On 16 Feb 00, at 10:24, Mike Yuhas quoted from Risks: >However, there is a more serious vulnerability here: infinite loops >between two or more closed lists. > >If an attacker forges the originating address of a closed list that sends >back automated rejection notes to another closed list that sends back >automated rejection notes, then each forged message will generate a >mailstorm as a function of the speed of the servers in sending bounce >messages to each other. Listserv is RFC1123 compliant and bounces with a null "return-path" that it won't bounce to if it's also on the receiving end. Right? -Kary