We have run into a problem with a subscriber (the first of what I'm sure will turn out to be many) whose ISP has begun using challenge messages to verify a sender's address, thereby reducing spam. The program being used is very poorly designed; it sends the challenge messages to us, the list owners, directing us to a Web site where we can verify the list address--but it doesn't identify the address of the subscriber whose ISP is issuing the challenge. Nor does it identify the subscriber's ISP. Neither of us owners has done this yet, and we don't want to have to start doing it, because we soon could be responding to many challenges each day. (And how long will it be until spammers start sending fake challenge messages to get people to go to their Web site?) We have been corresponding with someone at turbonet.com, where the challenges are issued, and he tells us that we can easily fix the problem by changing our configuration so that the return path is the list address itself--the same address that the subscriber sends posts to (that way it would automatically be whitelisted). Since it reads owner-copyediting-l, he says, the challenge software won't whitelist copyediting-l. Can that be done? He tells me that he's done it to the lists that he manages. Is anyone else dealing with this problem? If we aren't going to be told which address is creating the challenge, so that we can either delete the subscriber or tell him/her to take care of the problem on that end, then we're going to keep getting those challenge messages for every post that goes out from the list--and as far as I'm concerned, that's spam right there! Thanks for your input. (And I have a detailed response from the challenge guy if anyone would like to read it.) Jane