Well, you explicitly requested this  behaviour with "Validate= All". This
tells LISTSERV that it should not  act automatically on any request whose
origin could have  been faked by a hacker. Unless  you have privileges on
the local system, in which case you  can edit the file on LISTSERV's 191,
you cannot  fake the origin  of a CP MSG  command. Anybody can  send mail
"from" any origin, and a lot of people can send network messages with the
origin of  their choice, therefore the  request is forwarded to  the list
owner for verification.
 
  Eric