For fighting email SPAM, I use
ASK is a set of light-weight python scripts providing a simple challenge-response barrier for first-time email senders. After responding once, senders are automatically whitelisted by ASK. (They are then easily moved to an ignorelist or blacklist if needed.) The default ``challenge'' is simply to simply reply to the challenge-email. It would be easy to add a question or two if that ever becomes necessary. In my experience so far, spammers do not provide a working return email path, so they have no opportunity to enable their email for delivery. Their undelivered email eventually expires in the ASK queue and is quietly deleted.
Many vendor websites require email addresses. I give them an email address of the form companyname@mydomain so that I can create an automatic filter-folder for them in .procmailrc (when their email might be important), or I can more easily ignore it when it's just self-promoting advertisement (which is the norm). It is also interesting to see which companies evidently sold my email address to spammers. My ISP automatically forwards all unrecognized email to my domain to a ``catch-all'' email account. In principle, this same ``tagging'' approach can be used at gmail by using addresses of the form you+companyName@gmail.com. However, in practice, most company websites do not accept `+' in an email address, in my experience. I retrieve this ``tagged email'' from my catch-all email account on a particular home machine, sorting directly to evolution folders via procmail filters. This keeps it separate from my work email and minimizes the time spent looking at it. Once in a while I might search the folder for a particular company to see if there are any upgrade notices, etc.