This shows that SpamSieve looked at the message and thought it was spam because it contained an encoded HTML part.
Many spammers encode the contents of their messages with base-64 so that filters cannot see the incriminating words they contain. SpamSieve can decode and look inside these messages. The “Encoded HTML mail is spam” option causes it to mark all such as spam, regardless of their contents, on the theory that legitimate senders do not try to obscure their messages. In practice, this is usually a safe assumption, and the low priority position on the filters list means that encoded messages will not be classified as spam if the sender is in the address book or if the message matches the whitelist. However, if, for whatever reason, you expect to receive encoded messages that are not spam, you can uncheck “Encoded HTML mail is spam” in order to prevent SpamSieve from classifying them as spam on that basis.
OK, that explains why Use Mac OS X Address Book didn’t help. You should add this address to his card in Address Book.
Since the address wasn’t in the address book, the training becomes relevant. The normal SpamSieve behavior is that when you train a message as good, it adds the sender address to the whitelist. From then on, SpamSieve will predict all future messages from that address to be good.
In order for this to work, Use SpamSieve whitelist and Train SpamSieve whitelist must be selected in the preferences (which they are, in the default configuration). At this point, my best guess is that you received a spam message from your brother’s address, trained it as spam, and this disabled the whitelist rule. However, in order to know for sure I would need you to send me the log file:
/Users/<username>/Library/Logs/SpamSieve/SpamSieve Log.log
Ordinarily, this alone wouldn’t cause SpamSieve to think the messages from your brother were spam, because it would learn to recognize them as good by their contents. However, as noted above, in the default configuration SpamSieve will classify messages with encoded HTML parts as spam, regardless of their contents. This won’t be a problem in the future if you uncheck “Encoded HTML mail is spam.”
Thanks for sending the MessageRules.plist file. Please note that the installation instructions specifically recommend that you call your spam mailbox “Spam” rather than “SPAM”, although that’s unrelated to the specific problem discussed above.