That sounds pretty much what I am working on although I would like to default disable and then enable spam checking on a per domain basis and then enable/disable on an email address basis. Probably just a matter of proper order. Are you using anything special to maintain the rules database?