KPF 2.1.5 Rules for Avast! Proxies

Lots of comments on KPF 2.1.5 here, and I am trying it out based on some dissatisfaction with Sygate, startup problems with KPF 4, and lack of enthusiasm fo ZoneAlarm. Using data from the Kerio/Tiny forum at BBR, went through the forum threads and BZ default and developed a ruleset to use with Avast! web, mail, news scanning proxies. Webshield redirects browser http traffic to 12080. eMail scanner redirects to 12110, 12025, 12143,12119 depending on type of traffic. Things are complicated a little by the use of stunnel to encrypt the output of the email scanner on 11110, 11111, 11025, 11026, 11143 and send it to the appropriate SSL/TLS port of the mail servers for pop3, imap, and gmail. So far KPF 2.1.5 matches well with avast! and is easy to use with just a little practice. Everything works fine, but looking for mistakes, security holes and comments for simplification, plus questions. Also posted at the BBR forum, but they are much less active (although equally opinionated) and not so directly involved.

Part1 modified with BZ comments.

Application rules modified for mistakes and comments

Plus a map of the listeners to worry about