Since my last message I've been experimenting on the Walter Shelby Group WWW server. http://www.tile.net/tile/listserv I've been sending fake subscriptions and postings to EDTECH. Result: You can subscribe anyone you like at any address and name the person anything you want. It the list has open subscriptions, it goes right through. From the List Owner's perspective, you can't tell it didn't come directly from the person (no indicators at all that I can see.) The person subscribed gets 3 notifications from EDTECH -- the Listserv standard, the EDTECH Welcome, and an "output of your job" notice. From one of my non-owner accounts I subscribed various addresses at different nodes. Every one went through, as if the person had done it him/her self. I also tried a posting (saying it was from someone other than the account I was using to log into the WWW). Also went straight through to the moderator, looked almost exactly as it it had come from the account I said it had come from. (There was a reply line buried deep in the header that did give the correct sender address, but I believe Listserv would have ignored that.) I can't express how much I hate this, as I can see how easy it would be to create trouble. It appears that you could also get around moderated lists using this, though I haven't tested that yet. So certainly our "jokesters" may be using this site for some of their deeds. Is there any way we could convince the Walter Shelby Group to put in more security? Vickie Banks EDTECH Owner -- H-NET Technical Assistance [log in to unmask]