The files can't just be emailed, they have to be stored on the server.
If you want to store the files elsewhere in a location that you can secure, you can customize the upload location using custom code. There are hooks for both the file upload location and the file permissions set on uploaded files.
Here is documentation on the gform_upload_path hook:
Here is documentation on the gform_file_permission hook:
Just keep in mind the tighter you lock down the file paths, that means they won't be accessible when linked from the notification emails and may not be accessible via the admin when you view the file from the entry detail. That is why currently they aren't locked down tight, it makes accessing them via the admin and email notifications difficult. To get to the files a person would need to guess the correct path and file name which is unlikely in most situations.
Posted 9 years ago on Tuesday July 19, 2011 | Permalink