I have been playing with Site and Content rules and would like some clarification on some issues. First off, my original setup just had the default allow rule and I would manage access to the internet based on Protocol Rules. I also am publishing an Exchange 2000 server (working) and have other protocol rules for things like NTP, FTP, DNS, etc. Now I have been asked to provide access to one website for everyone, but still limit access to the rest of the internet based on group membership. My first thought was hey no problem, I will modify the protocol rule for http so that the domain users group has access, modify the default allow rule in Site and Content so that the InternetUsers group is the only group that is allowed unrestricted access and create a new Site and Content rule specifically for the website that everyone is allowed to. When I finished all this, my exchange server was no longer able to send any mail externally. I discovered that this was because the default allow rule in Site and Content was now set to be applied only to the InternetUsers group. Since the exchange server publishing rules are based on client address sets, the exchange server was no longer authorized to connect out. So my question is, if I step away from having just the default allow rule in Site and Content, do I then have to configure Site and Content rules for each protocol rule that is based on different Applies to rules? Thanks ____________________________ Jeff Bevans Microsoft Systems Administrator Kal Tire 2501 - 48th Ave Vernon, BC V1T 6N6 Ph. (250)558-3200 ext. 375 Cell. (250)503-6621 jeff_bevans@xxxxxxxxxxx