as explained above, do not forget registry JunkMailImportLists otherwise it will not work...
update from http://forums.msexchange.org/m_1800545996/printable.htm:
We got an update from Microsoft -- they say that the best option is:
New-TransportRule -Name ' Flag internal email domains as not junk and set SCL to minus 1' -Comments ' Flag internal email domains as not junk and set SCL to minus 1' -Priority '0' -Enabled $true -FromAddressContainsWords 'domain1.com','domain2.com' -SetSCL '-1'
The reason why email from our own internal domains is being flagged as junk is because the emails are being send un-authenticated and are not really "people" with AD accounts. They are 3rd party internal applications that cannot send/use authenticated senders.
So "white-listing" internal un-authenticated email seems to be the option to go with until we can replace this legacy software or find ways to convert them to authenticated senders.