I probably should have sent this to the developer list to begin with...
-------- Original Message ---------
There's a little bug in the way addresses are handled. It shows up, for
example, if someone sends you an email from:
"lastname, firstname" <handle@...>
When you try to reply, squirrelmail tries to send mail to
as well as handle@... This is OK most of the time, it just
bounces harmlessly, but there's a small chance that it could end up at
an unintended recipient, which is bad.
I may have fixed the problem, please take a look at the attached patch
and let me know. By way of explanation, there are three small changes:
First, in compose.php (around line 113) don't strip quotation marks from
the email address. You don't need to because:
Second, in compose.php (around line 176) send the email address in
single quotes rather than double quotes.
Third, in strings.php (around line 77) strip pairs of quotation marks
and the text between them from the address.
Hope this helps, it seems to work OK for me.