On Thu, 30 Jan 1997 06:36:16 -0600, Randy Vess <[log in to unmask]> wrote: >However, is there a way to restrict who can retrieve the list >header? I find no specific documentation in the Owner's Manual. >I realize he can use an owner address to forge his way onto my list. >So I'm setting the VALIDATE parameter to Yes,Confirm,Nopw to better >secure the list. At least he won't be able to subscribe himself but >this doesn't prevent him from forging a post. It would be preferrable >to secure who can access the header so a subscriber address isn't >readily available. By this I mean an owner's address. There are several situations in which the list header will be sent to someone not a subscriber. The only way to prevent this is to set your list Confidential=Yes. This has the disadvantage of making your list invisible on the worldwide List of Lists, so interested persons can't find you. Not all owners are subscribers to lists they 'own' or manage. Being listed as owner does not subscribe you to the list, that is a separate operation. Some use a different userID for the management functions from regular reading/ posting. You could also set yourself up as editor= and moderator= then set Send= Editor, hold. This would require you (or other owners/moderators, if any) to approve all posts, but this can be a lot of work. Or you could set you own subscription to REVIEW so you would have to OK posts coming from your address. More inconvenient for you when posting but would prevent any spamming. It is a balance between ease of access for all list members, which does leave some slim possibility of access to a determined spammer, or making it so spam-proof that nobody is willing to bother with posting. You have to strike a median position that fits your situation and that you are comfortable with. -- ________________________________________________________________________ Ben Parker ............ (Oak Park IL) .......... [log in to unmask]