I applied the patch proposed in (patch #516542)

https://sourceforge.net/tracker/index.php?func=detail&aid=516542&group_id=311&atid=300311

please all: be alert whether as to stripping dangerous html is still fully functional

ChangeLog

@@ -6,6 +6,7 @@ Version 1.2.6 -- CVS
 --------------------
   - Fixed resume draft bug #513521, #514639
   - Newmail plugin: admin can disablethe use of audio (patch #517698)
+  - Fixed quoting problem in safe html (patch #516542)
 	
 Version 1.2.5 -- 22 February 2002
 ---------------------------------

functions/mime.php

@@ -1168,10 +1168,12 @@ function stripEvent( &$i, $j, &$body, $id, $base ) {
                     $src .= $body{$k};
                     $k++;
                 }
+                $k++;
                 while( !isNoSep( $body{$k} ) &&
                        $k < $j ) {
                     $k++;
                 }
+                $k++;
                 if ( strtolower( substr( $src, 0, 4 ) ) == 'cid:' ) {
                     $src = substr( $src, 4 );
                     $src = "../src/download.php?absolute_dl=true&amp;passed_id=$id&amp;mailbox=" .