Secure data with canned formmail?

software development

#1

I have set up several forms with the canned formmail script, however I want to set up some forms containing secure information. Excuse my ignorance, but to be safe should I set up a ssl certificate with a sub domain containing these forms to be sent through the canned script, or does it matter?

Thanks for any help,


#2

That’s part of it, but you’d also need to encrypt the email itself (using PGP or S/MIME). Both the original submission of the email, and the subsequent passing of information to you have to be handled securely.


#3

I imagine that the server side passing of information would be set up through our email accounts (which we use through dream host) but as far as the coding goes on the submission form, how would that be set-up? Any help or any points in the right direction would be appreciated as I am new to this field.

Thanks again,


#4

You still have to encrypt the information if you’re sending it via email. To do that, you’d need to use PGP or S/MIME to encrypt the email from the form. There are some hacked versions of formmail which can be setup to do this.

Once you have an SSL site setup, you can simply put your script in the directory for the secure subdomain. BUT - you MUST, still encrypt the sensitive information before sending it over email. Even best case scenario (the email is being sent directly from one of our servers to one of our servers, you’re using SSL to read mail, etc.), you need to do this. Having an SSL site but subsequently transmitting the information insecurely is very misleading (and I’m sure it happens more than you’d think).


#5

Alright, I believe I have found a script suitable to these purposes. So, saying I put this into my SSL sub domain, and reference it in the “post” action, will the receiving email client decipher it auto? Or are there additional steps that need to be taken on the server side?

Thanks again, I’ve never had such quick response from tech support. I will definiteley reccomend dreamhost from here out.

Let me know if you want a testimonial.

-tim shuman


#6

You have to setup PGP on the client side and use it to decode the messages. Using PGP is a bit tricky, and it really does help if you develop at least a basic understanding of encryption. Basically, you need to setup public and private keys on both server side and client side; the program on the server will encrypt the message to you (using the client side’s public key), which can then be decoded using the private key and your passphrase. Most email clients don’t have built in PGP support - you’ll generally need a plugin. Keep in mind that if you’re receiving these emails on your personal computer, it’s important to keep that machine secure as well - someone who compromises this machine could log your keystrokes and thus obtain your passphrase as well as your private key.

You might want to take a look at:
http://www.pgp.net/pgpnet/pgp-faq/

This is not an “easy” solution, although it is probably easier than some of the other solutions for this sort of thing. Depending on what you’re trying to do, you may want to see if there’s some sort of outsourced / third party solution which will let you do what you want without having to deal with all of this stuff.

You’ll also want to make sure that the script you’re using can’t be abused by spammers to send messages through our servers.