I know that this is not a direct reply to your question, but I have an easier suggestion.
Why not figure out the exact accounts that are used for the "important" emails, create those email boxes and set your catchall to /dev/null.
My experiences are that the catchall will always be OVERLOADED with spam because all the spambot has to do is sub in email@example.com
and ALL that spam is guaranteed to get delivered. At least with explicit email box addresses, the spam has to be addressed to an existing user, anything else gets dumped.
As far as sifting through the morass of emails left, I use the following combo of packages:
I found the installation of these packages to be very straighforward and had everything installed in running with an evenings worth of tweaking. Start with MailScanenr as they have an optional file at http://www.mailscanner.info/downloads.html
in the "other downloads" section that will install ClamAV and Spamassassin in one shot all preconfigured for MailScanner. Make sure that you also read the appropriate sections on the MailScanner documentation that refer to your specific MTA [i.e., Postfix, Exim, sendmail, Procmail, etc]. After that, DCC and Razor are just simple installs with minimal configuration to get them working with MailScanner and Spamassassin.
Without starting any wars (no flames please), I go this route versus the procmail filter route because I found that I could not stay on top of all the rules that I needed to create to block all the *new* ways that spammers find to flood your inbox every day. With the above tools, much of that is done for you and updated automatically....less work for me :-)
Hope some of that helps!