Does SA performance decrease when the whitelisting list becomes quite large?
Yes, but how big the list needs to be before you have problems is highly dependant on your network.
Basically *everything* you add to sa decreases it's performance somewhat. In the case of whitelists, the speed of execution is pretty fast, but if you have a *LOT* of them the memory usage alone can crush you.
I'm currently running SA 2.63 on Red Hat 7.2. Tried to install Razor but had problems with it because of our firewall but I am considering trying it again.
If you're having false positive problems, work those out _before_ you add razor. It's counterproductive to add optional features which increase email scores when you're having major problems with false positives. Work on things that *decrease* the score, not things that increase it.
As for the firewall, Razor needs to connect to tcp/7 and tcp/2703 on the razor servers. No inbound connections. Use a stateful firewall setup to allow the responses to those connections back in, or use the old "ack-bit-required" trick if you just have a plain packet filter. (ie: treat it the same way you treat outbound client requests to port 80 for http.)
