So I just upgraded my procmail rules to use a variation of this setup, and I must say, I'm impressed. It's very good at catching stuff, so far, and it's automated to a much stronger degree than what I previously had.
Basically, it does this:
- Check against white/grey lists -- if it's OK, pass it through.
- Run it through bogofilter and/or spamassassin -- if it's OK, pass it through. If it's not, add it to the bogofilter training as spam.
- Run it through procmail filters to push mailing list messages to appropriate filtered folders.
- Only if it doesn't match any of the previous, pass it through to TMDA. If it's OK, TMDA will deliver it, otherwise it will request a confirmation.
So far it seems to be working OK. I'm doing a little tweaking to avoid the confirmation as much as possible, but it seems to work great so far. I really dislike the idea of the confirmation stuff, but the way things are nowadays, I don't see another way to get the leftover SPAM that keeps getting through.
Training bogofilter is great, also, if there's false positives in my Junk folder, I move them over to my "whitelist" folder. I then have a cron job that will automatically run each message in the whitelist folder through the "ham" (non-spam) filter which trains bogofilter that it's OK.
[ Update ]
Even better, I made a "filtering" IMAP folder in my mail that contains "white", "white-domain", "grey", "grey-domain", "black", and "black-domain" mail folders. Then I made a script that goes through those folders and automatically adds any messages in those folders to the corresponding TMDA folder for future white/blacklisting, and addes the mails to the bogofilter "ham" or "spam" config. Sweet!
[ Update ]
I've written a more detailed description of what I've got, along with a tarball of my procmail configs and scripts, to the TriLUG mailing list. If you're interested in seeing how exactly I implemented it, look there.