I believe this is because the spam filtering occurs first, and that is happening before the content filter, IE the trusted senders list. I make the rule in content filters for trusted senders, and move that rule in front of all the other content filters, so it is the first one. That way it will be the first action on the message.
The other issue, is the spf fail. What weight to you give it that it fails for SPF? In our system, the spf is a spam weight of 30, Is your rule for the spam weight that you have assigned to the SPF to bounce the message? IF that is the case, just change the rule.
Remember kids, every time a spam message gets blocked, a nerd gets their glasses. spamhurts/July 15