@ and . have no special meaning in HTML, and are not escaped by default:

#!/usr/bin/perl
use strict;
use warnings;
use HTML::Entities qw(encode_entities);

my $str = ".@\n";
print encode_entities($str);
print encode_entities($str, '<>&".@');
__END__
.@
&#46;&#64;
[download]

As the example shows, you can force HTML::Entities to encode them, if you wish.

Note that the only chars that need escaping in HTML are <>&, and " in attributes.