Filter rule on link in content

I am a retired IT professional so I am looking for higher-level answers only.  I stopped using Comcast's standard server-side spam filter (Mail > Advanced Settings > Spam Filtering > Override Security Filters) about 6 years ago because of how bad it is.  Instead, I use my own server-side filter rules (Mail > Filter Rules).  Lately, I have been getting a lot of spam with a bogus opt-out link in the message body to get around CAN-SPAM 2003.  If I can filter on the bogus opt-out link, then I can STOP A LOT of spam.  My filter is not working on incoming spam, but if I forward the same spam to myself, then the filter works.  I am using Thunderbird as my email client.  Here is the filter rule:

• Rule Name:  Linklist_body
• Apply if any condition is met
• Conditions
  • Content contains:  <a href="https://cl.s13.exct.net/
  • Content contains:  cl.s13.exct.net
  • Content contains:  exct.net
• Actions
  • Reject with reason:  Permanent Error

Note the "shotgun approach" with three conditions in hopes that one will work.  But none of them work with incoming spam, but if I forward the same spam to myself, the conditions do work and I get an email:

• From:  postmaster"at"comcast.net
• Subject:  Rejected: Fwd: Original_spam_subject.
• Body:   Your message to <my_account"at"comcast.net> was automatically rejected:  Permanent Error

Any help is appreciated.

TIA,

Steve