Ok, so if you want a repository, I'll set up, merge the lists and make it available via ftp.

I suppose that we need catagories?

sex

html

gambling

How should the list(s) be organized so that we can understand and edit them?

A general Keyword List list doesn't exactly mean every user would want to use it, or use it as is. the nice thing is any user could edit it, just using the General Keyword Filter Lsit as a basic Starting point. As I read through other post on this forum it seems to be a common question of new users, on "suggestions" and "examples" of other users keyword List. Also it is a good point that many of us have no clue what RegEx are, or how to write them. which is why a general list would be great.

The point of who decides what should be block is deteremined by all the support users of the list, basically saying that if you find an error, because of the latest release containing the word "a" for some reason (possible in error), an it is blocking emails that are legit then a user suggest to have that remove in the next release, this doesnt mean they can remove it in the current realease they have.

In Short, the General List would just provide an up-to-date example that other users have found to work well.

You being a commercial ISP, you should already know that 98% of these kinds of bulk mail ads are scams. Anyone foolish enough to think that they will actually get a bigger penis or real mortgage re-finance loan from some spammer that is sending thousands of spam from some foreign country using a fake email address is just plain stupid. I find it crazy that with all the news of the scams and fraud anyone thinks this crap is real. The only ones that profit from SPAM are the spammers who turn around and sell the email address's that are verified by dummies who actually clink on the links.
Besides if your clients really want this crap, just put them in the "unfiltered list" and they can have it. Just remember that those who allow SPAM to continue are part of the problem. Since I have been blocking SPAM using this program over the last 30 days, I have not had one person ask for SPAM, quite the contrary, I have had nothing but happy clients. Having owned my ISP since 1995, I have seen SPAM grow from a minor nuisance to a major problem.
If ISP's would do their job and use Reverse DNS properly and not continue to allow SPAMMERS a free pass, this would not be such a big problem. But because most ISP's would rather get the almighty $$$ then lose a client(Spammer) this will continue to be a problem.
The biggest problem with SPAM not blocked/ filtered at the server is that the client has to download and then delete it. Once SPAMFilterISP gets the new release with the web interface the cleints can decide if they want the SPAM that was filtered sent to them or deleted.
My 3 cents worth.

The Definition of Spam (copied from Spamhaus)

The word "Spam" as applied to Email means Unsolicited Bulk Email ("UBE"). Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content.

Technical Definition: An electronic message is "spam" IF: (1) the recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (2) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent; AND (3) the transmission and reception of the message appears to the recipient to give a disproportionate benefit to the sender.

I'm agreeing with both of you here... SPAM is an annoyance, but as stated, some people actually do want it, odd or not, its true, people actually sign up to recieve some of this stuff, however as George said most is not legit, and by keyword filtering you run the risk of blocking both legit and non-legit. It's the price you pay to help combat this problem.

Now as for RBL list, these can tend to be a problem, they at time block entire subnets, which leads to a loss of a great amount of legit emails, why block an enitire domain because a Spamer used their mail server, chances are the SPAM could have just been a spoofed IP cause the RBL to include the address.

There is so much involved in blocking SPAM, its a major project. You have to be willing to do so though.

Now for another problem. In a running environment is the only way to test to see if your filters work, problem being it creates a large amount of time and resources to sift through the quarentine. One major enhancement I must suggest to be pushed for is "Tagging". with this, it will place a message in the Subject. (EX. "*POSSIBLE SPAM CAUGHT BY FILTER* - enlarge your pen1s t0day"). this would allow the Admin to pick up and generate their Black list, as well as ensure all emails are still going through. Don't get me wrong the quarentine is great, but it is time consumming.

By The Way LogSat... Awesome Product!!!!!! Keep up the good work! 

Roberto,
How will you control how the user logs in to the new web interface. I would hope that there would be some kind of security model that prevents someone other then the actual email account holder from accessing the account.  It would not be a good idea for just anyone to be able to check some else’s account. Example: user1@somedomain.com checking user2@somedomain.com. If there was no log in control built in then a spammer could just go in and force the quarantined emails to be delivered.

That being said, due to the many different email servers in use, it would not work to use the mail server login accounts due to incompatibility problems. So this leaves an opt-in model that would have to be verified by the admin on the system.

Is this close or do you have something else in mind?

Why are you filtering out <font color="#ffffff">?

These are also valid ones. Basically you're blocking any html message that has a comment.

<!--a
<!--b
<!--c
<!--d
<!--e
<!--f
<!--g
<!--h
...

...