So as well as using spamassassin, I now use a bunch of custom rules for weeding out spam from anti-virus authors and from various countries; I block something like 60 domains before procmail and spamassassin even get to see them (but only if the spamming host has rDNS); and just recently I started blocking hosts which lie in their HELO.
That last one is technically breaches some RFCs but fuck it, I don't care any more. It *works*.
What I really want to do is refuse connections based on the sender's netblock, populating my blocklist with ASes, cos then when a spamsource like comcast gets a new range, they'll remain blocked. Unfortunately, I don't run a fancy enough network to be speaking BGP, so does anyone have any clues how to do this? It would simplify matters no end.