To the best of my knowledge, the ATTACHMENTS= keyword is a list configuration keyword, not a site configuration keyword, and there is no site configuration keyword that provides the same functionality on a site-wide basis. On the other hand, the FILTER_ALSO keyword in the site configuration file applies to every message processed by LISTSERV, regardless of how the message is addressed or how individual list owners have configured their respective lists regarding attachments. I have seen several hundred copies of the Hybris virus in the past several weeks, and most, if not all of them had "[log in to unmask]" as the return address. I did not suggest that you could block every version of every virus by adding this address to the FILTER_ALSO keyword in your site configuration file, however, it does appear to be the quickest, easiest, most cost-effective way to block what appears to be a common version of a current virus. There are, of course, other ways to address this problem. You could block most copies of this version of this virus by configuring LISTSERV to reject messages in excess of 400 lines. Unfortunately, there is no way to do this on a site-wide basis without using an obsolete site configuration keyword. You could block most copies of this version of this virus by configuring the LISTSERV server's SMTP service to reject messages in excess of 30 KB, however, you must be sure that the limit applies only to inbound messages, or you may find that you have blocked large digests and other large files sent by LISTSERV in response to requests from list owners and subscribers. You could block most copies of this version of this virus by implementing content filters for the LISTSERV server's SMTP service, however, this could have an impact on system performance and may violate some sites' privacy policies. You may be able to block this and other virii by installing and using virus-protection software with up-to-date virus signature files. This could be classified as content filtering, but I doubt that you will find much opposition based on that argument. In the long run, this may be the most effective way to deal with virus problems, however, you may want to take stop-gap measures to provide some degree of protection until the virus-protection software can be installed. -- Paul Russell Senior Systems Administrator University of Notre Dame