Due to the increase in spam/virus posts to xemacs lists, and the fact that the source often seems to be a member of the XEmacs Review Board or some Internet icon, the only way to filter is by body inspection. We've been doing this on a limited basis for a while, but the Klez H virus makes increased snoopiness essential. See analysis at URL: http://www.symantec.com/avcenter/venc/data/w32.klez.h＠mm.html. (Thanks to Chuqui Rospach.) We're looking at "real" virus scanners, but installation and configuration is non-trivial, and they also require constant attention as viruses mutate. These inspections are complex and therefore bug-prone. For your information in posting, I describe the current and possible future restrictions. If you think your post may have gotten lost, feel free to write the List Administrators <list-manager(a)xemacs.org&gt;. The following restrictions are now in effect: 1. Header inspections which quarantine or immediately discard common offenders, and any messages containing 8-bit content in the headers. (MIME encoded-words are fine; this means raw 8-bit content which is forbidden by the RFCs in message headers.) 2. Messages with Content-Type text/html are quarantined. This test has yet to show a false positive in about 100 posts quarantined. 3. All MIME multipart bodies are inspected. We quarantine posts with attachments, regardless of MIME type (if I get this right, bugs in IE mean that almost any media type can get executed if it has an executable extension) with filenames of the form *.{exe,pif,bat,scr,doc,asp,wab,xls,mpg,mpeg,mp3,rtf} 4. Please also avoid the phrases "downline", "millionaire", "Nigeria", "national tv", "legitimate business", and "I send you this file in order to have your advice". These posts are quarantined. "Quarantined" means they go into a bitbucket that I look at and empty every week or so. I'm not terribly careful about it, either (so far I've caught three false positives in about 4000 spams, so the incentive is very low). I doubt any of the above restrictions will cause a problem, but the Klez H virus also uses the extensions .htm, .html, .gif, .jpg, and .jpeg. If necessary we'll add them to the scan. This could cause problems with dumb MUAs and visual bug reports. We apologize for the inconvenience, both in the past from spam that got through and in the future from these restrictions. -- Institute of Policy and Planning Sciences http://turnbull.sk.tsukuba.ac.jp University of Tsukuba Tennodai 1-1-1 Tsukuba 305-8573 JAPAN Don't ask how you can "do" free software business; ask what your business can "do for" free software.