diff --git a/local.d/multimap.conf b/local.d/multimap.conf
index 6f26f88..dedd5a0 100644
--- a/local.d/multimap.conf
+++ b/local.d/multimap.conf
@@ -1,7 +1,94 @@
+
+# Envelope From in high-spammy-tlds.txt
+high_spammy_tlds_envfrom {
+    type = "from";
+    filter = "email:domain:tld";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/high-spammy-tlds.txt";
+    symbol = "HIGH_SPAMMY_TLD_ENVFROM";
+    description = "Envelope From is from a high spammy TLD";
+    score = 1.5;
+    regexp = true;
+}
+
+# From in high-spammy-tlds.txt
+high_spammy_tlds_from {
+    type = "header";
+    header = "from";
+    filter = "email:domain:tld";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/high-spammy-tlds.txt";
+    symbol = "HIGH_SPAMMY_TLD_FROM";
+    require_symbols = "!HIGH_SPAMMY_TLD_ENVFROM";
+    description = "From is from a high spammy TLD";
+    score = 1.5;
+    regexp = true;
+}
+
+# From in high-spammy-tlds.txt
+spammy_tlds_envfrom {
+    type = "from";
+    filter = "email:domain:tld";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/spammy-tlds.txt";
+    symbol = "SPAMMY_TLD_ENVFROM";
+    require_symbols = "!HIGH_SPAMMY_TLD_ENVFROM & !HIGH_SPAMMY_TLD_FROM";
+    description = "Envelope From is from a spammy TLD";
+    score = 1.0;
+    regexp = true;
+}
+
+# From in spammy-tlds.txt
+spammy_tlds_from {
+    type = "header";
+    header = "from";
+    filter = "email:domain:tld";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/spammy-tlds.txt";
+    symbol = "SPAMMY_TLD_FROM";
+    require_symbols = "!HIGH_SPAMMY_TLD_ENVFROM & !HIGH_SPAMMY_TLD_FROM & !SPAMMY_TLD_ENVFROM";
+    description = "From is from a spammy TLD";
+    score = 1.0;
+    regexp = true;
+}
+
+# Sender address on a spammy domain
+spammy_domains {
+    type = "from";
+    filter = "email:domain";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/high-spammy-domains.txt";
+    symbol = "SPAMMY_DOMAIN_FROM";
+    description = "sender address is on a spammy domain";
+    score = 2.0;
+    regexp = true;
+}
+
+# URL: tld in high-spammy-tlds.txt
+high_spammy_url {
+    type = "url";
+    filter = "tld";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/high-spammy-tlds.txt";
+    symbol = "HIGH_SPAMMY_URL";
+    description = "Hostname of an URL in the message is in a high spammy TLD";
+    score = 0.25;
+    regexp = true;
+}
+
+# Until we can match against the unique list of urls in the message (https://github.com/rspamd/rspamd/issues/3003)
+# the total score is restricted via the spam_links group
+spam_links {
+    type = "url";
+    filter = "full";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/spam-links.txt";
+    symbol = "SPAM_LINK";
+    description = "Message contains a link pattern commonly used in spam messages";
+    score = 0.4;
+    regexp = true;
+    group = "spam_links";
+}
+
+
+
 spammy_tld_env_from {
     type = "from";
     filter = "email:domain:tld";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/tlds.txt";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/tlds.txt";
     symbol = "SPAMMY_TLD_ENVFROM";
     description = "Sending TLD likely spam";
     score = 1.5;
@@ -12,7 +99,7 @@ spammy_tld_from {
     type = "header";
     header = "from";
     filter = "email:domain:tld";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/tlds.txt";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/tlds.txt";
     symbol = "SPAMMY_TLD_FROM";
     require_symbols = "!SPAMMY_TLD_ENVFROM";
     description = "Sending TLD likely spam";
@@ -23,7 +110,7 @@ spammy_tld_from {
 MXROUTE_BODY_SPAM {
     type = "content";
     filter = "text";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/body-spam.map";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/body-spam.map";
     symbol = "MXROUTE_BODY_SPAM";
     prefilter = true;
     action = "reject";
@@ -34,7 +121,7 @@ MXROUTE_BODY_SPAM {
 SPAMMY_SUBJECT {
     type = "header";
     header = "subject";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/subject-spam.map";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/subject-spam.map";
     symbol = "SPAMMY_SUBJ";
     prefilter = true;
     action = "reject";
@@ -43,7 +130,7 @@ SPAMMY_SUBJECT {
 
 SENDER_FROM_BLACKLIST {
     type = "from";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/blacklisted-sender-strings.map";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/blacklisted-sender-strings.map";
     regexp = true;
     description = "Blacklisted sender";
     prefilter = true;
@@ -55,7 +142,7 @@ SENDER_FROM_BLACKLIST {
 MXROUTE_EXPLORING {
     type = "content";
     filter = "text";
-    map = "https://raw.githubusercontent.com/mxroute/rspamd_rules/master/lists/exploring.map";
+    map = "https://git.xyved.dk/Xyved/spamrules/raw/branch/master/lists/exploring.map";
     symbol = "MXROUTE_EXPLORING";
     prefilter = true;
     action = "add_header";