Index: mailhandler.admin.inc
===================================================================
diff -u -r1.1.2.13 mailhandler.admin.inc
--- mailhandler.admin.inc	25 Jan 2011 13:52:55 -0000	1.1.2.13
+++ mailhandler.admin.inc	25 Jan 2011 15:14:07 -0000
@@ -7,6 +7,7 @@
 function mailhandler_add_edit_mailbox($form_state, $mid, $clone = FALSE) {
   module_load_include('inc', 'mailhandler', 'mailhandler.retrieve');
   $edit = $mid ? mailhandler_get_mailbox($mid) : array(
+    'mid'  => NULL,
     'mail' => '',
     'mailto' => '',
     'imap' => 0,
@@ -24,11 +25,19 @@
     'delete_after_read' => 1,
     'enabled' => 1,
     'format' => FILTER_FORMAT_DEFAULT,
-    'authentication',
+    'authentication' => 'mailhandler_default',
   );
-  
+
+  // $mid parameter is expected to be a valid mailbox or NULL. If mid is defined
+  // but no mailbox is found for this id, then return a 404, as the only way to
+  // reach this situation is by a wrong link.
+  if ($mid && !$edit['mid']) {
+    drupal_not_found();
+    return;
+  }
+
   if ($clone) {
-    unset($mid);
+    $mid = NULL;
   }
 
   if (empty($edit['folder'])) {
@@ -271,6 +280,14 @@
 
   $info = db_fetch_object(db_query("SELECT mid, mail FROM {mailhandler} WHERE mid = %d", $mid));
 
+  // $mid parameter is expected to be a valid mailbox or NULL. If mid is defined
+  // but no mailbox is found for this id, then return a 404, as the only way to
+  // reach this situation is by a wrong link.
+  if ($mid && !isset($info->mid)) {
+    drupal_not_found();
+    return;
+  }
+
   $form['mid'] = array(
     '#type' => 'hidden',
     '#value' => $mid,
Index: mailhandler.test
===================================================================
diff -u -r1.1.2.1 mailhandler.test
--- mailhandler.test	25 Jan 2011 14:43:11 -0000	1.1.2.1
+++ mailhandler.test	25 Jan 2011 15:16:50 -0000
@@ -131,15 +131,17 @@
     // Try to edit a missing mailbox.
     // @todo: assert it is not working
     $this->drupalGet('admin/content/mailhandler/edit/' . $mailbox['mid']);
+    $this->assertResponse(404, t('Edit missing mailbox returns Not found.'));
 
     // Try to clone a missing mailbox.
     // @todo: assert it is not working
     $this->drupalGet('admin/content/mailhandler/clone/' . $mailbox['mid']);
+    $this->assertResponse(404, t('Clone missing mailbox returns Not found.'));
 
     // Try to delete a missing mailbox.
     // @todo: assert it is not working
     $this->drupalGet('admin/content/mailhandler/delete/' . $mailbox['mid']);
-    $this->drupalPost(NULL, array(), t('Delete'));
+    $this->assertResponse(404, t('Delete missing mailbox returns Not found.'));
   }
 
   /**