diff --git a/program/include/main.inc b/program/include/main.inc
index 77074a0bd..c279f3012 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -643,7 +643,7 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '')
 function rcmail_xss_entitiy_decode($content)
 {
   $out = html_entity_decode(html_entity_decode($content));
-  $out = preg_replace('/\\\([a-z0-9]{4})/ie', "chr(hexdec('\\1'))", $out);
+  $out = preg_replace('/\\\([0-9a-f]{4})/ie', "chr(hexdec('\\1'))", $out);
   $out = preg_replace('#/\*.*\*/#Um', '', $out);
   return $out;
 }
diff --git a/program/include/rcube_mail_mime.php b/program/include/rcube_mail_mime.php
index 4669c4c53..c86be499b 100644
--- a/program/include/rcube_mail_mime.php
+++ b/program/include/rcube_mail_mime.php
@@ -141,7 +141,7 @@ class rcube_mail_mime extends Mail_mime
         $value = trim($value);
 
         //This header contains non ASCII chars and should be encoded.
-        if (preg_match('#[\x00-\x1F\x80-\xFF]{1}#', $value)) {
+        if (preg_match('/[\x80-\xFF]{1}/', $value)) {
           $suffix = '';
           // Don't encode e-mail address
           if (preg_match('/(.+)\s(<.+@[a-z0-9\-\.]+>)$/Ui', $value, $matches)) {
@@ -160,9 +160,9 @@ class rcube_mail_mime extends Mail_mime
             default:
             // quoted-printable encoding has been selected
             $mode = 'Q';
-            $encoded = preg_replace('/([\x3F\x00-\x1F\x80-\xFF])/e', "'='.sprintf('%02X', ord('\\1'))", $value);
-            // replace spaces with _
-            $encoded = str_replace(' ', '_', $encoded);
+            // replace ?, =, _ and spaces
+            $encoded = str_replace(array('=','_','?',' '), array('=3D','=5F','=3F','_'), $value);
+            $encoded = preg_replace('/([\x80-\xFF])/e', "'='.sprintf('%02X', ord('\\1'))", $encoded);
           }
 
           $value = '=?' . $params['head_charset'] . '?' . $mode . '?' . $encoded . '?=' . $suffix;