A list that allows public posting and strips unnecessary headers is the key. With RiceMail now sending its postings to Mailer via BSMTP, the headers can be rather freely munged at will. Mailer will add its Received: from the actual originator, but this will be promptly stripped back out by Listserv making it look (il)legitimate. If the list is set for private posting then the origin will not match to an existing subscriber, it will be rejected. Of course, they could signup with the bogus From: but the attempt to mail out the subscription notification will bounce to the postmaster or listowner. With that said, there are possibilities of "impersonating" another subscribed user however. But e-mail never has been and probably never will be anywhere near secure. /Jeff/