as an example of how bad this tainted email can be. Try this. (I assume you are *nix since you are using sendmail)

#!/usr/bin/perl -w
use strict;
my $email = '; cat /etc/passwd';

open (MAIL, "| /usr/lib/sendmail $email");
[download]

You should never use a piped open with tainted data.


ichimunki's suggestion of Mail::Sendmail.pm is excellent also Mail::Sender.pm is very good.
Check out Ovid's excellent tutorial on "Web Programming with Perl" It points out many of the security holes your script has.

grep

grep> cd pub grep> more beer [download]