>> You might want to use a UTF-8 encoding when creating the database and >> choose the same on the client end. > > Thank for the pointer.
Also since this is table lookup and AFAIK postfix doesn't have to write anything on it, so you can give SELECT only right. Least privileges are the key... So even if there is a clever guy that found a way to escape and send SQL injection he can never insert something.. end of the game for this guy... /Xavier