You should always try to make your rules as specific as possible. That is, they should specify an application, local port, remote port, and remote address if you can do that. EVERY rule you create should specify an application, unless you are an expert at firewall setup. Otherwise, you might accidentally create a rule that allows or denies everything, bypassing the protective features of the other rules.

   Here's a generic rule than can be applied. You can find Remote ports at PCFlank has a good listing of rule info for specific applications like specific download managers or browsers. Remember, when using the Type 3 list for Kerio, make sure to place your new rule above the Block All rule.

Rule Name: My New Rule           (Try to be more creative than this.:-) )
Protocol: TCP           (Use TCP & UDP only if absolutely necessary.)
Direction: OUTGOING           (For certain, rare programs, you might need BOTH.)
Local Port: RANGE and use 1024-49151           (In rare circumstances, this may need to be set to ANY.)
Application: (Select Only selected below and then click Browse to find the application.)
Remote Address: ANY           (With some things, like an email program, you can set this to Single IP and use the IP provided by your ISP for your mail server. Otherwise, leave this to ANY.)
Remote Port: ANY           (It is better to use a list or range from PCFlank or as specified in your application's documentation.)
Action: PERMIT           (Of course, set to DENY to disallow connection to the net.)
Log: UNCHECKED            (Uncheck this unless you want everything your rule does logged to a file. This can get pretty big quickly, but is good for keeping tabs on things.) Display Alert box: UNCHECKED (check this only if you want to be notified whenever this rule matches.)