diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php
index db0b157e8b..508a2e4151 100644
--- a/app/extensions/extension_edit.php
+++ b/app/extensions/extension_edit.php
@@ -91,6 +91,9 @@ else {
 			$dial_string = check_str($_POST["dial_string"]);
 			$enabled = check_str($_POST["enabled"]);
 			$description = check_str($_POST["description"]);
+
+		//remove spaces
+			$vm_mailto = str_replace(" ", "", $vm_mailto);
 	}
 
 //delete the user from the v_extension_users
@@ -620,7 +623,6 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 			$number_alias = $row["number_alias"];
 			$password = $row["password"];
 			$vm_password = $row["vm_password"];
-			$vm_password = str_replace("#", "", $vm_password); //preserves leading zeros
 			$accountcode = $row["accountcode"];
 			$effective_caller_id_name = $row["effective_caller_id_name"];
 			$effective_caller_id_number = $row["effective_caller_id_number"];
@@ -656,6 +658,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		unset ($prep_statement);
 	}
 
+//clean the variables
+	$vm_password = str_replace("#", "", $vm_password);
+	$vm_mailto = str_replace(" ", "", $vm_mailto);
+
 //set the defaults
 	if (strlen($limit_max) == 0) { $limit_max = '5'; }
 	if (strlen($call_timeout) == 0) { $call_timeout = '30'; }
diff --git a/app/voicemails/voicemail_edit.php b/app/voicemails/voicemail_edit.php
index 20c961c758..0c3e82f518 100644
--- a/app/voicemails/voicemail_edit.php
+++ b/app/voicemails/voicemail_edit.php
@@ -53,17 +53,20 @@ else {
 	$referer_path = check_str($_REQUEST["referer_path"]);
 	$referer_query = check_str($_REQUEST["referer_query"]);
 	if (count($_POST)>0) {
-		$voicemail_id = check_str($_POST["voicemail_id"]);
-		$voicemail_password = check_str($_POST["voicemail_password"]);
-		$greeting_id = check_str($_POST["greeting_id"]);
-		$voicemail_mail_to = check_str($_POST["voicemail_mail_to"]);
-		$voicemail_attach_file = check_str($_POST["voicemail_attach_file"]);
-		$voicemail_local_after_email = check_str($_POST["voicemail_local_after_email"]);
-		$voicemail_enabled = check_str($_POST["voicemail_enabled"]);
-		$voicemail_description = check_str($_POST["voicemail_description"]);
+		//set the variables from the HTTP values
+			$voicemail_id = check_str($_POST["voicemail_id"]);
+			$voicemail_password = check_str($_POST["voicemail_password"]);
+			$greeting_id = check_str($_POST["greeting_id"]);
+			$voicemail_mail_to = check_str($_POST["voicemail_mail_to"]);
+			$voicemail_attach_file = check_str($_POST["voicemail_attach_file"]);
+			$voicemail_local_after_email = check_str($_POST["voicemail_local_after_email"]);
+			$voicemail_enabled = check_str($_POST["voicemail_enabled"]);
+			$voicemail_description = check_str($_POST["voicemail_description"]);
+		//remove the space
+			$voicemail_mail_to = str_replace(" ", "", $voicemail_mail_to);
 	}
 
-if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
+if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 
 	$msg = '';
 	if ($action == "update") {
@@ -198,6 +201,9 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		unset ($prep_statement);
 	}
 
+//remove the spaces
+	$voicemail_mail_to = str_replace(" ", "", $voicemail_mail_to);
+
 //set defaults
 	if (strlen($voicemail_attach_file) == 0) { $voicemail_attach_file = "true"; }
 	if (strlen($voicemail_local_after_email) == 0) { $voicemail_local_after_email = "true"; }