WordPress.org

Plugin Directory

Test out the new Plugin Directory and let us know what you think.

WP PGP Encrypted Emails

Signs and encrypts emails WordPress sends using PGP keys. Provides OpenPGP functions via WordPress plugin API.

WP PGP Encrypted Emails automatically signs and encrypts any email that WordPress sends to your site's admin email address or user email addresses after you give it a copy of the recipient's PGP public key or generate a signing keypair to use. This protects your user's privacy by ensuring that emails intended for them can be read only by them and them alone. Signing helps your users verify that email they receive purporting to be from your site actually was sent by your server.

Donations for this and my other free software plugins make up a chunk of my income. If you continue to enjoy this plugin, please consider making a donation. :) Thank you for your support!

Plugin features:

  • Automatically sign and encrypt all email your site sends.
  • Configure outbound signing: sign email sent to all recipients, or just savvy ones.
  • Per-user encryption keys; user manages their own encryption keys.
  • Compatible with third-party contact form plugins.
  • Full interoperability with all OpenPGP implementations.
  • Options to enforce further privacy best practices (e.g., removing Subject lines).
  • Visitors can encrypt their comments using an author's public key.
  • Fully multisite compatible.
  • Works transparently out-of-the-box; no binaries to install or configure.
  • Always FREE, replacing paid email encryption "upgrades" and subscription fees. (Donations appreciated!)

The plugin works transparently for all email your site generates, and will also sign and encrypt outgoing email generated by other plugins (such as contact form plugins) or the built-in WordPress notification emails. All you have to do is add one or more PGP keys to the General Settings screen. Each user can opt to also remove envelope information such as email subject lines, which PGP cannot encrypt. There is no longer any need to pay for the "pro" version of your favorite contact form plugin to get the benefit of email privacy.

Additionally, each of your site's users can supply their own, personal public key for their own email address to have WordPress automatically encrypt any email destined for them. (They merely need to update their user profile pages.) Once saved, all future emails WordPress sends to that user will be encrypted with their public key.

The encrypted emails can be decrypted by any OpenPGP-compatible mail client, such as MacGPG, GPG4Win, or Enigmail. For more information on reading encrypted emails, generating keys, and other uses for OpenPGP-compatible encrpytion, consult any (or all!) of the following guides:

For developers, WP PGP Encrypted Emails provides an easy to use API to OpenPGP operations through the familiar WordPress plugin API. As a developer, you can use this plugin's simple filter hooks to build custom PGP-based encryption functionality into your own plugins and themes. See the Other Notes page for details.

Security Disclaimer

Security is a process, not a product. Using WP PGP Encrypted Emails does not guarantee that your site's outgoing messages are invulnerable to every attacker, in every possible scenario, at all times. No single security measure, in isolation, can do that.

Do not rely solely on this plugin for the security or privacy of your webserver. See the Frequently Asked Questions for more security advice and for more information about the rationale for this plugin.

Requires: 4.4 or higher
Compatible up to: 4.7.3
Last Updated: 2 months ago
Active Installs: 200+

Ratings

4.8 out of 5 stars

Support

1 of 1 support threads in the last two months have been marked resolved.

Got something to say? Need help?

Compatibility

+
=
Not enough data

0 people say it works.
0 people say it's broken.

100,1,1
100,1,1 100,1,1