Overview
Bayesian Analysis is an anti-spam technique where a statistical probability index based on training from users is used to identify spam.
In this article, you will learn how to determine why the Bayesian Analysis engine blocked or allowed a message as part of the troubleshooting process.
Introduction
Bayesian Analysis is a powerful feature in MailEssentials that is part of the Anti-Spam Engine (ASE) chain. It is an anti-spam adaptive technique based on artificial intelligence algorithms, hardened to withstand the widest range of spamming techniques available today.
There will be scenarios where customers open support requests wanting to understand why the Bayesian Analysis filter blocked or allowed specific messages against their expectations. The next section outlines the troubleshooting process to determine the reason behind the actions taken by this filter.
Description
- Find the Message-ID of the email in question by either obtaining it from the headers of the message itself or by looking for it in the MailEssentials Dashboard > Logs > Details tab. Refer to this linked article for more information on Reading Email Headers to extract the Message-ID.
- Navigate to ..\GFI\MailEssentials\AntiSpam\DebugLogs and locate the log file for the Bayesian Analysis module. The debug log filename is ase_bayesian.gfi_log.txt
- This is the debug log for the Bayesian Analysis Module and corresponds to the GFI MailEssentials > Anti-Spam > Anti-Spam Filters > Bayesian Analysis on the configuration UI.
- Open the debug log file in a text editor and search for the Message-ID obtained in step 1.
- Refer to the scenarios below to determine the reasons behind the action taken by the module. Pay close attention to the lines in bold to understand what happened and why.
Bayesian scanning disabled. Returning
Scenario 1: Email was allowed by the module
>> Process Message
Libspam token count: xxxxx
Calling LibSpamAtt to extract tokens
Bayesian Scan completed [HAM]
<< Process Message
Scenario 2: Email was blocked by the module
>> Process Message
Libspam token count: xxxxx
Calling LibSpamAtt to extract tokens
Bayesian Scan completed [SPAM]
Setting actions data ...
Spam detected, Stopping ASE Chain [2]...
Setting block report to: 'Bayesian Filter detected spam'
<< Process Message