[Description of mailing a script to a shell on sendmail-based systems deleted.] This "sort of attack" was the basis for the Morris Internet Worm which attracted (inter)national attention a few years back (I always preferred the term "Trojan Horse") This "feature" of sendmail and some other Unix-based mailers was well documented and, frankly, I am astounded that any person who collected a paycheck as a security officer for Unix systems would not know about this. In fact, one of the ironies of the Morris incident was that Morris used a feature which was actually well known in the Unix community and for which the security implications were also well known. Sean McLinden