CounterMail Secure Forms

If you have a CounterMail premium account, you can create secure Contact forms/Order forms using a customized web address. When the user submits the form it will end up as an PGP-encrypted email inside the form owner's Inbox. It requires basic knowledge of HTML to get our Secure Forms working on your own website.

Technical description

Client side
Server side
Client fills out the form and clicks Submit-button
Web browser initiates SSL encryption against https://countermail.com -->
<-- Server confirms SSL encryption against client browser
Web browser sends the form fields -->
1. Server checks:
-owner ('user'-field) is a premium account
-owner has activated Secure Forms
-owner has not reached the limit (60 req/hour)
-If field 'Email' is sent, estimate if it's a valid email address

2. Merge all fields and encrypt with PGP, with owner's public key

3. Add a random delay, between 20 - 2000 milliseconds

4. Send email to owner from our webserver, the client
IP-address will never be visible/stored in the email

<-- Send response (OK/Error) or redirect to redir-page/success page
Web browser receives the result, this is normally
some form of "Thank you"-page


Required form fields:
form post action  = https://countermail.com/forms/cm_form.php
user     = the form owner, which is your countermail address OR your member alias address
subject  = "your own email subject text"
success  = your own success text, for example: "Thanks for your request!"
redirect = Full URL to your own page (if you don't want to use the 'success'-field), all
           FORM-fields will be forwarded to your own redirect page, so you can process them as you want

IMPORTANT!:
-To activate our Secure Forms you must go to your Account / Settings / Personal information and
click on Activate incoming form-post mails
-By using "-" as the first or last character in the INPUT NAME field you can skip extra
new lines and Field subjects.
-There is a limit of 60 requests per hour

Example 1

user = enter your countermail address or alias to test this form
*
*this should be type='hidden' in Live mode

Your own form fields:
E-mail:*

If you use a form-field called "Email" it will be checked if it's a valid address and then used as the senders address

Name:

Address:


Zipcode:

State:

City:

Country:



Source from Example 1:

Example 1 will produce this email-body:


Example 2

user = enter your countermail address or alias to test this form
*
*this should be type='hidden' in Live mode

Your own form fields:
E-mail:*

If you use a form-field called "Email" it will be checked if it's a valid address and then used as the senders address

Name:

Address:


Zipcode:

State:

City:

Country:


Source from Example 2:

Example 2 will produce this email-body:


Last update

Apr 23, 2014

News

2014-04-10

Info about the Heartbleed-bug. Read more

2014-02-17

Added FAQ: How do I create good passwords?

2014-02-14

Temporarily problem on database server. Fixed

2014-01-30

Changed spam flag to minimize false Spam classifications. Read more

2014-01-27

Updated CounterMailPortable. Read more

2013-12-27

Bugfixes and Updated Offline Login and more. Read more

2013-12-19

Updated our Tools page. Read more

2013-12-02

Added Quota warnings. Read more

2013-10-22

Changed new public keysize to 4096 bits.

2013-07-23

New USB routine. Read more

2013-05-01

Changed Trial account period to 7 days

2013-03-24

Opened up our XMPP chat server.

2013-03-17

Added new Support-system and a new FAQ

2013-02-01

Updated Java info page

2013-01-12

Added MacOS support for our USB-key

2012-12-20

Added Countermail Portable for Windows

2012-12-09

Added Safebox feature

2012-08-28

Scheduled Maintenance - August 30, 13:00 GMT. Servers will be down for approx. 2-3 hours.

2012-05-31

Added subfolder creation.

2012-03-22

Applet and Certificate update

2012-03-10

Added Wire transfer payment

2012-01-01

Third party IMAP-clients need to clean their cache. Read here.

2011-10-25

Added Domain Panel for all domain administrators

2011-08-24

Added quick search

2011-08-02

Added default Compose-alias

2011-07-17

Added new session option for TOR/VPN/Proxy-surfing. Settings/Personal info - Lock IP-address

2011-06-08

Added iPhone information

2011-05-10

Added message filters

2011-04-30

Updated alias function

2011-02-15

Added new white theme

2011-01-07

Added email notification

2010-12-06

Added more server-side SPAM protection

2010-12-01

New Compose window

2010-11-20

Added instructions for Android phones

2010-10-17

Added new feature:
Secure Forms

2010-05-24

Opened up for all !

2009-11-21

Open website for Beta-testers

2009-05-19

Installed our primary login and database servers

2009-05-16

Comodo Usertrust certified our company for Java applet code signing

2008-05-11

Domain name registration. Official start of the project.