Jim, > ..of course, you could set up a content filter to drop anything like > "http://&#";, since no self-respecting business would be trying to sneak > around your spam filters, would they? I'm writing something that does just this. It also treats links with your email address in with some suspicion. Also, it decodes the email into words and then checks the validity of each word against a database of known words (some 400,000!). If the ration of bad/good words is aboe a certain threshold in either subject or title it bins the email. Also checks for invalid HTML (no </body> </html> tags etc, then for invisible text etc etc. Seems to pick out about 95% of what our GFI server is missing (with the latest list of keywords I grabbed from this list!) Bri