Charlie was explaining to Irwin, | Welcome to the need for...THE PROBE. Not a superhero, not a medical | procedure, ... nor a model of Ford. | Basically, you want to send mail to either a subset, or | your entire distribution list, with separate messages to each address | coded in some way (I just place the address I'm sending to in the first | line of the body; some sooper-sekret code, eh?) so you know when you get | the bounce that is header-useless what address bit the big'un. Putting the target address in the first line of the body works when the mystery bounces return the text (or at least the beginning of the text). Usually they will return some or all of the text, so that will do the job in most cases, but sometimes they don't. You have to look at the mystery bounces for something from the rejected message that comes back in it (and there are some seriously non-compliant mailers out there that won't tell you anything about the rejected message at all). Sometimes there is no body returned, but the subject of the rejected message its Message-Id: is there. You have to make sure that the target address is in a place that the bad mail transport will send back to you. What do you do when there's absolutely nothing? If your system allows suffixing addresses, you can send out each probe From:, Reply-To:, and From_ (if you can set envelope information) yourusername+codestring@your.site (or yourusername-codestring@your.site if the suffixing there is with hyphens instead of plus signs), and then you can tell which member is unreachable by which suffixed address receives the mystery bounce. Either use the member's address (with any @ sign changed to something else, like = or &) as the codestring or keep a table of each probed address and the string you've assigned to that member. (These are called VERPs, or variable envelope reply paths. ezMLM, for example, automatically uses something like listname-owner-user=dom.ain -- where user@dom.ain is the member getting that copy -- as the envelope sender of each recipient's copy of every post or digest.) If the other end returns absolutely nothing that you can include in the probe and if you set VERPs up either, try to gauge the timing on the bounces. If they come back very quickly, try probing one address per, say, half hour until the bounce happens. Finally, if that isn't possible either, draft a letter explaining to members that you're really sorry about this, but there's a bouncing problem on the list that can't be tracked down in any of the usual ways, and they're going to get a number of these probe messages. If they get them, that means that they aren't the problem, and they should just ignore them; there's no need to reply. Then ... 1. If there are a group of addresses you believe you can narrow it down to, send probe #1 to them; otherwise, send probe #1 to half the list. 2. If probe #1 generated a mystery bounce, eliminate everyone who wasn't sent #1; if #1 didn't bounce, eliminate everyone who was sent #1. Then send probe #2 to half the remaining people. 3. If #2 bounced, eliminate everyone who wasn't sent #2; if #2 didn't bounce, eliminate the people who were sent #2. Then send probe #3 to half the remaining people. And keep doing that until you're down to one person. I had a situation once where Prodigy was sending bounces with no information from the rejected message: no original address that it was for, no Received: headers, no subject, no text, just the invalid Prodigy address, which was not on the list rolls! Apparently someone was forwarding the list to that Prodigy account. I could tell from the frequency that it happened only to digests, not to individual posts; also, the list had a sublist that about 5% of members belonged to, and posts to the sublist (which was not available as a digest) didn't generate the mystery bounces. The only help was that Prodigy was respecting the envelope sender addresses and directing the bounces there. But I couldn't use VERPs on that system, so I had to use what few envelope sender addresses were available: my personal logname, the list's submission address (the list was moderated, so if a bounce came there, it wouldn't go out to the members as a post; besides, the bounces matched ^FROM_DAEMON, so SmartList would have caught them anyway), the -request address, and, well, let's just say I had four others at my disposal. So I took the 1220 digest-mode readers who were not on the sublist, divided them into seven groups of 174 or 175, and sent the seven versions of the first probe. When I saw the address to which the bounce was sent, I knew which of the seven groups the bad address was in, so I divided those 175 people into seven groups of twenty-five and sent the seven versions of the second probe. That narrowed it to twenty-five people, whom I divided into seven groups of three or four addresses each. The third probe pinpointed four people, and the fourth probe caught the perp. It was not fun, and three members in good standing had to be bugged all four times, but it got the job done. I was on a list where a worse thing happened. A disgruntled member deliberately set up forwarding only of list posts and not of those by the listowner to an invalid email-to-fax address that would bounce back to the poster instead of the listowner. The listowner kept insisting that he couldn't find a problem (it never happened on *his* posts, after all). Although the bounces came to individual authors, we knew they were for list posts because the fax gateway returned the subject line (but not the address that had forwarded the post to it). The listowner finally had to subscribe a dummy address, mark the list moderated so that any real posts coming in would not be affected, take half the members off the list temporarily, and send a probe *to*the*list* (after all, this was done out of malice and was not affecting mail directly to the malefactor's address), and see if it bounced. Then it was a matter of cutting the remaining suspects in half again and again until the jerk was caught (and putting the list back the way it was and sending out any posts that came in during the hunt). At least the bounces came fairly quickly, so it didn't take long.