#this account has been hacked
if
 $header_subject: contains "this account has been hacked! Change all your passwords!"
then
 save "/dev/null" 660
endif

#My bitcoin wallet address
if
 $message_body contains "My bitcoin wallet address"
then
 save "/dev/null" 660
endif