On 03/03/16 13:27, John Hardin wrote:
On Thu, 3 Mar 2016, Dianne Skoll wrote:
On Thu, 3 Mar 2016 13:03:44 -0800
Marc Perkel <supp...@junkemailfilter.com> wrote:
Thanks for the response. I'm in the spam filtering business and I'm
wondering what I can use (from the command line?) to detect if a PDF
has any kind of script attached that would be executable. that way I
might block based on what's embedded in a PDF.
There are tools. Google is your friend.
However, many legitimate PDF files contain Javascript snippets. Blocking
solely on that basis will lead to many FPs.
I'd argue the "legitimate" part of that statement... :)
Sounds to me like it should be: block any PDF with
javascript/flash/java with whitelisted bypass.
What sane MTA accepts bare executable attachments from the Internet at
large any more? The same policy should apply to PDFs.
If I could detect java or some other executable inside a PDF then the
message would have to be white or near white before I allowed it to pass.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
