--SNIP-- >>You should be ensuring that user-submitted newlines can't creep into >>your mail headers (or HTTP headers, for that matter), otherwise header >>injection is possible. --END SNIP-- Speaking of "header injection," see also: http://www.nyphp.org/phundamentals/email_header_injection.php Jeff