diff --git a/AGENTS.md b/AGENTS.md
index 90eba4e..82a623b 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -35,6 +35,7 @@ Current keys used by routes:
 
 - `feeds:list` -> `{ feeds: Array<{ id, title }> }`
 - `feed:<feedId>:config` -> feed config object
+- `feed:<feedId>:config.allowed_senders` -> optional sender allowlist (email or domain)
 - `feed:<feedId>:metadata` -> `{ emails: Array<{ key, subject, receivedAt }> }`
 - `feed:<feedId>:<timestamp>` -> stored email body/metadata
 
@@ -68,9 +69,17 @@ Notes:
 ## Security assumptions
 
 - Inbound endpoint only accepts requests from ForwardEmail source IPs.
-- Admin access uses cookie gate and password stored in Worker secret (`ADMIN_PASSWORD`).
+- Admin access uses a signed cookie gate and password stored in Worker secret (`ADMIN_PASSWORD`).
+- Admin pages set `Cache-Control: no-store`.
+- Prefer setting `allowed_senders` on legitimate feeds to reduce inbound spam.
 - Do not hardcode credentials or domain-specific secrets into tracked files.
 
+## Spam cleanup workflow
+
+- First choice: use dashboard bulk actions (`/admin`) with search + checkbox selection.
+- Use **Table** view for bulk delete.
+- Avoid wildcard deletion; prefer search + small batches to reduce risk of deleting legitimate feeds.
+
 ## Cloudflare/Wrangler conventions
 
 - `wrangler.toml` is generated locally from `wrangler-example.toml`.
diff --git a/README.md b/README.md
index dc4cad6..358a0ee 100644
--- a/README.md
+++ b/README.md
@@ -13,8 +13,10 @@ Email-to-RSS keeps the same workflow while avoiding shared domains and shared da
 ## Features
 
 - One-click feed creation from an admin dashboard
+- Bulk feed/email deletion from the admin dashboard (safe checkbox-based flow)
 - Unique newsletter addresses per feed (for example `apple.mountain.42@yourdomain.com`)
 - ForwardEmail webhook ingestion with source-IP verification
+- Optional per-feed sender allowlist (`email@domain.com` or `domain.com`)
 - RSS generation on demand (`/rss/:feedId`)
 - Cloudflare KV storage for feed config + email metadata/content
 - Password-protected admin UI
@@ -97,9 +99,21 @@ npm run build
 ## Security notes
 
 - Inbound webhook access is IP-restricted to ForwardEmail MX sources.
-- Admin auth is cookie-based (`HttpOnly`, `SameSite=Strict`).
+- Admin auth uses a signed, `HttpOnly`, `Secure`, `SameSite=Strict` cookie.
+- Admin responses are `no-store` to avoid cache leakage.
+- For high-value feeds, set `Allowed senders` so only known sender addresses/domains are accepted.
 - You should use a strong admin password and rotate periodically.
 
+## Spam cleanup runbook
+
+### UI-first cleanup
+
+1. Open `/admin`.
+2. Switch to **Table** view.
+3. Use the search box to filter obvious spam feeds.
+4. Select rows and use **Delete Selected Feeds**.
+5. For legitimate feeds that got spam emails, open **Emails**, filter by subject, then **Delete Selected Emails**.
+
 ## Upgrading dependencies
 
 To refresh dependencies to latest:
diff --git a/src/routes/admin.test.ts b/src/routes/admin.test.ts
index e943af0..65c1f2c 100644
--- a/src/routes/admin.test.ts
+++ b/src/routes/admin.test.ts
@@ -8,12 +8,25 @@ describe("Admin Routes", () => {
   let testApp: Hono;
   let mockEnv: Env;
   let request: (path: string, init?: RequestInit) => Promise<Response>;
+  let loginAndGetCookie: () => Promise<string>;
 
   beforeEach(() => {
     mockEnv = createMockEnv();
     testApp = new Hono();
     testApp.route("/admin", app);
     request = (path, init = {}) => testApp.request(path, init, mockEnv);
+    loginAndGetCookie = async () => {
+      const formData = new FormData();
+      formData.append("password", "test-password");
+      const response = await request("/admin/login", {
+        method: "POST",
+        body: formData,
+      });
+      expect(response.status).toBe(302);
+      const setCookie = response.headers.get("Set-Cookie");
+      expect(setCookie).toBeTruthy();
+      return (setCookie as string).split(";")[0];
+    };
   });
 
   describe("Authentication", () => {
@@ -38,11 +51,13 @@ describe("Admin Routes", () => {
         body: formData,
       });
 
-      expect(res.status).toBe(200);
+      expect(res.status).toBe(302);
+      expect(res.headers.get("Location")).toBe("/admin");
       const cookie = res.headers.get("Set-Cookie");
-      expect(cookie).toContain("admin_auth=true");
+      expect(cookie).toContain("admin_auth=");
       expect(cookie).toContain("HttpOnly");
       expect(cookie).toContain("SameSite=Strict");
+      expect(cookie).toContain("Secure");
       expect(cookie).toContain("Path=/");
     });
 
@@ -73,9 +88,8 @@ describe("Admin Routes", () => {
   });
 
   describe("Protected Routes", () => {
-    const authCookie = "admin_auth=true";
-
     it("should allow access to dashboard with valid auth cookie", async () => {
+      const authCookie = await loginAndGetCookie();
       const res = await request("/admin", {
         headers: {
           Cookie: authCookie,
@@ -85,6 +99,16 @@ describe("Admin Routes", () => {
       expect(res.headers.get("Content-Type")).toContain("text/html");
     });
 
+    it("should reject access with forged auth cookie", async () => {
+      const res = await request("/admin", {
+        headers: {
+          Cookie: "admin_auth=true",
+        },
+      });
+      expect(res.status).toBe(302);
+      expect(res.headers.get("Location")).toBe("/admin/login");
+    });
+
     describe("Feed Creation", () => {
       it("should prevent feed creation without authentication", async () => {
         const formData = new FormData();
@@ -105,6 +129,7 @@ describe("Admin Routes", () => {
       });
 
       it("should allow feed creation with valid authentication", async () => {
+        const authCookie = await loginAndGetCookie();
         const formData = new FormData();
         formData.append("title", "Test Feed");
         formData.append("description", "Test Description");
@@ -118,7 +143,7 @@ describe("Admin Routes", () => {
         });
 
         expect(res.status).toBe(302); // Redirects back to dashboard
-        expect(res.headers.get("Location")).toBe("/admin");
+        expect(res.headers.get("Location")).toBe("/admin?view=list");
 
         // Verify feed was created in KV
         const feedList = (await mockEnv.EMAIL_STORAGE.get(
@@ -141,6 +166,7 @@ describe("Admin Routes", () => {
       });
 
       it("should reject feed creation with missing title", async () => {
+        const authCookie = await loginAndGetCookie();
         const formData = new FormData();
         formData.append("description", "Test Description");
 
@@ -187,6 +213,7 @@ describe("Admin Routes", () => {
       });
 
       it("should allow feed deletion with valid authentication", async () => {
+        const authCookie = await loginAndGetCookie();
         // First create a feed
         const formData = new FormData();
         formData.append("title", "Test Feed");
@@ -218,7 +245,7 @@ describe("Admin Routes", () => {
         });
 
         expect(deleteRes.status).toBe(302);
-        expect(deleteRes.headers.get("Location")).toBe("/admin");
+        expect(deleteRes.headers.get("Location")).toBe("/admin?view=list");
 
         // Verify feed was deleted
         const updatedFeedList = (await mockEnv.EMAIL_STORAGE.get(
@@ -235,6 +262,53 @@ describe("Admin Routes", () => {
         );
         expect(feedConfig).toBeNull();
       });
+
+      it("should allow bulk feed deletion with valid authentication", async () => {
+        const authCookie = await loginAndGetCookie();
+
+        for (const title of ["Feed A", "Feed B"]) {
+          const formData = new FormData();
+          formData.append("title", title);
+          formData.append("description", "Test");
+          const createRes = await request("/admin/feeds/create", {
+            method: "POST",
+            headers: { Cookie: authCookie },
+            body: formData,
+          });
+          expect(createRes.status).toBe(302);
+        }
+
+        const feedListBefore = (await mockEnv.EMAIL_STORAGE.get(
+          "feeds:list",
+          "json",
+        )) as {
+          feeds: Array<{ id: string; title: string }>;
+        } | null;
+        expect(feedListBefore?.feeds.length).toBe(2);
+
+        const bulkForm = new FormData();
+        for (const feed of feedListBefore?.feeds || []) {
+          bulkForm.append("feedIds", feed.id);
+        }
+
+        const bulkDeleteRes = await request("/admin/feeds/bulk-delete", {
+          method: "POST",
+          headers: { Cookie: authCookie },
+          body: bulkForm,
+        });
+
+        expect(bulkDeleteRes.status).toBe(302);
+        expect(bulkDeleteRes.headers.get("Location")).toContain("/admin?view=list");
+        expect(bulkDeleteRes.headers.get("Location")).toContain("message=bulkDeleted");
+
+        const feedListAfter = (await mockEnv.EMAIL_STORAGE.get(
+          "feeds:list",
+          "json",
+        )) as {
+          feeds: Array<{ id: string; title: string }>;
+        } | null;
+        expect(feedListAfter?.feeds.length).toBe(0);
+      });
     });
   });
 });
diff --git a/src/routes/admin.ts b/src/routes/admin.ts
index 4f5137b..d11e4f8 100644
--- a/src/routes/admin.ts
+++ b/src/routes/admin.ts
@@ -1,16 +1,24 @@
-import { Context, Hono } from 'hono';
-import { getCookie } from 'hono/cookie';
-import { html, raw } from 'hono/html';
-import { z } from 'zod';
-import { Env, FeedConfig, FeedList, FeedMetadata, EmailMetadata, EmailData, FeedListItem } from '../types';
-import { generateFeedId } from '../utils/id-generator';
-import { designSystem } from '../styles/index';
-import { interactiveScripts, authHelpers } from '../scripts/index';
+import { Context, Hono } from "hono";
+import { deleteCookie, getSignedCookie, setSignedCookie } from "hono/cookie";
+import { html, raw } from "hono/html";
+import { z } from "zod";
+import {
+  Env,
+  FeedConfig,
+  FeedList,
+  FeedMetadata,
+  EmailMetadata,
+  EmailData,
+  FeedListItem,
+} from "../types";
+import { generateFeedId } from "../utils/id-generator";
+import { designSystem } from "../styles/index";
+import { interactiveScripts } from "../scripts/index";
 
 /**
  * Admin routes handler for Email-to-RSS
  * Provides a secure interface for managing RSS feeds and viewing emails
- * 
+ *
  * Security:
  * - All routes except /login are protected by server-side cookie authentication
  * - Uses HttpOnly cookies to prevent XSS attacks
@@ -21,414 +29,821 @@ const app = new Hono();
 // Export for testing
 export default app;
 
+const ADMIN_COOKIE_NAME = "admin_auth";
+const ADMIN_COOKIE_MAX_AGE = 60 * 60 * 24 * 7; // 1 week
+
+function parseAllowedSenders(rawAllowedSenders: string): string[] {
+  return rawAllowedSenders
+    .split(/[\n,]+/)
+    .map((value) => value.trim().toLowerCase())
+    .filter(Boolean);
+}
+
+// Prevent accidental caching of admin pages and redirects.
+app.use("*", async (c, next) => {
+  c.header("Cache-Control", "no-store, max-age=0");
+  await next();
+});
+
 // Authentication middleware for admin routes
 async function authMiddleware(c: Context, next: () => Promise<void>) {
+  const env = c.env as unknown as Env;
   const path = new URL(c.req.url).pathname;
+
   // Skip auth check for login page - note that path includes /admin prefix
-  if (path === '/admin/login') {
+  if (path === "/admin/login") {
     return next();
   }
 
-  const authCookie = getCookie(c, 'admin_auth');
-  if (!authCookie || authCookie !== 'true') {
-    return c.redirect('/admin/login');
+  const authCookie = await getSignedCookie(
+    c,
+    env.ADMIN_PASSWORD,
+    ADMIN_COOKIE_NAME,
+  );
+  if (authCookie !== "1") {
+    return c.redirect("/admin/login");
   }
 
   await next();
 }
 
 // Apply auth middleware to all admin routes
-app.use('*', authMiddleware);
+app.use("*", authMiddleware);
 
 // Schema for feed creation
 const createFeedSchema = z.object({
-  title: z.string().min(1, 'Title is required'),
+  title: z.string().min(1, "Title is required"),
   description: z.string().optional(),
-  language: z.string().optional().default('en')
+  language: z.string().optional().default("en"),
+  allowedSenders: z.array(z.string()).optional().default([]),
 });
 
 // Schema for feed updates
 const updateFeedSchema = z.object({
-  title: z.string().min(1, 'Title is required'),
+  title: z.string().min(1, "Title is required"),
   description: z.string().optional(),
-  language: z.string().optional().default('en')
+  language: z.string().optional().default("en"),
+  allowedSenders: z.array(z.string()).optional().default([]),
 });
 
 // Authentication schema
 const authSchema = z.object({
-  password: z.string().min(1, 'Password is required')
+  password: z.string().min(1, "Password is required"),
 });
 
 // Base HTML layout with design system
 const layout = (title: string, content: any) => {
   return html`<!DOCTYPE html>
-  <html>
-    <head>
-      <title>${title} - Email to RSS Admin</title>
-      <meta charset="UTF-8">
-      <meta name="viewport" content="width=device-width, initial-scale=1.0">
-      <style>
-        ${raw(designSystem)}
-      </style>
-      <script>
-        ${raw(interactiveScripts)}
-        ${raw(authHelpers)}
-        
-        // Check authentication on page load
-        document.addEventListener('DOMContentLoaded', () => {
-          const path = window.location.pathname;
-          if (path !== '/admin/login' && !isAuthenticated()) {
-            window.location.href = '/admin/login';
-          }
-        });
-      </script>
-    </head>
-    <body class="page">
-      ${content}
-    </body>
-  </html>`;
+    <html>
+      <head>
+        <title>${title} - Email to RSS Admin</title>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <meta name="color-scheme" content="light dark" />
+        <style>
+          ${raw(designSystem)}
+        </style>
+        <script>
+          ${raw(interactiveScripts)};
+        </script>
+      </head>
+      <body class="page">
+        ${content}
+      </body>
+    </html>`;
 };
 
 // Login page
-app.get('/login', (c) => {
-  const error = c.req.query('error');
-  const errorMessage = error === 'invalid' ? 'Invalid password. Please try again.' : '';
-  
-  return c.html(layout('Login', html`
-    <div class="auth-container fade-in">
-      <div class="auth-card">
-        <div class="auth-logo">
-          <svg width="64" height="64" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-            <rect width="24" height="24" rx="12" fill="var(--color-primary)"/>
-            <path d="M17 9C17 7.89543 16.1046 7 15 7H9C7.89543 7 7 7.89543 7 9V15C7 16.1046 7.89543 17 9 17H15C16.1046 17 17 16.1046 17 15V9Z" stroke="white" stroke-width="1.5"/>
-            <path d="M7 9L12 13L17 9" stroke="white" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
-          </svg>
-        </div>
-        <h1 class="auth-title">Email to RSS Admin</h1>
-        ${errorMessage ? html`<div class="auth-error">${errorMessage}</div>` : ''}
-        <form class="auth-form" action="/admin/login" method="post">
-          <div class="form-group">
-            <label for="password">Password</label>
-            <input type="password" id="password" name="password" required autofocus>
+app.get("/login", (c) => {
+  const error = c.req.query("error");
+  const errorMessage =
+    error === "invalid" ? "Invalid password. Please try again." : "";
+
+  return c.html(
+    layout(
+      "Login",
+      html`
+        <div class="auth-container fade-in">
+          <div class="auth-card">
+            <div class="auth-logo">
+              <svg
+                width="64"
+                height="64"
+                viewBox="0 0 24 24"
+                fill="none"
+                xmlns="http://www.w3.org/2000/svg"
+              >
+                <rect
+                  width="24"
+                  height="24"
+                  rx="12"
+                  fill="var(--color-primary)"
+                />
+                <path
+                  d="M17 9C17 7.89543 16.1046 7 15 7H9C7.89543 7 7 7.89543 7 9V15C7 16.1046 7.89543 17 9 17H15C16.1046 17 17 16.1046 17 15V9Z"
+                  stroke="white"
+                  stroke-width="1.5"
+                />
+                <path
+                  d="M7 9L12 13L17 9"
+                  stroke="white"
+                  stroke-width="1.5"
+                  stroke-linecap="round"
+                  stroke-linejoin="round"
+                />
+              </svg>
+            </div>
+            <h1 class="auth-title">Email to RSS Admin</h1>
+            ${errorMessage
+              ? html`<div class="auth-error">${errorMessage}</div>`
+              : ""}
+            <form class="auth-form" action="/admin/login" method="post">
+              <div class="form-group">
+                <label for="password">Password</label>
+                <input
+                  type="password"
+                  id="password"
+                  name="password"
+                  required
+                  autofocus
+                />
+              </div>
+              <button type="submit" class="button auth-button">Log In</button>
+            </form>
           </div>
-          <button type="submit" class="button auth-button">Log In</button>
-        </form>
-      </div>
-    </div>
-  `));
+        </div>
+      `,
+    ),
+  );
 });
 
 // Handle login
-app.post('/login', async (c) => {
+app.post("/login", async (c) => {
   const env = c.env as unknown as Env;
-  
+
   try {
     const formData = await c.req.formData();
-    const password = formData.get('password')?.toString() || '';
-    
+    const password = formData.get("password")?.toString() || "";
+
     // Validate password
     authSchema.parse({ password });
-    
+
     // Check password against environment variable
     if (password === env.ADMIN_PASSWORD) {
-      // Set a cookie for server-side authentication
-      c.header('Set-Cookie', `admin_auth=true; Path=/; HttpOnly; SameSite=Strict; Max-Age=${60 * 60 * 24 * 7}`); // 1 week
-      
-      // Also use localStorage for client-side checks
-      return c.html(html`
-        <script>
-          ${raw(`
-            localStorage.setItem('authenticated', 'true');
-            window.location.href = '/admin';
-          `)}
-        </script>
-      `);
-    } else {
-      // Incorrect password - redirect back to login with an error message
-      return c.redirect('/admin/login?error=invalid');
+      await setSignedCookie(c, ADMIN_COOKIE_NAME, "1", env.ADMIN_PASSWORD, {
+        path: "/",
+        httpOnly: true,
+        sameSite: "Strict",
+        secure: true,
+        maxAge: ADMIN_COOKIE_MAX_AGE,
+      });
+      return c.redirect("/admin");
     }
+
+    // Incorrect password - redirect back to login with an error message
+    return c.redirect("/admin/login?error=invalid");
   } catch (error) {
-    console.error('Login error:', error);
-    return c.redirect('/admin/login?error=invalid');
+    console.error("Login error:", error);
+    return c.redirect("/admin/login?error=invalid");
   }
 });
 
 // Logout route
-app.get('/logout', (c) => {
-  return c.html(html`
-    <script>
-      ${raw(`
-        localStorage.removeItem('authenticated');
-        window.location.href = '/admin/login';
-      `)}
-    </script>
-  `);
+app.get("/logout", (c) => {
+  deleteCookie(c, ADMIN_COOKIE_NAME, { path: "/" });
+  return c.redirect("/admin/login");
 });
 
 // Admin dashboard route
-app.get('/', async (c) => {
+app.get("/", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  
+  const url = new URL(c.req.url);
+  const view = url.searchParams.get("view") === "table" ? "table" : "list";
+  const message = url.searchParams.get("message");
+  const count = Number(url.searchParams.get("count") || "0");
+
   // List all feeds
   const feedList = await listAllFeeds(emailStorage);
-  
+
   // Fetch full feed configs to get descriptions
   const feedsWithConfig = await Promise.all(
     feedList.map(async (feed) => {
       const configKey = `feed:${feed.id}:config`;
-      const config = await emailStorage.get(configKey, { type: 'json' }) as FeedConfig | null;
+      const config = (await emailStorage.get(configKey, {
+        type: "json",
+      })) as FeedConfig | null;
       return {
         ...feed,
-        description: config?.description || ''
+        description: config?.description || "",
       };
-    })
+    }),
   );
-  
-  return c.html(layout('Dashboard', html`
-    <div class="container fade-in">
-      <div class="header-with-actions">
-        <div class="header-title">
-          <h1>Email to RSS Admin</h1>
-          <p>Manage your email newsletter feeds</p>
-        </div>
-        <div class="header-actions">
-          <a href="/admin/logout" class="button button-logout">Logout</a>
-        </div>
-      </div>
-      
-      <div class="card">
-        <h2>Create New Feed</h2>
-        <form action="/admin/feeds/create" method="post">
-          <div class="form-group">
-            <label for="title">Feed Title</label>
-            <input type="text" id="title" name="title" required>
-          </div>
-          
-          <div class="form-group">
-            <label for="description">Description</label>
-            <textarea id="description" name="description" rows="3"></textarea>
-          </div>
-          
-          <input type="hidden" id="language" name="language" value="en">
-          
-          <button type="submit" class="button">Create Feed</button>
-        </form>
-      </div>
-      
-      <h2>Your Feeds</h2>
-      
-      ${feedsWithConfig.length > 0 ? 
-        html`<ul class="feed-list">
-          ${feedsWithConfig.map((feed, index: number) => html`
-            <li class="feed-item card" id="feed-${feed.id}">
-              <div class="feed-header">
-                <h2 class="feed-title" id="title-${feed.id}">${feed.title}</h2>
-                <input type="text" class="feed-title-edit hidden" id="title-edit-${feed.id}" value="${feed.title}" placeholder="${feed.title}">
-                ${feed.description ? 
-                  html`<p class="feed-description" id="desc-${feed.id}">${feed.description}</p>` : 
-                  html`<p class="feed-description empty" id="desc-${feed.id}"><i>No description</i></p>`
-                }
-                <textarea class="feed-description-edit hidden" id="desc-edit-${feed.id}" rows="2" placeholder="${feed.description || 'No description'}">${feed.description}</textarea>
-              </div>
-              <div style="margin-bottom: var(--spacing-md);">
-                <div class="copyable">
-                  <span class="copyable-label">Email:</span>
-                  <div class="copyable-content">
-                    <span class="copyable-value" data-copy="${feed.id}@${env.DOMAIN}">${feed.id}@${env.DOMAIN}</span>
-                    <div class="copy-icon-container">
-                      <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                        <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                        <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                      </svg>
-                      <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                        <path d="M20 6L9 17l-5-5"></path>
-                      </svg>
-                    </div>
-                  </div>
-                </div>
-                <div class="copyable">
-                  <span class="copyable-label">RSS Feed:</span>
-                  <div class="copyable-content">
-                    <span class="copyable-value" data-copy="https://${env.DOMAIN}/rss/${feed.id}">https://${env.DOMAIN}/rss/${feed.id}</span>
-                    <div class="copy-icon-container">
-                      <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                        <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                        <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                      </svg>
-                      <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                        <path d="M20 6L9 17l-5-5"></path>
-                      </svg>
-                    </div>
-                  </div>
-                </div>
-              </div>
-              <div class="feed-buttons">
-                <div class="feed-buttons-left">
-                  <button id="edit-btn-${feed.id}" onclick="toggleEditMode('${feed.id}')" class="button button-small">Edit</button>
-                  <a href="/admin/feeds/${feed.id}/emails" class="button button-small">View Emails</a>
-                </div>
-                <div class="feed-buttons-right">
-                  <button onclick="confirmDelete('${feed.id}')" class="button button-small button-danger">Delete</button>
-                </div>
-              </div>
-            </li>
-          `)}
-        </ul>` : 
-        html`<div class="card"><p>You don't have any feeds yet. Create one above.</p></div>`
-      }
+
+  const viewHref = (nextView: "list" | "table") => {
+    const nextUrl = new URL(url);
+    nextUrl.pathname = "/admin";
+    nextUrl.searchParams.set("view", nextView);
+    const qs = nextUrl.searchParams.toString();
+    return `${nextUrl.pathname}${qs ? `?${qs}` : ""}`;
+  };
+
+  const viewToggle = html`
+    <div class="segmented" role="tablist" aria-label="Feed view">
+      <a
+        class="segmented-item ${view === "list" ? "is-active" : ""}"
+        href="${viewHref("list")}"
+        role="tab"
+        aria-selected="${view === "list" ? "true" : "false"}"
+        >List</a
+      >
+      <a
+        class="segmented-item ${view === "table" ? "is-active" : ""}"
+        href="${viewHref("table")}"
+        role="tab"
+        aria-selected="${view === "table" ? "true" : "false"}"
+        >Table</a
+      >
     </div>
-    
-    <script>
-      ${raw(`
+  `;
+
+  return c.html(
+    layout(
+      "Dashboard",
+      html`
+        <div class="container fade-in">
+          <div class="header-with-actions">
+            <div class="header-title">
+              <h1>Email to RSS Admin</h1>
+              <p>Manage your email newsletter feeds</p>
+            </div>
+            <div class="header-actions">
+              <a href="/admin/logout" class="button button-logout">Logout</a>
+            </div>
+          </div>
+
+          <div class="card">
+            <h2>Create New Feed</h2>
+            <form action="/admin/feeds/create" method="post">
+              <div class="form-group">
+                <label for="title">Feed Title</label>
+                <input type="text" id="title" name="title" required />
+              </div>
+
+              <div class="form-group">
+                <label for="description">Description</label>
+                <textarea
+                  id="description"
+                  name="description"
+                  rows="3"
+                ></textarea>
+              </div>
+
+              <div class="form-group">
+                <label for="allowed_senders"
+                  >Allowed senders (optional, one email or domain per
+                  line)</label
+                >
+                <textarea
+                  id="allowed_senders"
+                  name="allowed_senders"
+                  rows="3"
+                  placeholder="newsletter@example.com&#10;techmeme.com"
+                ></textarea>
+                <small
+                  >When set, inbound emails are only accepted from these
+                  senders/domains.</small
+                >
+              </div>
+
+              <input type="hidden" id="language" name="language" value="en" />
+              <input type="hidden" name="view" value="${view}" />
+
+              <button type="submit" class="button">Create Feed</button>
+            </form>
+          </div>
+
+          ${message === "bulkDeleted"
+            ? html`<div class="card">
+                <p>Deleted ${Number.isFinite(count) ? count : 0} feed(s).</p>
+              </div>`
+            : ""}
+          ${message === "bulkDeleteNoop"
+            ? html`<div class="card"><p>No feeds were selected.</p></div>`
+            : ""}
+
+          <div class="toolbar">
+            <div class="toolbar-group">
+              <h2 style="margin: 0;">Your Feeds</h2>
+              <span class="pill">${feedsWithConfig.length}</span>
+            </div>
+            <div class="toolbar-group">${viewToggle}</div>
+          </div>
+
+          ${feedsWithConfig.length === 0
+            ? html`<div class="card">
+                <p>You don't have any feeds yet. Create one above.</p>
+              </div>`
+            : view === "table"
+              ? html`
+                  <div class="card">
+                    <div class="toolbar">
+                      <div class="toolbar-group toolbar-group-fill">
+                        <input
+                          type="search"
+                          id="feed-search"
+                          class="search"
+                          placeholder="Search feed title, id, or description"
+                          oninput="filterFeedRows()"
+                        />
+                        <button
+                          type="button"
+                          class="button button-small"
+                          onclick="setVisibleFeedSelection(true)"
+                        >
+                          Select Visible
+                        </button>
+                        <button
+                          type="button"
+                          class="button button-small"
+                          onclick="setVisibleFeedSelection(false)"
+                        >
+                          Clear Visible
+                        </button>
+                        <span class="pill" id="selected-feed-count"
+                          >0 selected</span
+                        >
+                      </div>
+                    </div>
+
+                    <form
+                      id="bulk-feed-delete-form"
+                      action="/admin/feeds/bulk-delete"
+                      method="post"
+                      onsubmit="return confirmBulkFeedDelete()"
+                    >
+                      <input type="hidden" name="view" value="table" />
+
+                      <div class="table-wrap">
+                        <table class="table table-feeds">
+                          <thead>
+                            <tr>
+                              <th>
+                                <input
+                                  type="checkbox"
+                                  id="select-all-feeds"
+                                  onchange="toggleAllFeeds(this.checked)"
+                                />
+                              </th>
+                              <th>Title</th>
+                              <th>Feed ID</th>
+                              <th>Email</th>
+                              <th>RSS</th>
+                              <th>Actions</th>
+                            </tr>
+                          </thead>
+                          <tbody id="feed-table-body">
+                            ${feedsWithConfig.map(
+                              (feed) => html`
+                                <tr
+                                  class="feed-row"
+                                  data-search="${`${feed.title} ${feed.id} ${feed.description || ""}`.toLowerCase()}"
+                                >
+                                  <td>
+                                    <input
+                                      type="checkbox"
+                                      class="feed-select"
+                                      name="feedIds"
+                                      value="${feed.id}"
+                                      onchange="updateFeedSelectionState()"
+                                    />
+                                  </td>
+                                  <td>
+                                    <strong>${feed.title}</strong>
+                                    ${feed.description
+                                      ? html`<div
+                                          class="muted"
+                                          style="font-size: var(--font-size-sm); margin-top: 4px;"
+                                        >
+                                          ${feed.description}
+                                        </div>`
+                                      : ""}
+                                  </td>
+                                  <td><code>${feed.id}</code></td>
+                                  <td>
+                                    <div class="copyable copyable-inline">
+                                      <div class="copyable-content">
+                                        <span
+                                          class="copyable-value"
+                                          data-copy="${feed.id}@${env.DOMAIN}"
+                                          >${feed.id}@${env.DOMAIN}</span
+                                        >
+                                        <div class="copy-icon-container">
+                                          <svg
+                                            class="copy-icon copy-icon-original"
+                                            width="16"
+                                            height="16"
+                                            viewBox="0 0 24 24"
+                                            fill="none"
+                                            stroke="currentColor"
+                                            stroke-width="2"
+                                            stroke-linecap="round"
+                                            stroke-linejoin="round"
+                                          >
+                                            <rect
+                                              x="9"
+                                              y="9"
+                                              width="13"
+                                              height="13"
+                                              rx="2"
+                                              ry="2"
+                                            ></rect>
+                                            <path
+                                              d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                                            ></path>
+                                          </svg>
+                                          <svg
+                                            class="copy-icon copy-icon-success"
+                                            width="16"
+                                            height="16"
+                                            viewBox="0 0 24 24"
+                                            fill="none"
+                                            stroke="currentColor"
+                                            stroke-width="2"
+                                            stroke-linecap="round"
+                                            stroke-linejoin="round"
+                                          >
+                                            <path
+                                              d="M20 6L9 17l-5-5"
+                                            ></path>
+                                          </svg>
+                                        </div>
+                                      </div>
+                                    </div>
+                                  </td>
+                                  <td>
+                                    <div class="copyable copyable-inline">
+                                      <div class="copyable-content">
+                                        <span
+                                          class="copyable-value"
+                                          data-copy="https://${env.DOMAIN}/rss/${feed.id}"
+                                          >https://${env.DOMAIN}/rss/${feed.id}</span
+                                        >
+                                        <div class="copy-icon-container">
+                                          <svg
+                                            class="copy-icon copy-icon-original"
+                                            width="16"
+                                            height="16"
+                                            viewBox="0 0 24 24"
+                                            fill="none"
+                                            stroke="currentColor"
+                                            stroke-width="2"
+                                            stroke-linecap="round"
+                                            stroke-linejoin="round"
+                                          >
+                                            <rect
+                                              x="9"
+                                              y="9"
+                                              width="13"
+                                              height="13"
+                                              rx="2"
+                                              ry="2"
+                                            ></rect>
+                                            <path
+                                              d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                                            ></path>
+                                          </svg>
+                                          <svg
+                                            class="copy-icon copy-icon-success"
+                                            width="16"
+                                            height="16"
+                                            viewBox="0 0 24 24"
+                                            fill="none"
+                                            stroke="currentColor"
+                                            stroke-width="2"
+                                            stroke-linecap="round"
+                                            stroke-linejoin="round"
+                                          >
+                                            <path
+                                              d="M20 6L9 17l-5-5"
+                                            ></path>
+                                          </svg>
+                                        </div>
+                                      </div>
+                                    </div>
+                                  </td>
+                                  <td>
+                                    <div class="row-actions">
+                                      <a
+                                        href="/admin/feeds/${feed.id}/edit"
+                                        class="button button-small"
+                                        >Edit</a
+                                      >
+                                      <a
+                                        href="/admin/feeds/${feed.id}/emails"
+                                        class="button button-small"
+                                        >Emails</a
+                                      >
+                                      <button
+                                        type="button"
+                                        class="button button-small button-danger"
+                                        onclick="confirmDelete('${feed.id}')"
+                                      >
+                                        Delete
+                                      </button>
+                                    </div>
+                                  </td>
+                                </tr>
+                              `,
+                            )}
+                          </tbody>
+                        </table>
+                      </div>
+
+                      <div class="actions-row">
+                        <button
+                          id="bulk-delete-feeds-button"
+                          type="submit"
+                          class="button button-danger"
+                          disabled
+                        >
+                          Delete Selected Feeds
+                        </button>
+                      </div>
+                    </form>
+                  </div>
+                `
+              : html`
+                  <div class="toolbar">
+                    <div class="toolbar-group toolbar-group-fill">
+                      <input
+                        type="search"
+                        id="feed-search"
+                        class="search"
+                        placeholder="Search feed title, id, or description"
+                        oninput="filterFeedRows()"
+                      />
+                      <span class="pill"
+                        >Tip: use Table view for bulk deletion.</span
+                      >
+                    </div>
+                  </div>
+
+                  <ul class="feed-list">
+                    ${feedsWithConfig.map(
+                      (feed) => html`
+                        <li
+                          class="feed-item card feed-row"
+                          data-search="${`${feed.title} ${feed.id} ${feed.description || ""}`.toLowerCase()}"
+                        >
+                          <div class="feed-header">
+                            <h3 class="feed-title">${feed.title}</h3>
+                            ${feed.description
+                              ? html`<p class="feed-description">
+                                  ${feed.description}
+                                </p>`
+                              : html`<p class="feed-description empty">
+                                  <i>No description</i>
+                                </p>`}
+                          </div>
+
+                          <div style="margin-bottom: var(--spacing-md);">
+                            <div class="copyable">
+                              <span class="copyable-label">Email:</span>
+                              <div class="copyable-content">
+                                <span
+                                  class="copyable-value"
+                                  data-copy="${feed.id}@${env.DOMAIN}"
+                                  >${feed.id}@${env.DOMAIN}</span
+                                >
+                                <div class="copy-icon-container">
+                                  <svg
+                                    class="copy-icon copy-icon-original"
+                                    width="16"
+                                    height="16"
+                                    viewBox="0 0 24 24"
+                                    fill="none"
+                                    stroke="currentColor"
+                                    stroke-width="2"
+                                    stroke-linecap="round"
+                                    stroke-linejoin="round"
+                                  >
+                                    <rect
+                                      x="9"
+                                      y="9"
+                                      width="13"
+                                      height="13"
+                                      rx="2"
+                                      ry="2"
+                                    ></rect>
+                                    <path
+                                      d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                                    ></path>
+                                  </svg>
+                                  <svg
+                                    class="copy-icon copy-icon-success"
+                                    width="16"
+                                    height="16"
+                                    viewBox="0 0 24 24"
+                                    fill="none"
+                                    stroke="currentColor"
+                                    stroke-width="2"
+                                    stroke-linecap="round"
+                                    stroke-linejoin="round"
+                                  >
+                                    <path d="M20 6L9 17l-5-5"></path>
+                                  </svg>
+                                </div>
+                              </div>
+                            </div>
+                            <div class="copyable">
+                              <span class="copyable-label">RSS Feed:</span>
+                              <div class="copyable-content">
+                                <span
+                                  class="copyable-value"
+                                  data-copy="https://${env.DOMAIN}/rss/${feed.id}"
+                                  >https://${env.DOMAIN}/rss/${feed.id}</span
+                                >
+                                <div class="copy-icon-container">
+                                  <svg
+                                    class="copy-icon copy-icon-original"
+                                    width="16"
+                                    height="16"
+                                    viewBox="0 0 24 24"
+                                    fill="none"
+                                    stroke="currentColor"
+                                    stroke-width="2"
+                                    stroke-linecap="round"
+                                    stroke-linejoin="round"
+                                  >
+                                    <rect
+                                      x="9"
+                                      y="9"
+                                      width="13"
+                                      height="13"
+                                      rx="2"
+                                      ry="2"
+                                    ></rect>
+                                    <path
+                                      d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                                    ></path>
+                                  </svg>
+                                  <svg
+                                    class="copy-icon copy-icon-success"
+                                    width="16"
+                                    height="16"
+                                    viewBox="0 0 24 24"
+                                    fill="none"
+                                    stroke="currentColor"
+                                    stroke-width="2"
+                                    stroke-linecap="round"
+                                    stroke-linejoin="round"
+                                  >
+                                    <path d="M20 6L9 17l-5-5"></path>
+                                  </svg>
+                                </div>
+                              </div>
+                            </div>
+                          </div>
+
+                          <div class="feed-buttons">
+                            <div class="feed-buttons-left">
+                              <a
+                                href="/admin/feeds/${feed.id}/edit"
+                                class="button button-small"
+                                >Edit</a
+                              >
+                              <a
+                                href="/admin/feeds/${feed.id}/emails"
+                                class="button button-small"
+                                >Emails</a
+                              >
+                            </div>
+                            <div class="feed-buttons-right">
+                              <button
+                                type="button"
+                                onclick="confirmDelete('${feed.id}')"
+                                class="button button-small button-danger"
+                              >
+                                Delete
+                              </button>
+                            </div>
+                          </div>
+                        </li>
+                      `,
+                    )}
+                  </ul>
+                `}
+        </div>
+
+        <script>
+          ${raw(`
         function confirmDelete(feedId) {
           if (confirm('Are you sure you want to delete this feed? This action cannot be undone.')) {
+            const currentView = new URL(window.location.href).searchParams.get('view') || 'list';
             const form = document.createElement('form');
             form.method = 'POST';
-            form.action = '/admin/feeds/' + feedId + '/delete';
+            form.action = '/admin/feeds/' + feedId + '/delete?view=' + encodeURIComponent(currentView);
             document.body.appendChild(form);
             form.submit();
           }
         }
-        
-        function toggleEditMode(feedId) {
-          // Toggle visibility of display and edit elements
-          document.getElementById('title-' + feedId).classList.toggle('hidden');
-          document.getElementById('desc-' + feedId).classList.toggle('hidden');
-          document.getElementById('title-edit-' + feedId).classList.toggle('hidden');
-          document.getElementById('desc-edit-' + feedId).classList.toggle('hidden');
-          
-          // Get the button (could be either edit or save button now)
-          const button = document.getElementById('edit-btn-' + feedId) || document.getElementById('save-btn-' + feedId);
-          
-          // Transform the button
-          if (button.textContent === 'Edit') {
-            // Change to Save button
-            button.textContent = 'Save';
-            button.classList.add('button-success');
-            button.id = 'save-btn-' + feedId;
-            button.onclick = function() { saveFeed(feedId); };
-          } else {
-            // Change back to Edit button (should not happen normally since we use saveFeed for this)
-            button.textContent = 'Edit';
-            button.classList.remove('button-success', 'saved');
-            button.id = 'edit-btn-' + feedId;
-            button.onclick = function() { toggleEditMode(feedId); };
+
+        function updateFeedSelectionState() {
+          const checkboxes = Array.from(document.querySelectorAll('.feed-select'));
+          const selected = checkboxes.filter((checkbox) => checkbox.checked);
+          const selectedCount = document.getElementById('selected-feed-count');
+          const bulkDeleteButton = document.getElementById('bulk-delete-feeds-button');
+          const selectAll = document.getElementById('select-all-feeds');
+
+          if (selectedCount) {
+            selectedCount.textContent = selected.length + ' selected';
           }
-          
-          // Focus the title input when entering edit mode
-          if (!document.getElementById('title-edit-' + feedId).classList.contains('hidden')) {
-            document.getElementById('title-edit-' + feedId).focus();
+          if (bulkDeleteButton) {
+            bulkDeleteButton.disabled = selected.length === 0;
+          }
+          if (selectAll) {
+            const visibleCheckboxes = checkboxes.filter((checkbox) => checkbox.closest('tr')?.style.display !== 'none');
+            selectAll.checked = visibleCheckboxes.length > 0 && visibleCheckboxes.every((checkbox) => checkbox.checked);
           }
         }
-        
-        async function saveFeed(feedId) {
-          const titleInput = document.getElementById('title-edit-' + feedId);
-          const descInput = document.getElementById('desc-edit-' + feedId);
-          const saveBtn = document.getElementById('save-btn-' + feedId);
-          const editBtn = document.getElementById('edit-btn-' + feedId);
-          const originalTitle = document.getElementById('title-' + feedId).textContent;
-          const descElement = document.getElementById('desc-' + feedId);
-          const isEmptyDesc = descElement.classList.contains('empty');
-          const originalDescription = isEmptyDesc ? '' : descElement.textContent;
-          
-          // Use original value if input is empty
-          const newTitle = titleInput.value.trim() || originalTitle;
-          const newDescription = descInput.value.trim() || originalDescription;
-          
-          // Validate - title should not be empty (using original as fallback anyway)
-          if (!newTitle) {
-            alert('Title cannot be empty');
-            return;
-          }
-          
-          // Change button to saving state
-          saveBtn.textContent = 'Saving...';
-          saveBtn.disabled = true;
-          
-          try {
-            // Make API call to save the feed
-            const response = await fetch('/admin/api/feeds/' + feedId + '/update', {
-              method: 'POST',
-              headers: {
-                'Content-Type': 'application/json'
-              },
-              body: JSON.stringify({
-                title: newTitle,
-                description: newDescription
-              })
-            });
-            
-            if (response.ok) {
-              // Update the display elements with new values
-              document.getElementById('title-' + feedId).textContent = newTitle;
-              
-              if (newDescription) {
-                descElement.textContent = newDescription;
-                descElement.classList.remove('empty');
-              } else {
-                descElement.innerHTML = '<i>No description</i>';
-                descElement.classList.add('empty');
-              }
-              
-              // Show success state
-              saveBtn.textContent = 'Saved!';
-              saveBtn.classList.add('saved');
-              
-              // Immediately toggle back to display mode
-              document.getElementById('title-' + feedId).classList.remove('hidden');
-              document.getElementById('desc-' + feedId).classList.remove('hidden');
-              document.getElementById('title-edit-' + feedId).classList.add('hidden');
-              document.getElementById('desc-edit-' + feedId).classList.add('hidden');
-              
-              // After showing "Saved!" for 1 second, transition back to "Edit"
-              setTimeout(() => {
-                // Instead of showing/hiding different buttons, transform the same button
-                // This prevents the button from "jumping" to a different position
-                saveBtn.textContent = 'Edit';
-                saveBtn.classList.remove('saved', 'button-success');
-                saveBtn.id = 'edit-btn-' + feedId;
-                saveBtn.onclick = function() { toggleEditMode(feedId); };
-                saveBtn.disabled = false;
-              }, 1500);
-            } else {
-              throw new Error('Failed to save');
+
+        function toggleAllFeeds(checked) {
+          const checkboxes = document.querySelectorAll('.feed-select');
+          checkboxes.forEach((checkbox) => {
+            if (checkbox.closest('tr')?.style.display !== 'none') {
+              checkbox.checked = checked;
             }
-          } catch (error) {
-            console.error('Error saving feed:', error);
-            alert('Error saving feed. Please try again.');
-            saveBtn.textContent = 'Save';
-            saveBtn.disabled = false;
-          }
+          });
+          updateFeedSelectionState();
         }
-      `)}
-    </script>
-  `));
+
+        function setVisibleFeedSelection(checked) {
+          const checkboxes = document.querySelectorAll('.feed-select');
+          checkboxes.forEach((checkbox) => {
+            if (checkbox.closest('tr')?.style.display !== 'none') {
+              checkbox.checked = checked;
+            }
+          });
+          updateFeedSelectionState();
+        }
+
+        function filterFeedRows() {
+          const query = (document.getElementById('feed-search')?.value || '').toLowerCase().trim();
+          const rows = document.querySelectorAll('.feed-row');
+          rows.forEach((row) => {
+            const haystack = row.getAttribute('data-search') || '';
+            row.style.display = !query || haystack.includes(query) ? '' : 'none';
+          });
+          updateFeedSelectionState();
+        }
+
+        function confirmBulkFeedDelete() {
+          const selected = document.querySelectorAll('.feed-select:checked').length;
+          if (selected === 0) {
+            return false;
+          }
+          return confirm('Delete ' + selected + ' selected feed(s)? This will also delete all emails inside those feeds.');
+        }
+
+        document.addEventListener('DOMContentLoaded', () => {
+          updateFeedSelectionState();
+        });
+      `)};
+        </script>
+      `,
+    ),
+  );
 });
 
 // Create a new feed
-app.post('/feeds/create', async (c) => {
+app.post("/feeds/create", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  
+
   try {
     const formData = await c.req.formData();
-    const title = formData.get('title')?.toString() || '';
-    const description = formData.get('description')?.toString();
-    const language = formData.get('language')?.toString() || 'en';
-    
+    const title = formData.get("title")?.toString() || "";
+    const description = formData.get("description")?.toString();
+    const language = formData.get("language")?.toString() || "en";
+    const view = formData.get("view")?.toString() === "table" ? "table" : "list";
+    const allowedSenders = parseAllowedSenders(
+      formData.get("allowed_senders")?.toString() || "",
+    );
+
     // Validate inputs
     const parsedData = createFeedSchema.parse({
       title,
       description,
-      language
+      language,
+      allowedSenders,
     });
-    
+
     // Generate a feed ID
     const feedId = generateFeedId();
-    
+
     // Create feed configuration
     const feedConfig: FeedConfig = {
       title: parsedData.title,
@@ -436,249 +851,515 @@ app.post('/feeds/create', async (c) => {
       language: parsedData.language,
       site_url: `https://${env.DOMAIN}/rss/${feedId}`,
       feed_url: `https://${env.DOMAIN}/rss/${feedId}`,
+      allowed_senders: parsedData.allowedSenders,
       created_at: Date.now(),
-      updated_at: Date.now()
+      updated_at: Date.now(),
     };
-    
+
     // Create feed metadata
     const feedMetadata: FeedMetadata = {
-      emails: []
+      emails: [],
     };
-    
+
     // Store feed configuration and metadata
     await emailStorage.put(`feed:${feedId}:config`, JSON.stringify(feedConfig));
-    await emailStorage.put(`feed:${feedId}:metadata`, JSON.stringify(feedMetadata));
-    
+    await emailStorage.put(
+      `feed:${feedId}:metadata`,
+      JSON.stringify(feedMetadata),
+    );
+
     // Add feed to the list of all feeds
     await addFeedToList(emailStorage, feedId, parsedData.title);
-    
+
     // Redirect back to admin page
-    return c.redirect('/admin');
+    return c.redirect(`/admin?view=${view}`);
   } catch (error) {
-    console.error('Error creating feed:', error);
-    return c.text('Error creating feed. Please try again.', 400);
+    console.error("Error creating feed:", error);
+    return c.text("Error creating feed. Please try again.", 400);
   }
 });
 
 // Edit feed page
-app.get('/feeds/:feedId/edit', async (c) => {
+app.get("/feeds/:feedId/edit", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const feedId = c.req.param('feedId');
-  
+  const feedId = c.req.param("feedId");
+
   // Get feed configuration
   const feedConfigKey = `feed:${feedId}:config`;
-  const feedConfig = await emailStorage.get(feedConfigKey, { type: 'json' }) as FeedConfig | null;
-  
+  const feedConfig = (await emailStorage.get(feedConfigKey, {
+    type: "json",
+  })) as FeedConfig | null;
+
   if (!feedConfig) {
-    return c.text('Feed not found', 404);
+    return c.text("Feed not found", 404);
   }
-  
-  return c.html(layout('Edit Feed', html`
-    <div class="container fade-in">
-      <div class="header-with-actions">
-        <div class="header-title">
-          <h1>${feedConfig.title} - Edit Feed</h1>
-        </div>
-        <div class="header-actions">
-          <a href="/admin" class="button button-secondary button-back">Back to Dashboard</a>
-        </div>
-      </div>
-      
-      <div class="card">
-        <form action="/admin/feeds/${feedId}/edit" method="post">
-          <div class="form-group">
-            <label for="title">Feed Title</label>
-            <input type="text" id="title" name="title" value="${feedConfig.title}" required>
+
+  return c.html(
+    layout(
+      "Edit Feed",
+      html`
+        <div class="container fade-in">
+          <div class="header-with-actions">
+            <div class="header-title">
+              <h1>${feedConfig.title} - Edit Feed</h1>
+            </div>
+            <div class="header-actions">
+              <a href="/admin" class="button button-secondary button-back"
+                >Back to Dashboard</a
+              >
+            </div>
           </div>
-          
-          <div class="form-group">
-            <label for="description">Description</label>
-            <textarea id="description" name="description" rows="3">${feedConfig.description || ''}</textarea>
+
+          <div class="card">
+            <form action="/admin/feeds/${feedId}/edit" method="post">
+              <div class="form-group">
+                <label for="title">Feed Title</label>
+                <input
+                  type="text"
+                  id="title"
+                  name="title"
+                  value="${feedConfig.title}"
+                  required
+                />
+              </div>
+
+              <div class="form-group">
+                <label for="description">Description</label>
+                <textarea id="description" name="description" rows="3">
+${feedConfig.description || ""}</textarea
+                >
+              </div>
+
+              <div class="form-group">
+                <label for="allowed_senders"
+                  >Allowed senders (optional, one email or domain per
+                  line)</label
+                >
+                <textarea
+                  id="allowed_senders"
+                  name="allowed_senders"
+                  rows="3"
+                  placeholder="newsletter@example.com&#10;techmeme.com"
+                >
+${(feedConfig.allowed_senders || []).join("\n")}</textarea
+                >
+                <small
+                  >When set, inbound emails are only accepted from these
+                  senders/domains.</small
+                >
+              </div>
+
+              <input type="hidden" id="language" name="language" value="en" />
+
+              <button type="submit" class="button">Update Feed</button>
+            </form>
           </div>
-          
-          <input type="hidden" id="language" name="language" value="en">
-          
-          <button type="submit" class="button">Update Feed</button>
-        </form>
-      </div>
-    </div>
-  `));
+        </div>
+      `,
+    ),
+  );
 });
 
 // Update feed
-app.post('/feeds/:feedId/edit', async (c) => {
+app.post("/feeds/:feedId/edit", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const feedId = c.req.param('feedId');
-  
+  const feedId = c.req.param("feedId");
+
   try {
     const formData = await c.req.formData();
-    const title = formData.get('title')?.toString() || '';
-    const description = formData.get('description')?.toString();
-    const language = formData.get('language')?.toString() || 'en';
-    
+    const title = formData.get("title")?.toString() || "";
+    const description = formData.get("description")?.toString();
+    const language = formData.get("language")?.toString() || "en";
+    const allowedSenders = parseAllowedSenders(
+      formData.get("allowed_senders")?.toString() || "",
+    );
+
     // Validate inputs
     const parsedData = updateFeedSchema.parse({
       title,
       description,
-      language
+      language,
+      allowedSenders,
     });
-    
+
     // Get existing feed config
     const feedConfigKey = `feed:${feedId}:config`;
-    const existingConfig = await emailStorage.get(feedConfigKey, { type: 'json' }) as FeedConfig | null;
-    
+    const existingConfig = (await emailStorage.get(feedConfigKey, {
+      type: "json",
+    })) as FeedConfig | null;
+
     if (!existingConfig) {
-      return c.text('Feed not found', 404);
+      return c.text("Feed not found", 404);
     }
-    
+
     // Update feed configuration
-    await emailStorage.put(feedConfigKey, JSON.stringify({
-      ...existingConfig,
-      title: parsedData.title,
-      description: parsedData.description,
-      language: parsedData.language,
-      updated_at: Date.now()
-    }));
-    
+    await emailStorage.put(
+      feedConfigKey,
+      JSON.stringify({
+        ...existingConfig,
+        title: parsedData.title,
+        description: parsedData.description,
+        language: parsedData.language,
+        allowed_senders: parsedData.allowedSenders,
+        updated_at: Date.now(),
+      }),
+    );
+
     // Update feed in the list of all feeds
     await updateFeedInList(emailStorage, feedId, parsedData.title);
-    
+
     // Redirect back to admin page
-    return c.redirect('/admin');
+    return c.redirect("/admin");
   } catch (error) {
-    console.error('Error updating feed:', error);
-    return c.text('Error updating feed. Please try again.', 400);
+    console.error("Error updating feed:", error);
+    return c.text("Error updating feed. Please try again.", 400);
   }
 });
 
+async function deleteFeedAndEmails(
+  emailStorage: KVNamespace,
+  feedId: string,
+): Promise<boolean> {
+  const feedMetadataKey = `feed:${feedId}:metadata`;
+  const feedMetadata = (await emailStorage.get(feedMetadataKey, {
+    type: "json",
+  })) as FeedMetadata | null;
+
+  if (!feedMetadata) {
+    return false;
+  }
+
+  for (const email of feedMetadata.emails) {
+    await emailStorage.delete(email.key);
+  }
+
+  await emailStorage.delete(`feed:${feedId}:config`);
+  await emailStorage.delete(feedMetadataKey);
+  await removeFeedFromList(emailStorage, feedId);
+
+  return true;
+}
+
 // Delete feed
-app.post('/feeds/:feedId/delete', async (c) => {
-  // Type assertion for environment variables
+app.post("/feeds/:feedId/delete", async (c) => {
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const feedId = c.req.param('feedId');
-  
+  const feedId = c.req.param("feedId");
+  const view = c.req.query("view") === "table" ? "table" : "list";
+
   try {
-    // Get feed metadata to find all email keys
-    const feedMetadataKey = `feed:${feedId}:metadata`;
-    const feedMetadata = await emailStorage.get(feedMetadataKey, { type: 'json' }) as FeedMetadata | null;
-    
-    if (!feedMetadata) {
-      return c.text('Feed not found', 404);
+    const deleted = await deleteFeedAndEmails(emailStorage, feedId);
+    if (!deleted) {
+      return c.text("Feed not found", 404);
     }
-    
-    // Delete all emails for this feed
-    for (const email of feedMetadata.emails) {
-      await emailStorage.delete(email.key);
-    }
-    
-    // Delete feed configuration and metadata
-    await emailStorage.delete(`feed:${feedId}:config`);
-    await emailStorage.delete(feedMetadataKey);
-    
-    // Remove feed from the list of all feeds
-    await removeFeedFromList(emailStorage, feedId);
-    
-    // Redirect back to admin page
-    return c.redirect('/admin');
+    return c.redirect(`/admin?view=${view}`);
   } catch (error) {
-    console.error('Error deleting feed:', error);
-    return c.text('Error deleting feed. Please try again.', 400);
+    console.error("Error deleting feed:", error);
+    return c.text("Error deleting feed. Please try again.", 400);
+  }
+});
+
+// Bulk delete feeds selected in the dashboard
+app.post("/feeds/bulk-delete", async (c) => {
+  const env = c.env as unknown as Env;
+  const emailStorage = env.EMAIL_STORAGE;
+
+  try {
+    const formData = await c.req.formData();
+    const view = formData.get("view")?.toString() === "table" ? "table" : "list";
+    const redirectBase = `/admin?view=${view}`;
+    const rawIds = formData.getAll("feedIds").map((value) => value.toString());
+    const feedIds = Array.from(new Set(rawIds.filter(Boolean)));
+
+    if (feedIds.length === 0) {
+      return c.redirect(`${redirectBase}&message=bulkDeleteNoop`);
+    }
+
+    let deletedCount = 0;
+    for (const feedId of feedIds) {
+      const deleted = await deleteFeedAndEmails(emailStorage, feedId);
+      if (deleted) {
+        deletedCount += 1;
+      }
+    }
+
+    return c.redirect(`${redirectBase}&message=bulkDeleted&count=${deletedCount}`);
+  } catch (error) {
+    console.error("Error bulk deleting feeds:", error);
+    return c.text("Error bulk deleting feeds. Please try again.", 400);
   }
 });
 
 // View all emails for a feed
-app.get('/feeds/:feedId/emails', async (c) => {
+app.get("/feeds/:feedId/emails", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const feedId = c.req.param('feedId');
-  
+  const feedId = c.req.param("feedId");
+  const message = c.req.query("message");
+  const count = Number(c.req.query("count") || "0");
+
   // Get feed configuration and metadata
   const feedConfigKey = `feed:${feedId}:config`;
   const feedMetadataKey = `feed:${feedId}:metadata`;
-  
-  const feedConfig = await emailStorage.get(feedConfigKey, { type: 'json' }) as FeedConfig | null;
-  const feedMetadata = await emailStorage.get(feedMetadataKey, { type: 'json' }) as FeedMetadata | null;
-  
+
+  const feedConfig = (await emailStorage.get(feedConfigKey, {
+    type: "json",
+  })) as FeedConfig | null;
+  const feedMetadata = (await emailStorage.get(feedMetadataKey, {
+    type: "json",
+  })) as FeedMetadata | null;
+
   if (!feedConfig || !feedMetadata) {
-    return c.text('Feed not found', 404);
+    return c.text("Feed not found", 404);
   }
-  
-  return c.html(layout(`${feedConfig.title} - Emails`, html`
-    <div class="container fade-in">
-      <div class="header-with-actions">
-        <div class="header-title">
-          <h1>${feedConfig.title} - Emails</h1>
-        </div>
-        <div class="header-actions">
-          <a href="/admin" class="button button-secondary button-back">Back to Dashboard</a>
-        </div>
-      </div>
-      
-      <div class="card">
-        <h2>Feed Details</h2>
-        <div>
-          <div class="copyable">
-            <span class="copyable-label">Email Address:</span>
-            <div class="copyable-content">
-              <span class="copyable-value" data-copy="${feedId}@${env.DOMAIN}">${feedId}@${env.DOMAIN}</span>
-              <div class="copy-icon-container">
-                <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                  <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                  <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                </svg>
-                <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                  <path d="M20 6L9 17l-5-5"></path>
-                </svg>
-              </div>
-            </div>
-          </div>
-          <div class="copyable">
-            <span class="copyable-label">RSS Feed:</span>
-            <div class="copyable-content">
-              <span class="copyable-value" data-copy="https://${env.DOMAIN}/rss/${feedId}">https://${env.DOMAIN}/rss/${feedId}</span>
-              <div class="copy-icon-container">
-                <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                  <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                  <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                </svg>
-                <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                  <path d="M20 6L9 17l-5-5"></path>
-                </svg>
+
+  return c.html(
+    layout(
+      `${feedConfig.title} - Emails`,
+      html`
+        <div class="container fade-in">
+          <div class="header-with-actions">
+            <div class="header-title">
+              <h1>${feedConfig.title} - Emails</h1>
+            </div>
+            <div class="header-actions">
+              <a href="/admin" class="button button-secondary button-back"
+                >Back to Dashboard</a
+              >
+            </div>
+          </div>
+
+          <div class="card">
+            <h2>Feed Details</h2>
+            <div>
+              <div class="copyable">
+                <span class="copyable-label">Email Address:</span>
+                <div class="copyable-content">
+                  <span
+                    class="copyable-value"
+                    data-copy="${feedId}@${env.DOMAIN}"
+                    >${feedId}@${env.DOMAIN}</span
+                  >
+                  <div class="copy-icon-container">
+                    <svg
+                      class="copy-icon copy-icon-original"
+                      width="16"
+                      height="16"
+                      viewBox="0 0 24 24"
+                      fill="none"
+                      stroke="currentColor"
+                      stroke-width="2"
+                      stroke-linecap="round"
+                      stroke-linejoin="round"
+                    >
+                      <rect
+                        x="9"
+                        y="9"
+                        width="13"
+                        height="13"
+                        rx="2"
+                        ry="2"
+                      ></rect>
+                      <path
+                        d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                      ></path>
+                    </svg>
+                    <svg
+                      class="copy-icon copy-icon-success"
+                      width="16"
+                      height="16"
+                      viewBox="0 0 24 24"
+                      fill="none"
+                      stroke="currentColor"
+                      stroke-width="2"
+                      stroke-linecap="round"
+                      stroke-linejoin="round"
+                    >
+                      <path d="M20 6L9 17l-5-5"></path>
+                    </svg>
+                  </div>
+                </div>
+              </div>
+              <div class="copyable">
+                <span class="copyable-label">RSS Feed:</span>
+                <div class="copyable-content">
+                  <span
+                    class="copyable-value"
+                    data-copy="https://${env.DOMAIN}/rss/${feedId}"
+                    >https://${env.DOMAIN}/rss/${feedId}</span
+                  >
+                  <div class="copy-icon-container">
+                    <svg
+                      class="copy-icon copy-icon-original"
+                      width="16"
+                      height="16"
+                      viewBox="0 0 24 24"
+                      fill="none"
+                      stroke="currentColor"
+                      stroke-width="2"
+                      stroke-linecap="round"
+                      stroke-linejoin="round"
+                    >
+                      <rect
+                        x="9"
+                        y="9"
+                        width="13"
+                        height="13"
+                        rx="2"
+                        ry="2"
+                      ></rect>
+                      <path
+                        d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                      ></path>
+                    </svg>
+                    <svg
+                      class="copy-icon copy-icon-success"
+                      width="16"
+                      height="16"
+                      viewBox="0 0 24 24"
+                      fill="none"
+                      stroke="currentColor"
+                      stroke-width="2"
+                      stroke-linecap="round"
+                      stroke-linejoin="round"
+                    >
+                      <path d="M20 6L9 17l-5-5"></path>
+                    </svg>
+                  </div>
+                </div>
               </div>
             </div>
           </div>
+
+          <h2>Emails (${feedMetadata.emails.length})</h2>
+
+          ${message === "bulkDeleted"
+            ? html`<div class="card">
+                <p>Deleted ${Number.isFinite(count) ? count : 0} email(s).</p>
+              </div>`
+            : ""}
+          ${message === "bulkDeleteNoop"
+            ? html`<div class="card"><p>No emails were selected.</p></div>`
+            : ""}
+          ${feedMetadata.emails.length > 0
+            ? html`
+                <div class="toolbar">
+                  <div class="toolbar-group toolbar-group-fill">
+                    <input
+                      type="search"
+                      id="email-search"
+                      class="search"
+                      placeholder="Search email subjects"
+                      oninput="filterEmailRows()"
+                    />
+                  <button
+                    type="button"
+                    class="button button-small"
+                    onclick="setVisibleEmailSelection(true)"
+                  >
+                    Select Visible
+                  </button>
+                  <button
+                    type="button"
+                    class="button button-small"
+                    onclick="setVisibleEmailSelection(false)"
+                  >
+                    Clear Visible
+                  </button>
+                    <span class="pill" id="selected-email-count">0 selected</span>
+                  </div>
+                </div>
+
+                <form
+                  action="/admin/feeds/${feedId}/emails/bulk-delete"
+                  method="post"
+                  onsubmit="return confirmBulkEmailDelete()"
+                >
+                  <div class="table-wrap">
+                    <table class="table table-emails">
+                      <thead>
+                        <tr>
+                          <th>
+                            <input
+                              type="checkbox"
+                              id="select-all-emails"
+                              onchange="toggleAllEmails(this.checked)"
+                            />
+                          </th>
+                          <th>Subject</th>
+                          <th>Received</th>
+                          <th>Actions</th>
+                        </tr>
+                      </thead>
+                      <tbody>
+                        ${feedMetadata.emails.map(
+                          (email: EmailMetadata) => html`
+                            <tr
+                              class="email-row"
+                              data-search="${email.subject.toLowerCase()}"
+                            >
+                              <td>
+                                <input
+                                  type="checkbox"
+                                  class="email-select"
+                                  name="emailKeys"
+                                  value="${email.key}"
+                                  onchange="updateEmailSelectionState()"
+                                />
+                              </td>
+                              <td>${email.subject}</td>
+                              <td>
+                                ${new Date(email.receivedAt).toLocaleString()}
+                              </td>
+                              <td>
+                                <div class="row-actions">
+                                  <a
+                                    href="/admin/emails/${email.key}"
+                                    class="button button-small"
+                                    >View</a
+                                  >
+                                  <button
+                                    type="button"
+                                    onclick="confirmDeleteEmail('${email.key}', '${feedId}')"
+                                    class="button button-small button-danger"
+                                  >
+                                    Delete
+                                  </button>
+                                </div>
+                              </td>
+                            </tr>
+                          `,
+                        )}
+                      </tbody>
+                    </table>
+                  </div>
+                  <div class="actions-row">
+                    <button
+                      id="bulk-delete-emails-button"
+                      type="submit"
+                      class="button button-danger"
+                      disabled
+                    >
+                      Delete Selected Emails
+                    </button>
+                  </div>
+                </form>
+              `
+            : html`<div class="card">
+                <p>
+                  No emails received yet. Subscribe to newsletters using the
+                  email address above.
+                </p>
+              </div>`}
         </div>
-      </div>
-      
-      <h2>Emails (${feedMetadata.emails.length})</h2>
-      
-      ${feedMetadata.emails.length > 0 ? 
-        html`<ul class="email-list">
-          ${feedMetadata.emails.map((email: EmailMetadata, index: number) => html`
-            <li class="email-item card">
-              <h3>${email.subject}</h3>
-              <p>Received: ${new Date(email.receivedAt).toLocaleString()}</p>
-              <div style="display: flex; gap: var(--spacing-sm); margin-top: var(--spacing-md);">
-                <a href="/admin/emails/${email.key}" class="button button-small">View Content</a>
-                <button onclick="confirmDeleteEmail('${email.key}', '${feedId}')" class="button button-small button-danger">Delete</button>
-              </div>
-            </li>
-          `)}
-        </ul>` : 
-        html`<div class="card">
-          <p>No emails received yet. Subscribe to newsletters using the email address above.</p>
-        </div>`
-      }
-    </div>
-    
-    <script>
-      ${raw(`
+
+        <script>
+          ${raw(`
         function confirmDeleteEmail(emailKey, feedId) {
           if (confirm('Are you sure you want to delete this email? This action cannot be undone.')) {
             const form = document.createElement('form');
@@ -688,29 +1369,94 @@ app.get('/feeds/:feedId/emails', async (c) => {
             form.submit();
           }
         }
-      `)}
-    </script>
-  `));
+
+        function updateEmailSelectionState() {
+          const checkboxes = Array.from(document.querySelectorAll('.email-select'));
+          const selected = checkboxes.filter((checkbox) => checkbox.checked);
+          const selectedCount = document.getElementById('selected-email-count');
+          const bulkDeleteButton = document.getElementById('bulk-delete-emails-button');
+          const selectAll = document.getElementById('select-all-emails');
+
+          if (selectedCount) {
+            selectedCount.textContent = selected.length + ' selected';
+          }
+          if (bulkDeleteButton) {
+            bulkDeleteButton.disabled = selected.length === 0;
+          }
+          if (selectAll) {
+            const visibleCheckboxes = checkboxes.filter((checkbox) => checkbox.closest('tr')?.style.display !== 'none');
+            selectAll.checked = visibleCheckboxes.length > 0 && visibleCheckboxes.every((checkbox) => checkbox.checked);
+          }
+        }
+
+        function toggleAllEmails(checked) {
+          const checkboxes = document.querySelectorAll('.email-select');
+          checkboxes.forEach((checkbox) => {
+            if (checkbox.closest('tr')?.style.display !== 'none') {
+              checkbox.checked = checked;
+            }
+          });
+          updateEmailSelectionState();
+        }
+
+        function setVisibleEmailSelection(checked) {
+          const checkboxes = document.querySelectorAll('.email-select');
+          checkboxes.forEach((checkbox) => {
+            if (checkbox.closest('tr')?.style.display !== 'none') {
+              checkbox.checked = checked;
+            }
+          });
+          updateEmailSelectionState();
+        }
+
+        function filterEmailRows() {
+          const query = (document.getElementById('email-search')?.value || '').toLowerCase().trim();
+          const rows = document.querySelectorAll('.email-row');
+          rows.forEach((row) => {
+            const haystack = row.getAttribute('data-search') || '';
+            row.style.display = !query || haystack.includes(query) ? '' : 'none';
+          });
+          updateEmailSelectionState();
+        }
+
+        function confirmBulkEmailDelete() {
+          const selected = document.querySelectorAll('.email-select:checked').length;
+          if (selected === 0) {
+            return false;
+          }
+          return confirm('Delete ' + selected + ' selected email(s)?');
+        }
+
+        document.addEventListener('DOMContentLoaded', () => {
+          updateEmailSelectionState();
+        });
+      `)};
+        </script>
+      `,
+    ),
+  );
 });
 
 // View email content
-app.get('/emails/:emailKey', async (c) => {
+app.get("/emails/:emailKey", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const emailKey = c.req.param('emailKey');
-  
+  const emailKey = c.req.param("emailKey");
+
   // Get email data
-  const emailData = await emailStorage.get(emailKey, { type: 'json' }) as EmailData | null;
-  
+  const emailData = (await emailStorage.get(emailKey, {
+    type: "json",
+  })) as EmailData | null;
+
   if (!emailData) {
-    return c.text('Email not found', 404);
+    return c.text("Email not found", 404);
   }
-  
+
   // Extract feed ID from the key format (feed:ID:emails:timestamp)
-  const keyParts = emailKey.split(':');
+  const keyParts = emailKey.split(":");
   const feedId = keyParts[1];
-  
+
   // Create a sanitized HTML content with CSS for the iframe
   const htmlContent = `
     <!DOCTYPE html>
@@ -752,7 +1498,7 @@ app.get('/emails/:emailKey', async (c) => {
       </body>
     </html>
   `;
-  
+
   // Properly encode the HTML content to handle Unicode characters
   const encodedHtmlContent = (() => {
     // Convert the string to UTF-8
@@ -761,102 +1507,254 @@ app.get('/emails/:emailKey', async (c) => {
     // Convert bytes to base64
     return btoa(String.fromCharCode(...new Uint8Array(bytes)));
   })();
-  
-  return c.html(layout(`Email: ${emailData.subject}`, html`
-    <div class="container fade-in">
-      <div class="header-with-actions">
-        <div class="header-title">
-          <h1>Email Content</h1>
-        </div>
-        <div class="header-actions">
-          <a href="/admin/feeds/${feedId}/emails" class="button button-secondary button-back">Back to Emails</a>
-        </div>
-      </div>
-      
-      <div class="card">
-        <div class="email-meta">
-          <div class="email-metadata-grid">
-            <div class="copyable">
-              <span class="copyable-label">Subject:</span>
-              <div class="copyable-content">
-                <span class="copyable-value" data-copy="${emailData.subject}">${emailData.subject}</span>
-                <div class="copy-icon-container">
-                  <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                    <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                  </svg>
-                  <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <path d="M20 6L9 17l-5-5"></path>
-                  </svg>
+
+  return c.html(
+    layout(
+      `Email: ${emailData.subject}`,
+      html`
+        <div class="container fade-in">
+          <div class="header-with-actions">
+            <div class="header-title">
+              <h1>Email Content</h1>
+            </div>
+            <div class="header-actions">
+              <a
+                href="/admin/feeds/${feedId}/emails"
+                class="button button-secondary button-back"
+                >Back to Emails</a
+              >
+            </div>
+          </div>
+
+          <div class="card">
+            <div class="email-meta">
+              <div class="email-metadata-grid">
+                <div class="copyable">
+                  <span class="copyable-label">Subject:</span>
+                  <div class="copyable-content">
+                    <span
+                      class="copyable-value"
+                      data-copy="${emailData.subject}"
+                      >${emailData.subject}</span
+                    >
+                    <div class="copy-icon-container">
+                      <svg
+                        class="copy-icon copy-icon-original"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <rect
+                          x="9"
+                          y="9"
+                          width="13"
+                          height="13"
+                          rx="2"
+                          ry="2"
+                        ></rect>
+                        <path
+                          d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                        ></path>
+                      </svg>
+                      <svg
+                        class="copy-icon copy-icon-success"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <path d="M20 6L9 17l-5-5"></path>
+                      </svg>
+                    </div>
+                  </div>
+                </div>
+                <div class="copyable">
+                  <span class="copyable-label">Received:</span>
+                  <div class="copyable-content">
+                    <span
+                      class="copyable-value"
+                      data-copy="${new Date(
+                        emailData.receivedAt,
+                      ).toLocaleString()}"
+                      >${new Date(emailData.receivedAt).toLocaleString()}</span
+                    >
+                    <div class="copy-icon-container">
+                      <svg
+                        class="copy-icon copy-icon-original"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <rect
+                          x="9"
+                          y="9"
+                          width="13"
+                          height="13"
+                          rx="2"
+                          ry="2"
+                        ></rect>
+                        <path
+                          d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                        ></path>
+                      </svg>
+                      <svg
+                        class="copy-icon copy-icon-success"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <path d="M20 6L9 17l-5-5"></path>
+                      </svg>
+                    </div>
+                  </div>
+                </div>
+                <div class="copyable">
+                  <span class="copyable-label">From:</span>
+                  <div class="copyable-content">
+                    <span class="copyable-value" data-copy="${emailData.from}"
+                      >${emailData.from}</span
+                    >
+                    <div class="copy-icon-container">
+                      <svg
+                        class="copy-icon copy-icon-original"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <rect
+                          x="9"
+                          y="9"
+                          width="13"
+                          height="13"
+                          rx="2"
+                          ry="2"
+                        ></rect>
+                        <path
+                          d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                        ></path>
+                      </svg>
+                      <svg
+                        class="copy-icon copy-icon-success"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <path d="M20 6L9 17l-5-5"></path>
+                      </svg>
+                    </div>
+                  </div>
+                </div>
+                <div class="copyable">
+                  <span class="copyable-label">To:</span>
+                  <div class="copyable-content">
+                    <span
+                      class="copyable-value"
+                      data-copy="${feedId}@${env.DOMAIN}"
+                      >${feedId}@${env.DOMAIN}</span
+                    >
+                    <div class="copy-icon-container">
+                      <svg
+                        class="copy-icon copy-icon-original"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <rect
+                          x="9"
+                          y="9"
+                          width="13"
+                          height="13"
+                          rx="2"
+                          ry="2"
+                        ></rect>
+                        <path
+                          d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"
+                        ></path>
+                      </svg>
+                      <svg
+                        class="copy-icon copy-icon-success"
+                        width="16"
+                        height="16"
+                        viewBox="0 0 24 24"
+                        fill="none"
+                        stroke="currentColor"
+                        stroke-width="2"
+                        stroke-linecap="round"
+                        stroke-linejoin="round"
+                      >
+                        <path d="M20 6L9 17l-5-5"></path>
+                      </svg>
+                    </div>
+                  </div>
                 </div>
               </div>
             </div>
-            <div class="copyable">
-              <span class="copyable-label">Received:</span>
-              <div class="copyable-content">
-                <span class="copyable-value" data-copy="${new Date(emailData.receivedAt).toLocaleString()}">${new Date(emailData.receivedAt).toLocaleString()}</span>
-                <div class="copy-icon-container">
-                  <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                    <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                  </svg>
-                  <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <path d="M20 6L9 17l-5-5"></path>
-                  </svg>
-                </div>
-              </div>
+
+            <div class="toggle-view">
+              <button
+                id="rendered-button"
+                class="toggle-button active"
+                onclick="showRendered()"
+              >
+                Rendered View
+              </button>
+              <button id="raw-button" class="toggle-button" onclick="showRaw()">
+                Raw HTML
+              </button>
             </div>
-            <div class="copyable">
-              <span class="copyable-label">From:</span>
-              <div class="copyable-content">
-                <span class="copyable-value" data-copy="${emailData.from}">${emailData.from}</span>
-                <div class="copy-icon-container">
-                  <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                    <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                  </svg>
-                  <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <path d="M20 6L9 17l-5-5"></path>
-                  </svg>
-                </div>
+
+            <div class="email-content">
+              <div id="rendered-view" class="email-iframe-container">
+                <iframe
+                  class="email-iframe"
+                  src="data:text/html;base64,${encodedHtmlContent}"
+                ></iframe>
               </div>
-            </div>
-            <div class="copyable">
-              <span class="copyable-label">To:</span>
-              <div class="copyable-content">
-                <span class="copyable-value" data-copy="${feedId}@${env.DOMAIN}">${feedId}@${env.DOMAIN}</span>
-                <div class="copy-icon-container">
-                  <svg class="copy-icon copy-icon-original" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
-                    <path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
-                  </svg>
-                  <svg class="copy-icon copy-icon-success" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-                    <path d="M20 6L9 17l-5-5"></path>
-                  </svg>
-                </div>
+              <div id="raw-view" class="email-raw" style="display: none;">
+                <pre>
+${emailData.content.replace(/</g, "&lt;").replace(/>/g, "&gt;")}</pre
+                >
               </div>
             </div>
           </div>
         </div>
-        
-        <div class="toggle-view">
-          <button id="rendered-button" class="toggle-button active" onclick="showRendered()">Rendered View</button>
-          <button id="raw-button" class="toggle-button" onclick="showRaw()">Raw HTML</button>
-        </div>
-        
-        <div class="email-content">
-          <div id="rendered-view" class="email-iframe-container">
-            <iframe class="email-iframe" src="data:text/html;base64,${encodedHtmlContent}"></iframe>
-          </div>
-          <div id="raw-view" class="email-raw" style="display: none;">
-            <pre>${emailData.content.replace(/</g, '&lt;').replace(/>/g, '&gt;')}</pre>
-          </div>
-        </div>
-      </div>
-    </div>
-    
-    <script>
-      ${raw(`
+
+        <script>
+          ${raw(`
         function showRendered() {
           document.getElementById('rendered-view').style.display = 'block';
           document.getElementById('raw-view').style.display = 'none';
@@ -892,160 +1790,242 @@ app.get('/emails/:emailKey', async (c) => {
             }
           }
         });
-      `)}
-    </script>
-  `));
+      `)};
+        </script>
+      `,
+    ),
+  );
 });
 
 // Delete email
-app.post('/emails/:emailKey/delete', async (c) => {
+app.post("/emails/:emailKey/delete", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const emailKey = c.req.param('emailKey');
-  
+  const emailKey = c.req.param("emailKey");
+
   try {
     // Get feedId from query parameters instead of form data
-    const feedId = c.req.query('feedId');
-    
+    const feedId = c.req.query("feedId");
+
     if (!feedId) {
-      return c.text('Feed ID is required', 400);
+      return c.text("Feed ID is required", 400);
     }
-    
+
     // Delete the email
     await emailStorage.delete(emailKey);
-    
+
     // Remove the email from the feed metadata
     const feedMetadataKey = `feed:${feedId}:metadata`;
-    const feedMetadata = await emailStorage.get(feedMetadataKey, { type: 'json' }) as FeedMetadata | null;
-    
+    const feedMetadata = (await emailStorage.get(feedMetadataKey, {
+      type: "json",
+    })) as FeedMetadata | null;
+
     if (feedMetadata) {
       // Filter out the deleted email
-      feedMetadata.emails = feedMetadata.emails.filter(email => email.key !== emailKey);
-      
+      feedMetadata.emails = feedMetadata.emails.filter(
+        (email) => email.key !== emailKey,
+      );
+
       // Update feed metadata
       await emailStorage.put(feedMetadataKey, JSON.stringify(feedMetadata));
     }
-    
+
     // Redirect back to the feed emails page
     return c.redirect(`/admin/feeds/${feedId}/emails`);
   } catch (error) {
-    console.error('Error deleting email:', error);
-    return c.text('Error deleting email. Please try again.', 400);
+    console.error("Error deleting email:", error);
+    return c.text("Error deleting email. Please try again.", 400);
+  }
+});
+
+// Bulk delete selected emails from a feed
+app.post("/feeds/:feedId/emails/bulk-delete", async (c) => {
+  const env = c.env as unknown as Env;
+  const emailStorage = env.EMAIL_STORAGE;
+  const feedId = c.req.param("feedId");
+
+  try {
+    const formData = await c.req.formData();
+    const rawEmailKeys = formData
+      .getAll("emailKeys")
+      .map((value) => value.toString());
+    const emailKeys = Array.from(new Set(rawEmailKeys.filter(Boolean)));
+
+    if (emailKeys.length === 0) {
+      return c.redirect(`/admin/feeds/${feedId}/emails?message=bulkDeleteNoop`);
+    }
+
+    const feedMetadataKey = `feed:${feedId}:metadata`;
+    const feedMetadata = (await emailStorage.get(feedMetadataKey, {
+      type: "json",
+    })) as FeedMetadata | null;
+    if (!feedMetadata) {
+      return c.text("Feed not found", 404);
+    }
+
+    const allowedKeys = new Set(feedMetadata.emails.map((email) => email.key));
+    let deletedCount = 0;
+
+    for (const emailKey of emailKeys) {
+      if (!allowedKeys.has(emailKey)) {
+        continue;
+      }
+      await emailStorage.delete(emailKey);
+      deletedCount += 1;
+    }
+
+    feedMetadata.emails = feedMetadata.emails.filter(
+      (email) => !emailKeys.includes(email.key),
+    );
+    await emailStorage.put(feedMetadataKey, JSON.stringify(feedMetadata));
+
+    return c.redirect(
+      `/admin/feeds/${feedId}/emails?message=bulkDeleted&count=${deletedCount}`,
+    );
+  } catch (error) {
+    console.error("Error bulk deleting emails:", error);
+    return c.text("Error bulk deleting emails. Please try again.", 400);
   }
 });
 
 // Helper function to list all feeds
-async function listAllFeeds(emailStorage: KVNamespace): Promise<FeedListItem[]> {
+async function listAllFeeds(
+  emailStorage: KVNamespace,
+): Promise<FeedListItem[]> {
   try {
-    const feedListKey = 'feeds:list';
-    const feedList = await emailStorage.get(feedListKey, { type: 'json' }) as FeedList | null;
+    const feedListKey = "feeds:list";
+    const feedList = (await emailStorage.get(feedListKey, {
+      type: "json",
+    })) as FeedList | null;
     return feedList?.feeds || [];
   } catch (error) {
-    console.error('Error listing feeds:', error);
+    console.error("Error listing feeds:", error);
     return [];
   }
 }
 
 // Helper function to add a feed to the list of all feeds
-async function addFeedToList(emailStorage: KVNamespace, feedId: string, title: string): Promise<void> {
+async function addFeedToList(
+  emailStorage: KVNamespace,
+  feedId: string,
+  title: string,
+): Promise<void> {
   try {
-    const feedListKey = 'feeds:list';
-    const feedList = await emailStorage.get(feedListKey, { type: 'json' }) as FeedList | null || { feeds: [] };
-    
+    const feedListKey = "feeds:list";
+    const feedList = ((await emailStorage.get(feedListKey, {
+      type: "json",
+    })) as FeedList | null) || { feeds: [] };
+
     // Add new feed to the list
     feedList.feeds.push({
       id: feedId,
-      title
+      title,
     });
-    
+
     // Store updated list
     await emailStorage.put(feedListKey, JSON.stringify(feedList));
   } catch (error) {
-    console.error('Error adding feed to list:', error);
+    console.error("Error adding feed to list:", error);
   }
 }
 
 // Helper function to update a feed in the list of all feeds
-async function updateFeedInList(emailStorage: KVNamespace, feedId: string, title: string): Promise<void> {
+async function updateFeedInList(
+  emailStorage: KVNamespace,
+  feedId: string,
+  title: string,
+): Promise<void> {
   try {
-    const feedListKey = 'feeds:list';
-    const feedList = await emailStorage.get(feedListKey, { type: 'json' }) as FeedList | null || { feeds: [] };
-    
+    const feedListKey = "feeds:list";
+    const feedList = ((await emailStorage.get(feedListKey, {
+      type: "json",
+    })) as FeedList | null) || { feeds: [] };
+
     // Find and update the feed in the list
-    const feedIndex = feedList.feeds.findIndex(feed => feed.id === feedId);
+    const feedIndex = feedList.feeds.findIndex((feed) => feed.id === feedId);
     if (feedIndex !== -1) {
       feedList.feeds[feedIndex].title = title;
-      
+
       // Store updated list
       await emailStorage.put(feedListKey, JSON.stringify(feedList));
     }
   } catch (error) {
-    console.error('Error updating feed in list:', error);
+    console.error("Error updating feed in list:", error);
   }
 }
 
 // Helper function to remove a feed from the list of all feeds
-async function removeFeedFromList(emailStorage: KVNamespace, feedId: string): Promise<void> {
+async function removeFeedFromList(
+  emailStorage: KVNamespace,
+  feedId: string,
+): Promise<void> {
   try {
-    const feedListKey = 'feeds:list';
-    const feedList = await emailStorage.get(feedListKey, { type: 'json' }) as FeedList | null || { feeds: [] };
-    
+    const feedListKey = "feeds:list";
+    const feedList = ((await emailStorage.get(feedListKey, {
+      type: "json",
+    })) as FeedList | null) || { feeds: [] };
+
     // Filter out the removed feed
-    feedList.feeds = feedList.feeds.filter(feed => feed.id !== feedId);
-    
+    feedList.feeds = feedList.feeds.filter((feed) => feed.id !== feedId);
+
     // Store updated list
     await emailStorage.put(feedListKey, JSON.stringify(feedList));
   } catch (error) {
-    console.error('Error removing feed from list:', error);
+    console.error("Error removing feed from list:", error);
   }
 }
 
 // Update feed via API (for in-place editing)
-app.post('/api/feeds/:feedId/update', async (c) => {
+app.post("/api/feeds/:feedId/update", async (c) => {
   // Type assertion for environment variables
   const env = c.env as unknown as Env;
   const emailStorage = env.EMAIL_STORAGE;
-  const feedId = c.req.param('feedId');
-  
+  const feedId = c.req.param("feedId");
+
   try {
     // Parse JSON data from request
     const data = await c.req.json();
     const { title, description } = data;
-    
+
     // Validate inputs
     const parsedData = updateFeedSchema.parse({
       title,
       description,
-      language: 'en' // We're defaulting to English
+      language: "en", // We're defaulting to English
     });
-    
+
     // Get existing feed config
     const feedConfigKey = `feed:${feedId}:config`;
-    const existingConfig = await emailStorage.get(feedConfigKey, { type: 'json' }) as FeedConfig | null;
-    
+    const existingConfig = (await emailStorage.get(feedConfigKey, {
+      type: "json",
+    })) as FeedConfig | null;
+
     if (!existingConfig) {
-      return c.json({ error: 'Feed not found' }, 404);
+      return c.json({ error: "Feed not found" }, 404);
     }
-    
+
     // Update feed configuration
-    await emailStorage.put(feedConfigKey, JSON.stringify({
-      ...existingConfig,
-      title: parsedData.title,
-      description: parsedData.description,
-      updated_at: Date.now()
-    }));
-    
+    await emailStorage.put(
+      feedConfigKey,
+      JSON.stringify({
+        ...existingConfig,
+        title: parsedData.title,
+        description: parsedData.description,
+        updated_at: Date.now(),
+      }),
+    );
+
     // Update feed in the list of all feeds
     await updateFeedInList(emailStorage, feedId, parsedData.title);
-    
+
     // Return success response
     return c.json({ success: true });
   } catch (error) {
-    console.error('Error updating feed via API:', error);
-    return c.json({ error: 'Error updating feed' }, 400);
+    console.error("Error updating feed via API:", error);
+    return c.json({ error: "Error updating feed" }, 400);
   }
 });
 
 // Export the Hono app
-export const handle = app; 
+export const handle = app;
diff --git a/src/routes/inbound.ts b/src/routes/inbound.ts
index 6b59c68..7461799 100644
--- a/src/routes/inbound.ts
+++ b/src/routes/inbound.ts
@@ -1,26 +1,72 @@
-import { Context } from 'hono';
-import { EmailParser } from '../utils/email-parser';
-import { Env, FeedMetadata } from '../types';
+import { Context } from "hono";
+import { EmailParser } from "../utils/email-parser";
+import { Env, FeedConfig, FeedMetadata } from "../types";
 
 // Interface for ForwardEmail.net webhook payload
 interface ForwardEmailPayload {
   recipients?: string[];
   from?: {
-    value?: Array<{address?: string; name?: string}>;
+    value?: Array<{ address?: string; name?: string }>;
     text?: string;
     html?: string;
   };
-  subject?: string; 
+  subject?: string;
   text?: string;
   html?: string;
   date?: string;
   messageId?: string;
-  headerLines?: Array<{key: string; line: string}>;
+  headerLines?: Array<{ key: string; line: string }>;
   headers?: string;
   raw?: string;
   attachments?: Array<any>;
 }
 
+function normalizeEmail(value: string): string {
+  return value.trim().toLowerCase();
+}
+
+function extractIncomingSenderAddresses(
+  payload: ForwardEmailPayload,
+): string[] {
+  const valueEntries = payload.from?.value || [];
+  const structuredAddresses = valueEntries
+    .map((entry) => entry.address || "")
+    .map(normalizeEmail)
+    .filter(Boolean);
+
+  if (structuredAddresses.length > 0) {
+    return Array.from(new Set(structuredAddresses));
+  }
+
+  // Fallback parser for plain text like "Name <sender@example.com>"
+  const fromText = payload.from?.text || "";
+  const matches =
+    fromText.match(/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/gi) || [];
+  return Array.from(new Set(matches.map(normalizeEmail)));
+}
+
+function senderMatchesAllowlist(
+  sender: string,
+  allowedSender: string,
+): boolean {
+  const normalizedSender = normalizeEmail(sender);
+  const normalizedAllowed = normalizeEmail(allowedSender);
+
+  if (!normalizedAllowed) {
+    return false;
+  }
+
+  if (normalizedAllowed.includes("@")) {
+    return normalizedSender === normalizedAllowed;
+  }
+
+  const senderDomain = normalizedSender.split("@")[1] || "";
+  const normalizedDomain = normalizedAllowed.startsWith("@")
+    ? normalizedAllowed.slice(1)
+    : normalizedAllowed;
+  return senderDomain === normalizedDomain;
+}
+
 /**
  * Handle incoming emails from ForwardEmail.net webhook
  */
@@ -28,63 +74,96 @@ export async function handle(c: Context): Promise<Response> {
   try {
     // Type assertion for environment variables
     const env = c.env as unknown as Env;
-    
+
     // Parse the incoming JSON payload
     const payload: ForwardEmailPayload = await c.req.json();
-    
+
     // Log basic information about the incoming email
     console.log("Received email:", {
       to: payload.recipients?.[0],
-      from: payload.from?.text || 'Unknown',
+      from: payload.from?.text || "Unknown",
       subject: payload.subject,
-      contentType: payload.html ? 'HTML' : 'Text'
+      contentType: payload.html ? "HTML" : "Text",
     });
-    
+
     // Extract feed ID from email address (e.g., apple.mountain.42@domain.com -> apple.mountain.42)
-    const toAddress = payload.recipients?.[0] || '';
+    const toAddress = payload.recipients?.[0] || "";
     const feedId = EmailParser.extractFeedId(toAddress);
-    
+
     if (!feedId) {
       console.error(`Invalid email address format: ${toAddress}`);
-      return new Response('Invalid email address format', { status: 400 });
+      return new Response("Invalid email address format", { status: 400 });
     }
-    
+
     // Check if the feed exists by looking up the feed configuration
     const feedConfigKey = `feed:${feedId}:config`;
-    const feedConfig = await env.EMAIL_STORAGE.get(feedConfigKey, 'json');
-    
+    const feedConfig = (await env.EMAIL_STORAGE.get(
+      feedConfigKey,
+      "json",
+    )) as FeedConfig | null;
+
     if (!feedConfig) {
-      console.error(`Feed with ID ${feedId} does not exist or has been deleted`);
-      return new Response('Feed does not exist', { status: 404 });
+      console.error(
+        `Feed with ID ${feedId} does not exist or has been deleted`,
+      );
+      return new Response("Feed does not exist", { status: 404 });
     }
-    
+
+    const allowedSenders = (feedConfig.allowed_senders || [])
+      .map(normalizeEmail)
+      .filter(Boolean);
+    if (allowedSenders.length > 0) {
+      const incomingSenders = extractIncomingSenderAddresses(payload);
+      const senderAllowed = incomingSenders.some((sender) =>
+        allowedSenders.some((allowedSender) =>
+          senderMatchesAllowlist(sender, allowedSender),
+        ),
+      );
+
+      if (!senderAllowed) {
+        console.warn(
+          `Rejected email for feed ${feedId}; sender not in allowlist`,
+          {
+            incomingSenders,
+            allowedSenders,
+          },
+        );
+        return new Response("Sender not allowed for this feed", {
+          status: 403,
+        });
+      }
+    }
+
     // Parse the email using our simplified parser
     const emailData = EmailParser.parseForwardEmailPayload(payload);
-    
+
     // Generate a unique key for this email in KV storage
     const emailKey = `feed:${feedId}:${Date.now()}`;
-    
+
     // Store the email data in KV
     await env.EMAIL_STORAGE.put(emailKey, JSON.stringify(emailData));
-    
+
     // Get existing feed metadata
     const feedMetadataKey = `feed:${feedId}:metadata`;
-    const feedMetadata = (await env.EMAIL_STORAGE.get(feedMetadataKey, 'json') || { emails: [] }) as FeedMetadata;
-    
+    const feedMetadata = ((await env.EMAIL_STORAGE.get(
+      feedMetadataKey,
+      "json",
+    )) || { emails: [] }) as FeedMetadata;
+
     // Add this email to the feed metadata
     feedMetadata.emails.unshift({
       key: emailKey,
       subject: emailData.subject,
-      receivedAt: emailData.receivedAt
+      receivedAt: emailData.receivedAt,
     });
-    
+
     // Store updated feed metadata
     await env.EMAIL_STORAGE.put(feedMetadataKey, JSON.stringify(feedMetadata));
-    
+
     console.log(`Successfully processed email for feed ${feedId}`);
-    return new Response('Email processed successfully', { status: 200 });
+    return new Response("Email processed successfully", { status: 200 });
   } catch (error) {
-    console.error('Error processing email:', error);
-    return new Response('Error processing email', { status: 500 });
+    console.error("Error processing email:", error);
+    return new Response("Error processing email", { status: 500 });
   }
-} 
\ No newline at end of file
+}
diff --git a/src/scripts/auth.ts b/src/scripts/auth.ts
index 9a92472..c1d0dd9 100644
--- a/src/scripts/auth.ts
+++ b/src/scripts/auth.ts
@@ -1,43 +1,3 @@
-// Authentication helper functions
-// Handles user authentication state
-
-export const authHelpers = `
-  // Check if user is authenticated
-  function isAuthenticated() {
-    // Check localStorage first (client-side)
-    if (localStorage.getItem('authenticated') === 'true') {
-      return true;
-    }
-    
-    // Check for cookie (server-side auth)
-    function getCookie(name) {
-      const value = \`; \${document.cookie}\`;
-      const parts = value.split(\`; \${name}=\`);
-      if (parts.length === 2) return parts.pop().split(';').shift();
-      return null;
-    }
-    
-    return getCookie('admin_auth') === 'true';
-  }
-  
-  // Set authentication state
-  function setAuthenticated(value) {
-    localStorage.setItem('authenticated', value ? 'true' : 'false');
-  }
-  
-  // Logout function
-  function logout() {
-    localStorage.removeItem('authenticated');
-    // Also clear the cookie by setting expiry in the past
-    document.cookie = 'admin_auth=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
-    window.location.href = '/admin/login';
-  }
-  
-  // Check authentication on page load
-  document.addEventListener('DOMContentLoaded', () => {
-    const path = window.location.pathname;
-    if (path !== '/admin/login' && !isAuthenticated()) {
-      window.location.href = '/admin/login';
-    }
-  });
-`; 
\ No newline at end of file
+// Legacy export retained for compatibility.
+// Authentication is now fully enforced server-side.
+export const authHelpers = ``;
diff --git a/src/scripts/index.ts b/src/scripts/index.ts
index 17a50ad..cf75739 100644
--- a/src/scripts/index.ts
+++ b/src/scripts/index.ts
@@ -1,9 +1,9 @@
 // Main scripts exports file
 // Combines and re-exports all JavaScript functionality
 
-import { modalScripts, emailViewScripts, initScripts } from './interactions';
-import { clipboardScripts } from './clipboard';
-import { authHelpers } from './auth';
+import { modalScripts, emailViewScripts, initScripts } from "./interactions";
+import { clipboardScripts } from "./clipboard";
+import { authHelpers } from "./auth";
 
 // Combine all scripts into a single JavaScript string
 export const interactiveScripts = `
@@ -14,4 +14,10 @@ export const interactiveScripts = `
 `;
 
 // Re-export for modular usage if needed
-export { modalScripts, emailViewScripts, initScripts, clipboardScripts, authHelpers }; 
\ No newline at end of file
+export {
+  modalScripts,
+  emailViewScripts,
+  initScripts,
+  clipboardScripts,
+  authHelpers,
+};
diff --git a/src/styles/components.ts b/src/styles/components.ts
index 92cd2a3..1e0f532 100644
--- a/src/styles/components.ts
+++ b/src/styles/components.ts
@@ -413,7 +413,7 @@ export const componentStyles = `
   
   .email-raw pre {
     margin: 0;
-    font-family: 'Menlo', monospace;
+    font-family: var(--font-family-mono);
     font-size: 14px;
     white-space: pre-wrap;
     word-break: break-word;
@@ -482,6 +482,185 @@ export const componentStyles = `
     border-radius: var(--radius-md);
     overflow: hidden;
   }
+
+  /* Toolbar + segmented control (Apple-ish) */
+  .toolbar {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    gap: var(--spacing-sm);
+    flex-wrap: wrap;
+    margin-bottom: var(--spacing-md);
+  }
+
+  .toolbar-group {
+    display: inline-flex;
+    align-items: center;
+    gap: var(--spacing-sm);
+    flex-wrap: wrap;
+  }
+
+  .toolbar-group-fill {
+    width: 100%;
+  }
+
+  input.search {
+    min-width: 280px;
+    flex: 1;
+  }
+
+  .actions-row {
+    display: flex;
+    justify-content: flex-end;
+    margin-top: var(--spacing-md);
+  }
+
+  .pill {
+    display: inline-flex;
+    align-items: center;
+    height: 28px;
+    padding: 0 10px;
+    border-radius: var(--radius-pill);
+    border: 1px solid var(--color-border);
+    background-color: rgba(60, 60, 67, 0.12);
+    color: var(--color-text-secondary);
+    font-size: var(--font-size-sm);
+    backdrop-filter: blur(var(--blur-sm));
+    -webkit-backdrop-filter: blur(var(--blur-sm));
+  }
+
+  .segmented {
+    display: inline-flex;
+    border-radius: var(--radius-pill);
+    padding: 2px;
+    border: 1px solid var(--color-border);
+    background-color: rgba(60, 60, 67, 0.12);
+    backdrop-filter: blur(var(--blur-sm));
+    -webkit-backdrop-filter: blur(var(--blur-sm));
+    box-shadow: var(--shadow-sm);
+  }
+
+  .segmented-item {
+    display: inline-flex;
+    align-items: center;
+    justify-content: center;
+    padding: 8px 12px;
+    border-radius: var(--radius-pill);
+    text-decoration: none;
+    color: var(--color-text-secondary);
+    font-size: var(--font-size-sm);
+    font-weight: var(--font-weight-semibold);
+    user-select: none;
+    transition: all var(--transition-fast);
+  }
+
+  .segmented-item:hover {
+    color: var(--color-text-primary);
+  }
+
+  .segmented-item.is-active {
+    color: var(--color-text-primary);
+    background-color: rgba(255, 255, 255, 0.12);
+    box-shadow: var(--shadow-sm);
+  }
+
+  @media (prefers-color-scheme: light) {
+    .segmented-item.is-active {
+      background-color: rgba(255, 255, 255, 0.85);
+    }
+  }
+
+  /* Tables */
+  .table-wrap {
+    overflow-x: auto;
+    border-radius: var(--radius-lg);
+    border: 1px solid var(--color-border);
+    background-color: rgba(60, 60, 67, 0.05);
+  }
+
+  @media (prefers-color-scheme: light) {
+    .table-wrap {
+      background-color: rgba(255, 255, 255, 0.6);
+    }
+  }
+
+  table.table {
+    width: 100%;
+    border-collapse: collapse;
+  }
+
+  table.table.table-feeds {
+    min-width: 860px;
+  }
+
+  table.table.table-emails {
+    min-width: 760px;
+  }
+
+  table.table th,
+  table.table td {
+    padding: 10px 12px;
+    border-bottom: 1px solid var(--color-border);
+    text-align: left;
+    vertical-align: top;
+  }
+
+  table.table thead th {
+    font-size: var(--font-size-sm);
+    font-weight: var(--font-weight-semibold);
+    color: var(--color-text-secondary);
+    background-color: rgba(44, 44, 46, 0.35);
+    backdrop-filter: blur(var(--blur-sm));
+    -webkit-backdrop-filter: blur(var(--blur-sm));
+  }
+
+  @media (prefers-color-scheme: light) {
+    table.table thead th {
+      background-color: rgba(255, 255, 255, 0.55);
+    }
+  }
+
+  table.table tbody tr:hover {
+    background-color: rgba(255, 255, 255, 0.04);
+  }
+
+  @media (prefers-color-scheme: light) {
+    table.table tbody tr:hover {
+      background-color: rgba(0, 0, 0, 0.03);
+    }
+  }
+
+  table.table tbody tr:last-child td {
+    border-bottom: none;
+  }
+
+  table.table code {
+    font-family: var(--font-family-mono);
+    font-size: 13px;
+  }
+
+  /* Compact copy-to-clipboard for table cells */
+  .copyable.copyable-inline {
+    margin-bottom: 0;
+    padding: 0;
+    background-color: transparent;
+    border: none;
+  }
+
+  .copyable.copyable-inline .copyable-content {
+    padding: 6px 8px;
+    border-radius: var(--radius-sm);
+  }
+
+  .copyable.copyable-inline .copyable-value {
+    margin-right: var(--spacing-xs);
+  }
+
+  .row-actions {
+    display: flex;
+    gap: 6px;
+    flex-wrap: wrap;
+  }
   
   /* Feed and Email Lists */
   .feed-list,
@@ -490,4 +669,4 @@ export const componentStyles = `
     padding: 0;
     margin: 0;
   }
-`; 
\ No newline at end of file
+`; 
diff --git a/src/styles/layout.ts b/src/styles/layout.ts
index d747862..378f6c5 100644
--- a/src/styles/layout.ts
+++ b/src/styles/layout.ts
@@ -15,18 +15,22 @@ export const layoutStyles = `
     overflow-x: hidden;
     margin: 0;
     padding: 0;
+    -webkit-font-smoothing: antialiased;
+    text-rendering: optimizeLegibility;
     
-    /* Add subtle gradient background */
-    background-image: linear-gradient(135deg, 
-      rgba(0, 0, 0, 0.02) 0%, 
-      rgba(255, 255, 255, 0.02) 100%);
+    /* Liquid-glass-ish background (subtle, non-distracting) */
+    background-image:
+      radial-gradient(1200px circle at 20% 10%, rgba(10, 132, 255, 0.18), transparent 55%),
+      radial-gradient(900px circle at 80% 20%, rgba(94, 92, 230, 0.14), transparent 60%),
+      radial-gradient(700px circle at 50% 100%, rgba(48, 209, 88, 0.10), transparent 60%),
+      linear-gradient(135deg, rgba(255, 255, 255, 0.03) 0%, rgba(0, 0, 0, 0.03) 100%);
     background-attachment: fixed;
   }
   
   /* Main Container */
   .container {
     width: 100%;
-    max-width: 800px;
+    max-width: 980px;
     margin: 0 auto;
     padding: var(--spacing-xl);
     box-sizing: border-box;
@@ -168,4 +172,4 @@ export const layoutStyles = `
     margin-bottom: var(--spacing-md);
     color: var(--color-text-primary);
   }
-`; 
\ No newline at end of file
+`; 
diff --git a/src/styles/utilities.ts b/src/styles/utilities.ts
index 12612af..b9e3831 100644
--- a/src/styles/utilities.ts
+++ b/src/styles/utilities.ts
@@ -11,6 +11,21 @@ export const utilityStyles = `
   .fade-in {
     animation: fadeIn 0.5s ease-out;
   }
+
+  .muted {
+    color: var(--color-text-secondary);
+  }
+
+  @media (prefers-reduced-motion: reduce) {
+    .fade-in {
+      animation: none;
+    }
+
+    * {
+      scroll-behavior: auto !important;
+      transition-duration: 0.01ms !important;
+    }
+  }
   
   /* Copyable content styling */
   .copyable {
@@ -105,4 +120,4 @@ export const utilityStyles = `
     opacity: 1;
     transform: translate(-50%, -50%) scale(1);
   }
-`;
\ No newline at end of file
+`;
diff --git a/src/styles/variables.ts b/src/styles/variables.ts
index 953d2c8..2bf30d8 100644
--- a/src/styles/variables.ts
+++ b/src/styles/variables.ts
@@ -3,8 +3,10 @@
 
 export const variables = `
   :root {
-    /* Typography - Using Inter font */
-    --font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Helvetica Neue', Arial, sans-serif;
+    /* Typography - Prefer system UI fonts (Apple HIG-ish) */
+    --font-family: -apple-system, BlinkMacSystemFont, "SF Pro Text", "SF Pro Display", "Helvetica Neue", Arial, sans-serif;
+    --font-family-mono: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;
+    color-scheme: light dark;
     --font-size-xs: 12px;
     --font-size-sm: 14px;
     --font-size-md: 16px;
@@ -103,6 +105,5 @@ export const lightModeTheme = `
 
 // Inter font import
 export const fontImport = `
-  /* Inter Font Import */
-  @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap');
-`; 
\ No newline at end of file
+  /* No external font imports. */
+`;
diff --git a/src/types/index.ts b/src/types/index.ts
index 2437fce..2ae63c0 100644
--- a/src/types/index.ts
+++ b/src/types/index.ts
@@ -18,6 +18,7 @@ export interface EmailData {
 export interface FeedConfig {
   title: string;
   description?: string;
+  allowed_senders?: string[];
   language: string;
   site_url: string;
   feed_url: string;
@@ -53,16 +54,29 @@ export interface FeedListItem {
 declare global {
   // This is not an ideal solution but works for our example
   interface KVNamespace {
-    get(key: string, options?: { type: 'text' }): Promise<string | null>;
-    get(key: string, options: { type: 'json' }): Promise<any | null>;
-    get(key: string, options: { type: 'arrayBuffer' }): Promise<ArrayBuffer | null>;
-    get(key: string, options: { type: 'stream' }): Promise<ReadableStream | null>;
-    put(key: string, value: string | ArrayBuffer | ReadableStream | FormData): Promise<void>;
+    get(key: string, options?: { type: "text" }): Promise<string | null>;
+    get(key: string, options: { type: "json" }): Promise<any | null>;
+    get(
+      key: string,
+      options: { type: "arrayBuffer" },
+    ): Promise<ArrayBuffer | null>;
+    get(
+      key: string,
+      options: { type: "stream" },
+    ): Promise<ReadableStream | null>;
+    put(
+      key: string,
+      value: string | ArrayBuffer | ReadableStream | FormData,
+    ): Promise<void>;
     delete(key: string): Promise<void>;
-    list(options?: { prefix?: string; limit?: number; cursor?: string }): Promise<{
+    list(options?: {
+      prefix?: string;
+      limit?: number;
+      cursor?: string;
+    }): Promise<{
       keys: { name: string; expiration?: number }[];
       list_complete: boolean;
       cursor?: string;
     }>;
   }
-} 
\ No newline at end of file
+}