No problem with that approach. I had planned to do something like that for nodes that change their names (both NADs having to confirm the command). The only problem is that there are lists (the ones with the various high-security keywords) for which this will not work. To change the AFD, password validation is required as a rule (the prolog-text can contain a password when LISTSERV is used as a "feed" for another LISTSERV, or similar file server). If user A has an AFD at some site, he already has a password, so no problem. But if he has another password at a different site, he may need to do the command twice, or to specify the two passwords (as in 'PW=myfirstpw,myotherpw,yetanotherone'). Also, user B would need to get himself a password to confirm all of this, etc. All this nonsense is not the fault of the user, but of LISTSERV and of the network (which provides near-zero security). The problem is that the LISTSERVs cannot trust each other any more than they can trust a user. The rule is that anything LISTSERV@A is allowed to ask LISTSERV@B to do, a hacker that can fake addresses must be able to do directly; this way, faking the address of LISTSERV@A doesn't give him any benefit over faking the address of his target. I plan to change this in a future version, but this requires a major design change and it cannot be done quickly. This is the reason why I am delaying the implementation of this kind of things. Eric