Encrypted FormMail

[ambassador]

-------
May 17, 2005

What is the best way to secure or encrypt FormMail to protect the website visitor's information?

Incidentally, this particular HTML form does not ask for credit card numbers or anything that sensitive. The motivation for encrypting the FormMail information is simply to be extra careful with the website visitor's response.

One Possible Scenario:

An SSL page could be used to protect the information path from the website visitor to the hosting account's server. To protect the information path from the hosting account's server back to the website owner's email box, a solution like the PHP command line product could be used.

Is there a less expensive way to protect the server-to-owner information path?

Ambassador
-------

[brian.mark]

Would it be possible for you to use SSL to encrypt the sending, save it on the server and send a link (requiring a login) to view it over SSL? We've done that in the past and it's worked really well.

Another option would be to use PGP to encrypt and decrypt using a known encryption key. Not 100% secure, but then again nothing really is.

Here is a program that claims to be freeware to do email PGP encryption. I've never used it, but it appears it should do what you would need.

http://web.mit.edu/network/pgp.html

Brian.

[ambassador]

-------
May 17, 2005

Thank you Brian. Your suggestion regarding:

Would it be possible for you to use SSL to encrypt the sending, save it on the server and send a link (requiring a login) to view it over SSL?

sounds like it has merit. Is the program/script that enables you to save the FormMail on the server and then login to read it something that you can legally share with me? I know only HTML/XHTML/CSS - not PHP, etc.

Ambassador
-------

[brian.mark]

Is it a Linux server? If so, you could just change the formmail to save a file (using a timestamp or something as the filename with a .html extension), then email a link to that file. Using .htaccess to control access to the file should be sufficient.

Brian.

[ambassador]

-------
May 17, 2005

You are really quick with a response - thank you again!

Regarding:

Is it a Linux server?

Yes. The formmail script being used is NMS FormMail ( http://nms-cgi.sourceforge.net/scripts.shtml ). Can this script do that?


Regarding: "We've done that in the past and it's worked really well."

How are you follks doing it?


Ambassador
-------

[brian.mark]

I'm a programmer at heart, so I overcomplicate everything. We store all the responses using PGP into a database table, then call them back up when an employee asks for a particular submission.

The script you're using has a redirect value available. It doesn't seem to be able to store files, though.

Basically, you'd need to do something like the following:

Edit the following subroutine:

Code:

sub send_main_email_fields {
  my ($self) = @_;
  my $filename = time() . $$;
  open (DUMPFILE, "> /full/path/to/protected/directory/$filename.html");
  foreach my $f (@{ $self->{Field_Order} }) {
    my $val = (defined $self->{Form}{$f} ? $self->{Form}{$f} : '');

    $self->send_main_email_field($f, $val);
  }
  $self->mailer->print("New submission at https://www.servername.com/protected/directory/$filename.html" . $nl);
  close (DUMPFILE);
}

And edit this subroutine as follows:

Code:

sub send_main_email_field {
  my ($self, $name, $value) = @_;
  
  my ($prefix, $line) = $self->build_main_email_field($name, $value);

  my $nl = ($self->{CFG}{double_spacing} ? "\n\n" : "\n");

  if ($self->{CFG}{wrap_text} and length("$prefix$line") > $self->email_wrap_columns) {
    print DUMPFILE qq( $self->wrap_field_for_email($prefix, $line) . $nl );
  }
  else {
    print DUMPFILE qq("$prefix$line$nl");
  }
}

Finally, add a .htaccess and a .htpasswd file and you'd be set.

Please note: I didn't test any of this code, so consider it a rough draft. It should be fairly close, if not working, after making these changes. As ALWAYS, be sure to make a backup of any scripts before working on them, and set them in a test environment (make a test submission page and name the script something else) to work on before making any real changes.

Brian.

[madman2]

encrypt the text that is the form mail data with PGP using the public key part of a private/public key pair. Send it to yourself, who will have the only copy of your private key. only you can read the data.
An compromise of the data will only ever expose the public key..by definition not a problem.

Try looking at pgpsting or it's more recent successors at http://community.wow.net/grt/nsdpgp.html
a server side dll which will handle the encryption for you.