Let's start with Outlook Express, TCP - outgoing, local endpoint - any, application - OE msimn.exe, remote endpoint-any, port type-list of ports 25,110,119,143, rule valid-always, permit. Then the very next rule for OE is TCP & UDP - both directions, any port, msimn.exe, any address, any port, always permit. That's it for Outlook Express. Now the Avast email scanner rule is TCP outgoing,any port, ashmaisv.exe, any address, any port, always, permit. That rule is below the Outlook rules. That's it for me and I am stealth. Hope you can decipher the post & I hope it helps.