Recently I’ve noticed more spam coming through on several webmaster@ and postmaster@ email addresses. Looking at the email headers they appear to be skipping the spam assassin spam detection as there’s no spam headers that I get on others.
None
replace this text with messages or log entries
A user with several domains that I configured forwarding the postmaster → to an admin account also was also getting a nasty rash of such emails for several days. I ratcheted up the anti spam but this didn’t work.
Looking through the nasties it was clear they all originated through various .ru domains and senders. As there is no interest in receiving email from .ru I put all .ru into /etc/exim4/blacklist and that dried them up.
Be interested in what others are doing optimally to manage this on Sympl as cutting an entire ccTLD on the RSS out is sub optimal.
C
I think postmaster@ and webmaster@ are deliberately configured to bypass the spam filter.
I’ve had a lot of those emails in recent months.
See /etc/exim4/sympl.d/10-acl/50-acl-check-rcpt/30-accept-postmaster
That might be a better way.
If you are suggesting deleting
/etc/exim4/sympl.d/10-acl/50-acl-check-rcpt/30-accept-postmaster
as necessary to filter out emails from .countrycode addressed to postmaster@adomain.cctld
?
$man sympl could be helpful 
Yes, that’s correct, and it’s by design. Both addresses are ‘official’ ‘service’ addresses, so ‘should’ accept all mail.
If you need to filter them for spam, I’d suggest doing it directly on the mail client.