Safe Send Code
Status: Beta
Brought to you by:
domob
File | Date | Author | Commit |
---|---|---|---|
COPYING | 2013-08-29 | Daniel Kraft | [c8d458] Commit initial status from old SVN repository. |
ChangeLog | 2014-12-14 | Daniel Kraft | [69f8f2] Update my GPG key. |
README | 2014-12-14 | Daniel Kraft | [69f8f2] Update my GPG key. |
command.inc.php | 2013-08-29 | Daniel Kraft | [c8d458] Commit initial status from old SVN repository. |
config.inc.php | 2015-10-05 | Daniel Kraft | [675705] Do not explicitly specify --homedir in config. |
email.inc.php | 2013-08-29 | Daniel Kraft | [3047a5] Fix typo. |
gpg.inc.php | 2013-08-29 | Daniel Kraft | [c8d458] Commit initial status from old SVN repository. |
index.php | 2021-06-13 | Daniel Kraft | [eb9d6e] Link to GPG key on domob.eu |
safesend.inc.php | 2013-08-29 | Daniel Kraft | [c8d458] Commit initial status from old SVN repository. |
svnHistory.dump.bz2 | 2013-08-29 | Daniel Kraft | [8faca2] Check in dump of old SVN history. |
SafeSend Readme =============== SafeSend is a small PHP script which provides users with a form where they can submit message texts and optionally upload files. The data sent via this form is then automatically (on the server) encrypted via GnuPG and mailed to the server's administrator. This makes it easy to send sensitive data (like passwords or files) without the risk of clear-text transfer over the net, without the need that each sender installs GnuPG. (Yes, I do receive passwords regularly via plain email!) At least when SafeSend is accessed via HTTPS, the data should never be in transit unencrypted and thus protected against eavesdropping. Originally, this script is written for myself and deployed at https://safesend.domob.eu/. But I think that it may be useful also for others, or if not as a whole, then maybe the simple emailing and GPG routines it includes. (Just take a look at the code if you're developing in PHP and have to send mails with attachments, and possibly encrypt them.) What SafeSend does with submitted form data: * It sends the sender's name, email address, subject and message text as GnuPG encrypted and signed mail to the recipient address specified on installation. * Uploaded files are also encrypted and signed with GnuPG. * If the file is "small enough" (yes, I'm a mathematician), it is sent together with the mail as attachment. * If the file is too large, it will be stored (still in encrypted form) on the server in some special "storage directory" and the stored file name is mentioned in the mail sent. Thus, after receiving the message, you can SSH to the server and fetch the file from there. Installation should be straight-forward. Of course, you're welcome to read and modify the sourcecode (since this is free software); but at a minimum, you have to: * Copy all PHP files to the server's document root. * Edit config.inc.php and adapt the configuration values to your environment. Here, you can for instance specify to which keys messages should be encrypted and with what keys to sign; or to which email address the mails should be sent. And some further stuff. * Edit index.php, and change it to suit your needs. The version provided is the one deployed on my system, but you probably want to edit it. There's not much PHP code involved in this file, though, so this should be easy to do. Good luck! If you have any comments or questions, I'd be happy to help you out; just contact me via email: Daniel Kraft <d@domob.eu> GnuPG: 4096R/0xB2492AC4A7330737 2014-12-11 Daniel Kraft <d@domob.eu> Fingerprint: 1142 850E 6DFF 65BA 63D6 88A8 B249 2AC4 A733 0737 Or just use https://safesend.domob.eu/. ;-) Note that the SSL certificate used by the server is issued by CAcert, which may not be trusted by your browser; so don't panic if you get a certificate warning on accessing the site!