/bin/mail is insecure! If $comment can be coerced by the user to contain a tilde at the beginning of the line, you've just handed them a shell!

Bad. Bad.

And don't get me started on $address containing shell-significant characters, which it will if you permit the address to be specified by the user, and you must permit those characters.

In short: Just Say No to /bin/mail for security!

-- Randal L. Schwartz, Perl hacker