--- ezmlm-web.cgi.orig	2006-01-06 02:46:56.000000000 +0000
+++ ezmlm-web.cgi	2006-01-06 03:41:11.000000000 +0000
@@ -720,7 +720,7 @@
 		my($fh) = $q->param('mailaddressfile');
 		while (<$fh>) {
 			next if (/^\s*$/ or /^#/); # blank, comments
-			if ( /(\w[\-\w_\.]*)@(\w[\-\w_\.]+)/ ) {
+			if ( /(\w[\w\.\!\#\$\%\&\'\`\*\+\-\/\=\?\^\{\|\}\~]*)@(\w[\-\w_\.]+)/) {
 					chomp();
 					push @addresses, "$_";
 				} else {
@@ -736,7 +736,7 @@
 		$address .= $DEFAULT_HOST if ($q->param('mailaddress_add') =~ /\@$/);
 
 		# untaint
-		if ($address =~ m/(\w[\-\w_\.]*)@(\w[\-\w_\.]+)/) {
+		if ($address =~ m/(\w[\w\.\!\#\$\%\&\'\`\*\+\-\/\=\?\^\{\|\}\~]*)@(\w[\-\w_\.]+)/) {
 			push @addresses, "$address";
 		  } else {
 			warn "invalid address to add: $address to $part";
@@ -752,7 +752,8 @@
 	foreach $address (@addresses) {
 
 		($add) = Mail::Address->parse($address);
-		if (($add->address() =~ /^\w[\w_-]*\@/) && !($list->issub($add->address(), $part))) {
+		if (($add->address() =~ m/^(\w[\w\.\!\#\$\%\&\'\`\*\+\-\/\=\?\^\{\|\}\~]*)@(\w[\-\w_\.]+)$/)
+				&& !($list->issub($add->address(), $part))) {
 			# it seems, that we cannot trust the return value of "$list->sub"
 			$list->sub($add->address(), $part);
 			if(defined($add->name()) && $PRETTY_NAMES) {