Yep - I've had to do much the same thing recently - disabled the catch-all, removed two account aliases that were being slammed and turned off email for a couple of secondary domains. It's almost completely eliminated my spam load. The question is 'for how long?' lol

Disabling the catch-all is definitely the best step.

The pair newsgroups are a good place to discuss SpamAssassin rules--a lot of the people there are geniuses when it comes to making your message-checking criteria more robust or less processor-intensive.

I've turned off all but specific email addresses. I've also started using a contact Web form for new inquiries; they get sent to an obscure address like foo4839432 at my domain, which is a real address. If I start getting spam at that address, then I just make a new address and deactivate the old one.

Of course, I still get spam at my personal email account, but that's manageable.

popfile did the trick for me. not only did it get rid of my spam, it also allowed me to get rid of most e-mail-filters.

In the past few months, we've been having the same email issues, with "random" email addresses trying to hammer our mail servers. We've done a couple of things to get around this:

we started using SpamHaus' XBL+SBL list (see http://www.spamhaus.org for more info). Basically, it tracks known spammer and "zombie'd" machines. Using this with our sendmail server has cut down about 90% of this type of "spam." Another nice side effect - XBL also catches a lot of infected Windows boxes spewing viruses, so we getting a lot less virus attacks, as well.

For the stuff that Spamhaus doesn't catch, I wrote a perl script that checks for "strange" behaviour. Basically, if a server tries to send us over 10 messages to unknown addresses, it gets added to our "reject" list

With just these two steps, we've gone from -hundreds- of new servers each week trying to attack our network, down to about two or three. It sucks that we have to go to all of this trouble to project ourselves from these types of attacks, but at least it keeps me employed :)

Are those last two a joke?

I have received an increase in Fax Spam, of all things. We used to publish our Fax number on our contact page, but no longer. Yes, it's true -- there are folks who still Fax. We've used a free eFax number for the past few years with great success. Then we started getting two or three Spam Faxes a day. Last week we got an email from eFax stating we were in violation of our terms for free Fax service (limit: 21 faxes per month). They said we had to upgrade to the $12 a month service or risk losing our Fax number. Normally, the most Faxes we'd receive in a month was around 3. When I get Spam Faxed I would immediately report it to eFax's Abuse Dept. ( http://www.efax.com/en/efax/twa/abuse ). When I appealed to them, I let them know that every single Spam Fax I got I reported to them using that page. They still insisted that I need to upgrade to keep my Fax number.

I'm not going to do it. $12 a month so some jerk can send me a flyer for a FREE DISNEY VACATION! is $12 too much.

The moral of the story is: Don't publish your Fax number online and URL encode your voice number (and emails and...). If someone needs your Fax number they can call or email your for it.

I finally switched to Kerio's mail server with built-in SpamAssassin and added a handful of known mail servers in Asia to the block list. Cut the spam by in excesses of 95%. Combined with OS X's mail.app and things are great :)