Submission + - Automatically sanitising PDF email attachments
supachupa writes: It seems the past couple of years that spearfishing is getting very convincing and it is becoming more and more likely someone (including myself) will accidentally click on a PDF attachment with malicious javascript embedded. It would be impossible to block PDFs as they are required for business. We do disable javascript on Adobe reader, but I would sleep a lot better knowing the code is removed completely.
I have looked high and low but could not find a cheap out of the box solution or a "how to" guide for automatically neutralising PDFs by stripping out the javascript. The closest thing I could find is using PDF2PS and then reversing the process with PS2PDF.
I wonder if any of you slashies have worked a solution for this that is not too complex, works preferably at the SMTP relay, and can work with ZIPed PDFs as well, or otherwise have some common sense advice for dealing with this so that once its in place, there is no further action required by myself or by users.
I have looked high and low but could not find a cheap out of the box solution or a "how to" guide for automatically neutralising PDFs by stripping out the javascript. The closest thing I could find is using PDF2PS and then reversing the process with PS2PDF.
I wonder if any of you slashies have worked a solution for this that is not too complex, works preferably at the SMTP relay, and can work with ZIPed PDFs as well, or otherwise have some common sense advice for dealing with this so that once its in place, there is no further action required by myself or by users.
