Safe Send Code
Status: Beta
Brought to you by:
domob
Menu
▾
▴
Tree [eb9d6e] master / History
| File | Date | Author | Commit |
|---|---|---|---|
| COPYING | 2013-08-29 |
Daniel Kraft
|
[c8d458] Commit initial status from old SVN repository. |
| ChangeLog | 2014-12-14 |
Daniel Kraft
|
[69f8f2] Update my GPG key. |
| README | 2014-12-14 |
Daniel Kraft
|
[69f8f2] Update my GPG key. |
| command.inc.php | 2013-08-29 |
Daniel Kraft
|
[c8d458] Commit initial status from old SVN repository. |
| config.inc.php | 2015-10-05 |
Daniel Kraft
|
[675705] Do not explicitly specify --homedir in config. |
| email.inc.php | 2013-08-29 |
Daniel Kraft
|
[3047a5] Fix typo. |
| gpg.inc.php | 2013-08-29 |
Daniel Kraft
|
[c8d458] Commit initial status from old SVN repository. |
| index.php | 2021-06-13 |
Daniel Kraft
|
[eb9d6e] Link to GPG key on domob.eu |
| safesend.inc.php | 2013-08-29 |
Daniel Kraft
|
[c8d458] Commit initial status from old SVN repository. |
| svnHistory.dump.bz2 | 2013-08-29 |
Daniel Kraft
|
[8faca2] Check in dump of old SVN history. |
Read Me
SafeSend Readme
===============
SafeSend is a small PHP script which provides users with a form where they
can submit message texts and optionally upload files. The data sent via this
form is then automatically (on the server) encrypted via GnuPG and mailed
to the server's administrator. This makes it easy to send sensitive data
(like passwords or files) without the risk of clear-text transfer over the
net, without the need that each sender installs GnuPG. (Yes, I do receive
passwords regularly via plain email!) At least when SafeSend is accessed via
HTTPS, the data should never be in transit unencrypted and thus protected
against eavesdropping.
Originally, this script is written for myself and deployed at
https://safesend.domob.eu/. But I think that it may be useful also
for others, or if not as a whole, then maybe the simple emailing and
GPG routines it includes. (Just take a look at the code if you're developing
in PHP and have to send mails with attachments, and possibly encrypt them.)
What SafeSend does with submitted form data:
* It sends the sender's name, email address, subject and message text
as GnuPG encrypted and signed mail to the recipient address specified
on installation.
* Uploaded files are also encrypted and signed with GnuPG.
* If the file is "small enough" (yes, I'm a mathematician), it is
sent together with the mail as attachment.
* If the file is too large, it will be stored (still in encrypted form)
on the server in some special "storage directory" and the stored
file name is mentioned in the mail sent. Thus, after receiving
the message, you can SSH to the server and fetch the file from there.
Installation should be straight-forward. Of course, you're welcome to
read and modify the sourcecode (since this is free software); but at a
minimum, you have to:
* Copy all PHP files to the server's document root.
* Edit config.inc.php and adapt the configuration values to your environment.
Here, you can for instance specify to which keys messages should be
encrypted and with what keys to sign; or to which email address
the mails should be sent. And some further stuff.
* Edit index.php, and change it to suit your needs. The version provided
is the one deployed on my system, but you probably want to
edit it. There's not much PHP code involved in this file, though,
so this should be easy to do.
Good luck! If you have any comments or questions, I'd be happy to help you
out; just contact me via email:
Daniel Kraft <d@domob.eu>
GnuPG:
4096R/0xB2492AC4A7330737 2014-12-11 Daniel Kraft <d@domob.eu>
Fingerprint: 1142 850E 6DFF 65BA 63D6 88A8 B249 2AC4 A733 0737
Or just use https://safesend.domob.eu/. ;-) Note that the SSL
certificate used by the server is issued by CAcert, which may not be
trusted by your browser; so don't panic if you get a certificate
warning on accessing the site!