About once a day or so, a spam message lands in my Inbox because SpamAssassin never saw it. There are no X-Spam-* headers in it at all (normally those are present even for non-spam). The message was received from my ISP by the usual route. /var/log/maillog generally shows spamd activity immediately after each sendmail connection, but not in this case: sendmail is logged but not spamd. Messages received just a minute or two before and after show spamd being run as usual.
How is this even possible?
Update: Apparently SpamAssassin assumes that any message bigger than 250K is not spam. Wow, that's a good idea... It's possible that the fix is to add "-x -s 100000000" to the call to spamc in /etc/procmailrc.