The malware example would be you have limited sandbox space, so you have some first phase detections before doing the more expensive dynamic analysis.
For mail classification you could use ML on non-spam messages and flag them as suspicious. Then that signal could be corroborated by volume, being sent by multiple senders in volume, or a user manually classifying content matching that as spam. While ML can't give perfect true positive and false positive rates, it can be combined with other signals.
ML is generally not used for serious AV systems, they are sig/pattern based.
> Then that signal could be corroborated by volume
The more serious attacks are usually very low volume, sometimes unique to the victim.
> user manually classifying content matching that as spam
Manual classification is generally not possible because of data privacy issues and sheer volume, unless you mean by the end-user... but that's a hard sell (what are you selling at the point?)
For mail classification you could use ML on non-spam messages and flag them as suspicious. Then that signal could be corroborated by volume, being sent by multiple senders in volume, or a user manually classifying content matching that as spam. While ML can't give perfect true positive and false positive rates, it can be combined with other signals.