spamassassin does not honour local.cf

I updated my /etc/spamassassin/local.cf spamassassin file to update some score rules. However, even after restarting spamassassin (via service), the new score are not shown in spam emails. In fact, nothing in that file seem to influence how spamassassin work. I use exim as my MTA but that should not matter. All packages were installed via apt-get and are at the latest version for 14.04. For example, I have this: score HTML_MESSAGE 2.0 define in /etc/spamassassin/local.cf. I restarted both exim and spamassassin. spamassassing --lint shows that there are no errors int hat file. Then got yet another spam with this: 0.0 HTML_MESSAGE BODY: HTML included in message In the X-Spam-Report field. I ran spamassassin -D < spam and the order of loading of cfg files seems to be wrong: Jun 8 13:34:07.300 dbg: config: read file /etc/spamassassin/local.cf ... Jun 8 13:34:07.600 dbg: config: read file /var/lib/spamassassin/3.004000/updates_spamassassin_org/50_scores.cf ... Jun 8 13:34:07.787 dbg: config: read file /var/lib/spamassassin/3.004000/updates_spamassassin_org/73_sandbox_manual_scores.cf Jun 8 13:34:07.788 dbg: config: fixed relative path: /var/lib/spamassas sin/3.004000/updates_spamassassin_org/local.cf ... ***What is going on?*** Based on a comment from [Centimane](https://unix.stackexchange.com/users/67807/centimane) : I tried strace -f -e trace=file spamassassin -D < spam with the same result: Spamassassin is reading system files after the local.cf file. Thus, trashing any score changes. From comments, here is the local.cf file, which is more or less the vanilla one. # This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # # Only a small subset of options are listed below # ########################################################################### # Add *****SPAM***** to the Subject header of spam e-mails # rewrite_header Subject *****SPAM***** add_header spam Flag _YESNOCAPS_ add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ bayes=_BAYES_ add_header all Report _SUMMARY_ # Save spam messages as a message/rfc822 MIME attachment instead of # modifying the original message (0: off, 2: use text/plain instead) # # report_safe 1 # Set which networks or hosts are considered 'trusted' by your mail # server (i.e. not spammers) # # trusted_networks 212.17.35. # Set file-locking method (flock is not safe over NFS, but is faster) # # lock_method flock # Set the threshold at which a message is considered spam (default: 5.0) # required_score 5.0 # Use Bayesian classifier (default: 1) # use_bayes 1 bayes_path /var/lib/spamassassin/bayes/bayes bayes_file_mode 0777 # Bayesian classifier auto-learning (default: 1) # bayes_auto_learn 1 # Set headers which may provide inappropriate cues to the Bayesian # classifier # bayes_ignore_header X-Bogosity bayes_ignore_header X-Spam-Flag bayes_ignore_header X-Spam-Status # Some shortcircuiting, if the plugin is enabled # ifplugin Mail::SpamAssassin::Plugin::Shortcircuit # # default: strongly-whitelisted mails are *really* whitelisted now, if the # shortcircuiting plugin is active, causing early exit to save CPU load. # Uncomment to turn this on # shortcircuit USER_IN_WHITELIST on shortcircuit USER_IN_DEF_WHITELIST on shortcircuit USER_IN_ALL_SPAM_TO on shortcircuit SUBJECT_IN_WHITELIST on # the opposite; blacklisted mails can also save CPU # shortcircuit USER_IN_BLACKLIST on shortcircuit USER_IN_BLACKLIST_TO on shortcircuit SUBJECT_IN_BLACKLIST on # if you have taken the time to correctly specify your "trusted_networks", # this is another good way to save CPU # # shortcircuit ALL_TRUSTED on # and a well-trained bayes DB can save running rules, too # shortcircuit BAYES_99 spam shortcircuit BAYES_00 ham blacklist_from wokfrance.com blacklist_from brother-mailer.com blacklist_from *.sd-soft.net blacklist_from woifrance.com blacklist_from adimacocl.net blacklist_from bletspuranawyat.net blacklist_from sd-soft.net blacklist_from m1web-track.com blacklist_from winntoniecline.net blacklist_from kafod.org blacklist_from *.kafod.org blacklist_from bhlivetickets@bhlive.co.uk blacklist_from *.bhlive.co.uk blacklist_from *.regionasm.net blacklist_from regionasm.net ## Tweaks. score AC_BR_BONANZA 1.0 score ADMITS_SPAM 10.0 score A_HREF_TO_REMOVE 2.0 score DEAR_FRIEND 4.0 score FREEMAIL_FORGED_FROMDOMAIN 4.0 score FREEMAIL_FROM 1.0 score FROM_LOCAL_HEX 9.0 score HTML_MESSAGE 2.0 score RCVD_IN_MSPIKE_BL 2.0 score RCVD_IN_SORBS_WEB 2.0 score RCVD_IN_XBL 3.0 score RDNS_NONE 2.0 score SCVD_IN_DNSWL_BLOCKED 3.0 score T_DKIM_INVALID 1.0 score T_FREEMAIL_DOC_PDF 3.0 score T_REMOTE_IMAGE 3.0 score URIBL_BLOCKED 3.0 score URIBL_DBL_SPAM 3.0 score URIBL_JP_SURBL 3.0 score URIBL_WS_SURBL 3.0 endif # Mail::SpamAssassin::Plugin::Shortcircuit And the whole output of spamassassin -D is too big for this. However, the relevant lines are above. If you want more information, tell me what to look for and I will add it.