Fellow monasterians,

I did some searching around and can't find a complete analysis of my e-mail scenario. Though it is not just about how Perl can or cannot solve my problem, I know the good monks are security freaks and will respond on the side of caution.

My customer wishes to have confidential information collected from their clients, processed on the server, and then e-mailed to their office (their site is on a shared server).

My plan is to have a contact form on their secure site ( they have a certificate from Verisign). The input will then be sent to my Perl script which would normally just validate the input and use Send::Mail to send the input to my client via e-mail.

But even with a secure start to things, once I put it into and e-mail, the security is lost. Right?

Is it even possible to make this last leg of the trip, from the server to my client's e-mail secure? (I'm assuming his POP account would be on the same server).

I thought about encrypting it and storing it in a database. And then through another secure form on their site, they can query the data base and grab what they want. But does make sense, and is it still secure?

Thanks for letting me go a bit OT on this one.

Update: Thanks all for the advice. But any scenario might not be worth the risk. The client is a large counseling center of about 10 psychologists. Even though they won't dispense therapy via e-mail, they wanted some assurance that their clients, in a weak moment, would pass on stuff in an e-mail that HIPAA might have a problem with. I think we stick with the written disclaimer, maybe with an "Agree" button, keep it on the secure server, encrypt it as best we can, write to the db, and 1) let them pull it from the db after receiving a notice that it is there.


—Brad
"Don't ever take a fence down until you know the reason it was put up." G. K. Chesterton

In reply to [OT] E-mail security by bradcathey

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.