Just a day ago, a user was able to spoof the listserv into distrbuting his personal message by bouncing the message back to the listserv using ELM mailer. The following is the setup of the List [log in to unmask] * Review= Owner Subscription= Open,Confirm Send= Editor * Notify= Yes Reply-to= List,Ignore * Validate= Store Only X-Tags= No * Confidential=No Stats= Normal,Owner Ack= Yes * Safe= Yes Files= No Mail-via= Dist2 * Errors-To= Owner Default-Options= ShortBSMTP * Auto-Delete= Yes,Full-Auto I believe LISTSERV@PSUVM is using 1.7f version. Somehow Listserv matched the address of the `Editor' from the bounced message and went ahead with distribution. Is there a way to stop this from happening in the future? Perhaps by having a confirmation for editors as well, the same say as the 'Subcription='? Maybe there is such a feature and I'm not aware of it. Please advise. Asim Mughal [log in to unmask] List Owner PNS-L