Well, you explicitly requested this behaviour with "Validate= All". This tells LISTSERV that it should not act automatically on any request whose origin could have been faked by a hacker. Unless you have privileges on the local system, in which case you can edit the file on LISTSERV's 191, you cannot fake the origin of a CP MSG command. Anybody can send mail "from" any origin, and a lot of people can send network messages with the origin of their choice, therefore the request is forwarded to the list owner for verification. Eric