I have enabled a catch-all email address for our domain. The benefit is that I can actually make up email addresses on the fly as needed and I will always be sure to receive messages sent there (useful for testing transactions and email list sign ups).
However as a result, I do end up with a fair amount of spam, especially from people trying to guess email addresses of our staff. Gmail is actually pretty good at filtering out most spam, but it won't catch most hand-crafted “cold emails”. Some are good about including opt-out instructions, but many are not. For those, I have crafted a boilerplate response that I send.
Sorry, we do not accept unsolicited commercial offers. Please add this email address—and all other @nonprofit.org email addresses—to your "do not contact" list. Thank you.
FYI, your message does not comply with the US CAN-SPAM requirements, most notably:
5. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.