Folks, what happened finally with Dean's proposal of implementing security (at least authentication and authorization) in the IETF mailing lists? At present, IETF's SPAM filters take the From field of any incoming message, and if the address belongs to a subscriber, they let the message thru. However, in the last days, many SPAM messages received by the SIPPING and SIP mailing lists tried to use real subscriber's email addresses in the From field. It is true that sometimes their guess is wrong. For example, today we received a mail from "camarillo@ericsson.com". If they had used "gonzalo.camarillo@ericsson.com" instead, the message would have passed all our filters. Maybe it is time to reconsider Dean's proposal, before spammers get a little cleverer. Gonzalo