diff --git a/app/handle-event.go b/app/handle-event.go
index 653c6a9..8082537 100644
--- a/app/handle-event.go
+++ b/app/handle-event.go
@@ -62,7 +62,7 @@ func (l *Listener) HandleEvent(msg []byte) (err error) {
 		return
 	}
 	// check permissions of user
-	accessLevel := acl.Registry.GetAccessLevel(l.authedPubkey.Load())
+	accessLevel := acl.Registry.GetAccessLevel(l.authedPubkey.Load(), l.remote)
 	switch accessLevel {
 	case "none":
 		log.D.F(
diff --git a/app/handle-message.go b/app/handle-message.go
index 83d3ec0..5d2400c 100644
--- a/app/handle-message.go
+++ b/app/handle-message.go
@@ -28,16 +28,16 @@ func (l *Listener) HandleMessage(msg []byte, remote string) {
 	if t, rem, err = envelopes.Identify(msg); !chk.E(err) {
 		switch t {
 		case eventenvelope.L:
-			log.D.F("eventenvelope: %s", rem)
+			log.D.F("eventenvelope: %s %s", remote, rem)
 			err = l.HandleEvent(rem)
 		case reqenvelope.L:
-			log.D.F("reqenvelope: %s", rem)
+			log.D.F("reqenvelope: %s %s", remote, rem)
 			err = l.HandleReq(rem)
 		case closeenvelope.L:
-			log.D.F("closeenvelope: %s", rem)
+			log.D.F("closeenvelope: %s %s", remote, rem)
 			err = l.HandleClose(rem)
 		case authenvelope.L:
-			log.D.F("authenvelope: %s", rem)
+			log.D.F("authenvelope: %s %s", remote, rem)
 			err = l.HandleAuth(rem)
 		default:
 			err = errorf.E("unknown envelope type %s\n%s", t, rem)
diff --git a/app/handle-req.go b/app/handle-req.go
index 4f6da2f..90ea92c 100644
--- a/app/handle-req.go
+++ b/app/handle-req.go
@@ -24,9 +24,7 @@ import (
 	"utils.orly/pointers"
 )
 
-func (l *Listener) HandleReq(msg []byte) (
-	err error,
-) {
+func (l *Listener) HandleReq(msg []byte) (err error) {
 	var rem []byte
 	env := reqenvelope.New()
 	if rem, err = env.Unmarshal(msg); chk.E(err) {
@@ -43,7 +41,7 @@ func (l *Listener) HandleReq(msg []byte) (
 		}
 	}
 	// check permissions of user
-	accessLevel := acl.Registry.GetAccessLevel(l.authedPubkey.Load())
+	accessLevel := acl.Registry.GetAccessLevel(l.authedPubkey.Load(), l.remote)
 	switch accessLevel {
 	case "none":
 		if err = okenvelope.NewFrom(
diff --git a/pkg/acl/acl.go b/pkg/acl/acl.go
index 623ed38..4bae0db 100644
--- a/pkg/acl/acl.go
+++ b/pkg/acl/acl.go
@@ -28,10 +28,10 @@ func (s *S) Configure(cfg ...any) (err error) {
 	return err
 }
 
-func (s *S) GetAccessLevel(pub []byte) (level string) {
+func (s *S) GetAccessLevel(pub []byte, address string) (level string) {
 	for _, i := range s.ACL {
 		if i.Type() == s.Active.Load() {
-			level = i.GetAccessLevel(pub)
+			level = i.GetAccessLevel(pub, address)
 			break
 		}
 	}
diff --git a/pkg/acl/follows.go b/pkg/acl/follows.go
index d1c6c49..43668e9 100644
--- a/pkg/acl/follows.go
+++ b/pkg/acl/follows.go
@@ -116,7 +116,7 @@ func (f *Follows) Configure(cfg ...any) (err error) {
 	return
 }
 
-func (f *Follows) GetAccessLevel(pub []byte) (level string) {
+func (f *Follows) GetAccessLevel(pub []byte, address string) (level string) {
 	if f.cfg == nil {
 		return "write"
 	}
diff --git a/pkg/acl/none.go b/pkg/acl/none.go
index 37b915f..12ed710 100644
--- a/pkg/acl/none.go
+++ b/pkg/acl/none.go
@@ -8,7 +8,7 @@ type None struct{}
 
 func (n None) Configure(cfg ...any) (err error) { return }
 
-func (n None) GetAccessLevel(pub []byte) (level string) {
+func (n None) GetAccessLevel(pub []byte, address string) (level string) {
 	return "write"
 }
 
diff --git a/pkg/interfaces/acl/acl.go b/pkg/interfaces/acl/acl.go
index dbf6883..25d9748 100644
--- a/pkg/interfaces/acl/acl.go
+++ b/pkg/interfaces/acl/acl.go
@@ -22,7 +22,7 @@ const (
 type I interface {
 	Configure(cfg ...any) (err error)
 	// GetAccessLevel returns the access level string for a given pubkey.
-	GetAccessLevel(pub []byte) (level string)
+	GetAccessLevel(pub []byte, address string) (level string)
 	// GetACLInfo returns the name and a description of the ACL, which should
 	// explain briefly how it works, and then a long text of documentation of
 	// the ACL's rules and configuration (in asciidoc or markdown).