bro)
 rest_target(${psd} policy/tuning/defaults/warnings.bro)
 rest_target(${psd} policy/tuning/logs-to-elasticsearch.bro)
diff --git a/scripts/base/files/extract/main.bro b/scripts/base/files/extract/main.bro
index f9fb9df009..7030cac148 100644
--- a/scripts/base/files/extract/main.bro
+++ b/scripts/base/files/extract/main.bro
@@ -8,8 +8,8 @@ export {
 	const prefix = "./extract_files/" &redef;
 
 	## The default max size for extracted files (they won't exceed this
-	## number of bytes), 100MB.
-	const default_limit = 104857600;
+	## number of bytes), unlimited.
+	const default_limit = 0 &redef;
 
 	redef record Files::Info += {
 		## Local filenames of extracted file.
@@ -54,12 +54,10 @@ function on_add(f: fa_file, args: Files::AnalyzerArgs)
 
 	f$info$extracted = args$extract_filename;
 	args$extract_filename = build_path_compressed(prefix, args$extract_filename);
+	mkdir(prefix);
 	}
 
 event bro_init() &priority=10
 	{
 	Files::register_analyzer_add_callback(Files::ANALYZER_EXTRACT, on_add);
-
-	# Create the extraction directory.
-	mkdir(prefix);
 	}
diff --git a/scripts/policy/tuning/defaults/__load__.bro b/scripts/policy/tuning/defaults/__load__.bro
index ffc760e5f7..fd52f92401 100644
--- a/scripts/policy/tuning/defaults/__load__.bro
+++ b/scripts/policy/tuning/defaults/__load__.bro
@@ -1,2 +1,3 @@
 @load ./packet-fragments
-@load ./warnings
\ No newline at end of file
+@load ./warnings
+@load ./extracted_file_limits.bro
diff --git a/scripts/policy/tuning/defaults/extracted_file_limits.bro b/scripts/policy/tuning/defaults/extracted_file_limits.bro
new file mode 100644
index 0000000000..8e2731b99e
--- /dev/null
+++ b/scripts/policy/tuning/defaults/extracted_file_limits.bro
@@ -0,0 +1,4 @@
+@load base/files/extract
+
+# 100 MB.
+redef FileExtract::default_limit = 104857600;
diff --git a/scripts/test-all-policy.bro b/scripts/test-all-policy.bro
index 63b9b5998c..d6383af38b 100644
--- a/scripts/test-all-policy.bro
+++ b/scripts/test-all-policy.bro
@@ -89,6 +89,7 @@
 @load protocols/ssl/validate-certs.bro
 @load tuning/__load__.bro
 @load tuning/defaults/__load__.bro
+@load tuning/defaults/extracted_file_limits.bro
 @load tuning/defaults/packet-fragments.bro
 @load tuning/defaults/warnings.bro
 @load tuning/logs-to-elasticsearch.bro