Hello Ronald and all others You might be correct with the issue of escape_dangerous_chars but instead of the technic you showed >>open (SM, "|/usr/sbin/sendmail -f rfg $recipient"); I would use open(SM, "|/usr/sbin/sendmail -oi -t") || die "sendmail"; ... print SM "To: $recipient\n"; I think an attacker may cause less harm with this approach even if escape_dangerous_chars is buggy. HC __________________________________________________ Do you Yahoo!? Yahoo! Shopping - Send Flowers for Valentine's Day http://shopping.yahoo.com
