476

Configuring Bayesian Learning in SecurityGateway

Bayesian Learning is a way to train the Spam Filtering engine in SecurityGateway to recognize what message are spam and what message are not spam. If you'd like to enable Bayesian Learning please follow the steps below.

  1. Log on to SecurityGateway as a global administrator
  2. Click Security
  3. Locate the 'Anti-Spam' section
  4. Click Heuristics and Bayesian
  5. Under 'Configuration' check the option Use heuristic rules and Bayesian classification to analyze messages
  6. Under 'Location (All Domains)' click the link titled Click here to configure SGSpamD
  7. Enable the option Enable Bayesian classification

By default, Bayesian learning will occur at midnight each night. If you'd like to change this do so in the Bayesian Learning section by selecting 'Shedule Bayesian learning for once every __ hours' and enter the interval at which you wish learning to occur.

If desired, enter spam and non-spam forwarding addresses in the appropriate fields in the Bayesian Learning section. The default addresses that SecurityGateway will use is 'SpamLearn[@example.com]' and 'NonSpamLearn[@example.com]', but you can change it to whatever you choose. Messages sent to this address must be received via SMTP from a session that is authenticated using SMTP AUTH. Further, the messages must be forwarded to the above addresses as attachments of type 'message/rfc822'. Any message of another type that is sent to these email addresses will not be processed. Finally, when entering an address into these options, only use the mailbox portion of the address - do not include the '@' or domain portion. For example, 'Spam', 'SpamLearn', 'SpamMail', or the like are all acceptable addresses to use for the non-spam forwarding address. Messages can then be forwarded to that address at any of SecurityGateway's domains (e.g. spamLearn@example.com, spamLearn@rim.com, and so on).

Because large messages are generally not spam, and because analyzing them can require a great deal of processing, messages over 50,000 bytes will not be analyzed by default. To change the size limit of messages that SGSpamD will learn from enter the size in bytes at the bottom of the Bayesian Learning section, in the option 'Don't learn from messages larger than __ bytes.' Alternately, you can disable the option to analyze all messages; however this is not recommended.