XGP sends and receives encrypted data via regular internet email. Its intended usage is to
replicate data. It can send or receive a whole directory (and all its subdirectories) at once.
It uses GNUPG, the successor to PGP, as its cryptographic engine, to provide the maximum amount of data protection possible.
XGP has been designed for automated, unattended operation. It is perfect for securely duplicating a large quantity of data, every night, over the internet.
XGP uses SMTP to send and POP3 to receive, and thus will work with most systems
and internet accounts.
XGP works in either client or server mode - the same single program does both.
XGP also sports a manual mode, a cleanup function, and full logging.
- This program is LICENSED SOFTWARE and may not be copied or distributed without prior written permission of the author.
- As this software works as a client and server, installing and using this software on two machines simultaneously is explicitly permitted.
- Please see the license agreement included with the software for the complete terms and conditions of use of the software.
- requires Windows 9X/NT4/2K/XP
- XGP requires four third-party programs. These are:
- BLAT, a program used to send mail to the server
- GETMAIL, a program used to retrieve mail from the server
- GPG, a program used to encrypt and decrypt the database
- WinRAR, a program used to compress and decompress the database.
XGP is not packaged with these products, and they will need to be installed separately.
These products have their own licensing arrangements, which are summarised as follows (correct at time of publication):
- BLAT is free.
- GETMAIL costs US 50.
- GPG is free.
- WinRAR costs EU 33.
- run the self-extracting distribution archive; extract to a directory of your choice
- install BLAT, GETMAIL, GPG and WinRAR. BLAT is not required on client installs; GETMAIL is not required on server installs.
Note: a client install is where XGP is configured to receive data from a copy of XGP elsewhere. A server install is where XGP is configured to send data to a copy of XGP elsewhere.
XGP is controlled with an INI file, which may contain the settings below. Some settings are not needed, depending on whether XGP acting as a client or as a server.
| setting | meaning | example |
|---|
general settings |
| logfile | the full name and path of the file in which to log activity | c:\xgp.log |
| winrarpath | the full path to WinRAR | c:\progra~1\winrar\ |
| gpgpath | the full path to GNUPG | c:\gnupg\ |
| gpguid | the GNUPG User ID used to encrypt the data | mygpgid |
server settings |
| smtpserver | the sender's SMTP server | smtp.yourdomain.com |
| sourcedir | the full path of the directory to send | c:\outbound |
| fromaddress | the email address of the sender | xgp-out@yourdomain.com |
| recipientaddress | the email address of the receiver | xgp-in@yourdomain.com |
| subjectline | the subject line of the email containing the data | XGP encrypted email |
client settings |
| pop3server | the receiver's POP3 server | mail.yourdomain.com |
| pop3user | the username of the reciever's POP3 account | xgp-in |
| pop3pw | the password to the reciever's POP3 account | |
| targetdir | the full path of the directory to receive the files | c:\inbound |
| overwrite | set to YES to overwrite any files in the target directory | |
To execute XGP, type the following at the command prompt:
XGP
If XGP is to be used repeatedly, the above command should be placed in a batchfile.
The installation benefits from:
- icon for manual execution (so user can force a check of the mailbox)
- icon for logfile (so user can see recent activity)
- remote logfile monitoring (to proactively monitor for and detect errors)
Troubleshooting:
- GPG will not decrypt without both public and secret keys for a given recipient
- GPG may report 'unable to locate keyring' if attempting to encrypt without first generating a secret key
- XGP will (may?) report 'bad command or filename' if START.EXE is not on the system (eg. under NT4). If decompression fails but no errorlevel is reported, check that START.EXE is on the system. NT4's internal START command is not available to 16-bit DOS programs, and so START.EXE must be used.
Error-handling:
If gpg fails, the extracted cryptfile is left lying around on disk (it may fail because the cryptfile is corrupt). Also, if winrar fails, the cryptfile is left lying around on disk (it may fail because the RARfile is corrupt).
Each time XGP starts it checks for the extracted cryptfile and the cryptfile, and removes them if they exist. In the meantime (eg. in between runs) they can be used for debugging.
If the GPG file (the "cryptfile" in logfile jargon) is left lying around, XGP will attempt to process it. If it finds errors it will rename it to time_date.err (where date and time are the current date and time).
Note: on NT4, longfilenames are not supported and so the erroneous cryptfile ends up being called time.err. The filename itself has random numbers inserted in order to reduce the chances of a duplicate filename.
Notes:
The logfile will contain details about any errors reported. It should be monitored regularly.
- does not support long filenames
- FTP support
- nodelete option, to permit multiple clients to obtain the same message
- debug mode
| January 2003 | 0.01 | initial development |
| January 2003 | 0.02 | |
| January 2003 | 0.03 | |
| January 20, 2003 | 0.04 | added logging |
| August 15, 2003 | 0.05 | bugfix, added manual mode |
| December 29, 2004 | 0.06 | added cleanup function, enhanced logging |
| June 2, 2005 | 1.07 | improved configurability, commercial release |
|