I've been troubled with a rather large amount of spam recently. I had a bit of a dig around today to see if I could improve the situation. The first mistake I found was in the exim directors which didn't verify the user. This meant I was getting a lot of mail addressed to things like email@example.com because all badly addressed mail was hitting the spam director and ending up (somehow) being re-routed to root, therefor to me.
The other reason stuff was getting through was because stuff was being tagged as ALL_TRUSTED which was dropping the score bellow the threshold. A quick tweak to teach Spamassassin about my internal network seems to have had an effect. Hopefully my early morning clear out of the Inbox will be a lot easier.