diff --git a/Changes b/Changes
index 6b603aa..554458a 100644
--- a/Changes
+++ b/Changes
@@ -1,5 +1,10 @@
 0.28
 
+
+  Create temp files with permissions 0600 (thanks to Robert James Kaes again)
+
+  Fix warning in check_badrcptto plugin (Thanks to Robert James Kaes)
+
   Proper "Log levels" with a configuration option
 
   $Include feature in config/plugins
diff --git a/lib/Qpsmtpd/Transaction.pm b/lib/Qpsmtpd/Transaction.pm
index fbe54a2..5d7d4f1 100644
--- a/lib/Qpsmtpd/Transaction.pm
+++ b/lib/Qpsmtpd/Transaction.pm
@@ -81,7 +81,7 @@ sub body_write {
      -d $spool_dir or mkdir($spool_dir, 0700) or die "Could not create spool_dir: $!";
      $self->{_filename} = $spool_dir . join(":", time, $$, $transaction_counter++);
      $self->{_filename} =~ tr!A-Za-z0-9:/_-!!cd;
-    $self->{_body_file} = IO::File->new($self->{_filename}, O_RDWR|O_CREAT)    
+    $self->{_body_file} = IO::File->new($self->{_filename}, O_RDWR|O_CREAT, 0600)
       or die "Could not open file $self->{_filename} - $! "; # . $self->{_body_file}->error;
   }
   # go to the end of the file
diff --git a/plugins/check_badrcptto b/plugins/check_badrcptto
index e65c247..276015e 100644
--- a/plugins/check_badrcptto
+++ b/plugins/check_badrcptto
@@ -16,7 +16,7 @@ sub check_for_badrcptto {
     return (DENY, "mail to $bad not accepted here")
       if $bad eq $from;
     return (DENY, "mail to $bad not accepted here")
-      if substr($bad,0,1) eq '@' && $bad eq "@$host";
+      if substr($bad,0,1) eq '@' && $bad eq "\@$host";
   }
   return (DECLINED);
 }