Tracked down obscure problem that has cropped up occasionally since the beginning. If AOLserver his hit with a domain name that's not bound to the IP it is listening on, it tries to serve /global/file-not-found but does not call registered preauth filters first. It does call registered procs, though. This results in rp_handler being called, but not rp_filter, and rp_handler dies because it expects rp_filter to have set up ad_conn. My solution is to simply redirect to the URL AOLserver substitutes, without the bogus domain name, which causes the file not found page to be delivered to the user. The calls I saw were GET http://www.google.com to my server's IP - probably a security exploit for IIS or Apache sometime in the deep past.