Maintaining integrity of input is often facilitated by: 1 - Performing syntax checks of ALLOWABLE sequences and rejecting all others 2 - Associating a source to all input, a level of trust to the source, and treating the input from less trusted sources more carefully. 3 - Associating input with its purpose and treating it appropriately to the purpose. [FLAME ON] Note that the sendmail implementations have failed repetedly because instead of checks for ALLOWABLE sequences, they have checks for NOT ALLOWED characters, and they allow input for one purpose to be used for another purpose. Since when do we have email addresses with `|;{(*&'?, return and newline in them? For that matter, why should we allow for inputs with 8-bit bytes, ^D, ^Z, or other control, meta, or escape characters. These are not legitimate email address components and should not be permitted for this purpose. Note also that the reason we are asked to use post in httpd (and have all the other problems associated therewith) is that we don't have commonly used input filters on shell scripts. I still use the so-called unsafe httpd input methods, but the attacks don't seem to work because I restrict syntax to [a-zZ-Z0-9_.!@%] or some other appropriate thing before running it through the shell scripts. Hope this fuels the fire a bit. [FLAME OFF] FC