I replaced my custom postfix mailserver with this mailserver when I switched hosting providers.
Since the switch, I'm running into a lot more spam problems than before. Now my setup is not really comparable. Previously, I used to run postfix + policyd_weight + spamassasin which filtered out nearly everything. Now I have dozen of (untagged) spam messages in my inbox.

What I already did:

    - ENABLE_SPAMASSASSIN=1
    - ENABLE_CLAMAV=1
    - SA_TAG=-10000.0
    - SA_TAG2=5
    - SA_KILL=1000

This tags all messages, so one can see the spamassasin score of the spam. I also lowered the TAG2 threshold to 5. I have a high SA_KILL because I wanted to filter out the spam and not kill it.

I also have a regular cron-job running which feeds the not detected spam into sa-learn.

I'm not running a high profile domain here, so my question is: What do other peoples do when using this docker image? Are there any interesting spamassassin rules which work well?

I though about adding postgrey (which seems straight forward), but I suspect I'll run into problems with the testing of this docker image.

Any recommendations / best practices?

Example Spamassasin-Reports:

X-Spam-Status: No, score=1.645 tagged_above=-10000 required=5
	tests=[HTML_IMAGE_ONLY_04=0.342, HTML_MESSAGE=0.001,
	HTML_SHORT_LINK_IMG_1=0.139, MPART_ALT_DIFF=0.724, PYZOR_CHECK=1.985,
	RCVD_IN_BRBL_LASTEXT=1.644, RCVD_IN_MSPIKE_BL=0.01,
	RCVD_IN_MSPIKE_L3=0.001, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001,
	SPF_PASS=-0.001] autolearn=no autolearn_force=no

X-Spam-Status: No, score=1.986 tagged_above=-10000 required=5
	tests=[HTML_MESSAGE=0.001, PYZOR_CHECK=1.985]
	autolearn=no autolearn_force=no