So one does not need to actually use Razor explicitely?
One does not need to use razor at all. It is a network test, and you can
run with network test disabled. You can also run with network tests
enabled, but specifically disable Razor. And I'm sure there are many admins
that do this for one reason or other.
You can think of spamassassin as having two, or maybe three, kinds of tests
for detecting spam.
It has a bunch of local rules, which are more or less simple expressions
looking for particular patterns in the message.
It has Bayes (which is optional) that collects words and phrases from the
mail messages and correlates them with similar things from other mails that
have been received in the past. If a lot of tokens look like the kind of
stuff in spam, Bayes suggests this might be spam. If a lot of tokens look
like past ham, Bayes suggests this message might be ham.
And finally it has network tests. It collects bits and pieces from the
arriving mail messages and queries a bunch of internet spam databases,
asking each one "does this look like spam". Each database, if it answers at
all, will basically say yes or no. These answers then get added to the spam
score for the message.
Now, how do these internet databases decide if the stuff they see is spam?
Lots of different ways. There is no requirement that any two do even
slightly the same thing.
Loren
