So how do I whitelist this (and similar) emails?
Custom rule looks to be the only way. SA explicitly ignores local received: headers when it's working out the Received path/whitelists.
This might be a good starting point.
header MY_LOCAL_RCVD Received =~ / Received\: by mail\.covisp\.net \(Postfix\, from userid \d{1,3})/
score MY_LOCAL_RCVD -10.0
