barry wrote: > I've added a note that you should never use no-arg .sub() on strings > that come from untrusted sources. if adding a note to the specification really helped, my servers logs wouldn't be full of findmail.pl requests, and our mail filters wouldn't catch quite as many outlook worms ;-) </F>