I would like to thank you for all the help.
I have tryed to implement the security stuff you guys talked about, some of it I could not get to work or find the documentation, So here is my new script! Any major holes in this one? 
#!/usr/bin/perl -Tw

#warnings and taint mode now enabled 

use CGI; 
use strict; 
$CGI::POST_MAX=1024 * 500; # max 500k post
$CGI::DISABLE_UPLOADS = 1; # No uploads

print "Content-type:text/html\n\n";

my $temp;
$temp = "$ENV{'QUERY_STRING'}";
$temp =~ tr/\/A-Za-z0-9_.-//dc;
$temp =~ s/\.+\///g;
if(  $temp =~ m#(^.+\.{1}?\w+)#  ) {
    $temp= "../www$1";
} else {
    dienice "Invalid template file name...";
}

#you may now use the CGI methods. 

my ($query) = new CGI;
my (@values, $key, $i, @fary);

foreach $key ($query->param) {
$i = $query->param($key);
if ($key =~ /required/i) {if ( ($i eq "") && ($i == "") ) {failure();}
+}
}

open(INF, "< $temp") or dienice("Cant open $temp");
seek(INF,0,0); @fary = <INF>; close (INF);

foreach $key ($query->param) {
@values = $query->param($key);
   foreach $i (@fary) {$i =~ s/\[$key\]/@values/g;}
}

my $mailprog = '/usr/lib/sendmail';
open (MAIL, "|$mailprog -t") or dienice("Can't access $mailprog!\n");
foreach $i (@fary) { print MAIL "$i"; }
close (MAIL);

my $url = $query->param('success');
print "<Meta HTTP-EQUIV=\"Refresh\" CONTENT=\"0;URL=$url\">\n\n";
print "<a href=\"$url\">If you are not forwarded in 5 seconds, please 
+click here.<\/a>";

exit;

sub failure {
my $url = $query->param('failure');
print "<Meta HTTP-EQUIV=\"Refresh\" CONTENT=\"0;URL=$url\">\n\n";
print "<a href=\"$url\">If you are not forwarded in 5 seconds, please 
+click here.<\/a>";
exit;
}

sub dienice {
my($errmsg) = @_;
my($webmaster) = 'webmaster@mydomain.com';
print <<Eof;
<html><head><title>Error!!</title></head><body>The error was $errmsg</
+body></html>
Eof
exit;
}

[download]

In reply to Second hack at Secure Mailer by SilverB1rd

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.