how come that mails listed in Razor get only +1.6 points? Is razor not to be trusted? I'd think, that if the hash is listed, it's 100% spam, and as that it should get like +100 :/
I assume you're talking about SA 3.0, since 1.6 doesn't match any of the scores in my SA 2.63 install, but assuming they haven't changed the *setup*, there are actually three Razor rules that, when combined, can score anywhere from 0.9 to 2.4.
There's one rule, RAZOR2_CHECK, that just looks at whether Razor considers the message as spam. Then there are two other rules, RAZOR2_CF_RANGE_11_50 and RAZOR2_CF_RANGE_51_100, that check the confidence level Razor assigns the message. So if Razor thinks there's a 90% chance the message is spam, it gets a higher score than if Razor thinks there's a 20% chance.
As for Razor's trustworthiness, there have been some issues in the past with false positives, but they're generally rare. There was a brief spike last week with the release of the new razor program, and someone keeps reporting Mandrake Linux security advisories, but for the most part I've found it quite effective.
As for how the scores are chosen, check out http://wiki.apache.org/spamassassin/HowScoresAreAssigned
Kelson Vibber
SpeedGate Communications <www.speed.net>
