Here is the script.
I wrote this script because the gpgsend.php script was not a seamless as I would have liked. I wanted any email sent from my web forms or applications to be encrypted if possible. Using SSL to deliver sensitive data to a website is only half the job. The other half is getting the data to the person who needs it without letting it become compromised.
The GnuPG encryption package provides very effective protection of data like email messages, so I got it installed and working as a first step. The next problem was figuring out how to allow the web server to send email when it runs under the 'nobody' account with heavy restrictions. I discovered that if I could wrap the call to sendmail, I could have this wrapper check for an available key based on the email address and encrypt just prior to sending an email.
The script requires the following packages to work:
- Perl version 5 or higher
- The Apache webserver
- Either CGIwrap or Apache configured for SuExec to allow the webserver to run particular scripts as your user.
- And last but not least GnuPG itself to handle the encryption.
I am not going to describe how to get each of these packages installed, but once they are each working independantly, the steps to get the GPGsend script working are fairly trivial.