A short while ago, I received a LISTSERV spamming alert from another site. The reported spammer was "[log in to unmask]". This is the return address on messages carrying the Hybris virus. This virus infects Windows 95/98/NT systems, intercepts all network traffic, scans for strings which appear to be email addresses, and sends copies of itself to those addresses. The envelope sender (return-path) address is always null and the "from" address is always "[log in to unmask]". To prevent the distribution of the virus through your lists, add "[log in to unmask]" to the FILTER_ALSO keyword in go.user. Your list owners may receive some of the bounces, but your lists will be protected. -- Paul Russell Senior Systems Administrator University of Notre Dame