The second operand matches a received header, so I think it would be something along the lines of
whitelist_from_recvd *lovefilm.com merlin.lovefilm.com
Better check that in the wiki though, I've never used this format myself.
Loren is correct here.. whitelist_from_rcvd is "Whitelist From: and Received:" command, thus requires two parameters.
The first parameter will match the From: headers, and has the same format as whitelist_from.
The second parameter will match the reverse-DNS part of a Received: header. It will also only match a header added by a trusted host from the trusted_networks setting.
(SA tries to make educated guesses on trust, but sometimes it's wrong. If you have trouble, run a message through spamassassin -D and watch what it's up to, or manually set trusted_networks to be mailservers you control.).
And don't forget to run spamassassin --lint when you're done editing to check for typos.
