What I usually do is first use the user-id part of the user's address to do
a QUERY search.  If that fails, then I GET the whole list.  E.g., if
[log in to unmask] is the mystery user, I'll do a QUERY listname FOR JOE*@*
(notice the use of the two "*" wildcards).  Often the true subscribed
address has the same beginning characters as the bounced address you're
trying to track down.
 
If this fails, then I use GET to obtain all subscriber addresses,
concealed and unconcealed.  BTW, I believe the word LIST has to be in that GET
command, e.g.
 
   GET PSYCHE-D LIST (NOLOCK
                ^^^^
 
-- Roger Burns   [log in to unmask]