diff --git a/src/sbbs3/email.cpp b/src/sbbs3/email.cpp
index fab6d0c31b4d38ff6b98fa8534e50ab51335c527..7fab27db6f07be627e279fc866af064a4f3f69d6 100644
--- a/src/sbbs3/email.cpp
+++ b/src/sbbs3/email.cpp
@@ -8,7 +8,7 @@
  * @format.tab-size 4		(Plain Text/Source Code File Header)			*
  * @format.use-tabs true	(see http://www.synchro.net/ptsc_hdr.html)		*
  *																			*
- * Copyright 2015 Rob Swindell - http://www.synchro.net/copyright.html		*
+ * Copyright Rob Swindell - http://www.synchro.net/copyright.html			*
  *																			*
  * This program is free software; you can redistribute it and/or			*
  * modify it under the terms of the GNU General Public License				*
@@ -125,6 +125,11 @@ bool sbbs_t::email(int usernumber, const char *top, const char *subj, long mode)
 
 
 	if(mode&WM_FILE) {
+		if(!checkfname(title)) {
+			bputs(text[BadFilename]);
+			remove(msgpath);
+			return(false);
+		}
 		sprintf(str2,"%sfile/%04u.in", cfg.data_dir,usernumber);
 		MKDIR(str2);
 		sprintf(str2,"%sfile/%04u.in/%s", cfg.data_dir,usernumber,title);
@@ -133,28 +138,26 @@ bool sbbs_t::email(int usernumber, const char *top, const char *subj, long mode)
 			remove(msgpath);
 			return(false); 
 		}
-		{ /* Remote */
-			xfer_prot_menu(XFER_UPLOAD);
-			mnemonics(text[ProtocolOrQuit]);
-			sprintf(str,"%c",text[YNQP][2]);
-			for(x=0;x<cfg.total_prots;x++)
-				if(cfg.prot[x]->ulcmd[0] && chk_ar(cfg.prot[x]->ar,&useron,&client)) {
-					sprintf(tmp,"%c",cfg.prot[x]->mnemonic);
-					strcat(str,tmp); 
-				}
-			ch=(char)getkeys(str,0);
-			if(ch==text[YNQP][2] || sys_status&SS_ABORT) {
-				bputs(text[Aborted]);
-				remove(msgpath);
-				return(false); 
+		xfer_prot_menu(XFER_UPLOAD);
+		mnemonics(text[ProtocolOrQuit]);
+		sprintf(str,"%c",text[YNQP][2]);
+		for(x=0;x<cfg.total_prots;x++)
+			if(cfg.prot[x]->ulcmd[0] && chk_ar(cfg.prot[x]->ar,&useron,&client)) {
+				sprintf(tmp,"%c",cfg.prot[x]->mnemonic);
+				strcat(str,tmp); 
 			}
-			for(x=0;x<cfg.total_prots;x++)
-				if(cfg.prot[x]->ulcmd[0] && cfg.prot[x]->mnemonic==ch
-					&& chk_ar(cfg.prot[x]->ar,&useron,&client))
-					break;
-			if(x<cfg.total_prots)	/* This should be always */
-				protocol(cfg.prot[x],XFER_UPLOAD,str2,nulstr,true); 
+		ch=(char)getkeys(str,0);
+		if(ch==text[YNQP][2] || sys_status&SS_ABORT) {
+			bputs(text[Aborted]);
+			remove(msgpath);
+			return(false); 
 		}
+		for(x=0;x<cfg.total_prots;x++)
+			if(cfg.prot[x]->ulcmd[0] && cfg.prot[x]->mnemonic==ch
+				&& chk_ar(cfg.prot[x]->ar,&useron,&client))
+				break;
+		if(x<cfg.total_prots)	/* This should be always */
+			protocol(cfg.prot[x],XFER_UPLOAD,str2,nulstr,true); 
 		safe_snprintf(tmp,sizeof(tmp),"%s%s",cfg.temp_dir,title);
 		if(!fexistcase(str2) && fexistcase(tmp))
 			mv(tmp,str2,0);
diff --git a/src/sbbs3/writemsg.cpp b/src/sbbs3/writemsg.cpp
index c8a1cf87bd0f063ed982afbe7399efc7e93bc4f8..c4dc83dea078ef1d294eb18374c9b274bbc80186 100644
--- a/src/sbbs3/writemsg.cpp
+++ b/src/sbbs3/writemsg.cpp
@@ -392,6 +392,11 @@ bool sbbs_t::writemsg(const char *fname, const char *top, char *title, long mode
 			free(buf);
 			return(false); 
 		}
+		if((mode&WM_FILE) && !checkfname(title)) {
+			free(buf);
+			bputs(text[BadFilename]);
+			return(false);
+		}
 		if(!(mode&(WM_EMAIL|WM_NETMAIL)) && cfg.sub[subnum]->misc&SUB_QNET
 			&& !SYSOP
 			&& (!stricmp(title,"DROP") || !stricmp(title,"ADD")