Declude parses the whole config script on every message. You just need to comment out the rules and actions that you don't want.
Declude has its own weight system. Every rule has a match score and a non-match score. Filter files have their own score which is used to determine if the rule is triggered or not. When the filter file is match, this score is added to the rule score. Then the score of all of the rules are accumulated. You can trigger a Declude action based on either a rule or a weight. Or you can do nothing and just pass the score back to SmarterMail.
In this description, I am using "match" and "non-match" for clarity. Declude uses "Failed" for matched, because a filter rule that matches usually means that the message is failing inspection. But of course, this is not always true. In my config, some matches are unfavorable and some are favorable.
One of the beautiful things about Declude is that it allows test mode. You can configure lots of filters, but not create any actions. Then you parse the log files to see which filters triggered on which messages. This allows you to configure your exceptions before activation and action command. With every other product, I have to turn on a rule and wait to see how much it breaks, which of course is bad for technical reputation and job security.
You can also use weights to make a rule score-neutral. For simple rules, you simply set the match and non-match weights to zero. In a filter file rule, I set the max and min weights in the file to a specific value (n), then set the rule weights to negate it (-n), to produce a net of zero. Then the non-match weight is still zero. The score remains unchanged whether the rule is matched or not.
Allow vs Block
Lots of supposedly smart products are dumb about allow rules. When creating a rule to block an unwanted identifier, you just need to know the identifier -- nobody wants to impersonate a identifier with a negative reputation. But when you want to create allow rules, you should match on the identifier(s) and a verification result. The possible verification mechanisms are: Source IP (assumed true), HELO and Reverse DNS names if they forward-confirm to the Source IP, SPF, and a rough approximation of DMARC. Declude only provides some of these methods out of the box, but I was able to add the missing items using custom script filters. Having a customizable product has been essential to my success.
Alternatives to Scoring:
Personally, I don't believe in scoring, despite the apparent widespread success of SpamAssassin. My experience with scoring in commercial products is that it has mixed results. I figure that the real goal of spam filtering is not to block one bad message, but rather to find and block the organization behind a bad message. Ambiguous results get sent to quarantine. Quarantine review determines whether I add an allow rule to correct the false positives or block rule(s) to prevent the bad organization from attacking me in the future.
What you need to build for yourself:
To review your messages, you need to hang onto them. Neither SmarterMail nor Declude provide a message log and review interface for the system manager, so you need to figure out how to create one. The simplest one is to copy the HDR and EML files to a folder, and then do some file management to keep the archive from growing out of control. If you have a commercial product in addition to Declude, you may be able to do most log review from their. You will also need log to do some log parsing. Normal people use a tool like Splunk. I did not have the Splunk option, so I parse into SQL. It has the BULK option for reading a text file as if it was a database table, and it has higher throughput than I would have expected.
I am a big fan of having an incoming gateway, running SmarterMail + Declude, (Free Edition) as a separate server. The filtering issues for unauthenticated mail are a lot different than the filtering issues for authenticated mail. Having a server dedicated to inbound filtering also makes log analysis a lot easier. Since even the free version of SmarterMail requires Windows Server, some organizations may find that this "free" option is too expensive.
I am still using original Declude, which is frozen code. If you find a bug, you will need to find a way to work around it. I have found very few -- they have been minor and I have been able to work around them with customization. Declude Reboot is the future. Talk to the vendor to decide which version of Declude is right for you.
You could pay really big bucks for a cloud-based email filtering solution. Lots of big organizations do so, yet have still become victims of ransomware. So I am no fan of the big name vendors. When I was shopping for a commercial solution, I was stunned by how many products could not do things that I thought minimal requirements, and the remaining options were outrageously expensive. Declude does amazing things for those who are willing to put in the elbow grease needed to be successful.