We recently had a malicious student attack our system (and the entire network) by signing on to a huge number of distribution lists, hoping to clog up the spool. We were able to get him off many of them by issuing the 'FOR EVILNERD@BUACCA SIGNOFF * (NETWIDE' command, but mail kept pouring in for quite a few even after this. Issuing that command again picked off some more, but I ultimately had to approach the remainder one-by-one, in some cases by contacting the postmasters at the originating nodes to have them take him off themselves. Can anyone tell me why the initial signoff didn't do the whole job? Mark Hayes Systems Programmer Information Technology Boston University