Hallo nochmal,
dies las ich bei
http://gunther.web66.com/FAQS/taintmode.html
--------------------
The way around this problem is to clear the PATH environment variable so that Perl can trust that the
     command passed as a system call is an absolute path to a command instead of being part of the search
     path.

You might ask "What is unsafe about the path?". Historically, path's are considered unsafe because if
     there are multiple versions of an executable, it is difficult to tell which one is actually being executed. If
     there is a bug in one of the versions, then this can pose a security hazard.

Basically, before doing a system call, clear the PATH by issuing a statement like the following

$ENV{"PATH"} = "";

Note, this does not just apply to the system() call. It also applies to opening up files with the | symbol
     (which executes a command) or using backticks `` to execute an external command. Of course, now you
     will need to call the command using an absolute path.
------------------

meine frage dazu wäre noch,
was ist die genauere path angabe für den system aufruf "open (MAIL, "|$mailprog -t") || &Dead(); " ?

Gruss vom Alain