diff --git a/CHANGELOG.md b/CHANGELOG.md
index b60a7afa..1ec71ded 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -80,7 +80,7 @@ The most noteworthy change of this release is the update of the container's base
 - **Rspamd**:
   - The `rewrite_subject` action, is now disabled by default. It has been replaced with the new `SPAM_SUBJECT` environment variable, which implements the functionality via a Sieve script instead which is anti-spam service agnostic ([#3820](https://github.com/docker-mailserver/docker-mailserver/pull/3820))
   - `RSPAMD_NEURAL` was added and is disabled by default. If switched on it will enable the experimental Rspamd "Neural network" module to add a layer of analysis to spam detection ([#3833](https://github.com/docker-mailserver/docker-mailserver/pull/3833))
-  - The symbol weights of SPF, DKIM and DMARC have been adjusted again. Fixes a bug and includes more appropriate combinations of symbols ([#3913](https://github.com/docker-mailserver/docker-mailserver/pull/3913))
+  - The symbol weights of SPF, DKIM and DMARC have been adjusted again. Fixes a bug and includes more appropriate combinations of symbols ([#3913](https://github.com/docker-mailserver/docker-mailserver/pull/3913), [#3923](https://github.com/docker-mailserver/docker-mailserver/pull/3923))
 
 ### Fixes
 
diff --git a/Dockerfile b/Dockerfile
index 8110cebf..8b2a502c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -104,7 +104,6 @@ EOF
 # -----------------------------------------------
 
 COPY target/rspamd/local.d/ /etc/rspamd/local.d/
-COPY target/rspamd/scores.d/* /etc/rspamd/scores.d/
 
 # -----------------------------------------------
 # --- OAUTH2 ------------------------------------
diff --git a/target/rspamd/local.d/composites.conf b/target/rspamd/local.d/composites.conf
new file mode 100644
index 00000000..ab58f45d
--- /dev/null
+++ b/target/rspamd/local.d/composites.conf
@@ -0,0 +1,18 @@
+# In addition to `policies_group.conf`, this file contains
+# symbols that are applied when certain other symbols are
+# applied (or not applied).
+#
+# We are especially interested in the `policy` field, because
+# there are cases in which `remove_weight` is undesirable.
+
+# When neither SPF, DKIM, nor DMARC are available, we want
+# to increase the base score so we apply at least greylisting.
+AUTH_NA {
+  score = 2.5;
+  policy = "leave";
+}
+
+AUTH_NA_OR_FAIL {
+  score = 1;
+  policy = "leave";
+}
diff --git a/target/rspamd/scores.d/policies_group.conf b/target/rspamd/local.d/policies_group.conf
similarity index 100%
rename from target/rspamd/scores.d/policies_group.conf
rename to target/rspamd/local.d/policies_group.conf