The issue was Sender -> Tor -> GMail -> Destination was being treated as if the mail came from Tor instead of from GMail because Google leaks the Sender's IP address and SpamAssassin apparently uses all the Received From headers by default .
It looks like by using notfirsthop and trusted_networks it can be configured to only use the Received From headers added by the Destination MTA.
This way there's no need to try to manually create and curate a list of all Tor exit nodes.