hello yutaka, i recently discovered a security flaw which is related to the delegate permission control allthough using a filter like FCL="sslway ..... -Vrfy" , when running in master mode , clients which are rejected by the ssl-layer, still cause delegate to open a connection to a destination server , this can and has been used to accomplish ddos . the FCL should reject the connection establishment to an arbitrary server , before rejecting the ssl handshake . in case you need log files for forensik analysis, i will post them. for now, i strongly recommend everyone to shut down delegate master services until this one is fixed :-) greetz from germany :-)) martin papapadopoulos