Machine Learning

Last updated on 2024-10-10 11:11:40

This article refers to capabilities that will be gradually rolled out to customers Q2 2024 through Q3 2024.

Machine learning models can recognize and filter out unwanted messages by continuously learning and adapting to new spam tactics, minimizing the chance of falling victim to phishing or scams. In Email Gateway Defense, the use of machine learning algorithms can help identify and block malicious emails before they reach your inbox, enhancing your email security and further protecting your organization from evolving email threats.

Email Gateway Defense uses machine learning algorithms by default. When an email is incorrectly blocked by the Machine Learning classifiers in Email Gateway Defense, there are a few things that can be done. Firstly, customers should report the email via the Message Log. This enables our threat analyst and engineering teams to use customer feedback directly to improve the efficacy of our products.

Another option is to use the machine learning exemption capability. IT admins can exempt specific email addresses or domains from machine learning threat detection by adding an exemption under the Machine Learning tab. However, it's important to note that adding an exemption does not guarantee that an email will be delivered, as it could still be blocked by other layers of the product.

Machine learning classifiers in Email Gateway Defense are retrained on a frequent basis to reduce incorrectly blocked and incorrectly delivered emails. However, the data set that is used to retrain the models must represent the totality of emails submitted by customers. For this reason, not every single email which is submitted as a false positive will have an impact on the retraining.

Emails blocked by machine learning will include the threat type in the Message Log details. Click on a message in the table and its Action and Reason displays. Use the Reason dropdown filter to find additional threat types by selecting a threat type such as Spam or Extortion. For more information on how to use the Message Log, see Understanding the Message Log.

To find all messages blocked by machine learning, run a keyword search in the Message Log, for example, reason_extra:machine. This will result in all messages tagged with "machine learning".

Use the Inbound Settings > Machine Learning page to exempt specific email addresses or domains from machine learning threat detection.

Note that if you are using one of the Email Protection Plan or have a stand alone Barracuda Sentinel product, you will also need to make a sender exemption for those specific email addresses or domains. See How to Allow Senders for more information.