Can someone give me a quick tip (if there is one) on how to setup a 
procmail recipe to strip attachments (in particular executables to catch 
most of these stupid viruses)?

I seem to remember some type of .procmailrc file having something like:

:0
^x-application-octet-stream
/dev/null

but I know there's more to it or it's something to that effect to just 
simply kill that message.

Can someone help me out with a quick recipe for stripping that?

Also, I need to know any suggestions you all might have for securing 
this box if it ends up being used as a mail server.

Anything in the way of services not to run, shell access (like don't), etc?

Thanks!

Chris