How MailSentinel works

The pipeline

  1. 01

    Preprocess

    Lowercase the email, then collapse links, addresses, money and numbers into class tokens so the model learns patterns, not specifics.

  2. 02

    Tokenize

    Split into words and adjacent word-pairs (1–2 grams). The exact same tokenizer runs in Python (training) and TypeScript (inference).

  3. 03

    TF-IDF

    Weight each term by how often it appears here versus across the corpus, then L2-normalize — common words count for less.

  4. 04

    Logistic regression

    A linear model turns the weighted terms into a spam probability. Because it's linear, each word's exact contribution is recoverable.

Held-out performance

Accuracy
97.7%
Precision
97.6%
Recall
96.8%
F1
97.2%
ROC-AUC
0.997

Measured on a stratified 20% test split the model never saw during training.

Confusion matrix

Actual
Pred. hamPred. spam
HamSpam
541True neg
9False pos
12False neg
368True pos

What the model learned

The terms with the largest coefficients — these are the global drivers behind every score.

Strongest spam words

  • your5.81
  • a money amount4.20
  • click3.87
  • free3.79
  • you3.78
  • email3.47
  • our3.26
  • we3.11
  • please3.10
  • money2.97
  • click here2.79
  • will2.70
  • now2.59
  • ve2.46
  • guaranteed2.25

Strongest legit words

  • the-5.27
  • url a link-4.23
  • url-4.03
  • a link date-3.97
  • is-3.64
  • date-3.63
  • re-3.54
  • but-3.23
  • date a number-3.22
  • wrote-3.15
  • team-2.95
  • on-2.71
  • tomorrow-2.51
  • friday-2.45
  • razor-2.40

A note on honesty

The ML model is a binary spam-vs-legit classifier. The “phishing indicators” badge is a small, transparent rule layer (credential requests, urgency, reward bait, links) applied on top — it never overrides the model's score. The corpus is from the early 2000s, so a curated set of modern emails is mixed into training to keep present-day mail accurate. TypeScript inference is verified to match the Python model within 1e-4.