I was just checking my monthly log of my procmail rules, and I was blown away to find that one relatively simple rule has filtered out 2312 messages in the last month:

:0
* ^X-MSMail.*
{
    :0 B
    * filename=.*\.(txt)\.(com|exe|js|pif|scr|vba|vbs|zip)\"$
    /dev/null
}

Basically, this rule first looks for any message that has the header X-MSMail in it. Microsoft mail programs use this header, so basically I am targeting email from Microsoft mail programs for extra filtering. Then the next step of the rule filters out any message that has an attachment of types: com,exe,js,pif,scr,vba,vbs,zip that are also labeled as .txt. I guess this is the preferred format for virii.

Wow, I never thought such a simple rule could save so much of my time!