Okay... this scares me. I enabled POP3 logging and started checking it and decided in a big hurry that I didn't like the log output as it gives me one more thing to make sure outside users (crackers) can't get hold of. Assuming I don't have any unusual settings involved in creating my log file, I have to ask if this is correct output: "ns1.domain.tld" "domain.tld" "10.0.0.10" "2002-07-10 17:04:51" "user" "password" The above is what I get where ns1.domain.tld is my actual name server, domain.tld is my actual domain name w/ extension, 10.0.0.10 is the IP address from which the account was checked, the date/time is as I found it, user is the actual username and password the actual password. I can see some uses for such a log file, but is it possible without much trouble to encrypt the password or eliminate it completely from this file? It seems the potential issues that could come of this would outweigh the benefits. (The only real benefit I see to being able to check the logs to see what user/pass were used are to correct users who are mistakenly using an incorrect password...) JayD - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]