This is a set of procmail rulesets included from my .procmailrc file. Prior to this file, another list of "accepting" rulesets is included, which automatically accepts mail with any preapproved address in its "From" header. This is done to substantially reduce the chances of accidentally filtering out mail from friends.
These rules are presented here in the hope that they may be useful to others. Feel free to copy and use anything you like.
# Fuck RFC 2821. I haven't received a single legitimate e-mail sent to
# postmaster in at least the past seven years, whereas it gets on the order
# of 30 spam messages a day. So it goes in this bucket, where it will sit
# and rot. It will be included in my nightly spam report, however, Just In
# Case.
:0:
* (^TO_|^Received:|^Delivered-To:).*postmaster@(horde\.com|prozac)
spam/postmaster
# Likewise, since I am not myself a spammer, I don't tend to get actual
# abuse complaints at the "abuse" alias, and only spammers themselves bother
# to send to it.
:0:
* (^TO_|^Received:|^Delivered-To:).*abuse@(horde\.com|prozac)
spam/abuse
# I don't use any "webmaster" mail aliases for any of my domains, so mail
# sent to any such address is 99.99% likely to be spam.
:0:
* (^TO_|^Delivered-To:).*webmaster@
spam/webmaster
# These are addresses that exist solely in the whois database as contacts
# for domain names. If you're sending mail to one of these addresses, you'd
# better have a valid reason. Mail from the current registrar is
# automatically accepted previous to this point.
:0:
* (^TO_|^Delivered-To:|^Received:).*(dns..200.@horde\.com)
* !^Subject:.*((kagomi\.com)|(horde\.com)|(jennifershell\.com)|(domain)|(renew)|(expir)|(pairnic))
spam/dns
# Be suspicious of HTML-only mail. Be very suspicious.
#
# Remember that friends/acquaintences/co-workers/etc are being auto-accepted
# prior to parsing this file. Of course, we can safely assume that none of
# those people would be sending me HTML mail in the first place, since that
# would imply that their intelligence was approximately equal to that of a
# chalupa, and hence I never would have agreed to communicate with them in
# the first place.
# Disabled 8 Sept 2010 - Not catching much, and high false-positive rate.
#:0:
#* ^Content-Type: text/html
#spam/html
# Ditto with this.
# Disabled 8 Sept 2010 - See above.
#:0
#* ^Content-Type: multipart/
#{
# :0 B
# * !^Content-Type: text/plain
# * ^Content-Type: text/html
# spam/html
#}