This is a set of procmail rulesets included from my .procmailrc file. Prior to this file, another list of "accepting" rulesets is included, which automatically accepts mail with any preapproved address in its "From" header. This is done to substantially reduce the chances of accidentally filtering out mail from friends.
These rules are presented here in the hope that they may be useful to others. Feel free to copy and use anything you like.
# Fuck RFC 2821. I haven't received a single legitimate e-mail sent to
# postmaster in at least the past seven years, whereas it gets on the order
# of 30 spam messages a day. So it goes in this bucket, where it will sit
# and rot. It will be included in my nightly spam report, however, Just In
# Case.
:0:
* (^TO_|^Received:|^Delivered-To:).*postmaster@(horde\.com|prozac)
spam/postmaster
# Likewise, since I am not myself a spammer, I don't tend to get actual
# abuse complaints at the "abuse" alias, and only spammers themselves bother
# to send to it.
:0:
* (^TO_|^Received:|^Delivered-To:).*abuse@(horde\.com|prozac)
spam/abuse
# I don't use any "webmaster" mail aliases for any of my domains, so mail
# sent to any such address is 99.99% likely to be spam.
:0:
* (^TO_|^Delivered-To:).*webmaster@
spam/webmaster
# These are addresses that exist solely in the whois database as contacts
# for domain names. If you're sending mail to one of these addresses, you'd
# better have a valid reason. Mail from the current registrar is
# automatically accepted previous to this point.
:0:
* (^TO_|^Delivered-To:|^Received:).*(dns..200.@horde\.com)
* !^Subject:.*((kagomi\.com)|(quotes-r-us\.org)|(horde\.com)|(domain)|(renew)|(expir)|(pairnic))
spam/dns
# Be suspicious of HTML-only mail. Be very suspicious.
#
# Remember that friends/acquaintences/co-workers/etc are being auto-accepted
# prior to parsing this file. Of course, we can safely assume that none of
# those people would be sending me HTML mail in the first place, since that
# would imply that their intelligence was approximately equal to that of a
# chalupa, and hence I never would have agreed to communicate with them in
# the first place.
:0:
* ^Content-Type: text/html
spam/html
# Ditto with this.
:0
* ^Content-Type: multipart/
{
:0 B
* !^Content-Type: text/plain
* ^Content-Type: text/html
spam/html
}
# I'm not interested in receiving notification that some virus or worm
# decided to use my e-mail address in its "from" line. Again, not really
# spam, but close enough.
:0:
* ^Subject: InterScan.*Alert
spam/metavirus
# These guys *totally* piss me off!
:0:
* ^Subject:.*\
spam/blacklist
# Misc random spammers. This is where I explicitly deal with places that
# consistently send garbage to me, if it hasn't already been caught by one
# of the more general rules.
:0:
* ^(Received:|From:|To:).*(techvenue\.com|perfdata\.com|conservativefun\.com|clickaction\.net|echampions2000\.com|rnc(mail)?\.org|nmailer\.com|traditionalvalues\.org|churches\.net|snd\.edu\.gr|ioannou@vip\.gr|worldses\.org|wseas|discounts-direct\.com|elki@aol\.com|industryemail\.com|rchproducts\.com|webuniverse\.net|hostex\.com|insertweb\.net|hellasnet\.gr|pathfinder\.gr|optingnow\.com|investorsinsight\.com|yakim5150@yahoo\.com|b2blists\.com|bostonlimoservices\.com|afsmail\.com|artmarket\.com|kongmail\.com|topsites\.com|topsites-us\.com|topsitez\.us|dealsfromtheweb\.com|deerclk\.com|peppypuppy)
spam/blacklist