Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1619
Views
6
Helpful
2
Replies

Signed pdf attachment

REJR77
Level 1
Level 1

‎11-25-2020 03:12 AM

Hello,

 

We receive more and more pdf files as attachement that are "signed" with a certificate (Adobe certificate).

The ESA found this file as ENCRYPTED with the AV engine. But we found that they are not really encrypted (just signed) and can be opened with any pdf viewer after releasing. 

How do you manage this type of file which are harmless in the end. 

Can we import a certificate for these file to make the ESA trust the file?

Any idea?

REgards

 

 

 

1 person had this problem
Labels:
2 Replies 2

Libin Varghese
Cisco Employee
Cisco Employee

‎11-30-2020 11:09 PM

The AV engine on the ESA currently does not have an option to import certificates to it.

If there are trusted senders who send such attachments you could add them to a separate incoming mail policy where AV encrypted action is set differently to allow delivery of those emails.

 

Regards,

Libin

0 Helpful

Inuit
Level 1
Level 1

‎05-08-2023 12:51 AM

We are having the same issue. We are receiving PDFs that are signed but not encrypted and it is caught in the filters. This is counterproductive because the business will then ask for the filters to be turned off for certain senders, certain receivers, certain topics, etc. 

There is no need to go into importing certificates. 

Best,
Jan

 

0 Helpful
Customers Also Viewed These Support Documents