Is it possible for PDF documents to dial home?
Yes it is, at least with Adobe reader products (see here):
In addition to visible links in a PDF document, form fields can contain hidden JavaScript calls that open a page in a browser or silently requests data from the Internet.
How can I tell if a particular pdf does this?
I'm sure there is a way to do this, but I do not know what it is. Possibly the adobe pdf reader would show you what features a particular document uses, but I don't use them so I don't really know. I would argue that the more important question is...
How do I protect myself from a PDF file calling home?
First, I should say that anti-virus scanning is NOT the way to do this. For one thing, "dialing home" is not a virus in a pdf, it's just use of a "legitimate" feature. For another thing, virus scanning is something of a broken security model: a new virus will make it past the scanners every time.
Fortunately, it is possible to disable a number of options such as web links and JavaScript using Reader's preferences (see here for instance, note that the Adobe term "links to the Internet" does not refer to usual hyperlinks like the web has, but actual connections). You probably want to permanently disable internet access and JavaScript: very seldom do you need these features, and they just expose potential problems.
Practically speaking, this is really all you need to do to keep yourself safe.
However...
There have also, over the years, been vulnerabilities discovered in various pdf viewers, making it possible for a specially crafted pdf to do nasty things like execute arbitrary code. There are ways to mitigate this as well: modern versions of adobe reader have a built-in sandbox that you can enable, see here.
Presuming you are running on a system that you keep patched, this is probably not a huge risk. If you need to make extra extra sure, using a virtual machine (like VMWare or VirtualBox). I would suggest this procedure:
- Create a virtual machine and install pdf reader software on it
- Set up a shared folder between the host machine and the virtual machine
- Use this shared folder to copy the pdf files to the virtual machine.
- Shut down the virtual machine, disable it's network and the shared folders
- Take a snapshot of the virtual machine's hard disk state
- re-start the virtual machine and view the pdf files. Since the network and shared files are disabled, there should be no way for anything nasty in the pdf files to get off of the virtual machine.
- when you are finished, shut down the virtual machine, and roll back it's state to the checkpoint. Now anything bad that the pdfs might have done to our virtual machine is gone.
However...
All that being said, it might theoretically be possible for there to be flaws in the vitualization software allowing something extra extra nasty in the pdf file to escape. We were in the realm of extreme paranoia with the virtual machine, IMHO, and we're WAY over the edge now, but for the sake of completeness, an airgapped physical machine would be an even more secure option.
(As Deer Hunter's comment suggests, using physical hardware that is not connected to any network which you destroy afterwards would be even more secure, though we're getting exponentially more paranoid by the minute).