When saving SpamReport preferences, the Signal-Spam.fr password is kept for the session, but it is not written to clawsrc, so when Claws Mail is next launched, it no longer has the password.
If you're using recent git version, the passwords are stored differently, and the spamreport plugin has not yet been adapted.
This should be fixed now.
Confirmed. Thanks!