a customer needs to receive credit card numbers via email from website visitors if i setup an SSL cert, a CGI form-to-mail script and some PGP encryption for the email transmission, would those be acceptable security measures?
Not really. Why do you have to receive the credit card numbers via email? Why not send them directly to the payment gateway over SSL and not even keep a record of the CC numbers?
It is specifically forbidden by all card issuers (Visa/MC/Amex, etc), regardless of what encryption or other security you use. The best options is as suggested to process them through a payment gateway. Otherwise the only other method is to store them in a database encrypted. However, doing this then requires to be compliant with PCI security standards - https://www.pcisecuritystandards.org/.