If the data submitted as the text message content is never handled in a way that causes some process to "interpret" it, then taint checking is a moot point. So, you can insert the content into a database field, if the SQL insert is done like this: 
my $sth = $dbh->prepare("insert into my_table (mail_text,sender,recip)
+ values (?,?,?)");
$sth->execute( $message_text, $from, $to );

[download]
(updated the snippet so it makes a little more sense)

That's the easy way of avoiding an "SQL injection attack" -- the use of the "?" placeholder will cause DBI to pass the text content to the database safely without further ado.

As for actually sending the email, there's Mail::Send and others that implement the sending of mail as a matter of printing the text to a file handle, avoiding any possibility that your mail server might misinterpret the text as executable commands or whatever. (Update: I've never used Net::SMTP... it looks pretty low-level, and you might need to watch for things like lines of text that start with "From " -- I don't know.)

As for what might happen to the email recipient, that's another matter... Maybe you're just dealing with "trusted" users who won't be doing stupid or hazardous things like pasting in arbitrary binary data, viral attachments, etc. If it's suitable to your app, you might consider among choices like: allow only ASCII, or only utf8, maybe disallow things that look like embedded MIME headers... I don't actually know what all would be prudent/appropriate in this regard.

In reply to Re^2: How do I go about validating a e-mail message field? by graff
in thread How do I go about validating a e-mail message field? by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.