[clug] Linux email server that strips down attachments?

[Hugh Fisher]

For a change of topic from the impending doom of CLUG…

Is there, or could there be, a Linux email server that strips all the
code and interactivity from incoming attachments while leaving the
content readable?

I'm now in my second job working with mostly non-technical folk, and
I'm seeing a lot of attachments being emailed around, mostly DOCX
(Microsoft Word) and PDFs. Now the first reaction of anyone who
follows the regular stories about phishing and malware spread through
email is "Nooo! Don't do that!" and trying to convince people to
change their ways.

Which I've come to recognise won't work. A lot of people write emails
in Word format because Word is their usual writing tool, just a a lot
of hackers read and write email within Emacs. And PDFs are usually the
best way to send around reports, design proposals, anything where the
appearance needs to be evaluated. Banning attachments is not
realistic.

However, these documents are not being emailed around for editing.
Office 365, Google Docs, Dropbox, whatever, are well established for
collaborative work. At least 95% of the time the recipient just needs
to read them, nothing else.

So, I imagine that these organisations would be considerably more
secure with an email server that examined and stripped down all
incoming attachments. Use the Libre Office code to take apart the
DOCXs and PDFs. Strip out every macro and embedded font, every
fragment of Javascript or Visual Basic, even hyperlinks. Re-assemble
as a pure read-only document and send it on.

Doable?


-- 

        cheers,
        Hugh Fisher