Wrong assumptions. SpamAssassin is seeing the whole message, including the full forwarded content and the headers. Message-Id, the Received: path traversed, etc.
Why the fetchmail/POP from domain.com to domain.net? Have your user remove that hop, and do a proper forward direct from comcast.
You can see the tokens that are considered spammy (or not) by dropping in a debug.cf with the below and piping the message through spamassassin -t
Code:
add_header all Spammy _SPAMMYTOKENS(5,long)_
add_header all Hammy _HAMMYTOKENS(5,long)_
add_header all Bayes _TOKENSUMMARY_
As for this particular message, what you should do is (click here) to unsubscribe her. It is absolutely correct to teach users never to follow directions in UBE, but this is mainsleaze from a company from which your user bought something some time ago (if not from JCP itself, then from an "affiliate" with whom they share information; how many people read the fine print?). JCP Media will honor unsubscribes. Don't tell your user that she is mistaken in considering it spam; there's no point in doing that. But following the (click here) link is a more productive use of *your* time than fiddling with SA.