Re: Encrypting email

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 21 Apr 2009 08:39:25 -0400, Bob McConnell wrote:

>I have been asked by a product manager what our options are for
>encrypting email messages with sensitive information. We are currently
>using PHPMailer to send email. What can be done to encrypt those
>messages? Can it be done without OOP?
>
>Server configuration:
>  RHEL 5
>  Apache 2.0
>  PHP 5.2.3
>  PHPMailer 1.73

Use S/MIME, and nearly all of your clients will be able to decrypt your
emails. There are a few exceptions: Forté Agent still doesn't handle
S/MIME, and Eudora needs a plug-in to handle it. However, all mainstream
email programs support it directly, without need to install new
software.

You need to generate (or purchase - I prefer generate for free in
OpenSSL) email certificates for encrypting emails, then distribute the
certificates to allow people to decrypt them. Once they have the key,
the emails generally just automatically decrypt when you view them
(depending on the email program). NB: give your clients individual
certificates, and keep the public keys to encrypt the emails to them.

PHP has support for this, and it's easy to use:

http://au2.php.net/manual/en/function.openssl-pkcs7-encrypt.php

Apparently, PHPMailer supports it too so check that out.
-- 
Ross McKay, Toronto, NSW Australia
"Let the laddie play wi the knife - he'll learn"
- The Wee Book of Calvin

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux